token

package

v0.0.0-...-af321b4 Latest Latest Go to latest Published: Apr 13, 2023 License: MPL-2.0 Imports: 14 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/horizon

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func Armor(token []byte) string
func Metadata(stoken string) (map[string]string, error)
func RemoveArmor(token string) ([]byte, error)
func SetupVault(vc *api.Client, path string) (ed25519.PublicKey, error)
type TokenCreator
type ValidToken
- func CheckTokenED25519(stoken string, key ed25519.PublicKey) (*ValidToken, error)
- func CheckTokenHMAC(stoken string, key []byte) (*ValidToken, error)

Constants ¶

View Source

const (
	KeyAlgo             = 1
	KeyAccountId        = 100
	KeyAccountNamespace = 101
	KeyCapabilities     = 110
)

View Source

const (
	ValueHMAC    = 1
	ValueED25519 = 2
)

View Source

const (
	Magic = 0x47
)

Variables ¶

View Source

var (
	ErrBadToken      = errors.New("bad token")
	ErrNoLongerValid = errors.New("token no longer valid")
)

Functions ¶

func Armor ¶

func Armor(token []byte) string

func Metadata ¶

func Metadata(stoken string) (map[string]string, error)

func RemoveArmor ¶

func RemoveArmor(token string) ([]byte, error)

func SetupVault ¶

func SetupVault(vc *api.Client, path string) (ed25519.PublicKey, error)

Types ¶

type TokenCreator ¶

type TokenCreator struct {
	Role            pb.TokenRole
	Issuer          string
	AccountId       *pb.ULID
	AccuntNamespace string
	Capabilities    map[pb.Capability]string
	Metadata        map[string]string
	ValidDuration   time.Duration

	RawCapabilities []pb.TokenCapability
}

func (*TokenCreator) EncodeED25519 ¶

func (c *TokenCreator) EncodeED25519(key ed25519.PrivateKey, keyId string) (string, error)

func (*TokenCreator) EncodeED25519WithVault ¶

func (c *TokenCreator) EncodeED25519WithVault(vc *api.Client, path, keyId string) (string, error)

func (*TokenCreator) EncodeHMAC ¶

func (c *TokenCreator) EncodeHMAC(key []byte, keyId string) (string, error)

type ValidToken ¶

type ValidToken struct {
	Body  *pb.Token_Body
	Token *pb.Token
	Raw   []byte
	KeyId string
}

func CheckTokenED25519 ¶

func CheckTokenED25519(stoken string, key ed25519.PublicKey) (*ValidToken, error)

func CheckTokenHMAC ¶

func CheckTokenHMAC(stoken string, key []byte) (*ValidToken, error)

func (*ValidToken) Account ¶

func (t *ValidToken) Account() *pb.Account

func (*ValidToken) AllowAccount ¶

func (t *ValidToken) AllowAccount(ns string) bool

func (*ValidToken) HasCapability ¶

func (t *ValidToken) HasCapability(target pb.Capability) (bool, string)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL