access-token-provider: Provides Access Token for Services

[ bsd3, data, library ] [ Propose Tags ]

Access Token Provider supporting multiple provider backends, including OAuth2 Resource Owner Password Credentials Grant, file-based token access (e.g. for Kubernetes) and fetching tokens from the environment (e.g. for local testing). The package is configurable via environment variables.


[Skip to Readme]
Versions 0.1.0.0, 0.1.1.0
Dependencies aeson, aeson-casing, base (>=4.7 && <5), base64-bytestring, bytestring, containers, exceptions, filepath, http-client, http-client-tls, http-types, katip, lens, lens-aeson, mtl, random, safe-exceptions, say, stm, text, th-format (>=0.1.2.0), transformers, unliftio, unliftio-core [details]
License BSD-3-Clause
Copyright (c) 2018 Moritz Clasmeier
Author Moritz Clasmeier
Maintainer mtesseract@silverratio.net
Category Data
Home page https://github.com/mtesseract/access-token-provider#readme
Source repo head: git clone https://github.com/mtesseract/access-token-provider
Uploaded by mtesseract at Tue May 1 21:15:56 UTC 2018
Distributions NixOS:0.1.1.0
Downloads 57 total (43 in the last 30 days)
Rating (no votes yet) [estimated by rule of succession]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2018-05-01 [all 1 reports]
Hackage Matrix CI

Modules

[Index]

Downloads

Maintainer's Corner

For package maintainers and hackage trustees


Readme for access-token-provider-0.1.1.0

[back to package description]

Access Token Provider Hackage version Stackage version Build Status

This package provides a convenient retrieval mechanism for access tokens. Multiple provider backends, including OAuth2 Resource Owner Password Credentials Grant, file-based token access (e.g. for Kubernetes) and fetching tokens from the environment (e.g. for local testing) are supported; custom provider backends can easily be added.

Examples

import qualified Security.AccessTokenProvider as ATP

retrieveSomeToken :: IO ()
retrieveSomeToken = do
  tokenProvider <- ATP.new (AccessTokenName "token-name")
  token <- ATP.retrieveAccessToken tokenProvider
  print token

Configuration

Configuration is done by setting certain environment variables, depending on the provider.

OAuth2 based token retrieval

The OAuth2 (Resource Owner Password Credentials Grant) provider expects the ATP_CONF_ROPCG environment variable to contain a JSON object as follows:

{
  "credentials_directory": "/optional/credentials/directory",
  "auth_endpoint": "<OAuth2 authentication endpoint>",
  "tokens": {"token-name": {"scopes": ["first-scope", "second-scope"]}}
}

The credentials_directory setting defaults to the content of the environment variable CREDENTIALS_DIR. It is expected to contain the files user.json and client.json, containing the user and client credentials respectively.

File based token retrieval (e.g. for Kubernetes)

The file based provider expects the ATP_CONF_FILE environment variable to contain a JSON object as follows:

{
  "tokens": {"token-name": "/some/file/name"}
}

As a short cut, you can simply save a token path directly in the environment variable TOKEN_FILE.

Environment based token retrieval (e.g. for testing)

The file based provider expects the ATP_CONF_FIXED environment variable to contain a JSON object as follows:

{
  "tokens": {"token-name": "some-fixed-token"}
}