From 3ded7a6bbaeab5af6d2c7deb66ea0321eef4d1f0 Mon Sep 17 00:00:00 2001 From: skyflow-puneet Date: Fri, 7 Oct 2022 10:03:00 +0530 Subject: [PATCH 1/2] [SDK-756] Update sample readme --- samples/README.md | 88 +++++++++++++++++++ samples/go.mod | 5 -- ...service_account_token_using_cred_string.go | 33 +++++++ samples/vaultapi/detokenize.go | 2 +- samples/vaultapi/get_by_id.go | 6 +- samples/vaultapi/insert.go | 7 +- samples/vaultapi/invoke_connection.go | 2 +- 7 files changed, 131 insertions(+), 12 deletions(-) create mode 100644 samples/README.md create mode 100644 samples/serviceaccount/token/main/service_account_token_using_cred_string.go diff --git a/samples/README.md b/samples/README.md new file mode 100644 index 00000000..6a2e238f --- /dev/null +++ b/samples/README.md @@ -0,0 +1,88 @@ +# GO-SDK sample templates +Use this folder to test the functionalities of GO-SDK just by adding `VAULT-ID` `VAULT-URL` and `SERVICE-ACCOUNT` details at the required place. + +## Prerequisites +- A Skylow account. If you don't have one, you can register for one on the [Try Skyflow](https://skyflow.com/try-skyflow) page. +- go 1.15 and above + +## Configure +- Before you can run the sample app, create a vault +- Navigate to `samples/vaultapi` and run the following command : + + go get + + +### Create the vault +1. In a browser, navigate to Skyflow Studio and log in. +2. Create a vault by clicking **Create Vault** > **Start With a Template** > **Quickstart vault**. +3. Once the vault is created, click the gear icon and select **Edit Vault** Details. +4. Note your Vault URL and Vault ID values, then click Cancel. You'll need these later. + + +### Create a service account +1. In the side navigation click, **IAM** > **Service Accounts** > **New Service Account**. +2. For Name, enter **Test-Go-Sdk-Sample**. For Roles, choose Roles corresponding to the action. +3. Click **Create**. Your browser downloads a **credentials.json** file. Keep this file secure, as you'll need it in the next steps. + +### Different types of functionalities of Go-Sdk +- [**detokenize**](vaultapi/detokenize.go) + - Detokenize the data token from the vault. + - Make sure the token is of the data which exists in the Vault. If not so please make use of [insert.go](insert.go) to insert the data in the data and use this token for detokenization. + - Configure + - Replace **** with **VAULT ID** + - Replace **** with **VAULT URL**. + - Replace **** with data token of the data present in the vault. + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + - Execution + + go run detokenize.go +- [**get_by_id**](vaultapi/get_by_id.go) + - Get data using skyflow id. + - Configure + - Replace **** with **VAULT ID** + - Replace **** with **VAULT URL**. + - Replace **** with **Skyflow Id 1**. + - Replace **** with **Skyflow Id 2**. + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + - Execution + + go run get_by_id.go +- [**insert**](vaultapi/insert.go) + - Insert data in the vault. + - Configure + - Replace **** with **VAULT ID**. + - Replace **** with **VAULT URL**. + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + - Execution + + go run insert.go +- [**invoke_connection**](vaultapi/invoke_connection.go) + - Invoke connection + - Configure + - Replace **** with **VAULT ID**. + - Replace **** with **VAULT URL**. + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + - Replace **pathParams** data with required params by the connection url. + - Replace **** with **Connection url**. + - Give **** value as the tokens. + - Replace key and value pair of **requestBody** with your's request body content. + + - Execution + + go run invoke_connection.go +- [**service_account_token**](serviceaccount/token/main/service_account_token.go) + - generates SA Token using path of credentials file. + - Configure + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + + - Execution + + go run service_account_token.go +- [**service_account_token_using_cred_string**](serviceaccount/token/main/service_account_token_using_cred_String.go) + - generates SA Token using path of credentials file. + - Configure + - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL IN STRING FORMAT**. + + - Execution + + go run service_account_token_using_cred_string.go \ No newline at end of file diff --git a/samples/go.mod b/samples/go.mod index 70993cde..16e10859 100644 --- a/samples/go.mod +++ b/samples/go.mod @@ -2,8 +2,3 @@ module github.com/skyflowapi/skyflow-go/samples go 1.13 -require ( - github.com/skyflowapi/skyflow-go v1.0.0 // indirect - github.com/skyflowapi/skyflow-go/serviceaccount v0.0.0-20220315114742-246a206a0e88 // indirect - github.com/skyflowapi/skyflow-go/skyflow v0.0.0-20220315112934-3c8113d9d693 // indirect -) diff --git a/samples/serviceaccount/token/main/service_account_token_using_cred_string.go b/samples/serviceaccount/token/main/service_account_token_using_cred_string.go new file mode 100644 index 00000000..de50e5e6 --- /dev/null +++ b/samples/serviceaccount/token/main/service_account_token_using_cred_string.go @@ -0,0 +1,33 @@ +/* +Copyright (c) 2022 Skyflow, Inc. +*/ +package main + +import ( + "fmt" + + logger "github.com/skyflowapi/skyflow-go/commonutils/logwrapper" + saUtil "github.com/skyflowapi/skyflow-go/serviceaccount/util" +) + +var token = "" + +func main() { + + defer func() { + if err := recover(); err != nil { + fmt.Println("error : ", err) + } + }() + logger.SetLogLevel(logger.INFO) //set loglevel to INFO + credentials:= "" + if saUtil.IsExpired(token) { + newToken, err := saUtil.GenerateBearerTokenFromCreds(credentials) + if err != nil { + panic(err) + } else { + token = newToken.AccessToken + } + fmt.Println("%v", token) + } +} diff --git a/samples/vaultapi/detokenize.go b/samples/vaultapi/detokenize.go index 7dca947c..2c9363d5 100644 --- a/samples/vaultapi/detokenize.go +++ b/samples/vaultapi/detokenize.go @@ -55,4 +55,4 @@ func main() { } else { panic(err.GetMessage()) } -} +} \ No newline at end of file diff --git a/samples/vaultapi/get_by_id.go b/samples/vaultapi/get_by_id.go index 8adfc3a9..264558d6 100644 --- a/samples/vaultapi/get_by_id.go +++ b/samples/vaultapi/get_by_id.go @@ -42,8 +42,8 @@ func main() { var records = make(map[string]interface{}) var record1 = make(map[string]interface{}) record1["ids"] = []interface{}{"", ""} - record1["table"] = "cards" - record1["redaction"] = "PLAIN_TEXT" + record1["table"] = "credit_cards" + record1["redaction"] = common.PLAIN_TEXT var recordsArray []interface{} recordsArray = append(recordsArray, record1) @@ -55,3 +55,5 @@ func main() { panic(err.GetMessage()) } } + + diff --git a/samples/vaultapi/insert.go b/samples/vaultapi/insert.go index b2c1d81a..2cfd610a 100644 --- a/samples/vaultapi/insert.go +++ b/samples/vaultapi/insert.go @@ -42,10 +42,10 @@ func main() { var options = common.InsertOptions{Tokens: false} var records = make(map[string]interface{}) var record = make(map[string]interface{}) - record["table"] = "cards" + record["table"] = "credit_cards" var fields = make(map[string]interface{}) - fields["cvv"] = "123" - fields["fullname"] = "name" + fields["card_number"] = "411111111111" + fields["cardholder_name"] = "name" record["fields"] = fields var recordsArray []interface{} recordsArray = append(recordsArray, record) @@ -57,3 +57,4 @@ func main() { panic(err.GetMessage()) } } + diff --git a/samples/vaultapi/invoke_connection.go b/samples/vaultapi/invoke_connection.go index 62125269..a5ae55f0 100644 --- a/samples/vaultapi/invoke_connection.go +++ b/samples/vaultapi/invoke_connection.go @@ -40,7 +40,7 @@ func main() { configuration := common.Configuration{TokenProvider: GetToken} var client = Skyflow.Init(configuration) - connectionUrl := "" + connectionUrl := "" pathParams := make(map[string]string) pathParams["card_number"] = "" From cc78c4e99e1f6b4549e6014703c13ac314ebffd7 Mon Sep 17 00:00:00 2001 From: skyflow-puneet Date: Tue, 25 Oct 2022 11:22:38 +0530 Subject: [PATCH 2/2] [SDK-756] Update sample readme --- samples/README.md | 147 +++++++++++++++++++++++----------------------- 1 file changed, 75 insertions(+), 72 deletions(-) diff --git a/samples/README.md b/samples/README.md index 6a2e238f..a96d9bb9 100644 --- a/samples/README.md +++ b/samples/README.md @@ -1,88 +1,91 @@ -# GO-SDK sample templates -Use this folder to test the functionalities of GO-SDK just by adding `VAULT-ID` `VAULT-URL` and `SERVICE-ACCOUNT` details at the required place. +# Go SDK samples +Test the SDK by adding your `VAULT_ID`, `VAULT_URL`, and `SERVICE-ACCOUNT `details as the corresponding values in each sample. ## Prerequisites -- A Skylow account. If you don't have one, you can register for one on the [Try Skyflow](https://skyflow.com/try-skyflow) page. -- go 1.15 and above +- Sign in to your Skyflow account: + * For trial environments, use https://try.skyflow.com/ . + * For sandbox and production environments, use your dedicated sign-in URL. + If you don't have an account, [sign up for a free trial account](https://skyflow.com/try-skyflow). +- go 1.15 or higher -## Configure -- Before you can run the sample app, create a vault +## Get started - Navigate to `samples/vaultapi` and run the following command : go get -### Create the vault -1. In a browser, navigate to Skyflow Studio and log in. -2. Create a vault by clicking **Create Vault** > **Start With a Template** > **Quickstart vault**. -3. Once the vault is created, click the gear icon and select **Edit Vault** Details. -4. Note your Vault URL and Vault ID values, then click Cancel. You'll need these later. +### Create a vault +1. Sign in to Skyflow Studio. +2. Click Create Vault > Start With a Template. +3. Under Quickstart, click Create. +To run the following commands, you'll need to retrieve your vault-specific values, and . From your vault page, click the gear icon and select Edit Vault Details. Create a service account ### Create a service account -1. In the side navigation click, **IAM** > **Service Accounts** > **New Service Account**. -2. For Name, enter **Test-Go-Sdk-Sample**. For Roles, choose Roles corresponding to the action. -3. Click **Create**. Your browser downloads a **credentials.json** file. Keep this file secure, as you'll need it in the next steps. - -### Different types of functionalities of Go-Sdk -- [**detokenize**](vaultapi/detokenize.go) - - Detokenize the data token from the vault. - - Make sure the token is of the data which exists in the Vault. If not so please make use of [insert.go](insert.go) to insert the data in the data and use this token for detokenization. - - Configure - - Replace **** with **VAULT ID** - - Replace **** with **VAULT URL**. - - Replace **** with data token of the data present in the vault. - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. - - Execution +1. In Studio, click **Settings** in the upper navigation. +2. In the side navigation, click **Vault**, then choose the **Quickstart** vault from the dropdown menu. +3. Under **IAM**, click **Service Accounts > New Service Account**. +4. For **Name**, enter "SDK Sample". For **Roles**, choose **Vault Editor**. +5. Click **Create**. +6. Your browser downloads a credentials.json file. Keep this file secure. You'll need it to generate bearer tokens. + +## SDK samples +### [Detokenize data](https://github.com/skyflowapi/skyflow-go/blob/main/samples/vaultapi/detokenize.go) +This sample demonstrates how to detokenize a data token from the vault. Make sure the token you specify exists in the vault. If you need a valid token for detokenization, use insert.go to insert the records and return a data token. + +1. Replace **** and **** with your vault-specific values. +2. Replace **** with the data token you want to detokenize.. +3. Replace **** with the relative path for your service account credentials file downloaded while #Create a service account . + +#### Run the following command: - go run detokenize.go -- [**get_by_id**](vaultapi/get_by_id.go) - - Get data using skyflow id. - - Configure - - Replace **** with **VAULT ID** - - Replace **** with **VAULT URL**. - - Replace **** with **Skyflow Id 1**. - - Replace **** with **Skyflow Id 2**. - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. - - Execution + go run detokenize.go + +### [Get a record by ID](https://github.com/skyflowapi/skyflow-go/tree/main/samples/vaultapi) + +Get data using skyflow id. +#### Configure +1. Replace **** and **** with your vault-specific values. +2. Replace **** and **** with the Skyflow IDs you want to retrieve. +3. Replace **** with the relative path for your service account credentials file downloaded while #Create a service account . +#### Run the following command: - go run get_by_id.go -- [**insert**](vaultapi/insert.go) - - Insert data in the vault. - - Configure - - Replace **** with **VAULT ID**. - - Replace **** with **VAULT URL**. - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. - - Execution - - go run insert.go -- [**invoke_connection**](vaultapi/invoke_connection.go) - - Invoke connection - - Configure - - Replace **** with **VAULT ID**. - - Replace **** with **VAULT URL**. - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. - - Replace **pathParams** data with required params by the connection url. - - Replace **** with **Connection url**. - - Give **** value as the tokens. - - Replace key and value pair of **requestBody** with your's request body content. - - - Execution - - go run invoke_connection.go -- [**service_account_token**](serviceaccount/token/main/service_account_token.go) - - generates SA Token using path of credentials file. - - Configure - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL FILE**. + go run get_by_id.go +### [Insert data into a vault](https://github.com/skyflowapi/skyflow-go/blob/main/samples/vaultapi/insert.go) +Insert data in the vault. +1. Replace **** and **** with your vault-specific values. +3. Replace **** with the relative path for your service account credentials file downloaded while #Create a service account . - - Execution +#### Run the following command: - go run service_account_token.go -- [**service_account_token_using_cred_string**](serviceaccount/token/main/service_account_token_using_cred_String.go) - - generates SA Token using path of credentials file. - - Configure - - Replace **** with relative path of **SERVICE ACCOUNT CREDENTIAL IN STRING FORMAT**. + go run insert.go +### [Invoke a connection](https://github.com/skyflowapi/skyflow-go/blob/main/samples/vaultapi/invoke_connection.go) +Skyflow Connections is a gateway service that uses Skyflow's underlying tokenization capabilities to securely connect to first-party and third-party services. This way, you never expose your infrastructure to sensitive records, and you offload security and compliance requirements to Skyflow. +1. Replace **** and **** with your vault-specific values. +2. Replace **** with the relative path for your service account credentials. +3. Replace `pathParams` data with the connection URL params. +4. Replace **** with the Connection URL value. +5. Enter the token values. +6. Replace the requestBody key and value pair with your request body content. - - Execution - - go run service_account_token_using_cred_string.go \ No newline at end of file +#### Run the following command: + + go run invoke_connection.go + +### [Generate a service account bearer token from a file](https://github.com/skyflowapi/skyflow-go/blob/main/samples/serviceaccount/token/main/service_account_token.go) +Generates a service account bearer token using the path of a credentials file. +1. Replace **** with the relative path for your service account credentials file downloaded while #Create a service account. + + +#### Run the following command: + + go run service_account_token.go + +### [Generate a service account bearer token from a credentials string](https://github.com/skyflowapi/skyflow-go/blob/main/samples/serviceaccount/token/main/service_account_token.go) +Generates service account bearer token using the JSON content of a credentials file. +#### Configure +1. Replace **** with the relative path for your service account credentials file downloaded while #Create a service account. + +#### Run the following command: + + go run service_account_token_using_cred_string.go \ No newline at end of file