aboutsummaryrefslogtreecommitdiffstats
path: root/library/go/yandex/tvm/tvmauth/client_example_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'library/go/yandex/tvm/tvmauth/client_example_test.go')
-rw-r--r--library/go/yandex/tvm/tvmauth/client_example_test.go182
1 files changed, 0 insertions, 182 deletions
diff --git a/library/go/yandex/tvm/tvmauth/client_example_test.go b/library/go/yandex/tvm/tvmauth/client_example_test.go
deleted file mode 100644
index 09e39b5af7..0000000000
--- a/library/go/yandex/tvm/tvmauth/client_example_test.go
+++ /dev/null
@@ -1,182 +0,0 @@
-package tvmauth_test
-
-import (
- "context"
- "fmt"
-
- "github.com/ydb-platform/ydb/library/go/core/log/nop"
- "github.com/ydb-platform/ydb/library/go/yandex/tvm"
- "github.com/ydb-platform/ydb/library/go/yandex/tvm/tvmauth"
-)
-
-func ExampleNewAPIClient_getServiceTicketsWithAliases() {
- blackboxAlias := "blackbox"
- datasyncAlias := "datasync"
-
- settings := tvmauth.TvmAPISettings{
- SelfID: 1000501,
- ServiceTicketOptions: tvmauth.NewAliasesOptions(
- "bAicxJVa5uVY7MjDlapthw",
- map[string]tvm.ClientID{
- blackboxAlias: 1000502,
- datasyncAlias: 1000503,
- }),
- DiskCacheDir: "/var/tmp/cache/tvm/",
- }
-
- c, err := tvmauth.NewAPIClient(settings, &nop.Logger{})
- if err != nil {
- panic(err)
- }
-
- // ...
-
- serviceTicket, _ := c.GetServiceTicketForAlias(context.Background(), blackboxAlias)
- fmt.Printf("Service ticket for visiting backend: %s", serviceTicket)
-}
-
-func ExampleNewAPIClient_getServiceTicketsWithID() {
- blackboxID := tvm.ClientID(1000502)
- datasyncID := tvm.ClientID(1000503)
-
- settings := tvmauth.TvmAPISettings{
- SelfID: 1000501,
- ServiceTicketOptions: tvmauth.NewIDsOptions(
- "bAicxJVa5uVY7MjDlapthw",
- []tvm.ClientID{
- blackboxID,
- datasyncID,
- }),
- DiskCacheDir: "/var/tmp/cache/tvm/",
- }
-
- c, err := tvmauth.NewAPIClient(settings, &nop.Logger{})
- if err != nil {
- panic(err)
- }
-
- // ...
-
- serviceTicket, _ := c.GetServiceTicketForID(context.Background(), blackboxID)
- fmt.Printf("Service ticket for visiting backend: %s", serviceTicket)
-}
-
-func ExampleNewAPIClient_checkServiceTicket() {
- // allowed tvm consumers for your service
- acl := map[tvm.ClientID]interface{}{}
-
- settings := tvmauth.TvmAPISettings{
- SelfID: 1000501,
- EnableServiceTicketChecking: true,
- DiskCacheDir: "/var/tmp/cache/tvm/",
- }
-
- c, err := tvmauth.NewAPIClient(settings, &nop.Logger{})
- if err != nil {
- panic(err)
- }
-
- // ...
- serviceTicketFromRequest := "kek"
-
- serviceTicketStruct, err := c.CheckServiceTicket(context.Background(), serviceTicketFromRequest)
- if err != nil {
- response := map[string]string{
- "error": "service ticket is invalid",
- "desc": err.Error(),
- "status": err.(*tvm.TicketError).Status.String(),
- }
- if serviceTicketStruct != nil {
- response["debug_info"] = serviceTicketStruct.DbgInfo
- }
- panic(response) // return 403
- }
- if _, ok := acl[serviceTicketStruct.SrcID]; !ok {
- response := map[string]string{
- "error": fmt.Sprintf("tvm client id is not allowed: %d", serviceTicketStruct.SrcID),
- }
- panic(response) // return 403
- }
-
- // proceed...
-}
-
-func ExampleNewAPIClient_checkUserTicket() {
- env := tvm.BlackboxTest
- settings := tvmauth.TvmAPISettings{
- SelfID: 1000501,
- EnableServiceTicketChecking: true,
- BlackboxEnv: &env,
- DiskCacheDir: "/var/tmp/cache/tvm/",
- }
-
- c, err := tvmauth.NewAPIClient(settings, &nop.Logger{})
- if err != nil {
- panic(err)
- }
-
- // ...
- serviceTicketFromRequest := "kek"
- userTicketFromRequest := "lol"
-
- _, _ = c.CheckServiceTicket(context.Background(), serviceTicketFromRequest) // See example for this method
-
- userTicketStruct, err := c.CheckUserTicket(context.Background(), userTicketFromRequest)
- if err != nil {
- response := map[string]string{
- "error": "user ticket is invalid",
- "desc": err.Error(),
- "status": err.(*tvm.TicketError).Status.String(),
- }
- if userTicketStruct != nil {
- response["debug_info"] = userTicketStruct.DbgInfo
- }
- panic(response) // return 403
- }
-
- fmt.Printf("Got user in request: %d", userTicketStruct.DefaultUID)
- // proceed...
-}
-
-func ExampleNewAPIClient_createClientWithAllSettings() {
- blackboxAlias := "blackbox"
- datasyncAlias := "datasync"
-
- env := tvm.BlackboxTest
- settings := tvmauth.TvmAPISettings{
- SelfID: 1000501,
- ServiceTicketOptions: tvmauth.NewAliasesOptions(
- "bAicxJVa5uVY7MjDlapthw",
- map[string]tvm.ClientID{
- blackboxAlias: 1000502,
- datasyncAlias: 1000503,
- }),
- EnableServiceTicketChecking: true,
- BlackboxEnv: &env,
- DiskCacheDir: "/var/tmp/cache/tvm/",
- }
-
- _, _ = tvmauth.NewAPIClient(settings, &nop.Logger{})
-}
-
-func ExampleNewToolClient_getServiceTicketsWithAliases() {
- // should be configured in tvmtool
- blackboxAlias := "blackbox"
-
- settings := tvmauth.TvmToolSettings{
- Alias: "my_service",
- Port: 18000,
- AuthToken: "kek",
- }
-
- c, err := tvmauth.NewToolClient(settings, &nop.Logger{})
- if err != nil {
- panic(err)
- }
-
- // ...
-
- serviceTicket, _ := c.GetServiceTicketForAlias(context.Background(), blackboxAlias)
- fmt.Printf("Service ticket for visiting backend: %s", serviceTicket)
- // please extrapolate other methods for this way of construction
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-14 07:45:45 +0000