token

package
v0.2.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 6, 2026 License: MIT Imports: 35 Imported by: 0

README

Instruction for recording response using GO-VCR for unit test

Things to know if you want to record new recording

  • All the recorded responses have been saved under folder /testdata

  • Highly recommand using RecordOnly if you want completely new recording, otherwise, current recordings have been modified without the sensitive contents

  • Here's the variable you need to input for recording Modify these variables modify authorizer clientID AZURE_CLIENT_ID="<specify with real value>" modify authorizer clientSecret AAD_SERVICE_PRINCIPAL_CLIENT_SECRET="<specify with real value>" modify authorizer clientCert AZURE_CLIENT_CER="<specify with real value>" modify authorizer clientCertPass AZURE_CLIENT_CERTIFICATE_PASSWORD="<specify with real value>" modify authorizer resourceID AZURE_RESOURCE_ID="<specify with real value>" modify authorizer tenantID AZURE_TENANT_ID="<specify with real value>" modify go-vcr record mode VCR_MODE="<specify vcr mode>" you can set to record mode by setting vcr mode to RecordOnly VCR_MODE="RecordOnly" To return to replay mode, simply unset the enviroment variable by unset VCR_MODE

Examples:

Recording Mode

  • Navigate to pkg/token folder in terminal
  • Setup your enviroment variables
export AZURE_CLIENT_ID="<specify with real value>"
export AAD_SERVICE_PRINCIPAL_CLIENT_SECRET="<specify with real value>"
export AZURE_CLIENT_CER="<specify with real value>"
export AZURE_CLIENT_CERTIFICATE_PASSWORD="<specify with real value>"
export AZURE_RESOURCE_ID="<specify with real value>"
export AZURE_TENANT_ID="<specify with real value>"
export VCR_MODE="RecordOnly"
go test

Replay Mode

unset VCR_MODE
go test

Documentation

Index

Constants

View Source 
const (
	DeviceCodeLogin        = "devicecode"
	InteractiveLogin       = "interactive"
	ServicePrincipalLogin  = "spn"
	ROPCLogin              = "ropc"
	MSILogin               = "msi"
	AzureCLILogin          = "azurecli"
	AzureDeveloperCLILogin = "azd"
	WorkloadIdentityLogin  = "workloadidentity"
	AzurePipelinesLogin    = "azurepipelines"
)

Variables

View Source 
var (
	DefaultAuthRecordCacheDir = homedir.HomeDir() + "/.kube/cache/kubelogin/"
)

Functions

func GetScope added in v0.2.0 

func GetScope(serverID string) string

func GetSupportedLogins 

func GetSupportedLogins() string

Types

type ADALClientCertCredential added in v0.2.0 

type ADALClientCertCredential struct {
	// contains filtered or unexported fields
}

func (*ADALClientCertCredential) Authenticate added in v0.2.0 

func (c *ADALClientCertCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ADALClientCertCredential) GetToken added in v0.2.0 

func (c *ADALClientCertCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ADALClientCertCredential) Name added in v0.2.0 

func (c *ADALClientCertCredential) Name() string

func (*ADALClientCertCredential) NeedAuthenticate added in v0.2.0 

func (c *ADALClientCertCredential) NeedAuthenticate() bool

type ADALClientSecretCredential added in v0.2.0 

type ADALClientSecretCredential struct {
	// contains filtered or unexported fields
}

func (*ADALClientSecretCredential) Authenticate added in v0.2.0 

func (c *ADALClientSecretCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ADALClientSecretCredential) GetToken added in v0.2.0 

func (c *ADALClientSecretCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ADALClientSecretCredential) Name added in v0.2.0 

func (c *ADALClientSecretCredential) Name() string

func (*ADALClientSecretCredential) NeedAuthenticate added in v0.2.0 

func (c *ADALClientSecretCredential) NeedAuthenticate() bool

type ADALDeviceCodeCredential added in v0.2.0 

type ADALDeviceCodeCredential struct {
	// contains filtered or unexported fields
}

func (*ADALDeviceCodeCredential) Authenticate added in v0.2.0 

func (c *ADALDeviceCodeCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ADALDeviceCodeCredential) GetToken added in v0.2.0 

func (c *ADALDeviceCodeCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ADALDeviceCodeCredential) Name added in v0.2.0 

