Documentation
¶
Index ¶
- type CertHandler
- type IdentHandler
- type PermissionHandler
- type RemoteIAMsHandler
- type Server
- func (server *Server) ApplyCert(context context.Context, req *pb.ApplyCertRequest) (rsp *pb.ApplyCertResponse, err error)
- func (server *Server) Clear(context context.Context, req *pb.ClearRequest) (rsp *empty.Empty, err error)
- func (server *Server) Close() (err error)
- func (server *Server) CreateKey(context context.Context, req *pb.CreateKeyRequest) (rsp *pb.CreateKeyResponse, err error)
- func (server *Server) EncryptDisk(ctx context.Context, req *pb.EncryptDiskRequest) (rsp *empty.Empty, err error)
- func (server *Server) FinishProvisioning(context context.Context, req *empty.Empty) (rsp *empty.Empty, err error)
- func (server *Server) GetAPIVersion(ctx context.Context, req *empty.Empty) (*pb.APIVersion, error)
- func (server *Server) GetAllNodeIDs(context context.Context, req *empty.Empty) (rsp *pb.NodesID, err error)
- func (server *Server) GetCert(context context.Context, req *pb.GetCertRequest) (rsp *pb.GetCertResponse, err error)
- func (server *Server) GetCertTypes(context context.Context, req *pb.GetCertTypesRequest) (rsp *pb.CertTypes, err error)
- func (server *Server) GetNodeInfo(ctx context.Context, req *empty.Empty) (*pb.NodeInfo, error)
- func (server *Server) GetPermissions(ctx context.Context, req *pb.PermissionsRequest) (rsp *pb.PermissionsResponse, err error)
- func (server *Server) GetSubjects(context context.Context, req *empty.Empty) (rsp *pb.Subjects, err error)
- func (server *Server) GetSystemInfo(context context.Context, req *empty.Empty) (rsp *pb.SystemInfo, err error)
- func (server *Server) RegisterInstance(ctx context.Context, req *pb.RegisterInstanceRequest) (*pb.RegisterInstanceResponse, error)
- func (server *Server) SetOwner(context context.Context, req *pb.SetOwnerRequest) (rsp *empty.Empty, err error)
- func (server *Server) SubscribeSubjectsChanged(message *empty.Empty, ...) (err error)
- func (server *Server) UnregisterInstance(ctx context.Context, req *pb.UnregisterInstanceRequest) (*empty.Empty, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertHandler ¶
type CertHandler interface {
GetCertTypes() []string
GetCertificate(certType string, issuer []byte, serial string) (certURL, keyURL string, err error)
SetOwner(certType, password string) error
Clear(certType string) error
CreateKey(certType, subject, password string) (csr []byte, err error)
ApplyCertificate(certType string, cert []byte) (certURL, serial string, err error)
CreateSelfSignedCert(certType, password string) (err error)
}
CertHandler interface.
type IdentHandler ¶
type IdentHandler interface {
GetSystemID() (systemdID string, err error)
GetUnitModel() (unitModel string, err error)
GetSubjects() (Subjects []string, err error)
SubjectsChangedChannel() (channel <-chan []string)
}
IdentHandler interface.
type PermissionHandler ¶
type PermissionHandler interface {
RegisterInstance(
instance aostypes.InstanceIdent, permissions map[string]map[string]string) (secret string, err error)
UnregisterInstance(instance aostypes.InstanceIdent)
GetPermissions(secret, funcServerID string) (
instance aostypes.InstanceIdent, permissions map[string]string, err error)
}
PermissionHandler interface.
type RemoteIAMsHandler ¶
type RemoteIAMsHandler interface {
GetRemoteNodes() []string
GetCertTypes(nodeID string) ([]string, error)
SetOwner(nodeID, certType, password string) error
Clear(nodeID, certType string) error
CreateKey(nodeID, certType, subject, password string) (csr []byte, err error)
ApplyCertificate(nodeID, certType string, cert []byte) (certURL, serial string, err error)
EncryptDisk(nodeID, password string) error
FinishProvisioning(nodeID string) error
}
RemoteIAMsHandler remote IAM's handler.
