Categorygithub.com/murkyl/go-objectscale-lite
modulepackage
0.4.2
Repository: https://github.com/murkyl/go-objectscale-lite.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
20
Dependents
1
Files
1.3k SLOC

# README

go-objectscale-lite

go-objectscale-lite is a lightweight wrapper around native Go HTTP calls to interact with a DellEMC ECS/ObjectScale object store. The wrapper handles session creation and tear down if required and can also use AWS v4 signatures to sign requests. If a session expires the module will attempt to automatically re-authenticate. The library is split into 2 sections. The most basic part of the library handles the session and provides basic send commands. The second part of the library wraps the session and send command and provides functions that encapsulate parsing of the responses returned from the API.

Basic code

This library is designed to access the management and configuration APIs rather than perform data access. The basic library handles connections for both DellEMC ECS namespace access as well as IAM access for ObjectScale. When accessing a namespace a connection is required with a user name and password. For access to an ObjectScale endpoint an IAM access ID and secret are required instead and passed in as a signing context. The library can handle automatic reconnects for sessions and signing requests for IAM.

Examples for basic usage

Using a namespace user to list available users in a namespace. Returned result is a raw JSON object which is a map[string]interface{}.

conn := NewSession("[https://endpoint.com:4443](https://endpoint.com:4443)")
conn.SetAuthType("basic")
conn.SetIgnoreCert(true)
conn.SetPassword("user_password")
conn.SetUser("api_user")
if err := conn.Connect(); err != nil {
	fmt.Printf("Unable to connect to API endpoint: %s\n", err)
}
query := map[string]string{
	apiOpAction: "ListUsers",
}
jsonObj, err := conn.Send(
	"POST",
	"iam", // path
	query, // query
	nil,   // body
	map[string]string{"x-emc-namespace": "some_namespace"}, // extra headers
)
conn.Disconnect()

Using an IAM user to list available users in a namespace. Returned result is a raw JSON object which is a map[string]interface{}.

conn := NewSession("[https://endpoint.com:4443](https://endpoint.com:4443)")
conn.SetAuthType("iam")
conn.SetIgnoreCert(true)
conn.SetSigningCtx(NewV4SignerContext("iam_access_id", "iam_secret", "", ""))
if err := conn.Connect(); err != nil {
	fmt.Printf("Unable to connect to API endpoint: %s\n", err)
}
query := map[string]string{
	apiOpAction: "ListUsers",
}
jsonObj, err := conn.Send(
	"POST",
	"iam", // path
	query, // query
	nil,   // body
	map[string]string{"x-emc-namespace": "some_namespace"}, // extra headers
)
conn.Disconnect()

Wrapper code

Wrapper functions return results in a structure for easy access.

Using an IAM user to list available users in a namespace.

conn := NewObjectScaleConn()
err := conn.Connect(&ObjectScaleCfg{
	AuthType:   "iam",
	Endpoint:   "[https://endpoint.com:4443](https://endpoint.com:4443)",
	BypassCert: true,
	SigningCtx: NewV4SignerContext("iam_access_id", "iam_secret", "", ""),
})
data, err := conn.ListIAMUsers("some_namespace", nil)
if err != nil {
	fmt.Printf("Error getting IAM user list: %s\n", err)
}
for _, user := range data.Users {
	fmt.Printf("User: %s", user.UserName)
}
conn.Disconnect()

# Functions

CreateV4CanonicalHeader returns a 2-tuple of strings that consist of a list of signed headers separated by a ; (semicolon) and a string with all the headers and their values concatenated together separated by a \n (line feed) character.
CreateV4CanonicalQueryString returns an AWS canonical query string from an HTTP request The request should be a properly crafted HTTP request.
CreateV4CanonicalURIString returns an AWS canonical URI string.
GetHmacSha256 returns a SHA256 HMAC of a message given a key.
GetHmacSha256Hex returns a SHA256 HMAC hex encoded of a message given a key.
GetSha256 returns a SHA256 of a message.
GetSha256Hex returns a SHA256 hex encoded string of a message.
GetURNFromString takes strings in 3 formats and returns a URN string The URN format looks like: urn:ecs:service::namespace:resource-type/resource-id An example policy URL for ObjectScale: urn:ecs:iam:::policy/NameOfAPolicy The first format is a string that is already in the urn format and that string is returned unchanged The second supports a simple string in the Global/System context The third supports a specific namespace and can be used with the format namespace:policyName.
GetURNPolicyFromString calls GetURNFromString with the resource type "policy".
GetURNRoleFromString calls GetURNFromString with the resource type "role".
GetV4DefaultSignedHeaders returns an array of compiles regular expressions that determine if a header in an HTTP request should be included in the signed request.
GetV4SignatureKey returns the signing key for an AWS V4 signature as an array of bytes datestamp should be in the short time format.
GetV4SignatureKeyHex returns a hexadecimal string equivalent of GetV4SignatureKey.
NewObjectScaleConn returns a connection state object that is used by all other calls in this library.
NewSession is a factory function returning a context object.
NewV4SignerContext returns a context struct that can be used to sign HTTP requests.

# Constants

V4SignerEmptySHA256 is the SHA256 hash of an empty string.
V4SignerTimeFormat is the format for a long format timestamp.
V4SignerTimeFormatShort is the format for a short format timestamp.

# Structs

ObjectScaleAssumedRole holds the return values of an IAM Assume Role response.
ObjectScaleAssumedRoleUser holds the return value for an assumed role in an IAM Assume Role response.
ObjectScaleAssumedSAMLRole holds the return value for a SAML response in an IAM Assume Role SAML response.
ObjectScaleCfg contains the configuration to connect to an ObjectScale cluster endpoint.
ObjectScaleConn contains the state of a connection.
ObjectScaleCredentials holds the access ID, secret key, session token, and expiration.
ObjectScaleGeneralResponse holds general response values for many function calls.
ObjectScaleIAMAccessKey holds the access key and secret for a user.
ObjectScaleIAMGroup represents the values for an IAM group.
ObjectScaleIAMPolicy represents a single IAM policy.
ObjectScaleIAMUser represents the values for an IAM user.
ObjectScaleList is a base structure for most list responses.
ObjectScaleListIAMAccessKeys is a list of IAM groups.
ObjectScaleListIAMAttachedUserPolicies represents a list of policies that are attached to a user.
ObjectScaleListIAMPolicy represents a list of policies.
ObjectScaleListIAMUser is a list of IAM users.
ObjectScaleListIAMUserGroup is a list of IAM groups.
ObjectScaleListIAMUserPolicies represents a list of user policies.
ObjectScaleQueryParams is a general structure holding possible query parameter values to pass into a function.
ObjectScaleSession represents the state object for a connection.
V4SignerContext stores the context user to sign HTTP requests.