Source File
hmac.go
Belonging Package
cloud.google.com/go/storage
Copyright 2019 Google LLC Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
package storage
import (
raw
)
HMACState is the state of the HMAC key. This type is EXPERIMENTAL and subject to change or removal without notice.
Active is the status for an active key that can be used to sign requests.
Inactive is the status for an inactive key thus requests signed by this key will be denied.
Deleted is the status for a key that is deleted. Once in this state the key cannot key cannot be recovered and does not count towards key limits. Deleted keys will be cleaned up later.
HMACKey is the representation of a Google Cloud Storage HMAC key. HMAC keys are used to authenticate signed access to objects. To enable HMAC key authentication, please visit https://cloud.google.com/storage/docs/migrating. This type is EXPERIMENTAL and subject to change or removal without notice.
ProjectID is the ID of the project that owns the service account to which the key authenticates.
ServiceAccountEmail is the email address of the key's associated service account.
CreatedTime is the creation time of the HMAC key.
UpdatedTime is the last modification time of the HMAC key metadata.
State is the state of the HMAC key. It can be one of StateActive, StateInactive or StateDeleted.
HMACKeyHandle helps provide access and management for HMAC keys. This type is EXPERIMENTAL and subject to change or removal without notice.
type HMACKeyHandle struct {
projectID string
accessID string
raw *raw.ProjectsHmacKeysService
}
HMACKeyHandle creates a handle that will be used for HMACKey operations. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *Client) (, string) *HMACKeyHandle {
return &HMACKeyHandle{
projectID: ,
accessID: ,
raw: raw.NewProjectsHmacKeysService(.raw),
}
}
Get invokes an RPC to retrieve the HMAC key referenced by the HMACKeyHandle's accessID. Options such as UserProjectForHMACKeys can be used to set the userProject to be billed against for operations. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *HMACKeyHandle) ( context.Context, ...HMACKeyOption) (*HMACKey, error) {
:= .raw.Get(.projectID, .accessID)
:= new(hmacKeyDesc)
for , := range {
.withHMACKeyDesc()
}
if .userProjectID != "" {
= .UserProject(.userProjectID)
}
setClientHeader(.Header())
var *raw.HmacKeyMetadata
var error
= runWithRetry(, func() error {
, = .Context().Do()
return
})
if != nil {
return nil,
}
:= &raw.HmacKey{
Metadata: ,
}
return pbHmacKeyToHMACKey(, false)
}
Delete invokes an RPC to delete the key referenced by accessID, on Google Cloud Storage. Only inactive HMAC keys can be deleted. After deletion, a key cannot be used to authenticate requests. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *HMACKeyHandle) ( context.Context, ...HMACKeyOption) error {
:= .raw.Delete(.projectID, .accessID)
:= new(hmacKeyDesc)
for , := range {
.withHMACKeyDesc()
}
if .userProjectID != "" {
= .UserProject(.userProjectID)
}
setClientHeader(.Header())
return runWithRetry(, func() error {
return .Context().Do()
})
}
func ( *raw.HmacKey, bool) (*HMACKey, error) {
:= .Metadata
if == nil {
return nil, errors.New("field Metadata cannot be nil")
}
, := time.Parse(time.RFC3339, .TimeCreated)
if != nil {
return nil, fmt.Errorf("field CreatedTime: %v", )
}
, := time.Parse(time.RFC3339, .Updated)
if != nil && ! {
return nil, fmt.Errorf("field UpdatedTime: %v", )
}
:= &HMACKey{
AccessID: .AccessId,
Secret: .Secret,
Etag: .Etag,
ID: .Id,
State: HMACState(.State),
ProjectID: .ProjectId,
CreatedTime: ,
UpdatedTime: ,
ServiceAccountEmail: .ServiceAccountEmail,
}
return , nil
}
CreateHMACKey invokes an RPC for Google Cloud Storage to create a new HMACKey. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *Client) ( context.Context, , string, ...HMACKeyOption) (*HMACKey, error) {
if == "" {
return nil, errors.New("storage: expecting a non-blank projectID")
}
if == "" {
return nil, errors.New("storage: expecting a non-blank service account email")
}
:= raw.NewProjectsHmacKeysService(.raw)
:= .Create(, )
:= new(hmacKeyDesc)
for , := range {
.withHMACKeyDesc()
}
if .userProjectID != "" {
= .UserProject(.userProjectID)
}
setClientHeader(.Header())
var *raw.HmacKey
var error
= runWithRetry(, func() error {
, = .Context().Do()
return
})
if != nil {
return nil,
}
return pbHmacKeyToHMACKey(, true)
}
HMACKeyAttrsToUpdate defines the attributes of an HMACKey that will be updated. This type is EXPERIMENTAL and subject to change or removal without notice.
Update mutates the HMACKey referred to by accessID. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *HMACKeyHandle) ( context.Context, HMACKeyAttrsToUpdate, ...HMACKeyOption) (*HMACKey, error) {
if .State != Active && .State != Inactive {
return nil, fmt.Errorf("storage: invalid state %q for update, must be either %q or %q", .State, Active, Inactive)
}
:= .raw.Update(.projectID, .accessID, &raw.HmacKeyMetadata{
Etag: .Etag,
State: string(.State),
})
:= new(hmacKeyDesc)
for , := range {
.withHMACKeyDesc()
}
if .userProjectID != "" {
= .UserProject(.userProjectID)
}
setClientHeader(.Header())
var *raw.HmacKeyMetadata
var error
= runWithRetry(, func() error {
, = .Context().Do()
return
})
if != nil {
return nil,
}
:= &raw.HmacKey{
Metadata: ,
}
return pbHmacKeyToHMACKey(, false)
}
An HMACKeysIterator is an iterator over HMACKeys. Note: This iterator is not safe for concurrent operations without explicit synchronization. This type is EXPERIMENTAL and subject to change or removal without notice.
ListHMACKeys returns an iterator for listing HMACKeys. Note: This iterator is not safe for concurrent operations without explicit synchronization. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *Client) ( context.Context, string, ...HMACKeyOption) *HMACKeysIterator {
:= &HMACKeysIterator{
ctx: ,
raw: raw.NewProjectsHmacKeysService(.raw),
projectID: ,
}
for , := range {
.withHMACKeyDesc(&.desc)
}
.pageInfo, .nextFunc = iterator.NewPageInfo(
.fetch,
func() int { return len(.hmacKeys) - .index },
func() interface{} {
:= .hmacKeys
.hmacKeys = .hmacKeys[:0]
.index = 0
return
})
return
}
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns iterator.Done, all subsequent calls will return iterator.Done. Note: This iterator is not safe for concurrent operations without explicit synchronization. This method is EXPERIMENTAL and subject to change or removal without notice.
PageInfo supports pagination. See the google.golang.org/api/iterator package for details. Note: This iterator is not safe for concurrent operations without explicit synchronization. This method is EXPERIMENTAL and subject to change or removal without notice.
func ( *HMACKeysIterator) () *iterator.PageInfo { return .pageInfo }
func ( *HMACKeysIterator) ( int, string) ( string, error) {
:= .raw.List(.projectID)
setClientHeader(.Header())
if != "" {
= .PageToken()
}
if .desc.showDeletedKeys {
= .ShowDeletedKeys(true)
}
if .desc.userProjectID != "" {
= .UserProject(.desc.userProjectID)
}
if .desc.forServiceAccountEmail != "" {
= .ServiceAccountEmail(.desc.forServiceAccountEmail)
}
if > 0 {
= .MaxResults(int64())
}
:= .ctx
var *raw.HmacKeysMetadata
= runWithRetry(.ctx, func() error {
, = .Context().Do()
return
})
if != nil {
return "",
}
for , := range .Items {
:= &raw.HmacKey{
Metadata: ,
}
, := pbHmacKeyToHMACKey(, true)
if != nil {
return "",
}
.hmacKeys = append(.hmacKeys, )
}
return .NextPageToken, nil
}
type hmacKeyDesc struct {
forServiceAccountEmail string
showDeletedKeys bool
userProjectID string
}
HMACKeyOption configures the behavior of HMACKey related methods and actions. This interface is EXPERIMENTAL and subject to change or removal without notice.
type HMACKeyOption interface {
withHMACKeyDesc(*hmacKeyDesc)
}
type hmacKeyDescFunc func(*hmacKeyDesc)
func ( hmacKeyDescFunc) ( *hmacKeyDesc) {
()
}
ForHMACKeyServiceAccountEmail returns HMAC Keys that are associated with the email address of a service account in the project. Only one service account email can be used as a filter, so if multiple of these options are applied, the last email to be set will be used. This option is EXPERIMENTAL and subject to change or removal without notice.
func ( string) HMACKeyOption {
return hmacKeyDescFunc(func( *hmacKeyDesc) {
.forServiceAccountEmail =
})
}
ShowDeletedHMACKeys will also list keys whose state is "DELETED". This option is EXPERIMENTAL and subject to change or removal without notice.
func () HMACKeyOption {
return hmacKeyDescFunc(func( *hmacKeyDesc) {
.showDeletedKeys = true
})
}
UserProjectForHMACKeys will bill the request against userProjectID if userProjectID is non-empty. Note: This is a noop right now and only provided for API compatibility. This option is EXPERIMENTAL and subject to change or removal without notice.
func ( string) HMACKeyOption {
return hmacKeyDescFunc(func( *hmacKeyDesc) {
.userProjectID =
})
 |
The pages are generated with Golds v0.3.2-preview. (GOOS=darwin GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds. |