Documentation ¶
Overview ¶
Package static implements a credential store for static credentials.
Index ¶
- Constants
- type CredentialStore
- func NewCredentialStore(scopeId string, opt ...Option) (*CredentialStore, error)
- func TestCredentialStore(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, ...) *CredentialStore
- func TestCredentialStores(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, count int) []*CredentialStore
- type Option
- type Repository
- func (r *Repository) CreateCredentialStore(ctx context.Context, cs *CredentialStore, _ ...Option) (*CredentialStore, error)
- func (r *Repository) CreateUsernamePasswordCredential(ctx context.Context, scopeId string, c *UsernamePasswordCredential, ...) (*UsernamePasswordCredential, error)
- func (r *Repository) DeleteCredential(ctx context.Context, scopeId, id string, _ ...Option) (int, error)
- func (r *Repository) DeleteCredentialStore(ctx context.Context, publicId string, _ ...Option) (int, error)
- func (r *Repository) ListCredentialStores(ctx context.Context, scopeIds []string, opt ...Option) ([]*CredentialStore, error)
- func (r *Repository) ListCredentials(ctx context.Context, storeId string, opt ...Option) ([]*UsernamePasswordCredential, error)
- func (r *Repository) LookupCredential(ctx context.Context, publicId string, _ ...Option) (*UsernamePasswordCredential, error)
- func (r *Repository) LookupCredentialStore(ctx context.Context, publicId string, _ ...Option) (*CredentialStore, error)
- func (r *Repository) Retrieve(ctx context.Context, scopeId string, ids []string) ([]credential.Static, error)
- func (r *Repository) UpdateCredentialStore(ctx context.Context, cs *CredentialStore, version uint32, ...) (*CredentialStore, int, error)
- func (r *Repository) UpdateUsernamePasswordCredential(ctx context.Context, scopeId string, c *UsernamePasswordCredential, ...) (*UsernamePasswordCredential, int, error)
- type UsernamePasswordCredential
- func NewUsernamePasswordCredential(storeId string, username string, password credential.Password, opt ...Option) (*UsernamePasswordCredential, error)
- func TestUsernamePasswordCredential(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, ...) *UsernamePasswordCredential
- func TestUsernamePasswordCredentials(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, ...) []*UsernamePasswordCredential
Constants ¶
const ( CredentialStorePrefix = "cs" CredentialPrefix = "cred" Subtype = subtypes.Subtype("static") UsernamePasswordSubtype = subtypes.Subtype("username_password") )
PublicId prefixes for the resources in the static package.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CredentialStore ¶
type CredentialStore struct { *store.CredentialStore // contains filtered or unexported fields }
A CredentialStore contains credentials. It is owned by a scope.
func NewCredentialStore ¶
func NewCredentialStore(scopeId string, opt ...Option) (*CredentialStore, error)
NewCredentialStore creates a new in memory static CredentialStore assigned to scopeId. Name and description are the only valid options. All other options are ignored.
func TestCredentialStore ¶
func TestCredentialStore(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, opts ...Option) *CredentialStore
TestCredentialStore creates a static credential store in the provided DB with the provided scope and any values passed in through the Options vars. If any errors are encountered during the creation of the store, the test will fail.
func TestCredentialStores ¶
func TestCredentialStores(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, count int) []*CredentialStore
TestCredentialStores creates count number of static credential stores in the provided DB with the provided scope id. If any errors are encountered during the creation of the credential stores, the test will fail.
func (*CredentialStore) SetTableName ¶
func (cs *CredentialStore) SetTableName(n string)
SetTableName sets the table name.
func (*CredentialStore) TableName ¶
func (cs *CredentialStore) TableName() string
TableName returns the table name.
type Option ¶
type Option func(*options)
Option - how Options are passed as arguments.
func WithDescription ¶
WithDescription provides an optional description.
type Repository ¶
type Repository struct {
// contains filtered or unexported fields
}
A Repository stores and retrieves the persistent types in the static package. It is not safe to use a repository concurrently.
func NewRepository ¶
func NewRepository(ctx context.Context, r db.Reader, w db.Writer, kms *kms.Kms, opt ...Option) (*Repository, error)
NewRepository creates a new Repository. The returned repository should only be used for one transaction and it is not safe for concurrent go routines to access it. WithLimit option is used as a repo wide default limit applied to all ListX methods.
func (*Repository) CreateCredentialStore ¶
func (r *Repository) CreateCredentialStore(ctx context.Context, cs *CredentialStore, _ ...Option) (*CredentialStore, error)
CreateCredentialStore inserts cs into the repository and returns a new CredentialStore containing the credential store's PublicId. cs is not changed. cs must not contain a PublicId. The PublicId is generated and assigned by this method. cs must contain a valid ScopeId.
Both cs.Name and cs.Description are optional. If cs.Name is set, it must be unique within cs.ScopeId. Both cs.CreateTime and cs.UpdateTime are ignored.
func (*Repository) CreateUsernamePasswordCredential ¶
func (r *Repository) CreateUsernamePasswordCredential( ctx context.Context, scopeId string, c *UsernamePasswordCredential, _ ...Option, ) (*UsernamePasswordCredential, error)
CreateUsernamePasswordCredential inserts c into the repository and returns a new UsernamePasswordCredential containing the credential's PublicId. c is not changed. c must not contain a PublicId. The PublicId is generated and assigned by this method. c must contain a valid StoreId.
The password is encrypted and a HmacSha256 of the password is calculated. Only the PasswordHmac is returned, the plain-text and encrypted password is not returned.
Both c.Name and c.Description are optional. If c.Name is set, it must be unique within c.ScopeId. Both c.CreateTime and c.UpdateTime are ignored.
func (*Repository) DeleteCredential ¶
func (r *Repository) DeleteCredential(ctx context.Context, scopeId, id string, _ ...Option) (int, error)
DeleteCredential deletes publicId from the repository and returns the number of records deleted. All options are ignored. TODO: This should hit a view...
func (*Repository) DeleteCredentialStore ¶
func (r *Repository) DeleteCredentialStore(ctx context.Context, publicId string, _ ...Option) (int, error)
DeleteCredentialStore deletes publicId from the repository and returns the number of records deleted. All options are ignored.
func (*Repository) ListCredentialStores ¶
func (r *Repository) ListCredentialStores(ctx context.Context, scopeIds []string, opt ...Option) ([]*CredentialStore, error)
ListCredentialStores returns a slice of CredentialStores for the scopeIds. WithLimit is the only option supported.
func (*Repository) ListCredentials ¶
func (r *Repository) ListCredentials(ctx context.Context, storeId string, opt ...Option) ([]*UsernamePasswordCredential, error)
ListCredentials returns a slice of UsernamePasswordCredentials for the scopeIds. WithLimit is the only option supported. TODO: This should hit a view and return the interface type...
func (*Repository) LookupCredential ¶
func (r *Repository) LookupCredential(ctx context.Context, publicId string, _ ...Option) (*UsernamePasswordCredential, error)
LookupCredential returns the Credential for the publicId. Returns nil, nil if no Credential is found for the publicId. TODO: This should hit a view and return the interface type...
func (*Repository) LookupCredentialStore ¶
func (r *Repository) LookupCredentialStore(ctx context.Context, publicId string, _ ...Option) (*CredentialStore, error)
LookupCredentialStore returns the CredentialStore for publicId. Returns nil, nil if no CredentialStore is found for publicId.
func (*Repository) Retrieve ¶
func (r *Repository) Retrieve(ctx context.Context, scopeId string, ids []string) ([]credential.Static, error)
Retrieve retrieves and returns static credentials from Boundary for all the provided ids. All the returned static credentials will have their secret fields decrypted.
func (*Repository) UpdateCredentialStore ¶
func (r *Repository) UpdateCredentialStore(ctx context.Context, cs *CredentialStore, version uint32, fieldMaskPaths []string, _ ...Option) (*CredentialStore, int, error)
UpdateCredentialStore updates the repository entry for cs.PublicId with the values in cs for the fields listed in fieldMaskPaths. It returns a new CredentialStore containing the updated values and a count of the number of records updated. cs is not changed.
cs must contain a valid PublicId. Only Name and Description can be changed. If cs.Name is set to a non-empty string, it must be unique within cs.ScopeId.
An attribute of cs will be set to NULL in the database if the attribute in cs is the zero value and it is included in fieldMaskPaths.
func (*Repository) UpdateUsernamePasswordCredential ¶
func (r *Repository) UpdateUsernamePasswordCredential(ctx context.Context, scopeId string, c *UsernamePasswordCredential, version uint32, fieldMaskPaths []string, _ ...Option, ) (*UsernamePasswordCredential, int, error)
UpdateUsernamePasswordCredential updates the repository entry for c.PublicId with the values in c for the fields listed in fieldMaskPaths. It returns a new UsernamePasswordCredential containing the updated values and a count of the number of records updated. c is not changed.
c must contain a valid PublicId. Only Name, Description, Username and Password can be changed. If c.Name is set to a non-empty string, it must be unique within c.ScopeId.
An attribute of c will be set to NULL in the database if the attribute in c is the zero value and it is included in fieldMaskPaths.
type UsernamePasswordCredential ¶
type UsernamePasswordCredential struct { *store.UsernamePasswordCredential // contains filtered or unexported fields }
A UsernamePasswordCredential contains the credential with a username and password. It is owned by a credential store.
func NewUsernamePasswordCredential ¶
func NewUsernamePasswordCredential( storeId string, username string, password credential.Password, opt ...Option, ) (*UsernamePasswordCredential, error)
NewUsernamePasswordCredential creates a new in memory static Credential containing a username and password that is assigned to storeId. Name and description are the only valid options. All other options are ignored.
func TestUsernamePasswordCredential ¶
func TestUsernamePasswordCredential( t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, username, password, storeId, scopeId string, opts ...Option, ) *UsernamePasswordCredential
TestUsernamePasswordCredential creates a username password credential in the provided DB with the provided scope and any values passed in through. If any errors are encountered during the creation of the store, the test will fail.
func TestUsernamePasswordCredentials ¶
func TestUsernamePasswordCredentials( t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, username, password, storeId, scopeId string, count int, ) []*UsernamePasswordCredential
TestUsernamePasswordCredentials creates count number of username password credentials in the provided DB with the provided scope id. If any errors are encountered during the creation of the credentials, the test will fail.
func (*UsernamePasswordCredential) SetTableName ¶
func (c *UsernamePasswordCredential) SetTableName(n string)
SetTableName sets the table name.
func (*UsernamePasswordCredential) TableName ¶
func (c *UsernamePasswordCredential) TableName() string
TableName returns the table name.