robotaccount

package
v0.144.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 17, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Audience = "attestations.chainloop"
	// Previous audience, deprecated, we keep it to not to break compatibility
	DeprecatedAudience = "client.chainloop"
)

This type of JWT is meant to be used by the attestations service

Variables

View Source
var SigningMethod = jwt.SigningMethodHS256

Functions

This section is empty.

Types

type Builder

type Builder struct {
	// contains filtered or unexported fields
}

func NewBuilder

func NewBuilder(opts ...NewOpt) (*Builder, error)

NewBuilder creates a new robot account builder meant to be associated with a workflowRun It does not expire but its revocation status is checked on every request Currently we use a simple hmac encryption method meant to be continuously rotated TODO: additional/alternative encryption method, i.e DSE asymmetric, see CAS robot account for reference

func (*Builder) GenerateJWT

func (ra *Builder) GenerateJWT(orgID, workflowID, keyID string) (string, error)

NOTE: It does not expire, it will get revoked instead

type CustomClaims

type CustomClaims struct {
	OrgID      string `json:"org_id"`
	WorkflowID string `json:"workflow_id"`
	jwt.RegisteredClaims
}

type NewOpt

type NewOpt func(b *Builder)

func WithIssuer

func WithIssuer(issuer string) NewOpt

func WithKeySecret

func WithKeySecret(hmacSecret string) NewOpt

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL