security

package
v2.3.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 21, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ENV_PREFIX                  string = "ALIBABA_CLOUD_"
	ACCESS_KEY_ID_KEY           string = ENV_PREFIX + "ACCESS_KEY_ID"
	ACCESS_KEY_SECRET_KEY       string = ENV_PREFIX + "ACCESS_KEY_SECRET"
	SECURITY_TOKEN_KEY          string = ENV_PREFIX + "SECURITY_TOKEN"
	SIGNATURE_REGION_ID_KEY     string = ENV_PREFIX + "SIGNATURE_REGION_ID"
	RAM_ROLE_NAME_KEY           string = ENV_PREFIX + "RAM_ROLE_NAME"
	ROLE_ARN_KEY                string = ENV_PREFIX + "ROLE_ARN"
	ROLE_SESSION_NAME_KEY       string = ENV_PREFIX + "ROLE_SESSION_NAME"
	ROLE_SESSION_EXPIRATION_KEY string = ENV_PREFIX + "ROLE_SESSION_EXPIRATION"
	POLICY_KEY                  string = ENV_PREFIX + "POLICY"
	OIDC_PROVIDER_ARN_KEY       string = ENV_PREFIX + "OIDC_PROVIDER_ARN"
	OIDC_TOKEN_FILE_KEY         string = ENV_PREFIX + "OIDC_TOKEN_FILE"
	CREDENTIALS_URI_KEY         string = ENV_PREFIX + "CREDENTIALS_URI"
	SECRET_NAME_KEY             string = ENV_PREFIX + "SECRET_NAME"
)
View Source 
const (
	CONFIG_AK_FILED          string = "Spas-AccessKey"
	NAMING_AK_FILED          string = "ak"
	SECURITY_TOKEN_HEADER    string = "Spas-SecurityToken"
	SIGNATURE_VERSION_HEADER string = "signatureVersion"
	SIGNATURE_VERSION_V4     string = "v4"
	SERVICE_INFO_SPLITER     string = "@@"
	TIMESTAMP_HEADER         string = "Timestamp"
	SIGNATURE_HEADER         string = "Spas-Signature"
)
View Source 
const (
	REQUEST_TYPE_CONFIG = "config"
	REQUEST_TYPE_NAMING = "naming"
)
View Source 
const (
	PREFIX                 = "aliyun_v4"
	CONSTANT               = "aliyun_v4_request"
	V4_SIGN_DATE_FORMATTER = "20060102"
	SIGNATURE_V4_PRODUCE   = "mse"
)

Variables

This section is empty.

Functions

func GetNacosProperties 

func GetNacosProperties(property string, envKey string) string

func Sign 

func Sign(data, key string) (string, error)

Types

type AccessKeyCredentialProvider 

type AccessKeyCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*AccessKeyCredentialProvider) GetCredentialsForNacosClient 

func (provider *AccessKeyCredentialProvider) GetCredentialsForNacosClient() RamContext

type AuthClient 

type AuthClient interface {
	Login() (bool, error)
	GetSecurityInfo(resource RequestResource) map[string]string
	UpdateServerList(serverList []constant.ServerConfig)
}

type AutoRotateCredentialProvider 

type AutoRotateCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*AutoRotateCredentialProvider) GetCredentialsForNacosClient 

func (provider *AutoRotateCredentialProvider) GetCredentialsForNacosClient() RamContext

type ConfigResourceInjector 

type ConfigResourceInjector struct {
}

type CredentialsURICredentialProvider 

type CredentialsURICredentialProvider struct {
	// contains filtered or unexported fields
}

func (*CredentialsURICredentialProvider) GetCredentialsForNacosClient 

func (provider *CredentialsURICredentialProvider) GetCredentialsForNacosClient() RamContext

type EcsRamRoleCredentialProvider 

type EcsRamRoleCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*EcsRamRoleCredentialProvider) GetCredentialsForNacosClient 

func (provider *EcsRamRoleCredentialProvider) GetCredentialsForNacosClient() RamContext