func (c *ADALDeviceCodeCredential) Name() string

func (*ADALDeviceCodeCredential) NeedAuthenticate added in v0.2.0 

func (c *ADALDeviceCodeCredential) NeedAuthenticate() bool

type AzureCLICredential added in v0.2.0 

type AzureCLICredential struct {
	// contains filtered or unexported fields
}

func (*AzureCLICredential) Authenticate added in v0.2.0 

func (c *AzureCLICredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*AzureCLICredential) GetToken added in v0.2.0 

func (c *AzureCLICredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*AzureCLICredential) Name added in v0.2.0 

func (c *AzureCLICredential) Name() string

func (*AzureCLICredential) NeedAuthenticate added in v0.2.0 

func (c *AzureCLICredential) NeedAuthenticate() bool

type AzureDeveloperCLICredential added in v0.2.0 

type AzureDeveloperCLICredential struct {
	// contains filtered or unexported fields
}

func (*AzureDeveloperCLICredential) Authenticate added in v0.2.0 

func (c *AzureDeveloperCLICredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*AzureDeveloperCLICredential) GetToken added in v0.2.0 

func (c *AzureDeveloperCLICredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*AzureDeveloperCLICredential) Name added in v0.2.0 

func (c *AzureDeveloperCLICredential) Name() string

func (*AzureDeveloperCLICredential) NeedAuthenticate added in v0.2.0 

func (c *AzureDeveloperCLICredential) NeedAuthenticate() bool

type AzurePipelinesCredential added in v0.2.11 

type AzurePipelinesCredential struct {
	// contains filtered or unexported fields
}

func (*AzurePipelinesCredential) Authenticate added in v0.2.11 

func (c *AzurePipelinesCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*AzurePipelinesCredential) GetToken added in v0.2.11 

func (c *AzurePipelinesCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*AzurePipelinesCredential) Name added in v0.2.11 

func (c *AzurePipelinesCredential) Name() string

func (*AzurePipelinesCredential) NeedAuthenticate added in v0.2.11 

func (c *AzurePipelinesCredential) NeedAuthenticate() bool

type CachedRecordProvider added in v0.2.0 

type CachedRecordProvider interface {
	// Retrieve reads the authentication record from the file.
	Retrieve() (azidentity.AuthenticationRecord, error)
	// Store writes the authentication record to the file.
	Store(record azidentity.AuthenticationRecord) error
}

type ClientCertificateCredential added in v0.2.0 

type ClientCertificateCredential struct {
	// contains filtered or unexported fields
}

func (*ClientCertificateCredential) Authenticate added in v0.2.0 

func (c *ClientCertificateCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ClientCertificateCredential) GetToken added in v0.2.0 

func (c *ClientCertificateCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ClientCertificateCredential) Name added in v0.2.0 

func (c *ClientCertificateCredential) Name() string

func (*ClientCertificateCredential) NeedAuthenticate added in v0.2.0 

func (c *ClientCertificateCredential) NeedAuthenticate() bool

type ClientCertificateCredentialWithPoP added in v0.2.0 

type ClientCertificateCredentialWithPoP struct {
	// contains filtered or unexported fields
}

func (*ClientCertificateCredentialWithPoP) Authenticate added in v0.2.0 

func (c *ClientCertificateCredentialWithPoP) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ClientCertificateCredentialWithPoP) GetToken added in v0.2.0 

func (c *ClientCertificateCredentialWithPoP) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ClientCertificateCredentialWithPoP) Name added in v0.2.0 

func (c *ClientCertificateCredentialWithPoP) Name() string

func (*ClientCertificateCredentialWithPoP) NeedAuthenticate added in v0.2.0 

func (c *ClientCertificateCredentialWithPoP) NeedAuthenticate() bool

type ClientSecretCredential added in v0.2.0 

type ClientSecretCredential struct {
	// contains filtered or unexported fields
}

func (*ClientSecretCredential) Authenticate added in v0.2.0 

func (c *ClientSecretCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ClientSecretCredential) GetToken added in v0.2.0 

func (c *ClientSecretCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ClientSecretCredential) Name added in v0.2.0 

func (c *ClientSecretCredential) Name() string

func (*ClientSecretCredential) NeedAuthenticate added in v0.2.0 

func (c *ClientSecretCredential) NeedAuthenticate() bool

type ClientSecretCredentialWithPoP added in v0.2.0 

type ClientSecretCredentialWithPoP struct {
	// contains filtered or unexported fields
}

func (*ClientSecretCredentialWithPoP) Authenticate added in v0.2.0 

func (c *ClientSecretCredentialWithPoP) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ClientSecretCredentialWithPoP) GetToken added in v0.2.0 

func (c *ClientSecretCredentialWithPoP) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ClientSecretCredentialWithPoP) Name added in v0.2.0 

func (c *ClientSecretCredentialWithPoP) Name() string

func (*ClientSecretCredentialWithPoP) NeedAuthenticate added in v0.2.0 

func (c *ClientSecretCredentialWithPoP) NeedAuthenticate() bool

type CredentialProvider added in v0.2.0 

type CredentialProvider interface {
	GetToken(ctx context.Context, options policy.TokenRequestOptions) (azcore.AccessToken, error)