type Server ¶
type Server struct {
sync.Mutex
pb.UnimplementedIAMPublicServiceServer
pb.UnimplementedIAMPublicIdentityServiceServer
pb.UnimplementedIAMPublicPermissionsServiceServer
pb.UnimplementedIAMProvisioningServiceServer
pb.UnimplementedIAMCertificateServiceServer
pb.UnimplementedIAMPermissionsServiceServer
// contains filtered or unexported fields
}
Server IAM server instance.
func New ¶
func New( cfg *config.Config, cryptoContext *cryptutils.CryptoContext, certHandler CertHandler, identHandler IdentHandler, permissionHandler PermissionHandler, remoteIAMsHandler RemoteIAMsHandler, provisioningMode bool, ) (server *Server, err error)
New creates new IAM server instance.
func (*Server) ApplyCert ¶
func (server *Server) ApplyCert( context context.Context, req *pb.ApplyCertRequest, ) (rsp *pb.ApplyCertResponse, err error)
ApplyCert applies certificate.
func (*Server) Clear ¶
func (server *Server) Clear(context context.Context, req *pb.ClearRequest) (rsp *empty.Empty, err error)
Clear clears certificates and keys storages.
func (*Server) CreateKey ¶
func (server *Server) CreateKey(context context.Context, req *pb.CreateKeyRequest) ( rsp *pb.CreateKeyResponse, err error, )
CreateKey creates private key.
func (*Server) EncryptDisk ¶
func (server *Server) EncryptDisk(ctx context.Context, req *pb.EncryptDiskRequest) (rsp *empty.Empty, err error)
EncryptDisk perform disk encryption.
func (*Server) FinishProvisioning ¶
func (server *Server) FinishProvisioning(context context.Context, req *empty.Empty) (rsp *empty.Empty, err error)
FinishProvisioning notifies IAM that provisioning is finished.
func (*Server) GetAPIVersion ¶
GetAPIVersion returns current iam api version.
func (*Server) GetAllNodeIDs ¶
func (server *Server) GetAllNodeIDs(context context.Context, req *empty.Empty, ) (rsp *pb.NodesID, err error)
GetAllNodeIDs returns all known node IDs.
func (*Server) GetCert ¶
func (server *Server) GetCert(context context.Context, req *pb.GetCertRequest) (rsp *pb.GetCertResponse, err error)
GetCert returns certificate URI by issuer.
func (*Server) GetCertTypes ¶
func (server *Server) GetCertTypes(context context.Context, req *pb.GetCertTypesRequest, ) (rsp *pb.CertTypes, err error)
GetCertTypes returns all IAM cert types.
func (*Server) GetNodeInfo ¶
GetNodeInfo returns node information.
func (*Server) GetPermissions ¶
func (server *Server) GetPermissions( ctx context.Context, req *pb.PermissionsRequest, ) (rsp *pb.PermissionsResponse, err error)
GetPermissions returns permissions by secret and functional server ID.
func (*Server) GetSubjects ¶
func (server *Server) GetSubjects(context context.Context, req *empty.Empty) (rsp *pb.Subjects, err error)
GetSubjects returns subjects.
func (*Server) GetSystemInfo ¶
func (server *Server) GetSystemInfo(context context.Context, req *empty.Empty) (rsp *pb.SystemInfo, err error)
GetSystemInfo returns system information.
func (*Server) RegisterInstance ¶
func (server *Server) RegisterInstance( ctx context.Context, req *pb.RegisterInstanceRequest, ) (*pb.RegisterInstanceResponse, error)
RegisterInstance registers new service and creates secret.
func (*Server) SetOwner ¶
func (server *Server) SetOwner(context context.Context, req *pb.SetOwnerRequest) (rsp *empty.Empty, err error)
SetOwner makes IAM owner of secure storage.
func (*Server) SubscribeSubjectsChanged ¶
func (server *Server) SubscribeSubjectsChanged(message *empty.Empty, stream pb.IAMPublicIdentityService_SubscribeSubjectsChangedServer, ) (err error)
SubscribeSubjectsChanged creates stream for subjects changed notifications.
func (*Server) UnregisterInstance ¶
func (server *Server) UnregisterInstance(ctx context.Context, req *pb.UnregisterInstanceRequest) (*empty.Empty, error)
UnregisterInstance unregisters service.
Source Files
Click to show internal directories.
Click to hide internal directories.