Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Entity ¶
type Entity struct {
Issuers []Issuer `json:"issuers"`
Clients []Client `json:"clients,omitempty"`
Servers []Server `json:"servers,omitempty"`
EntityID string `json:"entity_id"`
Organization *string `json:"organization"`
OrganizationID *string `json:"organization_id"`
}
Entity represents one of the actors registered in the federation
type Issuer ¶
type Issuer struct {
X509certificate string `json:"x509certificate"`
}
Issuer is a certificate issuer for an entity
type IssuersPerEntity ¶
IssuersPerEntity is a map of certificate issuers, ordered by entity ID
type Metadata ¶
type Metadata struct {
Version string `json:"version"`
CacheTTL int `json:"cache_ttl"`
Entities []Entity `json:"entities"`
}
Metadata is the complete representation of all entities in the federation
type MetadataStore ¶
type MetadataStore struct {
// contains filtered or unexported fields
}
A MetadataStore regularly downloads, verifies and parses the metadata from a federation.
func NewMetadataStore ¶
func NewMetadataStore(url, jwksPath, cachedPath string, setters ...OptionSetter) *MetadataStore
NewMetadataStore constructs a new MetadataStore and starts its goroutine
func (*MetadataStore) AddChangeListener ¶
func (mdstore *MetadataStore) AddChangeListener(listener chan int)
func (*MetadataStore) GetIssuerCertificates ¶
func (mdstore *MetadataStore) GetIssuerCertificates() IssuersPerEntity
func (*MetadataStore) LookupClient ¶
func (mdstore *MetadataStore) LookupClient(verifiedChains [][]*x509.Certificate) (string, *string, *string, error)
LookupClient finds an entity with a client that has a pin that matches the peer's leaf certificate Returns the entity id and if available also the organization and organization id
func (*MetadataStore) Quit ¶
func (mdstore *MetadataStore) Quit()
Quit tells the MetadataStore's goroutine to quit and waits until it's done
type MetadataStoreOptions ¶
type MetadataStoreOptions struct {
// Used when the metadata doesn't have a CacheTTL attribute
DefaultCacheTTL time.Duration
// Used when we fail to get the jws from the federation's web server
NetworkRetry time.Duration
// Used when the verification fails or we can't parse the metadata
BadContentRetry time.Duration
}
MetadataStoreOptions are configuration options for the metadata store
type OptionSetter ¶
type OptionSetter func(*MetadataStoreOptions)
An OptionSetter is a function for modifying the metadata store options
func BadContentRetry ¶
func BadContentRetry(duration time.Duration) OptionSetter
BadContentRetry creates an OptionSetter for setting the bad content retry
func DefaultCacheTTL ¶
func DefaultCacheTTL(duration time.Duration) OptionSetter
DefaultCacheTTL creates an OptionSetter for setting the default cache TTL
func NetworkRetry ¶
func NetworkRetry(duration time.Duration) OptionSetter
NetworkRetry creates an OptionSetter for setting the network retry
type Pin ¶
Pin is a RFC 7469 pin directive (digest of a public key)
func (*Pin) UnmarshalJSON ¶
UnmarshalJSON parses the JSON for a pin We have our own implementation to support the old format where the attributes were named "name" and "value", once there are no active federations left with that format we can remove this.
Source Files