client

package
v1.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 2, 2022 License: BSD-2-Clause Imports: 17 Imported by: 0

Documentation

Overview

Package client implements a Go client for CFSSL API commands.

Index

Constants

View Source
const (
	// StrategyInvalid indicates any strategy that is unsupported
	// or returned when no strategy is applicable.
	StrategyInvalid = iota

	// StrategyOrderedList is a sequential list of servers: if the
	// first server cannot be reached, the next is used. The
	// client will proceed in this manner until the list of
	// servers is exhausted, and then an error is returned.
	StrategyOrderedList
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthRemote

type AuthRemote struct {
	Remote
	// contains filtered or unexported fields
}

AuthRemote acts as a Remote with a default Provider for AuthSign.

func NewAuthServer

func NewAuthServer(addr string, tlsConfig *tls.Config, provider auth.Provider) *AuthRemote

NewAuthServer sets up a new auth server target with an addr in the same format at NewServer and a default authentication provider to use for Sign requests.

func (*AuthRemote) Sign

func (ar *AuthRemote) Sign(req []byte) ([]byte, error)

Sign is overloaded to perform an AuthSign request using the default auth provider.

type Remote

type Remote interface {
	AuthSign(req, id []byte, provider auth.Provider) ([]byte, error)
	Sign(jsonData []byte) ([]byte, error)
	Info(jsonData []byte) (*info.Resp, error)
	Hosts() []string
	SetReqModifier(func(*http.Request, []byte))
	SetRequestTimeout(d time.Duration)
	SetProxy(func(*http.Request) (*url.URL, error))
}

A Remote points to at least one (but possibly multiple) remote CFSSL instances. It must be able to perform a authenticated and unauthenticated certificate signing requests, return information about the CA on the other end, and return a list of the hosts that are used by the remote.

func NewGroup

func NewGroup(remotes []string, tlsConfig *tls.Config, strategy Strategy) (Remote, error)

NewGroup will use the collection of remotes specified with the given strategy.

func NewServer

func NewServer(addr string) Remote

NewServer sets up a new server target. The address should be of The format [protocol:]name[:port] of the remote CFSSL instance. If no protocol is given http is default. If no port is specified, the CFSSL default port (8888) is used. If the name is a comma-separated list of hosts, an ordered group will be returned.

func NewServerTLS

func NewServerTLS(addr string, tlsConfig *tls.Config) Remote

NewServerTLS is the TLS version of NewServer

type SignResult

type SignResult struct {
	Certificate []byte `json:"certificate"`
}

SignResult is the result of signing a CSR.

type Strategy

type Strategy int

Strategy is the means by which the server to use as a remote should be selected.

func StrategyFromString

func StrategyFromString(s string) Strategy

StrategyFromString takes a string describing a

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL