registry

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 26, 2021 License: Apache-2.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

View Source
const AssetDebug = false

AssetDebug is true if the assets were built with the debug flag enabled.

Variables

View Source
var (
	SOURCE_TYPE_INFRA = "infra"
	SOURCE_TYPE_OKTA  = "okta"
)
View Source
var (
	ROLE_KIND_K8S_ROLE         = "role"
	ROLE_KIND_K8S_CLUSTER_ROLE = "cluster-role"
)
View Source
var (
	TOKEN_SECRET_LEN = 24
	TOKEN_LEN        = ID_LEN + TOKEN_SECRET_LEN
)
View Source
var (
	CookieTokenName = "token"
	CookieLoginName = "login"
)
View Source
var (
	API_KEY_LEN = 24
)
View Source
var (
	DESTINATION_TYPE_KUBERNERNETES = "kubernetes"
)
View Source
var (
	ID_LEN = 12
)
View Source
var (
	SessionDuration = time.Hour * 24
)

Functions

func ApplyGroupMappings added in v0.0.15

func ApplyGroupMappings(db *gorm.DB, groups []ConfigGroupMapping) (groupIds []string, roleIds []string, err error)

func ApplyUserMapping added in v0.0.13

func ApplyUserMapping(db *gorm.DB, users []ConfigUserMapping) ([]string, error)

func Asset

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDigest

func AssetDigest(name string) ([sha256.Size]byte, error)

AssetDigest returns the digest of the file with the given name. It returns an error if the asset could not be found or the digest could not be loaded.

func AssetDir

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy:

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"}, AssetDir("data/img") would return []string{"a.png", "b.png"}, AssetDir("foo.txt") and AssetDir("notexist") would return an error, and AssetDir("") will return []string{"data"}.

func AssetInfo

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames

func AssetNames() []string

AssetNames returns the names of the assets.

func AssetString

func AssetString(name string) (string, error)

AssetString returns the asset contents as a string (instead of a []byte).

func Digests

func Digests() (map[string][sha256.Size]byte, error)

Digests returns a map of all known files and their checksums.

func ImportConfig

func ImportConfig(db *gorm.DB, bs []byte) error

ImportConfig tries to import all valid fields in a config file

func ImportMappings added in v0.0.15

func ImportMappings(db *gorm.DB, groups []ConfigGroupMapping, users []ConfigUserMapping) error

ImportMappings imports the group and user role mappings and removes previously created roles if they no longer exist

func ImportSources

func ImportSources(db *gorm.DB, sources []ConfigSource) error

func MustAsset

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func MustAssetString

func MustAssetString(name string) string

MustAssetString is like AssetString but panics when Asset would return an error. It simplifies safe initialization of global variables.

func NewDB

func NewDB(dbpath string) (*gorm.DB, error)

func NewToken

func NewToken(db *gorm.DB, userId string, token *Token) (secret string, err error)

func RestoreAsset

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory.

func RestoreAssets

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively.

func Run

func Run(options Options) error

func ZapLoggerHttpMiddleware added in v0.0.13

func ZapLoggerHttpMiddleware(logger *zap.Logger, next http.Handler) http.HandlerFunc

Types

type ApiKey added in v0.0.6

type ApiKey struct {
	Id      string `gorm:"primaryKey"`
	Created int64  `gorm:"autoCreateTime"`
	Updated int64  `gorm:"autoUpdateTime"`
	Name    string `gorm:"unique"`
	Key     string
}

func (*ApiKey) BeforeCreate added in v0.0.6

func (a *ApiKey) BeforeCreate(tx *gorm.DB) (err error)

type Config

type Config struct {
	Sources []ConfigSource       `yaml:"sources"`
	Groups  []ConfigGroupMapping `yaml:"groups"`
	Users   []ConfigUserMapping  `yaml:"users"`
}

type ConfigGroupMapping added in v0.0.15

type ConfigGroupMapping struct {
	Name    string                 `yaml:"name"`
	Sources []string               `yaml:"sources"`
	Roles   []ConfigRoleKubernetes `yaml:"roles"`
}

type ConfigRoleKubernetes added in v0.0.13

type ConfigRoleKubernetes struct {
	Name     string   `yaml:"name"`
	Kind     string   `yaml:"kind"`
	Clusters []string `yaml:"clusters"`
}

type ConfigSource added in v0.0.6

type ConfigSource struct {
	Type         string `yaml:"type"`
	Domain       string `yaml:"domain"`
	ClientId     string `yaml:"clientId"`
	ClientSecret string `yaml:"clientSecret"`
	ApiToken     string `yaml:"apiToken"`
}

type ConfigUserMapping added in v0.0.13

type ConfigUserMapping struct {
	Name   string                 `yaml:"name"`
	Roles  []ConfigRoleKubernetes `yaml:"roles"`
	Groups []string               `yaml:"groups"`
}

type Destination

type Destination struct {
	Id      string `gorm:"primaryKey"`
	Created int64  `gorm:"autoCreateTime"`
	Updated int64  `gorm:"autoUpdateTime"`
	Name    string `gorm:"unique"`
	Type    string

	KubernetesCa        string
	KubernetesEndpoint  string
	KubernetesNamespace string
	KubernetesSaToken   string
}

func (*Destination) AfterCreate

func (d *Destination) AfterCreate(tx *gorm.DB) error

func (*Destination) AfterSave added in v0.0.6

func (d *Destination) AfterSave(tx *gorm.DB) (err error)

func (*Destination) BeforeCreate

func (r *Destination) BeforeCreate(tx *gorm.DB) (err error)

func (*Destination) BeforeDelete

func (d *Destination) BeforeDelete(tx *gorm.DB) (err error)

TODO (jmorganca): use foreign constraints instead?

type Group added in v0.0.15

type Group struct {
	Id      string `gorm:"primaryKey"`
	Created int64  `gorm:"autoCreateTime"`
	Updated int64  `gorm:"autoUpdateTime"`
	Name    string

	Sources []Source `gorm:"many2many:groups_sources"`
	Roles   []Role   `gorm:"many2many:groups_roles"`
	Users   []User   `gorm:"many2many:groups_users"`
}

func (*Group) BeforeCreate added in v0.0.15

func (g *Group) BeforeCreate(tx *gorm.DB) (err error)

type Http added in v0.0.6

type Http struct {
	// contains filtered or unexported fields
}

func (*Http) Healthz added in v0.0.6

func (h *Http) Healthz(w http.ResponseWriter, r *http.Request)

func (*Http) WellKnownJWKs added in v0.0.6

func (h *Http) WellKnownJWKs(w http.ResponseWriter, r *http.Request)

type Okta added in v0.0.12

type Okta interface {
	ValidateOktaConnection(domain string, clientID string, apiToken string) error
	Emails(domain string, clientID string, apiToken string) ([]string, error)
	EmailFromCode(code string, domain string, clientID string, clientSecret string) (string, error)
}

func NewOkta added in v0.0.12

func NewOkta() Okta

type Options

type Options struct {
	DBPath        string
	TLSCache      string
	DefaultApiKey string
	ConfigPath    string
	UIProxy       string
}

type Role added in v0.0.13

type Role struct {
	Id            string `gorm:"primaryKey"`
	Created       int64  `gorm:"autoCreateTime"`
	Updated       int64  `gorm:"autoUpdateTime"`
	Name          string
	Kind          string
	DestinationId string
	Destination   Destination `gorm:"foreignKey:DestinationId;references:Id"`
	Groups        []Group     `gorm:"many2many:groups_roles"`
	Users         []User      `gorm:"many2many:users_roles"`

	FromConfig  bool
	FromDefault bool
}

func (*Role) BeforeCreate added in v0.0.13

func (r *Role) BeforeCreate(tx *gorm.DB) (err error)

type Settings

type Settings struct {
	Id         string `gorm:"primaryKey"`
	Created    int64  `gorm:"autoCreateTime"`
	Updated    int64  `gorm:"autoUpdateTime"`
	PrivateJWK []byte
	PublicJWK  []byte
}

func (*Settings) BeforeCreate

func (s *Settings) BeforeCreate(tx *gorm.DB) (err error)

func (*Settings) BeforeSave

func (s *Settings) BeforeSave(tx *gorm.DB) error

type Source

type Source struct {
	Id      string `gorm:"primaryKey"`
	Created int64  `gorm:"autoCreateTime"`
	Updated int64  `gorm:"autoUpdateTime"`
	Type    string `yaml:"type"`

	Domain       string
	ClientId     string
	ClientSecret string
	ApiToken     string

	Users  []User  `gorm:"many2many:users_sources"`
	Groups []Group `gorm:"many2many:groups_sources"`

	FromConfig bool
}

func (*Source) BeforeCreate

func (s *Source) BeforeCreate(tx *gorm.DB) (err error)

func (*Source) BeforeDelete

func (s *Source) BeforeDelete(tx *gorm.DB) error

func (*Source) CreateUser

func (s *Source) CreateUser(db *gorm.DB, user *User, email string, password string, makeAdmin bool) error

CreateUser will create a user and associate them with the source If the user already exists, they will not be created, instead an association will be added instead

func (*Source) DeleteUser

func (s *Source) DeleteUser(db *gorm.DB, u *User) error

Delete will delete a user's association with a source If this is their only source, then the user will be deleted entirely TODO (jmorganca): wrap this in a transaction or at least find out why there seems to cause a bug when used in a nested transaction

func (*Source) SyncUsers

func (s *Source) SyncUsers(db *gorm.DB, k8s *kubernetes.Kubernetes, okta Okta) error

func (*Source) Validate added in v0.1.1

func (s *Source) Validate(db *gorm.DB, k8s *kubernetes.Kubernetes, okta Okta) error

Validate checks that an Okta source is valid

type StaticFileSystem

type StaticFileSystem struct {
	// contains filtered or unexported fields
}

func (StaticFileSystem) Open

func (sfs StaticFileSystem) Open(name string) (http.File, error)

type Token

type Token struct {
	Id      string `gorm:"primaryKey"`
	Created int64  `gorm:"autoCreateTime"`
	Updated int64  `gorm:"autoUpdateTime"`
	Expires int64
	Secret  []byte

	UserId string
	User   User `gorm:"foreignKey:UserId;references:Id;"`
}

func ValidateAndGetToken added in v0.0.13

func ValidateAndGetToken(db *gorm.DB, in string) (*Token, error)

func (*Token) BeforeCreate

func (t *Token) BeforeCreate(tx *gorm.DB) (err error)

func (*Token) CheckSecret

func (t *Token) CheckSecret(secret string) (err error)

type User

type User struct {
	Id       string `gorm:"primaryKey"`
	Created  int64  `gorm:"autoCreateTime"`
	Updated  int64  `gorm:"autoUpdateTime"`
	Email    string `gorm:"unique"`
	Password []byte
	Admin    bool

	Sources []Source `gorm:"many2many:users_sources"`
	Roles   []Role   `gorm:"many2many:users_roles"`
	Groups  []Group  `gorm:"many2many:groups_users"`
}

func (*User) AfterCreate

func (u *User) AfterCreate(tx *gorm.DB) error

func (*User) AfterSave added in v0.0.6

func (u *User) AfterSave(tx *gorm.DB) (err error)

func (*User) BeforeCreate

func (u *User) BeforeCreate(tx *gorm.DB) (err error)

func (*User) BeforeDelete

func (u *User) BeforeDelete(tx *gorm.DB) error

TODO (jmorganca): use foreign constraints instead?

type UserIdContextKey added in v0.0.6

type UserIdContextKey struct{}

type V1Server added in v0.0.6

type V1Server struct {
	v1.UnimplementedV1Server
	// contains filtered or unexported fields
}

func (*V1Server) CreateCred added in v0.0.6

func (v *V1Server) CreateCred(ctx context.Context, in *emptypb.Empty) (*v1.CreateCredResponse, error)

func (*V1Server) CreateDestination added in v0.0.6

func (v *V1Server) CreateDestination(ctx context.Context, in *v1.CreateDestinationRequest) (*v1.Destination, error)

func (*V1Server) CreateSource added in v0.0.6

func (v *V1Server) CreateSource(ctx context.Context, in *v1.CreateSourceRequest) (*v1.Source, error)

func (*V1Server) CreateUser added in v0.0.6

func (v *V1Server) CreateUser(ctx context.Context, in *v1.CreateUserRequest) (*v1.User, error)

func (*V1Server) DeleteSource added in v0.0.6

func (v *V1Server) DeleteSource(ctx context.Context, in *v1.DeleteSourceRequest) (*emptypb.Empty, error)

func (*V1Server) DeleteUser added in v0.0.6

func (v *V1Server) DeleteUser(ctx context.Context, in *v1.DeleteUserRequest) (*empty.Empty, error)

func (*V1Server) ListApiKeys added in v0.0.6

func (v *V1Server) ListApiKeys(ctx context.Context, in *emptypb.Empty) (*v1.ListApiKeyResponse, error)

func (*V1Server) ListDestinations added in v0.0.6

func (v *V1Server) ListDestinations(ctx context.Context, _ *emptypb.Empty) (*v1.ListDestinationsResponse, error)

func (*V1Server) ListRoles added in v0.0.13

func (v *V1Server) ListRoles(ctx context.Context, in *v1.ListRolesRequest) (*v1.ListRolesResponse, error)

func (*V1Server) ListSources added in v0.0.6

func (*V1Server) ListUsers added in v0.0.6

func (v *V1Server) ListUsers(ctx context.Context, in *v1.ListUsersRequest) (*v1.ListUsersResponse, error)

func (*V1Server) Login added in v0.0.6

func (v *V1Server) Login(ctx context.Context, in *v1.LoginRequest) (*v1.LoginResponse, error)

func (*V1Server) Logout added in v0.0.6

func (v *V1Server) Logout(ctx context.Context, in *emptypb.Empty) (*emptypb.Empty, error)

func (*V1Server) Signup added in v0.0.6

func (v *V1Server) Signup(ctx context.Context, in *v1.SignupRequest) (*v1.LoginResponse, error)

func (*V1Server) Status added in v0.0.6

func (v *V1Server) Status(ctx context.Context, in *emptypb.Empty) (*v1.StatusResponse, error)

func (*V1Server) Version added in v0.0.9

func (v *V1Server) Version(ctx context.Context, in *emptypb.Empty) (*v1.VersionResponse, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL