ydb_unofficial/auth/mod.rs
1//! Staff to implement authentication to Ydb.
2//! You can make your own auth by implement [`Credentials`]
3
4
5use std::sync::{Arc, RwLock};
6
7use super::*;
8/// Trait to creates tokens for ydb auth
9pub trait Credentials: Clone + Send + 'static {
10 fn token(&self) -> AsciiValue;
11}
12
13impl Credentials for String {
14 fn token(&self) -> AsciiValue {
15 self.clone().try_into().unwrap()
16 }
17}
18
19#[derive(Debug, Clone)]
20pub struct UpdatableToken {
21 token: Arc<RwLock<AsciiValue>>,
22}
23
24impl UpdatableToken {
25 pub fn new(token: AsciiValue) -> Self {
26 let token = Arc::new(RwLock::new(token));
27 Self {token}
28 }
29}
30
31impl Credentials for UpdatableToken {
32 fn token(&self) -> AsciiValue {
33 self.token.read().unwrap().clone()
34 }
35}
36
37#[cfg(feature = "auth-cli")]
38#[cfg_attr(docsrs, doc(cfg(feature = "auth-cli")))]
39/// [`Credentials`] implementation that create and updates token every 11 hours by run command `yc iam create-token`
40pub mod cli;
41
42#[cfg(feature = "auth-sa")]
43#[cfg_attr(docsrs, doc(cfg(feature = "auth-sa")))]
44/// Service account authentication implementation. Uses authorized key (in json) created by Yandex Cloud
45/// Implements [`Credentials`] with auto-updatable token
46///
47/// # Examples
48///
49/// ``` rust
50/// # #[tokio::main]
51/// # async fn main() {
52/// use ydb_unofficial::auth::sa::{ServiceAccountKey, ServiceAccountCredentials};
53/// let path = "test-env/authorized_key.json";
54/// let file = std::fs::File::open(path).unwrap();
55/// let key: ServiceAccountKey = serde_json::from_reader(file).unwrap();
56/// let creds = ServiceAccountCredentials::create(key).await.unwrap();
57/// # }
58/// ```
59pub mod sa;