v0

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2024 License: Apache-2.0 Imports: 20 Imported by: 9

Documentation

Overview

Package v0 contains versioned JVS contracts, e.g. service definition.

Index

Constants

View Source 
const (
	// JustificationsKey is the key in the JWT where justifications are stored.
	// Ideally this would be "justifications", but the RFC and various online
	// resources recommend key names be as short as possible to keep the JWTs
	// small. Akamai recommends less than 8 characters and Okta recommends less
	// than 6.
	//
	// Most callers should use the higher-level functions, but this is exposed in
	// case users need to manipulate lower-level structures in the claims map.
	JustificationsKey string = "justs"

	// RequestorKey is the key in the JWT that holds the identity of the principal
	// that requested this JWT.
	RequestorKey string = "req"
)
View Source 
const (

	// DefaultJustificationCategory is the default justification category
	// supported. An "explanation" justification represents a manual free text
	// reason from the requester.
	DefaultJustificationCategory    = "explanation"
	DefaultJustificationDisplayName = "Explanation"
	DefaultJustificationHint        = "A justification reason in free-form text."
)
View Source 
const (
	// BreakglassHMACSecret is the HMAC key to use for creating breakglass tokens.
	// Breakglass tokens are already "unverified", so having this static secret
	// does not introduce additional risk, and breakglass is disabled by default.
	BreakglassHMACSecret = "BHzwNUbxcgpNoDfzwzt4Dr2nVXByUCWl1m8Eq2Jh26CGqu8IQ0VdiyjxnCtNahh9" //nolint:gosec

)

Variables

View Source 
var (
	Action_ACTION_name = map[int32]string{
		0: "ROTATE",
		1: "FORCE_DISABLE",
		2: "FORCE_DESTROY",
	}
	Action_ACTION_value = map[string]int32{
		"ROTATE":        0,
		"FORCE_DISABLE": 1,
		"FORCE_DESTROY": 2,
	}
)

Enum value maps for Action_ACTION.

View Source 
var CertificateActionService_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "abcxyz.jvs.CertificateActionService",
	HandlerType: (*CertificateActionServiceServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CertificateAction",
			Handler:    _CertificateActionService_CertificateAction_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "cert_action_service.proto",
}

CertificateActionService_ServiceDesc is the grpc.ServiceDesc for CertificateActionService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var DefaultJustificationValidator = &ExplanationValidator{}

DefaultJustificationValidator is the Validator for the DefaultJustificationCategory.

View Source 
var File_cert_action_request_proto protoreflect.FileDescriptor
View Source 
var File_cert_action_service_proto protoreflect.FileDescriptor
View Source 
var File_jvs_plugin_service_proto protoreflect.FileDescriptor
View Source 
var File_jvs_request_proto protoreflect.FileDescriptor
View Source 
var File_jvs_service_proto protoreflect.FileDescriptor
View Source 
var Handshake = plugin.HandshakeConfig{

	ProtocolVersion:  1,
	MagicCookieKey:   handshakeCookieKey,
	MagicCookieValue: handshakeCookieValue,
}

Handshake is a common handshake that is shared by plugin and host. handshakeConfigs are used to just do a basic handshake between a plugin and host. If the handshake fails, a user friendly error is shown. This prevents users from executing bad plugins or executing a plugin directory. It is a UX feature, not a security feature.

View Source 
var JVSPlugin_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "abcxyz.jvs.JVSPlugin",
	HandlerType: (*JVSPluginServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "Validate",
			Handler:    _JVSPlugin_Validate_Handler,
		},
		{
			MethodName: "GetUIData",
			Handler:    _JVSPlugin_GetUIData_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "jvs_plugin_service.proto",
}

JVSPlugin_ServiceDesc is the grpc.ServiceDesc for JVSPlugin service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var JVSService_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "abcxyz.jvs.JVSService",
	HandlerType: (*JVSServiceServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CreateJustification",
			Handler:    _JVSService_CreateJustification_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "jvs_service.proto",
}

JVSService_ServiceDesc is the grpc.ServiceDesc for JVSService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func ClearJustifications added in v0.0.2 

func ClearJustifications(t jwt.Token) error

ClearJustifications removes the justifications from the token by deleting the entire key.

func ClearRequestor added in v0.0.3 

func ClearRequestor(t jwt.Token) error

ClearRequestor removes the req field from the JWT.

