README
¶
go-onetimesecret
go-onetimesecret is a Go client for One-Time Secret. It includes a command-line interface, ots.
Installation
$ go get github.com/corbaltcode/go-onetimesecret
Creating a Client
All operations are performed by calling methods on a Client. Create a Client by supplying your username (email) and password from onetimesecret.com.
import ots "github.com/corbaltcode/go-onetimesecret"
client := ots.Client{
Username: "[email protected]",
Key: "my-api-key",
}
Storing & Retrieving Secrets
Use Client.Put and Client.Get to store and retrieve secrets. Once a secret has been retrieved, it's gone.
metadata, err := client.Put("the launch codes", "", 0, "")
if err != nil { ... }
secret, err := client.Get(metadata.SecretKey, "")
if err != nil { ... }
// prints "the launch codes"
print(secret)
// now the secret is gone
secret, err = client.Get(metadata.SecretKey, "")
if errors.Is(err, ots.ErrNotFound) {
// handle error
}
Using a Passphrase
Protect a secret by providing a passphrase to Client.Put and Client.Generate (see below). The passphrase will be required to retrieve or destroy the secret.
passphrase := xyzzy
metadata, err := client.Put("the launch codes", passphrase, 0, "")
if err != nil { ... }
secret, err = client.Get(metadata.SecretKey, "wrong passphrase")
if errors.Is(err, ots.ErrNotFound) {
// handle error
}
secret, err := client.Get(metadata.SecretKey, passphrase)
if err != nil { ... }
// prints "the launch codes"
print(secret)
Generating Secrets
One-Time Secret can generate short, unique secrets.
passphrase := "xyzzy"
secret, metadata, err := client.Generate(passphrase, 0, "")
if err != nil { ... }
// prints the generated secret
print(secret)
Destroying Secrets
Destroy a secret by passing the metadata key and passphrase, if necessary, to Client.Burn.
passphrase := "xyzzy"
metadata, err := client.Put("the launch codes", passphrase, 0, "")
if err != nil { ... }
// destroys the secret
metadata, err = client.Burn(metadata.MetadataKey, passphrase)
if err != nil { ... }
// now the secret is gone
metadata, err = client.Burn(metadata.MetadataKey, passphrase)
if errors.Is(err, ots.ErrNotFound) {
// handle error
}
Sharing Secrets
Use Metadata.SecretURL to get a URL for sharing the secret:
metadata, err := client.Generate("", 0, "")
if err != nil { ... }
url, err := metadata.SecretURL()
if err != nil { ... }
// prints "https://onetimesecret.com/secret/<secret-key>"
print(url.String())
Testing
Set the environment variables OTS_USERNAME and OTS_KEY, then:
go test ./...
Contributing
Submit issues and pull requests to corbaltcode/go-onetimesecret on GitHub.
Documentation
¶
Index ¶
- Variables
- type Client
- func (c *Client) Burn(metadataKey string, passphrase string) (Metadata, error)
- func (c *Client) Generate(passphrase string, secretTTL int, recipient string) (string, Metadata, error)
- func (c *Client) Get(secretKey string, passphrase string) (string, error)
- func (c *Client) GetMetadata(metadataKey string) (Metadata, error)
- func (c *Client) GetRecentMetadata() ([]PartialMetadata, error)
- func (c *Client) GetSystemStatus() (SystemStatus, error)
- func (c *Client) Put(secret string, passphrase string, secretTTL int, recipient string) (Metadata, error)
- type Metadata
- type PartialMetadata
- type SecretState
- type SystemStatus
Constants ¶
This section is empty.
Variables ¶
var ErrDestroyed = errors.New("onetimesecret: burned or retrieved")
ErrDestroyed is returned when a secret URL is requested but the secret has been destroyed.
var ErrInvalid = errors.New("onetimesecret: invalid argument")
ErrInvalid is returned when the client attempts to store an empty secret.
var ErrNotFound = errors.New("onetimesecret: unknown secret")
ErrNotFound is returned when there is no secret with the provided metadata key or secret key, or an incorrect passphrase is provided.
Functions ¶
This section is empty.
Types ¶
type Client ¶
A Client allows access to One-Time Secret.
func (*Client) Burn ¶
Burn destroys a secret given its metadata key and, if necessary, passphrase. If there is no secret with the given metadata key or the passphrase is incorrect, Burn returns ErrNotFound.
func (*Client) Generate ¶
func (c *Client) Generate(passphrase string, secretTTL int, recipient string) (string, Metadata, error)
Generate creates a short, unique secret with an optional passphrase and TTL, returning the secret and its metadata.
func (*Client) Get ¶
Get retrieves a secret given a secret key and, if necessary, a passphrase. If there is no secret with the given secret key or the passphrase is incorrect, Get returns ErrNotFound.
func (*Client) GetMetadata ¶
GetMetadata returns metadata for a secret given a metadata key. If there is no secret with the given metadata key, GetMetadata returns ErrNotFound.
func (*Client) GetRecentMetadata ¶
func (c *Client) GetRecentMetadata() ([]PartialMetadata, error)
GetRecentMetadata returns partial metadata for recently created secrets.
func (*Client) GetSystemStatus ¶
func (c *Client) GetSystemStatus() (SystemStatus, error)
GetSystemStatus returns the status of the One-Time Secret system.
type Metadata ¶
type Metadata struct {
CustomerID string
MetadataKey string
SecretKey string
InitialMetadataTTL int
MetadataTTL int
SecretTTL int
State SecretState
Updated time.Time
Created time.Time
ObfuscatedRecipient string
HasPassphrase bool
}
func (Metadata) MetadataURL ¶
MetadataURL returns a URL that allows retrieving the secret, burning the secret, and viewing its metadata.
type PartialMetadata ¶
type SecretState ¶
type SecretState string
const ( SecretStateOther SecretState = "other" SecretStateBurned SecretState = "burned" SecretStateNew SecretState = "new" SecretStateReceived SecretState = "received" SecretStateViewed SecretState = "viewed" )
type SystemStatus ¶
type SystemStatus string
const ( SystemStatusOther SystemStatus = "other" SystemStatusNominal SystemStatus = "nominal" SystemStatusOffline SystemStatus = "offline" )
Source Files
Directories