Socket
Socket
Sign inDemoInstall

github.com/open-telemetry/opentelemetry-collector-contrib/extension/oauth2clientauthextension

Package Overview
Dependencies
66
Alerts
File Explorer

Install Socket

Detect and block malicious and high-risk dependencies

Install

    github.com/open-telemetry/opentelemetry-collector-contrib/extension/oauth2clientauthextension

Package oauth2clientauthextension implements `cauth.Client` This extension provides OAuth2 Client Credentials flow authenticator for HTTP and gRPC based exporters. The extension fetches and refreshes the token after expiry For further details about OAuth2 Client Credentials flow refer https://datatracker.ietf.org/doc/html/rfc6749#section-4.4


Version published

Readme

Source

Authenticator - OAuth2 Client Credentials

Status
Stabilitybeta
Distributionscontrib, grafana, redhat, sumo
IssuesOpen issues Closed issues
Code Owners@pavankrish123, @jpkrohling

This extension provides OAuth2 Client Credentials flow authenticator for HTTP and gRPC based exporters. The extension fetches and refreshes the token after expiry automatically. For further details about OAuth2 Client Credentials flow (2-legged workflow) refer https://datatracker.ietf.org/doc/html/rfc6749#section-4.4.

The authenticator type has to be set to oauth2client.

Configuration

extensions:
  oauth2client:
    client_id: someclientid
    client_secret: someclientsecret
    endpoint_params:
      audience: someaudience
    token_url: https://example.com/oauth2/default/v1/token
    scopes: ["api.metrics"]
    # tls settings for the token client
    tls:
      insecure: true
      ca_file: /var/lib/mycert.pem
      cert_file: certfile
      key_file: keyfile
    # timeout for the token client
    timeout: 2s
    
receivers:
  hostmetrics:
    scrapers:
      memory:
  otlp:
    protocols:
      grpc:

exporters:
  otlphttp/withauth:
    endpoint: http://localhost:9000
    auth:
      authenticator: oauth2client
      
  otlp/withauth:
    endpoint: 0.0.0.0:5000
    ca_file: /tmp/certs/ca.pem
    auth:
      authenticator: oauth2client

service:
  extensions: [oauth2client]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [otlphttp/withauth, otlp/withauth]

Following are the configuration fields

  • token_url - The resource server's token endpoint URLs.
  • client_id - The client identifier issued to the client.
  • client_id_file - The file path to retrieve the client identifier issued to the client. The extension reads this file and updates the client ID used whenever it needs to issue a new token. This enables dynamically changing the client credentials by modifying the file contents when, for example, they need to rotate.
    This setting takes precedence over client_id.
  • client_secret - The secret string associated with above identifier.
  • client_secret_file - The file path to retrieve the secret string associated with above identifier. The extension reads this file and updates the client secret used whenever it needs to issue a new token. This enables dynamically changing the client credentials by modifying the file contents when, for example, they need to rotate.
    This setting takes precedence over client_secret.
  • endpoint_params - Additional parameters that are sent to the token endpoint.
  • scopes - Optional optional requested permissions associated for the client.
  • timeout - Optional specifies the timeout on the underlying client to authorization server for fetching the tokens (initial and while refreshing). This is optional and not setting this configuration implies there is no timeout on the client.

For more information on client side TLS settings, see configtls README.

FAQs

Last updated on 24 Jan 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc