/
store.go
115 lines (91 loc) · 2.35 KB
/
store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package awsrds
import (
"context"
"errors"
"fmt"
"net/url"
"strings"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/feature/rds/auth"
"github.com/davepgreene/go-db-credential-refresh/driver"
"github.com/davepgreene/go-db-credential-refresh/store"
)
var (
errMissingConfig = errors.New("config is required")
errMalformedEndpoint = errors.New("endpoint must be in the form of 'hostname:port'")
errMissingCredentials = errors.New("credentials cannot be nil")
)
type errMissingConfigItem struct {
item string
}
func (e errMissingConfigItem) Error() string {
return fmt.Sprintf("%s is required", e.item)
}
// Store is a Store implementation for AWS RDS.
// https://aws.amazon.com/premiumsupport/knowledge-center/users-connect-rds-iam/
type Store struct {
*Config
creds driver.Credentials
}
// Config contains configuration information.
type Config struct {
Endpoint string // Endpoint takes the form of host:port
Region string
User string
Credentials aws.CredentialsProvider
}
// NewStore creates a new RDS-backed store.
func NewStore(c *Config) (*Store, error) {
if c == nil {
return nil, errMissingConfig
}
if c.Endpoint == "" {
return nil, &errMissingConfigItem{item: "endpoint"}
}
if c.Region == "" {
return nil, &errMissingConfigItem{item: "region"}
}
if c.User == "" {
return nil, &errMissingConfigItem{item: "user"}
}
if !(strings.HasPrefix(c.Endpoint, "http://") || strings.HasPrefix(c.Endpoint, "https://")) {
c.Endpoint = "http://" + c.Endpoint
}
u, err := url.Parse(c.Endpoint)
if err != nil {
return nil, err
}
if u.Hostname() == "" {
return nil, errMalformedEndpoint
}
if u.Port() == "" {
return nil, errMalformedEndpoint
}
if c.Credentials == nil {
return nil, errMissingCredentials
}
return &Store{
Config: c,
}, nil
}
// Get implements the Store interface.
func (v *Store) Get(ctx context.Context) (driver.Credentials, error) {
if v.creds != nil {
return v.creds, nil
}
return v.Refresh(ctx)
}
// Refresh implements the store interface.
func (v *Store) Refresh(ctx context.Context) (driver.Credentials, error) {
token, err := auth.BuildAuthToken(ctx, v.Endpoint, v.Region, v.User, v.Credentials)
if err != nil {
return nil, err
}
creds := &store.Credential{
Username: v.User,
Password: token,
}
// Cache the credentials
v.creds = creds
return creds, nil
}