app

package
v0.0.0-...-e1ceea9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2021 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Copyright 2020 CYBERCRYPT

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const AssociatedDataStoreSuffix = "_aad"
View Source 
const CiphertextStoreSuffix = "_data"

Variables

View Source 
var GitCommit string
View Source 
var GitTag string

Functions

func AuthorizeWrapper 

func AuthorizeWrapper(ctx context.Context, messageAuthenticator *crypt.MessageAuthenticator, objectIDString string) (*authz.Authorizer, *authz.AccessObject, error)

Wraps the Authorize call Fails if uid or oid are wrongly formatted or if a user isn't authorized to edit the accessObject

func CheckInsecure 

func CheckInsecure(config *Config)

Prevents an accidental deployment with testing parameters

Types

type App 

type App struct {
	Config               *Config
	MessageAuthenticator *crypt.MessageAuthenticator
	AuthDBPool           *pgxpool.Pool
	ObjectStore          objectstorage.ObjectStoreInterface
	UnimplementedEncryptonizeServer
}

func (*App) AddPermission 

func (app *App) AddPermission(ctx context.Context, request *AddPermissionRequest) (*AddPermissionResponse, error)

Grant a user access to an object. The requesting user has to be authorized to access the object.

func (*App) AuthStorageStreamingInterceptor 

func (app *App) AuthStorageStreamingInterceptor() grpc.StreamServerInterceptor

AuthStorageUnaryServerInterceptor creates a DB AuthStorage instance and injects it into the context. It beginns a DB transcation and takes care of automatic rolling it back if needed.

func (*App) AuthStorageUnaryServerInterceptor 

func (app *App) AuthStorageUnaryServerInterceptor() grpc.UnaryServerInterceptor

AuthStorageUnaryServerInterceptor creates a DB AuthStorage instance and injects it into the context. It beginns a DB transcation and takes care of automatic rolling it back if needed.

func (*App) AuthenticateUser 

func (app *App) AuthenticateUser(ctx context.Context) (context.Context, error)

Authenticates user using an Access Token the Access Token contains uid, scopes, and a random value this token has to be integrity protected (e.g. by an HMAC) this method fails if the integrity check failed or the token lacks the required scope

func (*App) CreateAdminCommand 

func (app *App) CreateAdminCommand()

CreateAdminCommand creates a new admin users with random credentials This function is intended to be used for cli operation

func (*App) CreateUser 

func (app *App) CreateUser(ctx context.Context, request *CreateUserRequest) (*CreateUserResponse, error)

CreateUser is an exposed endpoint that enables admins to create other users Fails if credentials can't be generated or if the derived tag can't be stored

func (*App) GetPermissions 

func (app *App) GetPermissions(ctx context.Context, request *GetPermissionsRequest) (*GetPermissionsResponse, error)

Retrieve a list of users who have access to the object specified in the request.

func (*App) RemovePermission 

func (app *App) RemovePermission(ctx context.Context, request *RemovePermissionRequest) (*RemovePermissionResponse, error)

Remove a users access to an object. The requesting user has to be authorized to access the object.

func (*App) Retrieve 

func (app *App) Retrieve(ctx context.Context, request *RetrieveRequest) (*RetrieveResponse, error)

API exposed function, retrieves a package from storage solution Assumes that user credentials are to be found in context metadata Errors if authentication, authorization, or retrieving the object fails

func (*App) Store 

func (app *App) Store(ctx context.Context, request *StoreRequest) (*StoreResponse, error)

API exposed function, encrypts data and stores it in the object store Assumes that user credentials are to be found in context metadata Errors if authentication or storing fails

func (*App) Version 

func (app *App) Version(ctx context.Context, request *VersionRequest) (*VersionResponse, error)

type Config 

type Config struct {
	KEK               []byte
	ASK               []byte
	AuthStorageURL    string
	ObjectStorageURL  string
	ObjectStorageID   string
	ObjectStorageKey  string
	ObjectStorageCert []byte
}

func ParseConfig 

func ParseConfig() (*Config, error)

type ContextKey 

type ContextKey int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.