server

package
v0.0.0-...-efbc38a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 23, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package server provides a server object that represents the Notary backend

Index

Constants

View Source 
const (
	UserPermission  = 0
	AdminPermission = 1
)

Variables

This section is empty.

Functions

func AllowRequest 

func AllowRequest(claims *jwtNotaryClaims, method, path string) (bool, error)

AllowRequest looks at the user data to determine the following things: The first question is "Is this user trying to access a path that's restricted?"

There are two types of restricted paths: admin only paths that only admins can access, and self authorized paths, which users are allowed to use only if they are taking an action on their own user ID. The second question is "If the path requires an ID, is the user attempting to access their own ID?"

For all endpoints and permission permutations, there are only 2 cases when users are allowed to use endpoints: If the URL path is not restricted to admins If the URL path is restricted to self authorized endpoints, and the user is taking action with their own ID This function validates that the user the with the given claims is allowed to use the endpoints by passing the above checks.

func ChangeAccountPassword 

func ChangeAccountPassword(env *HandlerConfig) http.HandlerFunc

func CreateAccount 

func CreateAccount(env *HandlerConfig) http.HandlerFunc

CreateAccount creates a new Account, and returns the id of the created row

func CreateCertificate 

func CreateCertificate(env *HandlerConfig) http.HandlerFunc

CreateCertificate handler receives an id as a path parameter, and attempts to add a given certificate to the corresponding certificate request

func CreateCertificateRequest 

func CreateCertificateRequest(env *HandlerConfig) http.HandlerFunc

CreateCertificateRequest creates a new Certificate Request, and returns the id of the created row

func DeleteAccount 

func DeleteAccount(env *HandlerConfig) http.HandlerFunc

DeleteAccount handler receives an id as a path parameter, deletes the corresponding User Account, and returns a http.StatusNoContent on success

func DeleteCertificate 

func DeleteCertificate(env *HandlerConfig) http.HandlerFunc

DeleteCertificate handler receives an id as a path parameter, and attempts to add a given certificate to the corresponding certificate request

func DeleteCertificateRequest 

func DeleteCertificateRequest(env *HandlerConfig) http.HandlerFunc

DeleteCertificateRequest handler receives an id as a path parameter, deletes the corresponding Certificate Request, and returns a http.StatusNoContent on success

func GetAccount 

func GetAccount(env *HandlerConfig) http.HandlerFunc

GetAccount receives an id as a path parameter, and returns the corresponding User Account

func GetCertificateRequest 

func GetCertificateRequest(env *HandlerConfig) http.HandlerFunc

GetCertificateRequest receives an id as a path parameter, and returns the corresponding Certificate Request

func GetStatus 

func GetStatus(env *HandlerConfig) http.HandlerFunc

the GET status endpoint returns a http.StatusOK alongside info about the server initialized means the first user has been created

func ListAccounts 

func ListAccounts(env *HandlerConfig) http.HandlerFunc

ListAccounts returns all accounts from the database

func ListCertificateRequests 

func ListCertificateRequests(env *HandlerConfig) http.HandlerFunc

ListCertificateRequests returns all of the Certificate Requests

func Login 

func Login(env *HandlerConfig) http.HandlerFunc

func New 

func New(port int, cert []byte, key []byte, dbPath string, pebbleNotificationsEnabled bool) (*http.Server, error)

New creates an environment and an http server with handlers that Go can start listening to

func NewHandler 

func NewHandler(config *HandlerConfig) http.Handler

NewHandler takes in a config struct, passes it along to any handlers that will need access to it, and takes an http.Handler that will be used to handle metrics. then builds and returns it for a server to consume

func RejectCertificate 

func RejectCertificate(env *HandlerConfig) http.HandlerFunc

func SendPebbleNotification 

func SendPebbleNotification(key, request_id string) error

Types

type CertificateRequest 

type CertificateRequest struct {
	ID               int    `json:"id"`
	CSR              string `json:"csr"`
	CertificateChain string `json:"certificate_chain"`
	Status           string `json:"status"`
}

type ChangeAccountParams 

type ChangeAccountParams struct {
	Password string `json:"password"`
}

type CreateAccountParams 

type CreateAccountParams struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

type CreateCertificateParams 

type CreateCertificateParams struct {
	CertificateChain string `json:"certificate"`
}

type CreateCertificateRequestParams 

type CreateCertificateRequestParams struct {
	CSR string `json:"csr"`
}

type GetAccountResponse 

type GetAccountResponse struct {
	ID          int    `json:"id"`
	Username    string `json:"username"`
	Permissions int    `json:"permissions"`
}

type HandlerConfig 

type HandlerConfig struct {
	DB                      *db.Database
	SendPebbleNotifications bool
	JWTSecret               []byte
}

type LoginParams 

type LoginParams struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

type LoginResponse 

type LoginResponse struct {
	Token string `json:"token"`
}

type StatusResponse 

type StatusResponse struct {
	Initialized bool   `json:"initialized"`
	Version     string `json:"version"`
}

type SuccessResponse 

type SuccessResponse struct {
	Message string `json:"message"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.