Documentation
¶
Index ¶
- Variables
- type AccountCheck
- type Config
- type KeyCheck
- func (k *KeyCheck) AddTritonKey(ctx context.Context, keypair *KeyPair) error
- func (k *KeyCheck) HasKey() bool
- func (k *KeyCheck) HasTritonKey() bool
- func (k *KeyCheck) InDatabase(ctx context.Context) error
- func (k *KeyCheck) InsertKey(ctx context.Context, keypair *KeyPair) error
- func (k *KeyCheck) OnTriton(ctx context.Context) error
- type KeyPair
- type ParsedRequest
- type Session
Constants ¶
This section is empty.
Variables ¶
var ( ErrUnauthRequest = errors.New("received unauthenticated request") ErrMissingSig = errors.New("missing signature within auth header") ErrBadKeyID = errors.New("couldn't parse keyId within header") ErrParseAuth = errors.New("failed to parse values from keyId") ErrParseValue = errors.New("incorrect values parsed from keyId") ErrNameLen = errors.New("parsed name is too short") ErrNameFormat = errors.New("parsed name is not formatted properly") ErrKeyConflict = errors.New("auth: found conflicting key state") ErrWhitelist = errors.New("service only accessible by whitelist") )
Functions ¶
This section is empty.
Types ¶
type AccountCheck ¶
type AccountCheck struct {
*ParsedRequest
*accounts.Account
TritonAccount *account.Account
// contains filtered or unexported fields
}
func NewAccountCheck ¶
func NewAccountCheck(req *ParsedRequest, store *accounts.Store, cfg Config) *AccountCheck
func (*AccountCheck) HasAccount ¶
func (ac *AccountCheck) HasAccount() bool
HasAccount returns a boolean whether or not the database has a valid Account.
func (*AccountCheck) HasTritonAccount ¶
func (ac *AccountCheck) HasTritonAccount() bool
HasTritonAccount returns a boolean whether or not we've authenticated with Triton.
func (*AccountCheck) IsAuthentic ¶
func (ac *AccountCheck) IsAuthentic() bool
func (*AccountCheck) SaveAccount ¶
func (ac *AccountCheck) SaveAccount(ctx context.Context) error
Save saves the TSG account from the Triton Account.
type Config ¶
type Config struct {
// Name of the datacenter in which this TSG service is operating. This is
// used to create unique key names per-DC. The value is also available in
// the HTTP request Session object.
Datacenter string
// URL of Triton's CloudAPI in which to scale instances. This is made
// available within the HTTP request Session object.
TritonURL string
// URL of Triton's CloudAPI in which to authenticate incoming API
// requests. This is only used by internal auth processes. It can be set to
// the same CloudAPI used by TritonURL as well.
AuthURL string
// Prefix name used when creating a new key in Triton. This defaults to
// "TSG_Management" but can be configured with whatever an end user
// prefers. The current Datacenter is also appended to this value at
// runtime.
KeyNamePrefix string
// Enable or disable whitelisting behavior. This feature only accepts
// requests from user accounts that have previously been authenticated. If
// this is set to true than a Triton account must be manually added to the
// tsg_accounts table, auto account creation will be disabled.
EnableWhitelist bool
}
type KeyCheck ¶
type KeyCheck struct {
*ParsedRequest
Key *keys.Key
TritonKey *account.Key
// contains filtered or unexported fields
}
func NewKeyCheck ¶
func (*KeyCheck) AddTritonKey ¶
AddKey adds an account key into Triton, converting the passed in KeyPair into a Triton-Go account.Key for use by external consumers.
func (*KeyCheck) HasTritonKey ¶
func (*KeyCheck) InDatabase ¶
InDatabase checks for and sets an account's key within the TSG database.
type KeyPair ¶
type KeyPair struct {
PublicKey ssh.PublicKey
PrivateKey *rsa.PrivateKey
FingerprintMD5 string
// contains filtered or unexported fields
}
func DecodeKeyPair ¶
func NewKeyPair ¶
func (*KeyPair) PrivateKeyPEM ¶
func (*KeyPair) PublicKeyBase64 ¶
type ParsedRequest ¶
type ParsedRequest struct {
AccountName string
UserName string
Fingerprint string
// contains filtered or unexported fields
}
func ParseRequest ¶
func ParseRequest(req *http.Request) (*ParsedRequest, error)
func (*ParsedRequest) Header ¶
func (r *ParsedRequest) Header() *http.Header
type Session ¶
type Session struct {
*ParsedRequest
AccountID string
Fingerprint string
Datacenter string
TritonURL string
// contains filtered or unexported fields
}
authSession a private struct which is only accessible by pulling out of the current request `context.Context`.
func NewSession ¶
NewSession constructs and returns a new Session by parsing the HTTP request, validating and pulling out authentication headers.
func (*Session) EnsureAccount ¶
func (s *Session) EnsureAccount(ctx context.Context, store *accounts.Store) (*accounts.Account, error)
EnsureAccount ensures that a Triton account is authentic and an account has been created for it within the TSG database. Returns the TSG account that was either created or found.
func (*Session) EnsureKeys ¶
EnsureKey checks Triton for an active TSG account key. If one cannot be found than a new key is created and stored it into the TSG database.
func (*Session) IsAuthenticated ¶
IsAuthenticated represents whatever it means for an authSession to be deemed authenticated.
Source Files