server

Documentation

Index

• func NewKeystoreCollector(ks *KeyStore) prometheus.Collector
• func NewServer(ks *KeyStore) http.Handler
• type Config
• type KeyStore
  • func NewKeyStore(config *Config) (*KeyStore, error)
  • func (s *KeyStore) Close(username, sessionID string) bool
  • func (s *KeyStore) Get(username, ssoTicket string) ([]byte, error)
  • func (s *KeyStore) Open(ctx context.Context, username, password, sessionID string, ttlSeconds int) error

Functions

func NewKeystoreCollector

func NewKeystoreCollector(ks *KeyStore) prometheus.Collector

NewKeystoreCollector returns a prometheus.Collector that will export metrics for the given KeyStore instance.

func NewServer

func NewServer(ks *KeyStore) http.Handler

NewServer wraps the HTTP API around a KeyStore.

Types

type Config

type Config struct {
	SSOPublicKeyFile string `yaml:"sso_public_key_file"`
	SSOService       string `yaml:"sso_service"`
	SSODomain        string `yaml:"sso_domain"`

	Backend *backend.Config `yaml:"backend"`
}

Config for the KeyStore.

type KeyStore

type KeyStore struct {
	// contains filtered or unexported fields
}

KeyStore holds decrypted secrets for users in memory for a short time (of the order of a SSO session lifespan). User secrets can be opened with a password (used to decrypt the key, which is stored encrypted in a database), queried, and closed (forgotten).

The database can provide multiple versions of the encrypted key (to support multiple decryption passwords), in which case we'll try them all sequentially until one of them decrypts successfully with the provided password.

In order to query the KeyStore, you need to present a valid SSO token for the user whose secrets you would like to obtain.

func NewKeyStore

func NewKeyStore(config *Config) (*KeyStore, error)

NewKeyStore creates a new KeyStore with the given config and returns it.

func (*KeyStore) Close

func (s *KeyStore) Close(username, sessionID string) bool

Close the user's key store and wipe the associated unencrypted key from memory. Returns true if a key was actually discarded.

func (*KeyStore) Get

func (s *KeyStore) Get(username, ssoTicket string) ([]byte, error)

Get the unencrypted key for the specified user. The caller needs to provide a valid SSO ticket for the user.

func (*KeyStore) Open

func (s *KeyStore) Open(ctx context.Context, username, password, sessionID string, ttlSeconds int) error

Open the user's key store with the given password. If successful, the unencrypted user key will be stored for at most ttlSeconds, or until Close is called with the same session ID.

Note that the key is fetched from the backend and decrypted even if we already have it in memory (for instance belonging to a separate session), because this acts as an implicit ACL check: does the user have access to the key because it can decrypt it with the provided credentials?

A Context is needed because this method might issue an RPC.