type NacosAuthClient 

type NacosAuthClient struct {
	// contains filtered or unexported fields
}

func NewNacosAuthClient 

func NewNacosAuthClient(clientCfg constant.ClientConfig, serverCfgs []constant.ServerConfig, agent http_agent.IHttpAgent) *NacosAuthClient

func (*NacosAuthClient) AutoRefresh 

func (ac *NacosAuthClient) AutoRefresh(ctx context.Context)

func (*NacosAuthClient) GetAccessToken 

func (ac *NacosAuthClient) GetAccessToken() string

func (*NacosAuthClient) GetSecurityInfo 

func (ac *NacosAuthClient) GetSecurityInfo(resource RequestResource) map[string]string

func (*NacosAuthClient) GetServerList 

func (ac *NacosAuthClient) GetServerList() []constant.ServerConfig

func (*NacosAuthClient) Login 

func (ac *NacosAuthClient) Login() (bool, error)

func (*NacosAuthClient) UpdateServerList 

func (ac *NacosAuthClient) UpdateServerList(serverList []constant.ServerConfig)

type NamingResourceInjector 

type NamingResourceInjector struct {
}

type OIDCRoleArnCredentialProvider 

type OIDCRoleArnCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*OIDCRoleArnCredentialProvider) GetCredentialsForNacosClient 

func (provider *OIDCRoleArnCredentialProvider) GetCredentialsForNacosClient() RamContext

type RamAuthClient 

type RamAuthClient struct {
	// contains filtered or unexported fields
}

func NewRamAuthClient 

func NewRamAuthClient(clientCfg constant.ClientConfig) *RamAuthClient

func (*RamAuthClient) GetSecurityInfo 

func (rac *RamAuthClient) GetSecurityInfo(resource RequestResource) map[string]string

func (*RamAuthClient) Login 

func (rac *RamAuthClient) Login() (bool, error)

func (*RamAuthClient) UpdateServerList 

func (rac *RamAuthClient) UpdateServerList(serverList []constant.ServerConfig)

type RamContext 

type RamContext struct {
	SignatureRegionId    string
	AccessKey            string
	SecretKey            string
	SecurityToken        string
	EphemeralAccessKeyId bool
}

type RamCredentialProvider 

type RamCredentialProvider interface {
	GetCredentialsForNacosClient() RamContext
	// contains filtered or unexported methods
}

type RamRoleArnCredentialProvider 

type RamRoleArnCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*RamRoleArnCredentialProvider) GetCredentialsForNacosClient 

func (provider *RamRoleArnCredentialProvider) GetCredentialsForNacosClient() RamContext

type RequestResource 

type RequestResource struct {
	// contains filtered or unexported fields
}

func BuildConfigResource 

func BuildConfigResource(tenant, group, dataId string) RequestResource

func BuildConfigResourceByRequest 

func BuildConfigResourceByRequest(request rpc_request.IRequest) RequestResource

func BuildNamingResource 

func BuildNamingResource(namespace, group, serviceName string) RequestResource

func BuildNamingResourceByRequest 

func BuildNamingResourceByRequest(request rpc_request.IRequest) RequestResource

type ResourceInjector 

type ResourceInjector interface {
	// contains filtered or unexported methods
}

type SecurityProxy 

type SecurityProxy struct {
	Clients []AuthClient
}

func NewSecurityProxy 

func NewSecurityProxy(clientCfg constant.ClientConfig, serverCfgs []constant.ServerConfig, agent http_agent.IHttpAgent) SecurityProxy

func (*SecurityProxy) AutoRefresh 

func (sp *SecurityProxy) AutoRefresh(ctx context.Context)

func (*SecurityProxy) GetSecurityInfo 

func (sp *SecurityProxy) GetSecurityInfo(resource RequestResource) map[string]string

func (*SecurityProxy) Login 

func (sp *SecurityProxy) Login()

func (*SecurityProxy) UpdateServerList 

func (sp *SecurityProxy) UpdateServerList(serverList []constant.ServerConfig)

type StsTokenCredentialProvider 

type StsTokenCredentialProvider struct {
	// contains filtered or unexported fields
}

func (*StsTokenCredentialProvider) GetCredentialsForNacosClient 

func (provider *StsTokenCredentialProvider) GetCredentialsForNacosClient() RamContext

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.