wip

Author: ndyakov

credentials.go

@@ -0,0 +1,27 @@
+package entraid
+
+import (
+	auth "github.com/redis/go-redis/v9/auth"
+)
+
+// authCredentials implements the auth.Credentials interface.
+var _ auth.Credentials = (*authCredentials)(nil)
+
+// authCredentials represents the authentication credentials used to access the Entraid API.
+// It contains the username, password, and raw credentials.
+// The authCredentials struct is used to store the authentication credentials
+type authCredentials struct {
+	username       string
+	password       string
+	rawCredentials string
+}
+
+// BasicAuth returns the username and password for basic authentication.
+func (a *authCredentials) BasicAuth() (username string, password string) {
+	return a.username, a.password
+}
+
+// RawCredentials returns the raw credentials for authentication.
+func (a *authCredentials) RawCredentials() string {
+	return a.rawCredentials
+}

credentials_provider.go

@@ -0,0 +1,132 @@
+package entraid
+
+import (
+	"fmt"
+
+	"github.com/redis/go-redis/v9/auth"
+)
+
+// entraidCredentialsProvider implements the auth.StreamingCredentialsProvider interface.
+var _ auth.StreamingCredentialsProvider = (*entraidCredentialsProvider)(nil)
+
+// entraidCredentialsProvider is a struct that implements the CredentialProvider interface.
+type entraidCredentialsProvider struct {
+	options CredentialsProviderOptions
+
+	tokenManager       TokenManager
+	cancelTokenManager cancelFunc
+
+	listeners []auth.CredentialsListener
+}
+
+// onTokenNext is a method that is called when the token manager receives a new token.
+func (e *entraidCredentialsProvider) onTokenNext(token *Token) {
+	// Notify all listeners with the new token.
+	for _, listener := range e.listeners {
+		listener.OnNext(&authCredentials{
+			username:       token.Username,
+			password:       token.Password,
+			rawCredentials: token.RawToken,
+		})
+	}
+}
+
+// onError is a method that is called when the token manager encounters an error.
+// It notifies all listeners with the error.
+func (e *entraidCredentialsProvider) onTokenError(err error) {
+	// Notify all listeners with the error.
+	for _, listener := range e.listeners {
+		listener.OnError(err)
+	}
+}
+
+// Subscribe subscribes to the credentials provider and returns a channel that will receive updates.
+// The first response is blocking, then data will notify the listener.
+// The listener will be notified with the credentials when they are available.
+// The listener will be notified with an error if there is an error obtaining the credentials.
+// The caller can cancel the subscription by calling the cancel function which is the second return value.
+func (e *entraidCredentialsProvider) Subscribe(listener auth.CredentialsListener) (auth.Credentials, auth.CancelProviderFunc, error) {
+	// Check if the listener is already in the list of listeners.
+	alreadySubscribed := false
+	for _, l := range e.listeners {
+		if l == listener {
+			alreadySubscribed = true
+			break
+		}
+	}
+
+	if !alreadySubscribed {
+		// Get the token from the identity provider.
+		e.listeners = append(e.listeners, listener)
+	}
+
+	token, err := e.tokenManager.GetToken()
+	if err != nil {
+		listener.OnError(err)
+		return nil, nil, err
+	}
+
+	// Create a new credentials object.
+	credentials := &authCredentials{
+		username:       token.Username,
+		password:       token.Password,
+		rawCredentials: token.RawToken,
+	}
+
+	// Notify the listener with the credentials.
+	listener.OnNext(credentials)
+
+	cancel := func() error {
+		// Remove the listener from the list of listeners.
+		for i, l := range e.listeners {
+			if l == listener {
+				e.listeners = append(e.listeners[:i], e.listeners[i+1:]...)
+				break
+			}
+		}
+		if len(e.listeners) == 0 {
+			e.cancelTokenManager()
+		}
+		return nil
+	}
+
+	return credentials, cancel, nil
+}
+
+// newCredentialsProvider creates a new credentials provider.
+// It takes a TokenManager and CredentialProviderOptions as arguments and returns a StreamingCredentialsProvider interface.
+// The TokenManager is used to obtain the token, and the CredentialProviderOptions contains options for the credentials provider.
+// The credentials provider is responsible for managing the credentials and refreshing them when necessary.
+// It returns an error if the token manager cannot be started.
+func newCredentialsProvider(tokenManager TokenManager, options CredentialProviderOptions) (auth.StreamingCredentialsProvider, error) {
+	cp := &entraidCredentialsProvider{
+		tokenManager: tokenManager,
+		options:      options,
+	}
+	cancelTokenManager, err := cp.tokenManager.Start(tokenListenerFromCP(cp))
+	if err != nil {
+		return nil, fmt.Errorf("couldn't start token manager: %w", err)
+	}
+	cp.cancelTokenManager = cancelTokenManager
+	return cp, nil
+}
+
+type entraidTokenListener struct {
+	onTokenNext  func(token *Token)
+	onTokenError func(err error)
+}
+
+func tokenListenerFromCP(cp *entraidCredentialsProvider) *entraidTokenListener {
+	return &entraidTokenListener{
+		onTokenNext:  cp.onTokenNext,
+		onTokenError: cp.onTokenError,
+	}
+}
+
+func (l *entraidTokenListener) OnTokenNext(token *Token) {
+	l.onTokenNext(token)
+}
+
+func (l *entraidTokenListener) OnTokenError(err error) {
+	l.onTokenError(err)
+}

entraid.go

@@ -0,0 +1 @@
+package entraid

errors.go

@@ -0,0 +1,5 @@
+package entraid
+
+import "fmt"
+
+var ErrNotImplemented = fmt.Errorf("credentials provider not implemented")

examples/example_test.go

@@ -0,0 +1,16 @@
+package examples_test
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/redis/go-redis/v9"
+)
+
+func ExampleEstablishRedisConn() {
+	rdb := redis.NewUniversalClient(&redis.UniversalOptions{
+		Addrs: []string{"localhost:6379"},
+	})
+	fmt.Println(rdb.Ping(context.Background()).String())
+	// Output: ping: PONG
+}

examples/go.mod

@@ -0,0 +1,10 @@
+module examples
+
+go 1.23
+
+require github.com/redis/go-redis/v9 v9.7.1
+
+require (
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+)

examples/go.sum

@@ -0,0 +1,10 @@
+github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
+github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
+github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
+github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
+github.com/redis/go-redis/v9 v9.7.1 h1:4LhKRCIduqXqtvCUlaq9c8bdHOkICjDMrr1+Zb3osAc=
+github.com/redis/go-redis/v9 v9.7.1/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw=

go.mod

@@ -2,4 +2,8 @@ module github.com/redis-developer/go-redis-entraid
 
 go 1.18
 
+replace github.com/redis/go-redis/v9 => /Users/nedyalko.dyakov/go-redis/
 
+require github.com/redis/go-redis/v9 v9.7.1
+
+require github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1 // indirect

go.sum

@@ -0,0 +1,5 @@
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1 h1:8BKxhZZLX/WosEeoCvWysmKUscfa9v8LIPEEU0JjE2o=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
+github.com/redis/go-redis/v9 v9.7.1/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw=

identity_provider.go

@@ -0,0 +1,6 @@
+package entraid
+
+type IdentityProvider interface {
+	// requestToken requests a token from the identity provider.
+	requestToken() (string, error)
+}