11package entraid
22
33import (
4+ "crypto"
5+ "crypto/x509"
6+
47 "github.com/redis/go-redis/v9/auth"
58)
69
@@ -9,6 +12,10 @@ type CredentialsProviderOptions struct {
912 // This is used to identify the identity when requesting a token.
1013 ClientID string
1114
15+ // TenantID is the tenant ID of the service principal.
16+ // This is used to identify the tenant when requesting a token.
17+ TenantID string
18+
1219 // Scopes is a list of scopes that the identity has access to.
1320 // This is used to specify the permissions that the identity has when requesting a token.
1421 Scopes []string
@@ -23,42 +30,59 @@ type CredentialsProviderOptions struct {
2330 OnRetryableError func (error ) error
2431}
2532
26- type SystemAssignedOptions struct {
27- CredentialsProviderOptions
28- }
29-
30- func NewSystemAssignedCredentialsProvider (options SystemAssignedOptions ) (auth.StreamingCredentialsProvider , error ) {
31- return nil , ErrNotImplemented
32- }
33-
34- type UserAssignedOptions struct {
35- CredentialsProviderOptions
36- }
33+ const (
34+ // SystemAssignedIdentity is the type of identity that is automatically managed by Azure.
35+ SystemAssignedIdentity = "SystemAssigned"
36+ // UserAssignedIdentity is the type of identity that is managed by the user.
37+ UserAssignedIdentity = "UserAssigned"
3738
38- func NewUserAssignedCredentialsProvider (options UserAssignedOptions ) (auth.StreamingCredentialsProvider , error ) {
39- return nil , ErrNotImplemented
40- }
39+ // ClientSecretCredentialType is the type of credentials that uses a client secret to authenticate.
40+ ClientSecretCredentialType = "ClientSecret"
41+ // ClientCertificateCredentialType is the type of credentials that uses a client certificate to authenticate.
42+ ClientCertificateCredentialType = "ClientCertificate"
43+ )
4144
42- type ClientCredentialsOptions struct {
45+ type ManagedIdentityCredentialsProviderOptions struct {
4346 CredentialsProviderOptions
47+ ManagedIdentityType string
4448}
4549
46- func NewClientCredentialsCredentialsProvider (options ClientCredentialsOptions ) (auth.StreamingCredentialsProvider , error ) {
50+ // NewManagedIdentityCredentialsProvider creates a new streaming credentials provider for managed identity.
51+ // It uses the provided options to configure the provider.
52+ // Use this when you want either a system assigned identity or a user assigned identity.
53+ // The system assigned identity is automatically managed by Azure and does not require any additional configuration.
54+ // The user assigned identity is a separate resource that can be managed independently.
55+ func NewManagedIdentityCredentialsProvider (options ManagedIdentityCredentialsProviderOptions ) (* auth.StreamingCredentialsProvider , error ) {
4756 return nil , ErrNotImplemented
4857}
4958
50- type DefaultAzureOptions struct {
59+ type ServicePrincipalCredentialsProviderOptions struct {
5160 CredentialsProviderOptions
52- }
5361
54- func NewDefaultAzureCredentialsProvider (options DefaultAzureOptions ) (auth.StreamingCredentialsProvider , error ) {
55- return nil , ErrNotImplemented
56- }
57-
58- type AuthorizationCodeWithPKCEOptions struct {
59- CredentialsProviderOptions
62+ // ClientCredentialType is the type of credentials that are used to authenticate the service principal.
63+ // This can be either ClientSecret or ClientCertificate.
64+ // ClientSecret is used to authenticate the service principal when requesting a token.
65+ // ClientCertificate is used to authenticate the service principal using a certificate.
66+ ClientCredentialType string
67+
68+ // ClientSecret is the client secret of the service principal.
69+ // This is used to authenticate the service principal when requesting a token.
70+ ClientSecret string
71+
72+ // ClientCertificate is the client certificate of the service principal.
73+ // This is used to authenticate the service principal when requesting a token.
74+ ClientCertificate x509.Certificate
75+ // ClientCertificatePrivateKey is the private key of the client certificate.
76+ // This is used to authenticate the service principal when requesting a token.
77+ ClientCertificatePrivateKey crypto.PrivateKey
6078}
6179
62- func NewAuthorizationCodeWithPKCECredentialsProvider (options AuthorizationCodeWithPKCEOptions ) (auth.StreamingCredentialsProvider , error ) {
80+ // NewServicePrincipalCredentialsProvider creates a new streaming credentials provider for service principal.
81+ // It uses the provided options to configure the provider.
82+ // Use this when you want to use a service principal to authenticate with Azure.
83+ // The service principal is a security identity that is used to authenticate with Azure.
84+ // It is typically used in scenarios where a user cannot be present to authenticate interactively.
85+ // The service principal is created in Azure Active Directory and is used to authenticate with Azure resources.
86+ func NewServicePrincipalCredentialsProvider (options ServicePrincipalCredentialsProviderOptions ) (* auth.StreamingCredentialsProvider , error ) {
6387 return nil , ErrNotImplemented
6488}
0 commit comments