static

package
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 6, 2022 License: MPL-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package static implements a credential store for static credentials.

Index

Constants

View Source
const (
	CredentialStorePrefix = "cs"
	CredentialPrefix      = "cred"

	Subtype                 = subtypes.Subtype("static")
	UsernamePasswordSubtype = subtypes.Subtype("username_password")
)

PublicId prefixes for the resources in the static package.

Variables

This section is empty.

Functions

This section is empty.

Types

type CredentialStore

type CredentialStore struct {
	*store.CredentialStore
	// contains filtered or unexported fields
}

A CredentialStore contains credentials. It is owned by a scope.

func NewCredentialStore

func NewCredentialStore(scopeId string, opt ...Option) (*CredentialStore, error)

NewCredentialStore creates a new in memory static CredentialStore assigned to scopeId. Name and description are the only valid options. All other options are ignored.

func TestCredentialStore

func TestCredentialStore(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, opts ...Option) *CredentialStore

TestCredentialStore creates a static credential store in the provided DB with the provided scope and any values passed in through the Options vars. If any errors are encountered during the creation of the store, the test will fail.

func TestCredentialStores

func TestCredentialStores(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, scopeId string, count int) []*CredentialStore

TestCredentialStores creates count number of static credential stores in the provided DB with the provided scope id. If any errors are encountered during the creation of the credential stores, the test will fail.

func (*CredentialStore) SetTableName

func (cs *CredentialStore) SetTableName(n string)

SetTableName sets the table name.

func (*CredentialStore) TableName

func (cs *CredentialStore) TableName() string

TableName returns the table name.

type Option

type Option func(*options)

Option - how Options are passed as arguments.

func WithDescription

func WithDescription(desc string) Option

WithDescription provides an optional description.

func WithLimit

func WithLimit(l int) Option

WithLimit provides an option to provide a limit. Intentionally allowing negative integers. If WithLimit < 0, then unlimited results are returned. If WithLimit == 0, then default limits are used for results.

func WithName

func WithName(name string) Option

WithName provides an optional name.

type Repository

type Repository struct {
	// contains filtered or unexported fields
}

A Repository stores and retrieves the persistent types in the static package. It is not safe to use a repository concurrently.

func NewRepository

func NewRepository(ctx context.Context, r db.Reader, w db.Writer, kms *kms.Kms, opt ...Option) (*Repository, error)

NewRepository creates a new Repository. The returned repository should only be used for one transaction and it is not safe for concurrent go routines to access it. WithLimit option is used as a repo wide default limit applied to all ListX methods.

func (*Repository) CreateCredentialStore

func (r *Repository) CreateCredentialStore(ctx context.Context, cs *CredentialStore, _ ...Option) (*CredentialStore, error)

CreateCredentialStore inserts cs into the repository and returns a new CredentialStore containing the credential store's PublicId. cs is not changed. cs must not contain a PublicId. The PublicId is generated and assigned by this method. cs must contain a valid ScopeId.

Both cs.Name and cs.Description are optional. If cs.Name is set, it must be unique within cs.ScopeId. Both cs.CreateTime and cs.UpdateTime are ignored.

func (*Repository) CreateUsernamePasswordCredential

func (r *Repository) CreateUsernamePasswordCredential(
	ctx context.Context,
	scopeId string,
	c *UsernamePasswordCredential,
	_ ...Option,
) (*UsernamePasswordCredential, error)

CreateUsernamePasswordCredential inserts c into the repository and returns a new UsernamePasswordCredential containing the credential's PublicId. c is not changed. c must not contain a PublicId. The PublicId is generated and assigned by this method. c must contain a valid StoreId.

The password is encrypted and a HmacSha256 of the password is calculated. Only the PasswordHmac is returned, the plain-text and encrypted password is not returned.

Both c.Name and c.Description are optional. If c.Name is set, it must be unique within c.ScopeId. Both c.CreateTime and c.UpdateTime are ignored.

func (*Repository) DeleteCredential

func (r *Repository) DeleteCredential(ctx context.Context, scopeId, id string, _ ...Option) (int, error)

DeleteCredential deletes publicId from the repository and returns the number of records deleted. All options are ignored. TODO: This should hit a view...

func (*Repository) DeleteCredentialStore

func (r *Repository) DeleteCredentialStore(ctx context.Context, publicId string, _ ...Option) (int, error)

DeleteCredentialStore deletes publicId from the repository and returns the number of records deleted. All options are ignored.

func (*Repository) ListCredentialStores

func (r *Repository) ListCredentialStores(ctx context.Context, scopeIds []string, opt ...Option) ([]*CredentialStore, error)

ListCredentialStores returns a slice of CredentialStores for the scopeIds. WithLimit is the only option supported.

func (*Repository) ListCredentials

func (r *Repository) ListCredentials(ctx context.Context, storeId string, opt ...Option) ([]*UsernamePasswordCredential, error)

ListCredentials returns a slice of UsernamePasswordCredentials for the scopeIds. WithLimit is the only option supported. TODO: This should hit a view and return the interface type...

func (*Repository) LookupCredential

func (r *Repository) LookupCredential(ctx context.Context, publicId string, _ ...Option) (*UsernamePasswordCredential, error)

LookupCredential returns the Credential for the publicId. Returns nil, nil if no Credential is found for the publicId. TODO: This should hit a view and return the interface type...

func (*Repository) LookupCredentialStore

func (r *Repository) LookupCredentialStore(ctx context.Context, publicId string, _ ...Option) (*CredentialStore, error)

LookupCredentialStore returns the CredentialStore for publicId. Returns nil, nil if no CredentialStore is found for publicId.

func (*Repository) Retrieve

func (r *Repository) Retrieve(ctx context.Context, scopeId string, ids []string) ([]credential.Static, error)

Retrieve retrieves and returns static credentials from Boundary for all the provided ids. All the returned static credentials will have their secret fields decrypted.

func (*Repository) UpdateCredentialStore

func (r *Repository) UpdateCredentialStore(ctx context.Context, cs *CredentialStore, version uint32, fieldMaskPaths []string, _ ...Option) (*CredentialStore, int, error)

UpdateCredentialStore updates the repository entry for cs.PublicId with the values in cs for the fields listed in fieldMaskPaths. It returns a new CredentialStore containing the updated values and a count of the number of records updated. cs is not changed.

cs must contain a valid PublicId. Only Name and Description can be changed. If cs.Name is set to a non-empty string, it must be unique within cs.ScopeId.

An attribute of cs will be set to NULL in the database if the attribute in cs is the zero value and it is included in fieldMaskPaths.

func (*Repository) UpdateUsernamePasswordCredential

func (r *Repository) UpdateUsernamePasswordCredential(ctx context.Context,
	scopeId string,
	c *UsernamePasswordCredential,
	version uint32,
	fieldMaskPaths []string,
	_ ...Option,
) (*UsernamePasswordCredential, int, error)

UpdateUsernamePasswordCredential updates the repository entry for c.PublicId with the values in c for the fields listed in fieldMaskPaths. It returns a new UsernamePasswordCredential containing the updated values and a count of the number of records updated. c is not changed.

c must contain a valid PublicId. Only Name, Description, Username and Password can be changed. If c.Name is set to a non-empty string, it must be unique within c.ScopeId.

An attribute of c will be set to NULL in the database if the attribute in c is the zero value and it is included in fieldMaskPaths.

type UsernamePasswordCredential

type UsernamePasswordCredential struct {
	*store.UsernamePasswordCredential
	// contains filtered or unexported fields
}

A UsernamePasswordCredential contains the credential with a username and password. It is owned by a credential store.

func NewUsernamePasswordCredential

func NewUsernamePasswordCredential(
	storeId string,
	username string,
	password credential.Password,
	opt ...Option,
) (*UsernamePasswordCredential, error)

NewUsernamePasswordCredential creates a new in memory static Credential containing a username and password that is assigned to storeId. Name and description are the only valid options. All other options are ignored.

func TestUsernamePasswordCredential

func TestUsernamePasswordCredential(
	t testing.TB,
	conn *db.DB,
	wrapper wrapping.Wrapper,
	username, password, storeId, scopeId string,
	opts ...Option,
) *UsernamePasswordCredential

TestUsernamePasswordCredential creates a username password credential in the provided DB with the provided scope and any values passed in through. If any errors are encountered during the creation of the store, the test will fail.

func TestUsernamePasswordCredentials

func TestUsernamePasswordCredentials(
	t testing.TB,
	conn *db.DB,
	wrapper wrapping.Wrapper,
	username, password, storeId, scopeId string,
	count int,
) []*UsernamePasswordCredential

TestUsernamePasswordCredentials creates count number of username password credentials in the provided DB with the provided scope id. If any errors are encountered during the creation of the credentials, the test will fail.

func (*UsernamePasswordCredential) SetTableName

func (c *UsernamePasswordCredential) SetTableName(n string)

SetTableName sets the table name.

func (*UsernamePasswordCredential) TableName

func (c *UsernamePasswordCredential) TableName() string

TableName returns the table name.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL