/
spec.go
67 lines (55 loc) · 2.09 KB
/
spec.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/*
* Copyright (c) 2017, The Easegress Authors
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package signer
import "time"
// Spec defines the configuration of a Signer
type Spec struct {
Literal *Literal `json:"literal,omitempty"`
HeaderHoisting *HeaderHoisting `json:"headerHoisting,omitempty"`
IgnoredHeaders []string `json:"ignoredHeaders,omitempty" jsonschema:"uniqueItems=true"`
ExcludeBody bool `json:"excludeBody,omitempty"`
TTL string `json:"ttl,omitempty" jsonschema:"format=duration"`
AccessKeyID string `json:"accessKeyId,omitempty"`
AccessKeySecret string `json:"accessKeySecret,omitempty"`
AccessKeys map[string]string `json:"accessKeys,omitempty"`
// TODO: AccessKeys is used as an internal access key store, but an external store is also needed
}
type idSecretMap map[string]string
func (m idSecretMap) GetSecret(id string) (string, bool) {
s, ok := m[id]
return s, ok
}
// CreateFromSpec create a Signer from configuration
func CreateFromSpec(spec *Spec) *Signer {
signer := New()
signer.SetCredential(spec.AccessKeyID, spec.AccessKeySecret)
if spec.Literal != nil {
signer.SetLiteral(spec.Literal)
}
if spec.HeaderHoisting != nil {
signer.SetHeaderHoisting(spec.HeaderHoisting)
}
signer.IgnoreHeader(spec.IgnoredHeaders...)
signer.ExcludeBody(spec.ExcludeBody)
if ttl, e := time.ParseDuration(spec.TTL); e == nil {
signer.SetTTL(ttl)
}
if len(spec.AccessKeys) > 0 {
signer.SetAccessKeyStore(idSecretMap(spec.AccessKeys))
}
return signer
}