keybroker

package

v0.3.0 Latest Latest Go to latest Published: Apr 8, 2019 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/LUSHDigital/core

Links

Open Source Insights

README ¶

Key Broker

The package core/workers/keybroker implements a background broker conmtinous retrieval of public keys from multiple different type of sources.

Examples

broker := keybroker.NewRSA(&keybroker.Config{
    Source:   keybroker.JWTPublicKeySources,
    Interval: 5 * time.Second,
})

// Run the broker
go broker.Run(ctx, ioutil.Discard)

// Queue retrieval of new key
broker.Renew()

// Copy the current public key held by the broker
broker.Copy()

Documentation ¶

Overview ¶

Package keybroker implements a background broker conmtinous retrieval of public keys from multiple different type of sources.

Example ¶

package main

import (
	"context"
	"io/ioutil"
	"time"

	"github.com/LUSHDigital/core/workers/keybroker"
)

var ctx context.Context

func main() {
	broker := keybroker.NewRSA(&keybroker.Config{
		Source:   keybroker.JWTPublicKeySources,
		Interval: 5 * time.Second,
	})

	// Run the broker
	go broker.Run(ctx, ioutil.Discard)

	// Queue retrieval of new key
	broker.Renew()

	// Copy the current public key held by the broker
	broker.Copy()
}

Output:

Index ¶

Variables
type Closer
type Config
type ErrGetKeySource
- func (e ErrGetKeySource) Error() string
type ErrNoSourcesResolved
- func (e ErrNoSourcesResolved) Error() string
type ErrReadResponse
- func (e ErrReadResponse) Error() string
type FileSource
- func (source FileSource) Get(ctx context.Context) ([]byte, error)
type HTTPSource
- func (source HTTPSource) Get(ctx context.Context) ([]byte, error)
type RSAPublicKeyBroker
- func NewRSA(config *Config) *RSAPublicKeyBroker
- func (b *RSAPublicKeyBroker) Check() ([]string, bool)
- func (b *RSAPublicKeyBroker) Close()
- func (b *RSAPublicKeyBroker) Copy() rsa.PublicKey
- func (b *RSAPublicKeyBroker) Renew()
- func (b *RSAPublicKeyBroker) Run(ctx context.Context, out io.Writer) error
type RSAPublicKeyCopier
type Renewer
type Source
type Sources
- func (sources Sources) Get(ctx context.Context) ([]byte, error)
type StringSource
- func (source StringSource) Get(ctx context.Context) ([]byte, error)

Examples ¶

Package

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrEmptyURL represents an error for when an expected url is an empty string
	ErrEmptyURL = ErrGetKeySource{"url cannot be empty"}

	// ErrEmptyFilePath represents an error for when an expected file path is an empty string
	ErrEmptyFilePath = ErrGetKeySource{"file path cannot be empty"}

	// ErrEmptyString represents an error for when an expected string should contain a public key
	ErrEmptyString = ErrGetKeySource{"string cannot be empty"}
)

View Source

var (
	// JWTPublicKeyEnvStringSource represents the source of an RSA public key as a string
	JWTPublicKeyEnvStringSource = StringSource(os.Getenv("JWT_PUBLIC_KEY"))

	// JWTPublicKeyEnvHTTPSource represents the source of an RSA public key at a HTTP GET destination
	JWTPublicKeyEnvHTTPSource = HTTPSource(os.Getenv("JWT_PUBLIC_KEY_URL"))

	// JWTPublicKeyEnvFileSource represents the source of an RSA public key on disk
	JWTPublicKeyEnvFileSource = FileSource(os.Getenv("JWT_PUBLIC_KEY_PATH"))

	// JWTPublicKeyDefaultFileSource represents the source of an RSA public key on disk
	JWTPublicKeyDefaultFileSource = FileSource("/usr/local/var/jwt.pub")

	// JWTPublicKeySources represents a chain of sources for JWT Public Keys in order of priority
	JWTPublicKeySources = Sources{
		JWTPublicKeyEnvStringSource,
		JWTPublicKeyEnvFileSource,
		JWTPublicKeyEnvHTTPSource,
		JWTPublicKeyDefaultFileSource,
	}
)

View Source

var (
	// DefaultRSA is an empty RSA public key
	DefaultRSA = &rsa.PublicKey{E: 0, N: big.NewInt(0)}
)

Functions ¶

This section is empty.

