athenzutils

package

v1.10.29 Latest Latest Go to latest Published: Aug 4, 2021 License: Apache-2.0 Imports: 10 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/AthenZ/athenz

Links

Open Source Insights

README ¶

athenzutils

Go library to return zts client given private key and certificate.

License

Licensed under the Apache License, Version 2.0

Documentation ¶

Index ¶

func ExtractHostname(x509Cert x509.Certificate) string
func ExtractInstanceId(x509Cert x509.Certificate) (string, error)
func ExtractServicePrincipal(x509Cert x509.Certificate) (string, error)
func GenerateAccessTokenRequestString(domain, service, roles, authzDetails, proxyPrincipalSpiffeUris string, ...) string
func LoadX509Certificate(certFile string) (*x509.Certificate, error)
func ZtsClient(ztsURL, keyFile, certFile, caCertFile string, proxy bool) (*zts.ZTSClient, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ExtractHostname ¶ added in v1.10.20

func ExtractHostname(x509Cert x509.Certificate) string

ExtractHostname returns the hostname from the SAN URIs field of the given certificate: https://golang.org/pkg/crypto/x509/#Certificate.URIs. If the certificate does not have the hostname in the SAN URIs field, an empty string is returned.

func ExtractInstanceId ¶

func ExtractInstanceId(x509Cert x509.Certificate) (string, error)

func ExtractServicePrincipal ¶

func ExtractServicePrincipal(x509Cert x509.Certificate) (string, error)

ExtractServicePrincipal returns the Athenz Service principal for the given certificate which could be either a service certificate or a role certificate. If the certificate does not have the Athenz expected name format the method will an appropriate error.

func GenerateAccessTokenRequestString ¶ added in v1.10.15

func GenerateAccessTokenRequestString(domain, service, roles, authzDetails, proxyPrincipalSpiffeUris string, expiryTime int) string

GenerateAccessTokenRequestString generates and urlencodes an access token string.

func LoadX509Certificate ¶

func LoadX509Certificate(certFile string) (*x509.Certificate, error)

LoadX509Certificate reads and parses the x509.Certificate from the specified file.

func ZtsClient ¶

func ZtsClient(ztsURL, keyFile, certFile, caCertFile string, proxy bool) (*zts.ZTSClient, error)

ZtsClient creates and returns a ZTS client instance.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL