Documentation ¶
Index ¶
- type AttestationData
- type RequestBody
- type RequestBodyOption
- func WithAttestationData(data *AttestationData) RequestBodyOption
- func WithAuthorizationPrincipal(p string) RequestBodyOption
- func WithSSHCertificate(cert *sshutil.Certificate, certTpl *ssh.Certificate) RequestBodyOption
- func WithSSHCertificateRequest(cr sshutil.CertificateRequest) RequestBodyOption
- func WithX509Certificate(cert *x509util.Certificate, leaf *x509.Certificate) RequestBodyOption
- func WithX509CertificateRequest(cr *x509.CertificateRequest) RequestBodyOption
- func WithX5CCertificate(leaf *x509.Certificate) RequestBodyOption
- type ResponseBody
- type SSHCertificate
- type SSHCertificateRequest
- type X509Certificate
- type X509CertificateRequest
- type X5CCertificate
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AttestationData ¶
type AttestationData struct {
PermanentIdentifier string `json:"permanentIdentifier"`
}
AttestationData is data validated by acme device-attest-01 challenge
type RequestBody ¶
type RequestBody struct { Timestamp time.Time `json:"timestamp"` ProvisionerName string `json:"provisionerName,omitempty"` // Only set after successfully completing acme device-attest-01 challenge AttestationData *AttestationData `json:"attestationData,omitempty"` // Set for most provisioners, but not acme or scep // Token any `json:"token,omitempty"` // Exactly one of the remaining fields should be set X509CertificateRequest *X509CertificateRequest `json:"x509CertificateRequest,omitempty"` X509Certificate *X509Certificate `json:"x509Certificate,omitempty"` SSHCertificateRequest *SSHCertificateRequest `json:"sshCertificateRequest,omitempty"` SSHCertificate *SSHCertificate `json:"sshCertificate,omitempty"` // Only set for SCEP webhook requests SCEPChallenge string `json:"scepChallenge,omitempty"` SCEPTransactionID string `json:"scepTransactionID,omitempty"` SCEPErrorCode int `json:"scepErrorCode,omitempty"` SCEPErrorDescription string `json:"scepErrorDescription,omitempty"` // Only set for X5C provisioners X5CCertificate *X5CCertificate `json:"x5cCertificate,omitempty"` // Set for X5C, AWS, GCP, and Azure provisioners AuthorizationPrincipal string `json:"authorizationPrincipal,omitempty"` }
RequestBody is the body sent to webhook servers.
func NewRequestBody ¶
func NewRequestBody(options ...RequestBodyOption) (*RequestBody, error)
type RequestBodyOption ¶
type RequestBodyOption func(*RequestBody) error
func WithAttestationData ¶
func WithAttestationData(data *AttestationData) RequestBodyOption
func WithAuthorizationPrincipal ¶
func WithAuthorizationPrincipal(p string) RequestBodyOption
func WithSSHCertificate ¶
func WithSSHCertificate(cert *sshutil.Certificate, certTpl *ssh.Certificate) RequestBodyOption
func WithSSHCertificateRequest ¶
func WithSSHCertificateRequest(cr sshutil.CertificateRequest) RequestBodyOption
func WithX509Certificate ¶
func WithX509Certificate(cert *x509util.Certificate, leaf *x509.Certificate) RequestBodyOption
func WithX509CertificateRequest ¶
func WithX509CertificateRequest(cr *x509.CertificateRequest) RequestBodyOption
func WithX5CCertificate ¶
func WithX5CCertificate(leaf *x509.Certificate) RequestBodyOption
type ResponseBody ¶
ResponseBody is the body returned by webhook servers.
type SSHCertificate ¶
type SSHCertificate struct { *sshutil.Certificate PublicKey []byte `json:"publicKey"` SignatureKey []byte `json:"signatureKey"` ValidBefore uint64 `json:"validBefore"` ValidAfter uint64 `json:"validAfter"` }
SSHCertificate is the certificate sent to webhook servers for authorizing webhooks when signing SSH certificates
type SSHCertificateRequest ¶
type SSHCertificateRequest struct { PublicKey []byte `json:"publicKey"` Type string `json:"type"` KeyID string `json:"keyID"` Principals []string `json:"principals"` }
SSHCertificateRequest is the certificate request sent to webhook servers for enriching webhooks when signing SSH certificates
type X509Certificate ¶
type X509Certificate struct { *x509util.Certificate PublicKey []byte `json:"publicKey"` PublicKeyAlgorithm string `json:"publicKeyAlgorithm"` NotBefore time.Time `json:"notBefore"` NotAfter time.Time `json:"notAfter"` Raw []byte `json:"raw"` }
X509Certificate is the certificate sent to webhook servers for authorizing webhooks when signing x509 certificates
type X509CertificateRequest ¶
type X509CertificateRequest struct { *x509util.CertificateRequest PublicKey []byte `json:"publicKey"` PublicKeyAlgorithm string `json:"publicKeyAlgorithm"` Raw []byte `json:"raw"` }
X509CertificateRequest is the certificate request sent to webhook servers for enriching webhooks when signing x509 certificates
type X5CCertificate ¶
type X5CCertificate struct { Raw []byte `json:"raw"` PublicKey []byte `json:"publicKey"` PublicKeyAlgorithm string `json:"publicKeyAlgorithm"` NotBefore time.Time `json:"notBefore"` NotAfter time.Time `json:"notAfter"` }
X5CCertificate is the authorization certificate sent to webhook servers for enriching or authorizing webhooks when signing X509 or SSH certificates using the X5C provisioner.