func CreateBreakglassToken added in v0.0.2 

func CreateBreakglassToken(token jwt.Token, explanation string) (string, error)

CreateBreakglassToken creates a JWT that can be used as "breakglass" if the system is configured to allow breakglass tokens. The incoming jwt.Token must be built by the caller to include the standard fields. This function will overwrite all existing justifications, insert the breakglass justification, and sign JWT with an HMAC signature.

func GetRequestor added in v0.0.3 

func GetRequestor(t jwt.Token) (string, error)

GetRequestor retrieves the identity of the principal that requested this JWT. This is typically an email address that is extracted by the JVS using an incoming authentication header. However, if the JVS is not protected by authentication, it could be the empty string or omitted entirely.

func ParseBreakglassToken added in v0.0.2 

func ParseBreakglassToken(ctx context.Context, tokenStr string) (jwt.Token, error)

VerifyBreakglassToken accepts an HMAC-signed JWT and verifies the signature. It then inspects the justifications to ensure that one of them is a "breakglass" justification. If successful, it returns the parsed token and the extracted explanation for breakglass.

func RegisterCertificateActionServiceServer 

func RegisterCertificateActionServiceServer(s grpc.ServiceRegistrar, srv CertificateActionServiceServer)

func RegisterJVSPluginServer added in v0.1.1 

func RegisterJVSPluginServer(s grpc.ServiceRegistrar, srv JVSPluginServer)

func RegisterJVSServiceServer 

func RegisterJVSServiceServer(s grpc.ServiceRegistrar, srv JVSServiceServer)

func SetJustifications added in v0.0.2 

func SetJustifications(t jwt.Token, justifications []*Justification) error

SetJustifications updates the justifications on the token. It overwrites any existing values and uses a copy of the inbound slice.

func SetRequestor added in v0.0.3 

func SetRequestor(t jwt.Token, req string) error

SetRequestor sets the req field on the JWT. It overwrites any existing value.

func WithTypedJustifications added in v0.0.2 

func WithTypedJustifications() jwt.ParseOption

WithTypedJustifications is an option for parsing JWTs that will convert decode the Justification claims into the correct Go structure. If this is not supplied, the claims will be "any" and future type assertions may fail.

Types

type Action 

type Action struct {
	Version string        `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
	Action  Action_ACTION `protobuf:"varint,2,opt,name=action,proto3,enum=abcxyz.jvs.Action_ACTION" json:"action,omitempty"`
	// contains filtered or unexported fields
}

Action is intended to specify an action to be taken on a certificate version.

func (*Action) Descriptor deprecated 

func (*Action) Descriptor() ([]byte, []int)

Deprecated: Use Action.ProtoReflect.Descriptor instead.

func (*Action) GetAction 

func (x *Action) GetAction() Action_ACTION

func (*Action) GetVersion 

func (x *Action) GetVersion() string

func (*Action) ProtoMessage 

func (*Action) ProtoMessage()

func (*Action) ProtoReflect 

func (x *Action) ProtoReflect() protoreflect.Message

func (*Action) Reset 

func (x *Action) Reset()

func (*Action) String 

func (x *Action) String() string

type Action_ACTION 

type Action_ACTION int32
const (
	// This rotates the specified key gracefully. it will make a new primary and
	// promote that new key to primary, but will not immediately disable the
	// version specified (so it can still be used for JWT validation).
	Action_ROTATE Action_ACTION = 0
	// This will immediately disable the version specified. If the version is
	// primary, it will make a new primary and promote that new key to primary.
	// This is intended to make it invalid for use in JWT validation as soon as
	// possible. However, until client caches are updated, JWTs could still be
	// validated using the version.
	Action_FORCE_DISABLE Action_ACTION = 1
	// This will immediately destroy the version specified. If the version is
	// primary, it will make a new primary and promote that new key to primary.
	// This is intended to make it invalid for use in JWT validation as soon as
	// possible. However, until client caches are updated, JWTs could still be
	// validated using the version.
	Action_FORCE_DESTROY Action_ACTION = 2
)

func (Action_ACTION) Descriptor 

func (Action_ACTION) Descriptor() protoreflect.EnumDescriptor

func (Action_ACTION) Enum 

func (x Action_ACTION) Enum() *Action_ACTION

func (Action_ACTION) EnumDescriptor deprecated 

func (Action_ACTION) EnumDescriptor() ([]byte, []int)

Deprecated: Use Action_ACTION.Descriptor instead.

func (Action_ACTION) Number 

func (x Action_ACTION) Number() protoreflect.EnumNumber

func (Action_ACTION) String 

func (x Action_ACTION) String() string

func (Action_ACTION) Type 

func (Action_ACTION) Type() protoreflect.EnumType

type CertificateActionRequest 

type CertificateActionRequest struct {
	Actions []*Action `protobuf:"bytes,1,rep,name=actions,proto3" json:"actions,omitempty"`
	// contains filtered or unexported fields
}

CertificateActionRequest is a request to do a manual action on a certificate.

func (*CertificateActionRequest) Descriptor deprecated 

func (*CertificateActionRequest) Descriptor() ([]byte, []int)

Deprecated: Use CertificateActionRequest.ProtoReflect.Descriptor instead.

func (*CertificateActionRequest) GetActions 

func (x *CertificateActionRequest) GetActions() []*Action

func (*CertificateActionRequest) ProtoMessage 

func (*CertificateActionRequest) ProtoMessage()

func (*CertificateActionRequest) ProtoReflect 

func (x *CertificateActionRequest) ProtoReflect() protoreflect.Message

func (*CertificateActionRequest) Reset 

func (x *CertificateActionRequest) Reset()

func (*CertificateActionRequest) String 

func (x *CertificateActionRequest) String() string

type CertificateActionResponse 

type CertificateActionResponse struct {
	// contains filtered or unexported fields
}

CertificateActionResponse is a blank response.

func (*CertificateActionResponse) Descriptor deprecated 

func (*CertificateActionResponse) Descriptor() ([]byte, []int)

Deprecated: Use CertificateActionResponse.ProtoReflect.Descriptor instead.

func (*CertificateActionResponse) ProtoMessage 

func (*CertificateActionResponse) ProtoMessage()

func (*CertificateActionResponse) ProtoReflect 

func (x *CertificateActionResponse) ProtoReflect() protoreflect.Message

func (*CertificateActionResponse) Reset 

func (x *CertificateActionResponse) Reset()

func (*CertificateActionResponse) String 

func (x *CertificateActionResponse) String() string

type CertificateActionServiceClient 

type CertificateActionServiceClient interface {
	CertificateAction(ctx context.Context, in *CertificateActionRequest, opts ...grpc.CallOption) (*CertificateActionResponse, error)
}

CertificateActionServiceClient is the client API for CertificateActionService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewCertificateActionServiceClient 

func NewCertificateActionServiceClient(cc grpc.ClientConnInterface) CertificateActionServiceClient

type CertificateActionServiceServer 

type CertificateActionServiceServer interface {
	CertificateAction(context.Context, *CertificateActionRequest) (*CertificateActionResponse, error)
	// contains filtered or unexported methods
}

CertificateActionServiceServer is the server API for CertificateActionService service. All implementations must embed UnimplementedCertificateActionServiceServer for forward compatibility

type Client added in v0.2.0 

type Client struct {
	// contains filtered or unexported fields
}

Client allows for getting JWK keys from the JVS and validating JWTs with those keys.

func NewClient added in v0.2.0 

func NewClient(ctx context.Context, config *Config) (*Client, error)

NewClient returns a JVSClient with the cache initialized.

func (*Client) ValidateJWT added in v0.2.0 

func (j *Client) ValidateJWT(ctx context.Context, jwtStr, expectedSubject string) (jwt.Token, error)

ValidateJWT takes a jwt string, converts it to a JWT, and validates the signature against the keys in the JWKs endpoint.

type Config added in v0.2.0 

type Config struct {
	// JWKSEndpoint is the full path (including protocol and port) to the JWKS
	// endpoint on a JVS server (e.g. https://jvs.corp:8080/.well-known/jwks).
	JWKSEndpoint string `yaml:"endpoint,omitempty" env:"ENDPOINT,overwrite"`

	// CacheTimeout is the duration that keys stay in cache before being revoked.
	CacheTimeout time.Duration `yaml:"cache_timeout" env:"CACHE_TIMEOUT,overwrite,default=5m"`

	// AllowBreakglass represents whether the jvs client allows breakglass.
	AllowBreakglass bool `yaml:"allow_breakglass" env:"ALLOW_BREAKGLASS,overwrite,default=false"`
}

Config is the jvs client configuration.

func LoadConfig added in v0.2.0 

func LoadConfig(ctx context.Context, b []byte) (*Config, error)

LoadConfig calls the necessary methods to load in config using the OsLookuper which finds env variables specified on the host.

func (*Config) Validate added in v0.2.0 

func (cfg *Config) Validate() error

Validate checks if the config is valid.

type CreateJustificationRequest 

type CreateJustificationRequest struct {
	Justifications []*Justification     `protobuf:"bytes,1,rep,name=justifications,proto3" json:"justifications,omitempty"`
	Ttl            *durationpb.Duration `protobuf:"bytes,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
	// Optional audiences for the justifications.
	Audiences []string `protobuf:"bytes,3,rep,name=audiences,proto3" json:"audiences,omitempty"`
	// Subject will be the corresponding subject in the JWT. Consumers of these
	// JWTs must verify that the caller matches the embedded principal. If
	// unspecified, the JVS will attempt to extract this from the caller's
	// identity.
	Subject string `protobuf:"bytes,4,opt,name=subject,proto3" json:"subject,omitempty"`
	// contains filtered or unexported fields
}

CreateJustificationRequest provides a justification to the server in order to receive a token.

func (*CreateJustificationRequest) Descriptor deprecated 

func (*CreateJustificationRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateJustificationRequest.ProtoReflect.Descriptor instead.

func (*CreateJustificationRequest) GetAudiences added in v0.0.2 

func (x *CreateJustificationRequest) GetAudiences() []string

func (*CreateJustificationRequest) GetJustifications 

func (x *CreateJustificationRequest) GetJustifications() []*Justification

func (*CreateJustificationRequest) GetSubject added in v0.0.3 

func (x *CreateJustificationRequest) GetSubject() string

func (*CreateJustificationRequest) GetTtl 

func (x *CreateJustificationRequest) GetTtl() *durationpb.Duration

func (*CreateJustificationRequest) ProtoMessage 

func (*CreateJustificationRequest) ProtoMessage()

func (*CreateJustificationRequest) ProtoReflect 

func (x *CreateJustificationRequest) ProtoReflect() protoreflect.Message

func (*CreateJustificationRequest) Reset 

func (x *CreateJustificationRequest) Reset()

func (*CreateJustificationRequest) String 

func (x *CreateJustificationRequest) String() string

type CreateJustificationResponse 

type CreateJustificationResponse struct {
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// contains filtered or unexported fields
}

CreateJustificationResponse contains a signed justification token.

func (*CreateJustificationResponse) Descriptor deprecated 

func (*CreateJustificationResponse) Descriptor() ([]byte, []int)

Deprecated: Use CreateJustificationResponse.ProtoReflect.Descriptor instead.

func (*CreateJustificationResponse) GetToken 

func (x *CreateJustificationResponse) GetToken() string

func (*CreateJustificationResponse) ProtoMessage 

func (*CreateJustificationResponse) ProtoMessage()

func (*CreateJustificationResponse) ProtoReflect 

func (x *CreateJustificationResponse) ProtoReflect() protoreflect.Message

func (*CreateJustificationResponse) Reset 

func (x *CreateJustificationResponse) Reset()

func (*CreateJustificationResponse) String 

func (x *CreateJustificationResponse) String() string

type ExplanationValidator added in v0.1.1 

type ExplanationValidator struct{}

ExplanationValidator is the built-in Validator for the "explanation" justifications. An "explanation" justification represents a manual free text reason from the requester.

func (*ExplanationValidator) GetUIData added in v0.1.1 

func (v *ExplanationValidator) GetUIData(_ context.Context, req *GetUIDataRequest) (*UIData, error)

GetUIData retrieves plugin's display data.

func (*ExplanationValidator) Validate added in v0.1.1 

func (v *ExplanationValidator) Validate(_ context.Context, req *ValidateJustificationRequest) (*ValidateJustificationResponse, error)

Validate only checks if the input is not empty.

type GetUIDataRequest added in v0.1.1 

type GetUIDataRequest struct {
	// contains filtered or unexported fields
}

GetUIDataRequest is the request to get the plugin data for display purposes.

func (*GetUIDataRequest) Descriptor deprecated added in v0.1.1 

func (*GetUIDataRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetUIDataRequest.ProtoReflect.Descriptor instead.

func (*GetUIDataRequest) ProtoMessage added in v0.1.1 

func (*GetUIDataRequest) ProtoMessage()

func (*GetUIDataRequest) ProtoReflect added in v0.1.1 

func (x *GetUIDataRequest) ProtoReflect() protoreflect.Message

func (*GetUIDataRequest) Reset added in v0.1.1 

func (x *GetUIDataRequest) Reset()

func (*GetUIDataRequest) String added in v0.1.1 

func (x *GetUIDataRequest) String() string

type JVSPluginClient added in v0.1.1 

type JVSPluginClient interface {
	Validate(ctx context.Context, in *ValidateJustificationRequest, opts ...grpc.CallOption) (*ValidateJustificationResponse, error)
	GetUIData(ctx context.Context, in *GetUIDataRequest, opts ...grpc.CallOption) (*UIData, error)
}

JVSPluginClient is the client API for JVSPlugin service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewJVSPluginClient added in v0.1.1 

func NewJVSPluginClient(cc grpc.ClientConnInterface) JVSPluginClient

type JVSPluginServer added in v0.1.1 

type JVSPluginServer interface {
	Validate(context.Context, *ValidateJustificationRequest) (*ValidateJustificationResponse, error)
	GetUIData(context.Context, *GetUIDataRequest) (*UIData, error)
	// contains filtered or unexported methods
}

JVSPluginServer is the server API for JVSPlugin service. All implementations must embed UnimplementedJVSPluginServer for forward compatibility

type JVSServiceClient 

type JVSServiceClient interface {
	CreateJustification(ctx context.Context, in *CreateJustificationRequest, opts ...grpc.CallOption) (*CreateJustificationResponse, error)
}

JVSServiceClient is the client API for JVSService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewJVSServiceClient 

func NewJVSServiceClient(cc grpc.ClientConnInterface) JVSServiceClient

type JVSServiceServer 

type JVSServiceServer interface {
	CreateJustification(context.Context, *CreateJustificationRequest) (*CreateJustificationResponse, error)
	// contains filtered or unexported methods
}

JVSServiceServer is the server API for JVSService service. All implementations must embed UnimplementedJVSServiceServer for forward compatibility

type Justification 

type Justification struct {
	Category string `protobuf:"bytes,1,opt,name=category,proto3" json:"category,omitempty"` // In MVP, the only supported category is "explanation".
	Value    string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// Additional info the plugin may want to encapsulate in the Justification.
	// It's not intended for user input.
	Annotation map[string]string `` /* 161-byte string literal not displayed */
	// contains filtered or unexported fields
}

Justification is intended to be used to provide reasons that data access is required.

func GetJustifications added in v0.0.2 

func GetJustifications(t jwt.Token) ([]*Justification, error)

GetJustifications retrieves a copy of the justifications on the token. If the token does not have any justifications, it returns an empty slice of justifications.

This function is incredibly defensive against a poorly-parsed jwt. It handles situations where the JWT was not properly decoded (i.e. the caller did not use WithTypedJustifications), and when the token uses a single justification instead of a slice.

Modifying the slice does not modify the underlying token - you must call SetJustifications to update the data on the token.

func (*Justification) Descriptor deprecated 

func (*Justification) Descriptor() ([]byte, []int)

Deprecated: Use Justification.ProtoReflect.Descriptor instead.

func (*Justification) GetAnnotation added in v0.1.1 

func (x *Justification) GetAnnotation() map[string]string

func (*Justification) GetCategory 

func (x *Justification) GetCategory() string

func (*Justification) GetValue 

func (x *Justification) GetValue() string

func (*Justification) ProtoMessage 

func (*Justification) ProtoMessage()

func (*Justification) ProtoReflect 

func (x *Justification) ProtoReflect() protoreflect.Message

func (*Justification) Reset 

func (x *Justification) Reset()

func (*Justification) String 

func (x *Justification) String() string

type PluginClient added in v0.1.1 

type PluginClient struct {
	// contains filtered or unexported fields
}

PluginClient is an implementation of Validator that talks over RPC.

func (*PluginClient) GetUIData added in v0.1.1 

func (m *PluginClient) GetUIData(ctx context.Context, req *GetUIDataRequest) (*UIData, error)

GetUIData retrieves plugin's display data.

func (*PluginClient) Validate added in v0.1.1 

func (m *PluginClient) Validate(ctx context.Context, req *ValidateJustificationRequest) (*ValidateJustificationResponse, error)

type PluginServer added in v0.1.1 

type PluginServer struct {
	JVSPluginServer
	// This is the real implementation
	Impl Validator
}

Here is the gRPC server that PluginClient talks to.

func (*PluginServer) GetUIData added in v0.1.1 

func (m *PluginServer) GetUIData(ctx context.Context, req *GetUIDataRequest) (*UIData, error)

GetUIData retrieves plugin's display data.

func (*PluginServer) Validate added in v0.1.1 

func (m *PluginServer) Validate(ctx context.Context, req *ValidateJustificationRequest) (*ValidateJustificationResponse, error)

type UIData added in v0.1.1 

type UIData struct {

	// The display name for the plugin, e.g. for the web UI.
	DisplayName string `protobuf:"bytes,1,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
	// The hint for what value to put as the justification.
	Hint string `protobuf:"bytes,2,opt,name=hint,proto3" json:"hint,omitempty"`
	// contains filtered or unexported fields
}

The UIData comprises the data that will be displayed. At present, it exclusively includes the display_name and hint.

func (*UIData) Descriptor deprecated added in v0.1.1 

func (*UIData) Descriptor() ([]byte, []int)

Deprecated: Use UIData.ProtoReflect.Descriptor instead.

func (*UIData) GetDisplayName added in v0.1.1 

func (x *UIData) GetDisplayName() string

func (*UIData) GetHint added in v0.1.1 

func (x *UIData) GetHint() string

func (*UIData) ProtoMessage added in v0.1.1 

func (*UIData) ProtoMessage()

func (*UIData) ProtoReflect added in v0.1.1 

func (x *UIData) ProtoReflect() protoreflect.Message

func (*UIData) Reset added in v0.1.1 

func (x *UIData) Reset()

func (*UIData) String added in v0.1.1 

func (x *UIData) String() string

type UnimplementedCertificateActionServiceServer 

type UnimplementedCertificateActionServiceServer struct {
}

UnimplementedCertificateActionServiceServer must be embedded to have forward compatible implementations.

func (UnimplementedCertificateActionServiceServer) CertificateAction 

func (UnimplementedCertificateActionServiceServer) CertificateAction(context.Context, *CertificateActionRequest) (*CertificateActionResponse, error)

type UnimplementedJVSPluginServer added in v0.1.1 

type UnimplementedJVSPluginServer struct {
}

UnimplementedJVSPluginServer must be embedded to have forward compatible implementations.

func (UnimplementedJVSPluginServer) GetUIData added in v0.1.1 

func (UnimplementedJVSPluginServer) GetUIData(context.Context, *GetUIDataRequest) (*UIData, error)

func (UnimplementedJVSPluginServer) Validate added in v0.1.1 

func (UnimplementedJVSPluginServer) Validate(context.Context, *ValidateJustificationRequest) (*ValidateJustificationResponse, error)

type UnimplementedJVSServiceServer 

type UnimplementedJVSServiceServer struct {
}

UnimplementedJVSServiceServer must be embedded to have forward compatible implementations.

func (UnimplementedJVSServiceServer) CreateJustification 

func (UnimplementedJVSServiceServer) CreateJustification(context.Context, *CreateJustificationRequest) (*CreateJustificationResponse, error)

type UnsafeCertificateActionServiceServer 

type UnsafeCertificateActionServiceServer interface {
	// contains filtered or unexported methods
}

UnsafeCertificateActionServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CertificateActionServiceServer will result in compilation errors.

type UnsafeJVSPluginServer added in v0.1.1 

type UnsafeJVSPluginServer interface {
	// contains filtered or unexported methods
}

UnsafeJVSPluginServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to JVSPluginServer will result in compilation errors.

type UnsafeJVSServiceServer 

type UnsafeJVSServiceServer interface {
	// contains filtered or unexported methods
}

UnsafeJVSServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to JVSServiceServer will result in compilation errors.

type ValidateJustificationRequest added in v0.1.1 

type ValidateJustificationRequest struct {
	Justification *Justification `protobuf:"bytes,1,opt,name=justification,proto3" json:"justification,omitempty"`
	// contains filtered or unexported fields
}

ValidateJustificationRequest provides a justification for the server to validate.

func (*ValidateJustificationRequest) Descriptor deprecated added in v0.1.1 

func (*ValidateJustificationRequest) Descriptor() ([]byte, []int)

Deprecated: Use ValidateJustificationRequest.ProtoReflect.Descriptor instead.

func (*ValidateJustificationRequest) GetJustification added in v0.1.1 

func (x *ValidateJustificationRequest) GetJustification() *Justification

func (*ValidateJustificationRequest) ProtoMessage added in v0.1.1 

func (*ValidateJustificationRequest) ProtoMessage()

func (*ValidateJustificationRequest) ProtoReflect added in v0.1.1 

func (x *ValidateJustificationRequest) ProtoReflect() protoreflect.Message

func (*ValidateJustificationRequest) Reset added in v0.1.1 

func (x *ValidateJustificationRequest) Reset()

func (*ValidateJustificationRequest) String added in v0.1.1 

func (x *ValidateJustificationRequest) String() string

type ValidateJustificationResponse added in v0.1.1 

type ValidateJustificationResponse struct {
	Valid bool `protobuf:"varint,1,opt,name=valid,proto3" json:"valid,omitempty"`
	// Could be empty if it's valid.
	// Otherwise some warning or error should be provided.
	Warning []string `protobuf:"bytes,2,rep,name=warning,proto3" json:"warning,omitempty"`
	Error   []string `protobuf:"bytes,3,rep,name=error,proto3" json:"error,omitempty"`
	// Additional info the plugin may want to encapsulate in the Justification.
	// It's not intended for user input.
	Annotation map[string]string `` /* 161-byte string literal not displayed */
	// contains filtered or unexported fields
}

ValidateJustificationResponse contains the validation result.

func (*ValidateJustificationResponse) Descriptor deprecated added in v0.1.1 

func (*ValidateJustificationResponse) Descriptor() ([]byte, []int)

Deprecated: Use ValidateJustificationResponse.ProtoReflect.Descriptor instead.

func (*ValidateJustificationResponse) GetAnnotation added in v0.1.1 

func (x *ValidateJustificationResponse) GetAnnotation() map[string]string

func (*ValidateJustificationResponse) GetError added in v0.1.1 

func (x *ValidateJustificationResponse) GetError() []string

func (*ValidateJustificationResponse) GetValid added in v0.1.1 

func (x *ValidateJustificationResponse) GetValid() bool

func (*ValidateJustificationResponse) GetWarning added in v0.1.1 

func (x *ValidateJustificationResponse) GetWarning() []string

func (*ValidateJustificationResponse) ProtoMessage added in v0.1.1 

func (*ValidateJustificationResponse) ProtoMessage()

func (*ValidateJustificationResponse) ProtoReflect added in v0.1.1 

func (x *ValidateJustificationResponse) ProtoReflect() protoreflect.Message

func (*ValidateJustificationResponse) Reset added in v0.1.1 

func (x *ValidateJustificationResponse) Reset()

func (*ValidateJustificationResponse) String added in v0.1.1 

func (x *ValidateJustificationResponse) String() string

type Validator added in v0.1.1 

type Validator interface {
	Validate(context.Context, *ValidateJustificationRequest) (*ValidateJustificationResponse, error)
	GetUIData(context.Context, *GetUIDataRequest) (*UIData, error)
}

The interface we are exposing as a plugin.

type ValidatorPlugin added in v0.1.1 

type ValidatorPlugin struct {
	// GRPCPlugin must still implement the Plugin interface.
	plugin.Plugin
	// Concrete implementation, written in Go. This is only used for plugins
	// that are written in Go.
	Impl Validator
}

ValidatorPlugin implements plugin.GRPCPlugin.

func (*ValidatorPlugin) GRPCClient added in v0.1.1 

func (p *ValidatorPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (any, error)

GRPCClient is required by plugin.GRPCPlugin.

func (*ValidatorPlugin) GRPCServer added in v0.1.1 

func (p *ValidatorPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error

GRPCServer is required by plugin.GRPCPlugin.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.