Types ¶

type Closer ¶

type Closer interface {
	Close()
}

Closer represents behaviour for closing a broker

type Config ¶

type Config struct {
	Interval time.Duration
	Source   Source
}

Config represents broker configuration

type ErrGetKeySource ¶

type ErrGetKeySource struct {
	// contains filtered or unexported fields
}

ErrGetKeySource represents an error when failing to get the source

func (ErrGetKeySource) Error ¶

func (e ErrGetKeySource) Error() string

type ErrNoSourcesResolved ¶

type ErrNoSourcesResolved struct {
	N int
}

ErrNoSourcesResolved represents an error for when no sources could be resolved at all

func (ErrNoSourcesResolved) Error ¶

func (e ErrNoSourcesResolved) Error() string

type ErrReadResponse ¶

type ErrReadResponse struct {
	// contains filtered or unexported fields
}

ErrReadResponse represents an error when failing to read the source data

func (ErrReadResponse) Error ¶

func (e ErrReadResponse) Error() string

type FileSource ¶

type FileSource string

FileSource defines a path to a file on disk

func (FileSource) Get ¶

func (source FileSource) Get(ctx context.Context) ([]byte, error)

Get retrieves data from the path to a file on disk

type HTTPSource ¶

type HTTPSource string

HTTPSource defines a source with a URL to resolve over HTTP

func (HTTPSource) Get ¶

func (source HTTPSource) Get(ctx context.Context) ([]byte, error)

Get retrieves data from the URL over HTTP

type RSAPublicKeyBroker ¶

type RSAPublicKeyBroker struct {
	// contains filtered or unexported fields
}

RSAPublicKeyBroker defines the implementation for brokering an RSA public key

func NewRSA ¶

func NewRSA(config *Config) *RSAPublicKeyBroker

NewRSA returns a rsa public key broker based on configuration.

func (*RSAPublicKeyBroker) Check ¶

func (b *RSAPublicKeyBroker) Check() ([]string, bool)

Check will see if the broker is ready.

func (*RSAPublicKeyBroker) Close ¶

func (b *RSAPublicKeyBroker) Close()

Close stops the ticker and releases resources

func (*RSAPublicKeyBroker) Copy ¶

func (b *RSAPublicKeyBroker) Copy() rsa.PublicKey

Copy returns a shallow copy o the RSA public key

func (*RSAPublicKeyBroker) Renew ¶

func (b *RSAPublicKeyBroker) Renew()

Renew will inform the broker to force renewal of the key

func (*RSAPublicKeyBroker) Run ¶

func (b *RSAPublicKeyBroker) Run(ctx context.Context, out io.Writer) error

Run will periodically try and the public key.

type RSAPublicKeyCopier ¶

type RSAPublicKeyCopier interface {
	Copy() rsa.PublicKey
}

RSAPublicKeyCopier represents behaviour for distributing copies of public keys

type Renewer ¶

type Renewer interface {
	Renew()
}

Renewer represents behaviour for marking a broker for renewal

type Source ¶

type Source interface {
	Get(ctx context.Context) ([]byte, error)
}

Source represents one or a chain of sources

type Sources ¶

type Sources []Source

Sources defines a chain of sources

func (Sources) Get ¶

func (sources Sources) Get(ctx context.Context) ([]byte, error)

Get iterates sources and returns the first successfully resolved

type StringSource ¶

type StringSource string

StringSource defines the source as a string

func (StringSource) Get ¶

func (source StringSource) Get(ctx context.Context) ([]byte, error)

Get converts the string to a byte slice

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
keybrokermock Package keybrokermock implements no-op mocks for the keys package	Package keybrokermock implements no-op mocks for the keys package

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL