1package auth
 2
 3type options struct {
 4	target string
 5	kind   map[CredentialKind]interface{}
 6	meta   map[string]string
 7}
 8
 9type Option func(opts *options)
10
11func matcher(opts []Option) *options {
12	result := &options{}
13	for _, opt := range opts {
14		opt(result)
15	}
16	return result
17}
18
19func (opts *options) Match(cred Credential) bool {
20	if opts.target != "" && cred.Target() != opts.target {
21		return false
22	}
23
24	_, has := opts.kind[cred.Kind()]
25	if len(opts.kind) > 0 && !has {
26		return false
27	}
28
29	for key, val := range opts.meta {
30		if v, ok := cred.GetMetadata(key); !ok || v != val {
31			return false
32		}
33	}
34
35	return true
36}
37
38func WithTarget(target string) Option {
39	return func(opts *options) {
40		opts.target = target
41	}
42}
43
44// WithKind match credentials with the given kind. Can be specified multiple times.
45func WithKind(kind CredentialKind) Option {
46	return func(opts *options) {
47		if opts.kind == nil {
48			opts.kind = make(map[CredentialKind]interface{})
49		}
50		opts.kind[kind] = nil
51	}
52}
53
54func WithMeta(key string, val string) Option {
55	return func(opts *options) {
56		if opts.meta == nil {
57			opts.meta = make(map[string]string)
58		}
59		opts.meta[key] = val
60	}
61}