sso

package

v0.0.0-...-108dae9 Latest Latest Go to latest Published: Jan 2, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/continusec/geecert

Documentation ¶

Index ¶

Variables
func RegisterGeeCertServerServer(s *grpc.Server, srv GeeCertServerServer)
type GeeCertServerClient
- func NewGeeCertServerClient(cc *grpc.ClientConn) GeeCertServerClient
type GeeCertServerServer
type ResponseCode
- func (ResponseCode) EnumDescriptor() ([]byte, []int)
- func (x ResponseCode) String() string
type SSHCertsRequest
type SSHCertsResponse
type ServerConfig
type ServerConfig_Profile
type ServerConfig_UserConfig
type UnimplementedGeeCertServerServer
- func (*UnimplementedGeeCertServerServer) GetSSHCerts(ctx context.Context, req *SSHCertsRequest) (*SSHCertsResponse, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ResponseCode_name = map[int32]string{
	0: "OK",
	1: "INVALID_ID_TOKEN",
	2: "NO_CERTS_ALLOWED",
}

View Source

var ResponseCode_value = map[string]int32{
	"OK":               0,
	"INVALID_ID_TOKEN": 1,
	"NO_CERTS_ALLOWED": 2,
}

Functions ¶

func RegisterGeeCertServerServer ¶

func RegisterGeeCertServerServer(s *grpc.Server, srv GeeCertServerServer)

Types ¶

type GeeCertServerClient ¶

type GeeCertServerClient interface {
	GetSSHCerts(ctx context.Context, in *SSHCertsRequest, opts ...grpc.CallOption) (*SSHCertsResponse, error)
}

GeeCertServerClient is the client API for GeeCertServer service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewGeeCertServerClient ¶

func NewGeeCertServerClient(cc *grpc.ClientConn) GeeCertServerClient

type GeeCertServerServer ¶

type GeeCertServerServer interface {
	GetSSHCerts(context.Context, *SSHCertsRequest) (*SSHCertsResponse, error)
}

GeeCertServerServer is the server API for GeeCertServer service.

type ResponseCode ¶

type ResponseCode int32

const (
	ResponseCode_OK               ResponseCode = 0
	ResponseCode_INVALID_ID_TOKEN ResponseCode = 1
	ResponseCode_NO_CERTS_ALLOWED ResponseCode = 2
)

func (ResponseCode) EnumDescriptor ¶

func (ResponseCode) EnumDescriptor() ([]byte, []int)

func (ResponseCode) String ¶

func (x ResponseCode) String() string

type SSHCertsRequest ¶

type SSHCertsRequest struct {
	IdToken              string   `protobuf:"bytes,1,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"`
	PublicKey            string   `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*SSHCertsRequest) Descriptor ¶

func (*SSHCertsRequest) Descriptor() ([]byte, []int)

func (*SSHCertsRequest) GetIdToken ¶

func (m *SSHCertsRequest) GetIdToken() string

func (*SSHCertsRequest) GetPublicKey ¶

func (m *SSHCertsRequest) GetPublicKey() string

func (*SSHCertsRequest) ProtoMessage ¶

func (*SSHCertsRequest) ProtoMessage()

func (*SSHCertsRequest) Reset ¶

func (m *SSHCertsRequest) Reset()

func (*SSHCertsRequest) String ¶

func (m *SSHCertsRequest) String() string

func (*SSHCertsRequest) XXX_DiscardUnknown ¶

func (m *SSHCertsRequest) XXX_DiscardUnknown()

func (*SSHCertsRequest) XXX_Marshal ¶

func (m *SSHCertsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SSHCertsRequest) XXX_Merge ¶

func (m *SSHCertsRequest) XXX_Merge(src proto.Message)

func (*SSHCertsRequest) XXX_Size ¶

func (m *SSHCertsRequest) XXX_Size() int

func (*SSHCertsRequest) XXX_Unmarshal ¶

func (m *SSHCertsRequest) XXX_Unmarshal(b []byte) error

type SSHCertsResponse ¶

type SSHCertsResponse struct {
	Status                 ResponseCode `protobuf:"varint,1,opt,name=status,proto3,enum=ResponseCode" json:"status,omitempty"`
	Certificate            string       `protobuf:"bytes,2,opt,name=certificate,proto3" json:"certificate,omitempty"`
	CertificateAuthorities []string     `` /* 127-byte string literal not displayed */
	Config                 []string     `protobuf:"bytes,4,rep,name=config,proto3" json:"config,omitempty"`
	XXX_NoUnkeyedLiteral   struct{}     `json:"-"`
	XXX_unrecognized       []byte       `json:"-"`
	XXX_sizecache          int32        `json:"-"`
}

func (*SSHCertsResponse) Descriptor ¶

func (*SSHCertsResponse) Descriptor() ([]byte, []int)

func (*SSHCertsResponse) GetCertificate ¶

func (m *SSHCertsResponse) GetCertificate() string

func (*SSHCertsResponse) GetCertificateAuthorities ¶

func (m *SSHCertsResponse) GetCertificateAuthorities() []string

func (*SSHCertsResponse) GetConfig ¶

func (m *SSHCertsResponse) GetConfig() []string

func (*SSHCertsResponse) GetStatus ¶

func (m *SSHCertsResponse) GetStatus() ResponseCode

func (*SSHCertsResponse) ProtoMessage ¶

func (*SSHCertsResponse) ProtoMessage()

func (*SSHCertsResponse) Reset ¶

func (m *SSHCertsResponse) Reset()

func (*SSHCertsResponse) String ¶

func (m *SSHCertsResponse) String() string

func (*SSHCertsResponse) XXX_DiscardUnknown ¶

func (m *SSHCertsResponse) XXX_DiscardUnknown()

func (*SSHCertsResponse) XXX_Marshal ¶

func (m *SSHCertsResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SSHCertsResponse) XXX_Merge ¶

func (m *SSHCertsResponse) XXX_Merge(src proto.Message)

func (*SSHCertsResponse) XXX_Size ¶

func (m *SSHCertsResponse) XXX_Size() int

func (*SSHCertsResponse) XXX_Unmarshal ¶

func (m *SSHCertsResponse) XXX_Unmarshal(b []byte) error

type ServerConfig ¶

type ServerConfig struct {
	CaKeyPath                   string                              `protobuf:"bytes,1,opt,name=ca_key_path,json=caKeyPath,proto3" json:"ca_key_path,omitempty"`
	GenerateCertDurationSeconds int32                               `` /* 147-byte string literal not displayed */
	AllowedUsers                map[string]*ServerConfig_UserConfig `` /* 185-byte string literal not displayed */
	ListenPort                  int32                               `protobuf:"varint,5,opt,name=listen_port,json=listenPort,proto3" json:"listen_port,omitempty"`
	AllowedDomainForIdToken     string                              `` /* 136-byte string literal not displayed */
	AllowedClientIdForIdToken   string                              `` /* 144-byte string literal not displayed */
	ServerCertPath              string                              `protobuf:"bytes,8,opt,name=server_cert_path,json=serverCertPath,proto3" json:"server_cert_path,omitempty"`
	ServerKeyPath               string                              `protobuf:"bytes,9,opt,name=server_key_path,json=serverKeyPath,proto3" json:"server_key_path,omitempty"`
	CaComment                   string                              `protobuf:"bytes,11,opt,name=ca_comment,json=caComment,proto3" json:"ca_comment,omitempty"`
	HttpListenPort              int32                               `protobuf:"varint,12,opt,name=http_listen_port,json=httpListenPort,proto3" json:"http_listen_port,omitempty"`
	AllowedHosts                []string                            `protobuf:"bytes,13,rep,name=allowed_hosts,json=allowedHosts,proto3" json:"allowed_hosts,omitempty"`
	SshConnectForPublickeyPort  int32                               `` /* 147-byte string literal not displayed */
	UserProfiles                map[string]*ServerConfig_Profile    `` /* 186-byte string literal not displayed */
	// path to pem with key, cert and intermediates
	HostSigningTlsPath string `protobuf:"bytes,17,opt,name=host_signing_tls_path,json=hostSigningTlsPath,proto3" json:"host_signing_tls_path,omitempty"`
	// e.g. https://accounts.google.com/.well-known/openid-configuration for Google
	// e.g. https://login.microsoftonline.com/<tenancy id>/.well-known/openid-configuration for Azure AD
	OidcConfigurationUrl string `protobuf:"bytes,18,opt,name=oidc_configuration_url,json=oidcConfigurationUrl,proto3" json:"oidc_configuration_url,omitempty"`
	// if set verify "appid" claim for client ID, INSTEAD OF "aud" claim - useful for Azure Access Token
	LookForAudienceInAppId bool `` /* 137-byte string literal not displayed */
	// if set, check for suffix in email field instead of "hd" cliam. useful for Azure Access Token
	LookForHostedDomainInEmail bool `` /* 149-byte string literal not displayed */
	// if set, don't require email_verified field. Useful for Azure Access token
	SkipEmailVerified    bool     `protobuf:"varint,21,opt,name=skip_email_verified,json=skipEmailVerified,proto3" json:"skip_email_verified,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ServerConfig) Descriptor ¶

func (*ServerConfig) Descriptor() ([]byte, []int)

func (*ServerConfig) GetAllowedClientIdForIdToken ¶

func (m *ServerConfig) GetAllowedClientIdForIdToken() string

func (*ServerConfig) GetAllowedDomainForIdToken ¶

func (m *ServerConfig) GetAllowedDomainForIdToken() string

func (*ServerConfig) GetAllowedHosts ¶

func (m *ServerConfig) GetAllowedHosts() []string

func (*ServerConfig) GetAllowedUsers ¶

func (m *ServerConfig) GetAllowedUsers() map[string]*ServerConfig_UserConfig

func (*ServerConfig) GetCaComment ¶

func (m *ServerConfig) GetCaComment() string

func (*ServerConfig) GetCaKeyPath ¶

func (m *ServerConfig) GetCaKeyPath() string

func (*ServerConfig) GetGenerateCertDurationSeconds ¶

func (m *ServerConfig) GetGenerateCertDurationSeconds() int32

func (*ServerConfig) GetHostSigningTlsPath ¶

func (m *ServerConfig) GetHostSigningTlsPath() string

func (*ServerConfig) GetHttpListenPort ¶

func (m *ServerConfig) GetHttpListenPort() int32

func (*ServerConfig) GetListenPort ¶

func (m *ServerConfig) GetListenPort() int32

func (*ServerConfig) GetLookForAudienceInAppId ¶

func (m *ServerConfig) GetLookForAudienceInAppId() bool

func (*ServerConfig) GetLookForHostedDomainInEmail ¶

func (m *ServerConfig) GetLookForHostedDomainInEmail() bool

func (*ServerConfig) GetOidcConfigurationUrl ¶

func (m *ServerConfig) GetOidcConfigurationUrl() string

func (*ServerConfig) GetServerCertPath ¶

func (m *ServerConfig) GetServerCertPath() string

func (*ServerConfig) GetServerKeyPath ¶

func (m *ServerConfig) GetServerKeyPath() string

func (*ServerConfig) GetSkipEmailVerified ¶

func (m *ServerConfig) GetSkipEmailVerified() bool

func (*ServerConfig) GetSshConnectForPublickeyPort ¶

func (m *ServerConfig) GetSshConnectForPublickeyPort() int32

func (*ServerConfig) GetUserProfiles ¶

func (m *ServerConfig) GetUserProfiles() map[string]*ServerConfig_Profile

func (*ServerConfig) ProtoMessage ¶

func (*ServerConfig) ProtoMessage()

func (*ServerConfig) Reset ¶

func (m *ServerConfig) Reset()

func (*ServerConfig) String ¶

func (m *ServerConfig) String() string

func (*ServerConfig) XXX_DiscardUnknown ¶

func (m *ServerConfig) XXX_DiscardUnknown()

func (*ServerConfig) XXX_Marshal ¶

func (m *ServerConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerConfig) XXX_Merge ¶

func (m *ServerConfig) XXX_Merge(src proto.Message)

