security

package
v0.11.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2020 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// APITokenEnvVar is the environment variable for the api token
	APITokenEnvVar = "DAPR_API_TOKEN"
	// APITokenHeader is header name for http/gRPC calls to hold the token
	APITokenHeader = "dapr-api-token"
)

#nosec

View Source 
const (
	TLSServerName = "cluster.local"
)

Variables

This section is empty.

Functions

func CertPool added in v0.6.0 

func CertPool(certPem []byte) (*x509.CertPool, error)

func ExcludedRoute added in v0.8.0 

func ExcludedRoute(route string) bool

ExcludedRoute returns whether a given route should be excluded from a token check

func GetAPIToken added in v0.8.0 

func GetAPIToken() string

GetAPIToken returns the value of the api token from an environment variable

func GetCertChain added in v0.6.0 

func GetCertChain() (*credentials.CertChain, error)

Types

type Authenticator 

type Authenticator interface {
	GetTrustAnchors() *x509.CertPool
	GetCurrentSignedCert() *SignedCertificate
	CreateSignedWorkloadCert(id, namespace, trustDomain string) (*SignedCertificate, error)
}

func GetSidecarAuthenticator 

func GetSidecarAuthenticator(sentryAddress string, certChain *credentials.CertChain) (Authenticator, error)

GetSidecarAuthenticator returns a new authenticator with the extracted trust anchors

type SignedCertificate 

type SignedCertificate struct {
	WorkloadCert  []byte
	PrivateKeyPem []byte
	Expiry        time.Time
	TrustChain    *x509.CertPool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.