-
Notifications
You must be signed in to change notification settings - Fork 9.6k
/
credentials.go
60 lines (53 loc) · 2.19 KB
/
credentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
// Package auth contains types and functions to manage authentication
// credentials for service hosts.
package auth
import (
"net/http"
"github.com/hashicorp/terraform/svchost"
)
// Credentials is a list of CredentialsSource objects that can be tried in
// turn until one returns credentials for a host, or one returns an error.
//
// A Credentials is itself a CredentialsSource, wrapping its members.
// In principle one CredentialsSource can be nested inside another, though
// there is no good reason to do so.
type Credentials []CredentialsSource
// NoCredentials is an empty CredentialsSource that always returns nil
// when asked for credentials.
var NoCredentials CredentialsSource = Credentials{}
// A CredentialsSource is an object that may be able to provide credentials
// for a given host.
//
// Credentials lookups are not guaranteed to be concurrency-safe. Callers
// using these facilities in concurrent code must use external concurrency
// primitives to prevent race conditions.
type CredentialsSource interface {
// ForHost returns a non-nil HostCredentials if the source has credentials
// available for the host, and a nil HostCredentials if it does not.
//
// If an error is returned, progress through a list of CredentialsSources
// is halted and the error is returned to the user.
ForHost(host svchost.Hostname) (HostCredentials, error)
}
// HostCredentials represents a single set of credentials for a particular
// host.
type HostCredentials interface {
// PrepareRequest modifies the given request in-place to apply the
// receiving credentials. The usual behavior of this method is to
// add some sort of Authorization header to the request.
PrepareRequest(req *http.Request)
}
// ForHost iterates over the contained CredentialsSource objects and
// tries to obtain credentials for the given host from each one in turn.
//
// If any source returns either a non-nil HostCredentials or a non-nil error
// then this result is returned. Otherwise, the result is nil, nil.
func (c Credentials) ForHost(host svchost.Hostname) (HostCredentials, error) {
for _, source := range c {
creds, err := source.ForHost(host)
if creds != nil || err != nil {
return creds, err
}
}
return nil, nil
}