	Authenticate(ctx context.Context, options *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

	NeedAuthenticate() bool

	Name() string
}

func NewAzIdentityCredential added in v0.2.0 

func NewAzIdentityCredential(record azidentity.AuthenticationRecord, o *Options) (CredentialProvider, error)

type DeviceCodeCredential added in v0.2.0 

type DeviceCodeCredential struct {
	// contains filtered or unexported fields
}

func (*DeviceCodeCredential) Authenticate added in v0.2.0 

func (c *DeviceCodeCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*DeviceCodeCredential) GetToken added in v0.2.0 

func (c *DeviceCodeCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*DeviceCodeCredential) Name added in v0.2.0 

func (c *DeviceCodeCredential) Name() string

func (*DeviceCodeCredential) NeedAuthenticate added in v0.2.0 

func (c *DeviceCodeCredential) NeedAuthenticate() bool

type ExecCredentialPlugin 

type ExecCredentialPlugin interface {
	Do(ctx context.Context) error
}

func New 

func New(o *Options) (ExecCredentialPlugin, error)

type ExecCredentialWriter 

type ExecCredentialWriter interface {
	Write(token azcore.AccessToken, writer io.Writer) error
}

type GithubActionsCredential added in v0.2.0 

type GithubActionsCredential struct {
	// contains filtered or unexported fields
}

func (*GithubActionsCredential) Authenticate added in v0.2.0 

func (c *GithubActionsCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*GithubActionsCredential) GetToken added in v0.2.0 

func (c *GithubActionsCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*GithubActionsCredential) Name added in v0.2.0 

func (c *GithubActionsCredential) Name() string

func (*GithubActionsCredential) NeedAuthenticate added in v0.2.0 

func (c *GithubActionsCredential) NeedAuthenticate() bool

type InteractiveBrowserCredential added in v0.2.0 

type InteractiveBrowserCredential struct {
	// contains filtered or unexported fields
}

func (*InteractiveBrowserCredential) Authenticate added in v0.2.0 

func (c *InteractiveBrowserCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*InteractiveBrowserCredential) GetToken added in v0.2.0 

func (c *InteractiveBrowserCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*InteractiveBrowserCredential) Name added in v0.2.0 

func (c *InteractiveBrowserCredential) Name() string

func (*InteractiveBrowserCredential) NeedAuthenticate added in v0.2.0 

func (c *InteractiveBrowserCredential) NeedAuthenticate() bool

type InteractiveBrowserCredentialWithPoP added in v0.2.0 

type InteractiveBrowserCredentialWithPoP struct {
	// contains filtered or unexported fields
}

func (*InteractiveBrowserCredentialWithPoP) Authenticate added in v0.2.0 

func (c *InteractiveBrowserCredentialWithPoP) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*InteractiveBrowserCredentialWithPoP) GetToken added in v0.2.0 

func (c *InteractiveBrowserCredentialWithPoP) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*InteractiveBrowserCredentialWithPoP) Name added in v0.2.0 

func (c *InteractiveBrowserCredentialWithPoP) Name() string

func (*InteractiveBrowserCredentialWithPoP) NeedAuthenticate added in v0.2.0 

func (c *InteractiveBrowserCredentialWithPoP) NeedAuthenticate() bool

type ManagedIdentityCredential added in v0.2.0 

type ManagedIdentityCredential struct {
	// contains filtered or unexported fields
}

func (*ManagedIdentityCredential) Authenticate added in v0.2.0 

func (c *ManagedIdentityCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*ManagedIdentityCredential) GetToken added in v0.2.0 

func (c *ManagedIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*ManagedIdentityCredential) Name added in v0.2.0 

func (c *ManagedIdentityCredential) Name() string

func (*ManagedIdentityCredential) NeedAuthenticate added in v0.2.0 

func (c *ManagedIdentityCredential) NeedAuthenticate() bool

type Options 

type Options struct {
	LoginMethod        string
	ClientID           string
	ClientSecret       string
	ClientCert         string
	ClientCertPassword string
	Username           string
	Password           string
	ServerID           string
	TenantID           string
	Environment        string
	IsLegacy           bool
	Timeout            time.Duration
	AuthRecordCacheDir string

	IdentityResourceID         string
	FederatedTokenFile         string
	AuthorityHost              string
	UseAzureRMTerraformEnv     bool
	IsPoPTokenEnabled          bool
	PoPTokenClaims             string
	DisableEnvironmentOverride bool
	UsePersistentCache         bool
	DisableInstanceDiscovery   bool

	RedirectURL                       string
	LoginHint                         string
	AzurePipelinesServiceConnectionID string
	// contains filtered or unexported fields
}

func NewOptions 

func NewOptions(usePersistentCache bool) Options

func (*Options) AddCompletions added in v0.1.7 

func (o *Options) AddCompletions(cmd *cobra.Command)

func (*Options) AddFlags 

func (o *Options) AddFlags(fs *pflag.FlagSet)

func (*Options) GetCloudConfiguration added in v0.2.0 

func (o *Options) GetCloudConfiguration() cloud.Configuration

func (*Options) GetPoPKeyProvider added in v0.2.12 

func (o *Options) GetPoPKeyProvider() PoPKeyProvider

GetPoPKeyProvider returns a PoPKeyProvider based on the current cache configuration. This centralizes the key provider logic.

func (*Options) GetPoPTokenCache added in v0.2.12 

func (o *Options) GetPoPTokenCache() *popcache.Cache

GetPoPTokenCache returns the PoP token cache if available. Returns nil if PoP is disabled or cache creation failed (e.g., container environments).

func (*Options) ToString 

func (o *Options) ToString() string

func (*Options) UpdateFromEnv 

func (o *Options) UpdateFromEnv()

func (*Options) Validate 

func (o *Options) Validate() error

type PoPKeyProvider added in v0.2.12 

type PoPKeyProvider interface {
	GetPoPKey() (*pop.SwKey, error)
}

PoPKeyProvider provides PoP keys based on the configured cache policy

type UsernamePasswordCredential added in v0.2.0 

type UsernamePasswordCredential struct {
	// contains filtered or unexported fields
}

func (*UsernamePasswordCredential) Authenticate added in v0.2.0 

func (c *UsernamePasswordCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*UsernamePasswordCredential) GetToken added in v0.2.0 

func (c *UsernamePasswordCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*UsernamePasswordCredential) Name added in v0.2.0 

func (c *UsernamePasswordCredential) Name() string

func (*UsernamePasswordCredential) NeedAuthenticate added in v0.2.0 

func (c *UsernamePasswordCredential) NeedAuthenticate() bool

type UsernamePasswordCredentialWithPoP added in v0.2.0 

type UsernamePasswordCredentialWithPoP struct {
	// contains filtered or unexported fields
}

func (*UsernamePasswordCredentialWithPoP) Authenticate added in v0.2.0 

func (c *UsernamePasswordCredentialWithPoP) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*UsernamePasswordCredentialWithPoP) GetToken added in v0.2.0 

func (c *UsernamePasswordCredentialWithPoP) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*UsernamePasswordCredentialWithPoP) Name added in v0.2.0 

func (c *UsernamePasswordCredentialWithPoP) Name() string

func (*UsernamePasswordCredentialWithPoP) NeedAuthenticate added in v0.2.0 

func (c *UsernamePasswordCredentialWithPoP) NeedAuthenticate() bool

type WorkloadIdentityCredential added in v0.2.0 

type WorkloadIdentityCredential struct {
	// contains filtered or unexported fields
}

func (*WorkloadIdentityCredential) Authenticate added in v0.2.0 

func (c *WorkloadIdentityCredential) Authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (azidentity.AuthenticationRecord, error)

func (*WorkloadIdentityCredential) GetToken added in v0.2.0 

func (c *WorkloadIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)

func (*WorkloadIdentityCredential) Name added in v0.2.0 

func (c *WorkloadIdentityCredential) Name() string

func (*WorkloadIdentityCredential) NeedAuthenticate added in v0.2.0 

func (c *WorkloadIdentityCredential) NeedAuthenticate() bool

Source Files

View all Source files

Directories

Path Synopsis
Package mock_token is a generated GoMock package.
 Package mock_token is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.