mirror of https://github.com/milvus-io/milvus.git
85 lines
2.6 KiB
Go
85 lines
2.6 KiB
Go
/*
|
|
* # Licensed to the LF AI & Data foundation under one
|
|
* # or more contributor license agreements. See the NOTICE file
|
|
* # distributed with this work for additional information
|
|
* # regarding copyright ownership. The ASF licenses this file
|
|
* # to you under the Apache License, Version 2.0 (the
|
|
* # "License"); you may not use this file except in compliance
|
|
* # with the License. You may obtain a copy of the License at
|
|
* #
|
|
* # http://www.apache.org/licenses/LICENSE-2.0
|
|
* #
|
|
* # Unless required by applicable law or agreed to in writing, software
|
|
* # distributed under the License is distributed on an "AS IS" BASIS,
|
|
* # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* # See the License for the specific language governing permissions and
|
|
* # limitations under the License.
|
|
*/
|
|
|
|
package credentials
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"fmt"
|
|
)
|
|
|
|
const (
|
|
APIKey string = "apikey"
|
|
AccessKeyId string = "access_key_id"
|
|
SecretAccessKey string = "secret_access_key"
|
|
// #nosec G101
|
|
CredentialJSON string = "credential_json"
|
|
)
|
|
|
|
// The current version only supports plain text, and cipher text will be supported later.
|
|
type Credentials struct {
|
|
// key formats:
|
|
// {credentialName}.apikey
|
|
// {credentialName}.access_key_id
|
|
// {credentialName}.secret_access_key
|
|
// {credentialName}.credential_json
|
|
confMap map[string]string
|
|
}
|
|
|
|
func NewCredentials(conf map[string]string) *Credentials {
|
|
return &Credentials{conf}
|
|
}
|
|
|
|
func (c *Credentials) GetAPIKeyCredential(name string) (string, error) {
|
|
k := name + "." + APIKey
|
|
apikey, exist := c.confMap[k]
|
|
if !exist {
|
|
return "", fmt.Errorf("%s is not a apikey crediential, can not find key: %s", name, k)
|
|
}
|
|
return apikey, nil
|
|
}
|
|
|
|
func (c *Credentials) GetAKSKCredential(name string) (string, string, error) {
|
|
IdKey := name + "." + AccessKeyId
|
|
accessKeyId, exist := c.confMap[IdKey]
|
|
if !exist {
|
|
return "", "", fmt.Errorf("%s is not a aksk crediential, can not find key: %s", name, IdKey)
|
|
}
|
|
|
|
AccessKey := name + "." + SecretAccessKey
|
|
secretAccessKey, exist := c.confMap[AccessKey]
|
|
if !exist {
|
|
return "", "", fmt.Errorf("%s is not a aksk crediential, can not find key: %s", name, AccessKey)
|
|
}
|
|
return accessKeyId, secretAccessKey, nil
|
|
}
|
|
|
|
func (c *Credentials) GetGcpCredential(name string) ([]byte, error) {
|
|
k := name + "." + CredentialJSON
|
|
jsonByte, exist := c.confMap[k]
|
|
if !exist {
|
|
return nil, fmt.Errorf("%s is not a gcp crediential, can not find key: %s ", name, k)
|
|
}
|
|
|
|
decode, err := base64.StdEncoding.DecodeString(jsonByte)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("Parse gcp credential:%s faild, err: %s", name, err)
|
|
}
|
|
return decode, nil
|
|
}
|