func (*ServerConfig) XXX_Size ¶

func (m *ServerConfig) XXX_Size() int

func (*ServerConfig) XXX_Unmarshal ¶

func (m *ServerConfig) XXX_Unmarshal(b []byte) error

type ServerConfig_Profile ¶

type ServerConfig_Profile struct {
	Principals           []string          `protobuf:"bytes,1,rep,name=principals,proto3" json:"principals,omitempty"`
	CertPermissions      map[string]string `` /* 194-byte string literal not displayed */
	SshConfigLines       []string          `protobuf:"bytes,3,rep,name=ssh_config_lines,json=sshConfigLines,proto3" json:"ssh_config_lines,omitempty"`
	KnownHosts           []string          `protobuf:"bytes,4,rep,name=known_hosts,json=knownHosts,proto3" json:"known_hosts,omitempty"`
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

func (*ServerConfig_Profile) Descriptor ¶

func (*ServerConfig_Profile) Descriptor() ([]byte, []int)

func (*ServerConfig_Profile) GetCertPermissions ¶

func (m *ServerConfig_Profile) GetCertPermissions() map[string]string

func (*ServerConfig_Profile) GetKnownHosts ¶

func (m *ServerConfig_Profile) GetKnownHosts() []string

func (*ServerConfig_Profile) GetPrincipals ¶

func (m *ServerConfig_Profile) GetPrincipals() []string

func (*ServerConfig_Profile) GetSshConfigLines ¶

func (m *ServerConfig_Profile) GetSshConfigLines() []string

func (*ServerConfig_Profile) ProtoMessage ¶

func (*ServerConfig_Profile) ProtoMessage()

func (*ServerConfig_Profile) Reset ¶

func (m *ServerConfig_Profile) Reset()

func (*ServerConfig_Profile) String ¶

func (m *ServerConfig_Profile) String() string

func (*ServerConfig_Profile) XXX_DiscardUnknown ¶

func (m *ServerConfig_Profile) XXX_DiscardUnknown()

func (*ServerConfig_Profile) XXX_Marshal ¶

func (m *ServerConfig_Profile) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerConfig_Profile) XXX_Merge ¶

func (m *ServerConfig_Profile) XXX_Merge(src proto.Message)

func (*ServerConfig_Profile) XXX_Size ¶

func (m *ServerConfig_Profile) XXX_Size() int

func (*ServerConfig_Profile) XXX_Unmarshal ¶

func (m *ServerConfig_Profile) XXX_Unmarshal(b []byte) error

type ServerConfig_UserConfig ¶

type ServerConfig_UserConfig struct {
	Profiles             []string `protobuf:"bytes,4,rep,name=profiles,proto3" json:"profiles,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ServerConfig_UserConfig) Descriptor ¶

func (*ServerConfig_UserConfig) Descriptor() ([]byte, []int)

func (*ServerConfig_UserConfig) GetProfiles ¶

func (m *ServerConfig_UserConfig) GetProfiles() []string

func (*ServerConfig_UserConfig) ProtoMessage ¶

func (*ServerConfig_UserConfig) ProtoMessage()

func (*ServerConfig_UserConfig) Reset ¶

func (m *ServerConfig_UserConfig) Reset()

func (*ServerConfig_UserConfig) String ¶

func (m *ServerConfig_UserConfig) String() string

func (*ServerConfig_UserConfig) XXX_DiscardUnknown ¶

func (m *ServerConfig_UserConfig) XXX_DiscardUnknown()

func (*ServerConfig_UserConfig) XXX_Marshal ¶

func (m *ServerConfig_UserConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerConfig_UserConfig) XXX_Merge ¶

func (m *ServerConfig_UserConfig) XXX_Merge(src proto.Message)

func (*ServerConfig_UserConfig) XXX_Size ¶

func (m *ServerConfig_UserConfig) XXX_Size() int

func (*ServerConfig_UserConfig) XXX_Unmarshal ¶

func (m *ServerConfig_UserConfig) XXX_Unmarshal(b []byte) error

type UnimplementedGeeCertServerServer ¶

type UnimplementedGeeCertServerServer struct {
}

UnimplementedGeeCertServerServer can be embedded to have forward compatible implementations.

func (*UnimplementedGeeCertServerServer) GetSSHCerts ¶

func (*UnimplementedGeeCertServerServer) GetSSHCerts(ctx context.Context, req *SSHCertsRequest) (*SSHCertsResponse, error)

Source Files ¶

View all Source files

sso.pb.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL