primitive

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2016 License: BSD-3-Clause Imports: 6 Imported by: 33

Documentation

Overview

Package primitive contains definitions of the primitive types used in ag.

Index

Constants

View Source
const (
	OrgInvitePendingState    = "pending"
	OrgInviteAssociatedState = "associated"
	OrgInviteAcceptedState   = "accepted"
	OrgInviteApprovedState   = "approved"
)

Org Invitations exist in four states: pending, associated, accepted, and approved.

View Source
const (
	MachineActiveState    = "active"
	MachineDestroyedState = "destroyed"
)

Machines can be in one of two states: active or destroyed

View Source
const (
	MachineTokenActiveState    = "active"
	MachineTokenDestroyedState = "destroyed"
)

MachineTokens can be in one of two states: active or destroyed

View Source
const (
	PolicyEffectAllow = true
	PolicyEffectDeny  = false
)

These are the two policy effect types

View Source
const (
	PolicyActionCreate = 1 << iota
	PolicyActionRead
	PolicyActionUpdate
	PolicyActionDelete
	PolicyActionList
)

These are all the possible PolicyActions

View Source
const (
	SystemTeam  = "system"
	UserTeam    = "user"
	MachineTeam = "machine"
)

There are three types of teams: system, machine and user. System teams are managed by the Torus registry while Machine teams contain only machines.

View Source
const (
	AdminTeamName   = "admin"
	OwnerTeamName   = "owner"
	MemberTeamName  = "member"
	MachineTeamName = "machine"
)

Teams are used to represent a group of identities and their associated access control policies

View Source
const (
	DerivableMachineTeamSymbol = 0x04
)

Team IDs for certain system teams can be derived based on their OrgID.

Variables

This section is empty.

Functions

This section is empty.

Types

type BaseCredential added in v0.11.0

type BaseCredential struct {
	Credential        *CredentialValue `json:"credential"`
	KeyringID         *identity.ID     `json:"keyring_id"`
	Name              string           `json:"name"`
	Nonce             *base64.Value    `json:"nonce"`
	OrgID             *identity.ID     `json:"org_id"`
	PathExp           *pathexp.PathExp `json:"pathexp"`
	Previous          *identity.ID     `json:"previous"`
	ProjectID         *identity.ID     `json:"project_id"`
	CredentialVersion int              `json:"version"`
}

BaseCredential is a secret value shared between a group of services based on users identity, operating environment, project, and organization

type BaseKeyring added in v0.12.0

type BaseKeyring struct {
	Created        time.Time        `json:"created_at"`
	OrgID          *identity.ID     `json:"org_id"`
	PathExp        *pathexp.PathExp `json:"pathexp"`
	Previous       *identity.ID     `json:"previous"`
	ProjectID      *identity.ID     `json:"project_id"`
	KeyringVersion int              `json:"version"`
	// contains filtered or unexported fields
}

BaseKeyring is the shared structure between keyring schema versions.

func (BaseKeyring) Immutable added in v0.12.0

func (BaseKeyring) Immutable()

type Claim

type Claim struct {
	Created     time.Time    `json:"created_at"`
	OrgID       *identity.ID `json:"org_id"`
	OwnerID     *identity.ID `json:"owner_id"`
	Previous    *identity.ID `json:"previous"`
	PublicKeyID *identity.ID `json:"public_key_id"`
	ClaimType   ClaimType    `json:"type"`
	// contains filtered or unexported fields
}

Claim is a signature or revocation claim against a public key.

func NewClaim

func NewClaim(orgID, ownerID, previous, pubKeyID *identity.ID, claimType ClaimType) *Claim

NewClaim returns a new Claim, with the created time set to now

func (Claim) Immutable added in v0.9.0

func (Claim) Immutable()

func (Claim) Version

func (Claim) Version() int

Version returns the schema version of structs that embed this type.

type ClaimType added in v0.18.0

type ClaimType string

ClaimType is the enumeration of all claims that can be made against public keys.

const (
	SignatureClaimType  ClaimType = "signature"
	RevocationClaimType ClaimType = "revocation"
)

Types of claims that can be made against public keys.

type Credential

type Credential struct {
	BaseCredential
	State *string `json:"state"`
	// contains filtered or unexported fields
}

Credential is a secret value shared between a group of services based on users identity, operating environment, project, and organization

func (Credential) Immutable added in v0.9.0

func (Credential) Immutable()

func (Credential) Version

func (Credential) Version() int

Version returns the schema version of structs that embed this type.

type CredentialV1 added in v0.11.0

type CredentialV1 struct {
	BaseCredential
	// contains filtered or unexported fields
}

CredentialV1 is a secret value shared between a group of services based on users identity, operating environment, project, and organization

func (CredentialV1) Immutable added in v0.11.0

func (CredentialV1) Immutable()

func (CredentialV1) Version added in v0.11.0

func (CredentialV1) Version() int

Version returns the schema version of structs that embed this type.

type CredentialValue

type CredentialValue struct {
	Algorithm string        `json:"alg"`
	Nonce     *base64.Value `json:"nonce"`
	Value     *base64.Value `json:"value"`
}

CredentialValue is the secretbox encrypted value of the containing Credential.

type Environment

type Environment struct {
	Name      string       `json:"name"`
	OrgID     *identity.ID `json:"org_id"`
	ProjectID *identity.ID `json:"project_id"`
	// contains filtered or unexported fields
}

Environment is an entity that represents a group of processes

func (Environment) Mutable added in v0.9.0

func (Environment) Mutable()

func (Environment) Version

func (Environment) Version() int

Version returns the schema version of structs that embed this type.

type KeyType added in v0.18.0

type KeyType string

KeyType the enumeration of all types of keys.

const (
	EncryptionKeyType KeyType = "encryption"
	SigningKeyType    KeyType = "signing"
)

Types of keys supported by the system.

type Keyring

type Keyring struct {
	BaseKeyring
	// contains filtered or unexported fields
}

Keyring is a mechanism for sharing a shared secret between many different users and machines at a position in the credential path.

Credentials belong to Keyrings

func NewKeyring added in v0.10.0

func NewKeyring(orgID, projectID *identity.ID, pathExp *pathexp.PathExp) *Keyring

NewKeyring returns a new v2 Keyring, with the created time set to now

func (Keyring) Immutable added in v0.9.0

func (Keyring) Immutable()

func (Keyring) Version

func (Keyring) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMember

type KeyringMember struct {
	Created         time.Time    `json:"created_at"`
	EncryptingKeyID *identity.ID `json:"encrypting_key_id"`
	KeyringID       *identity.ID `json:"keyring_id"`
	OrgID           *identity.ID `json:"org_id"`
	OwnerID         *identity.ID `json:"owner_id"`
	PublicKeyID     *identity.ID `json:"public_key_id"`
	// contains filtered or unexported fields
}

KeyringMember is a record of sharing a master secret key with a user or machine.

This is the v2 schema version, which has a detached mekshare so it can be revoked.

KeyringMember belongs to a Keyring

func (KeyringMember) Immutable added in v0.9.0

func (KeyringMember) Immutable()

func (KeyringMember) Version

func (KeyringMember) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMemberClaim added in v0.10.0

type KeyringMemberClaim struct {
	OrgID           *identity.ID `json:"org_id"`
	KeyringID       *identity.ID `json:"keyring_id"`
	KeyringMemberID *identity.ID `json:"keyring_member_id"`
	OwnerID         *identity.ID `json:"owner_id"`
	Previous        *identity.ID `json:"previous"`
	ClaimType       ClaimType    `json:"type"`
	Created         time.Time    `json:"created_at"`
	// contains filtered or unexported fields
}

KeyringMemberClaim is a claim for a keyring member. Only revocation is supported as a claim type.

func (KeyringMemberClaim) Immutable added in v0.10.0

func (KeyringMemberClaim) Immutable()

func (KeyringMemberClaim) Version added in v0.10.0

func (KeyringMemberClaim) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMemberKey

type KeyringMemberKey struct {
	Algorithm string        `json:"alg"`
	Nonce     *base64.Value `json:"nonce"`
	Value     *base64.Value `json:"value"`
}

KeyringMemberKey is the keyring master encryption key, encrypted for the owner of a KeyringMember/MEKShare

type KeyringMemberV1 added in v0.10.0

type KeyringMemberV1 struct {
	Created         time.Time         `json:"created_at"`
	EncryptingKeyID *identity.ID      `json:"encrypting_key_id"`
	Key             *KeyringMemberKey `json:"key"`
	KeyringID       *identity.ID      `json:"keyring_id"`
	OrgID           *identity.ID      `json:"org_id"`
	OwnerID         *identity.ID      `json:"owner_id"`
	ProjectID       *identity.ID      `json:"project_id"`
	PublicKeyID     *identity.ID      `json:"public_key_id"`
	// contains filtered or unexported fields
}

KeyringMemberV1 is a record of sharing a master secret key with a user or machine.

KeyringMember belongs to a Keyring

func (KeyringMemberV1) Immutable added in v0.10.0

func (KeyringMemberV1) Immutable()

func (KeyringMemberV1) Version added in v0.10.0

func (KeyringMemberV1) Version() int

Version returns the schema version of structs that embed this type.

type KeyringV1 added in v0.10.0

type KeyringV1 struct {
	BaseKeyring
	// contains filtered or unexported fields
}

KeyringV1 is the old keyring format, without claims or mekshares.

func (KeyringV1) Immutable added in v0.12.0

func (KeyringV1) Immutable()

func (KeyringV1) Version added in v0.10.0

func (KeyringV1) Version() int

Version returns the schema version of structs that embed this type.

type MEKShare added in v0.10.0

type MEKShare struct {
	Created         time.Time         `json:"created_at"`
	OrgID           *identity.ID      `json:"org_id"`
	OwnerID         *identity.ID      `json:"owner_id"`
	KeyringID       *identity.ID      `json:"keyring_id"`
	KeyringMemberID *identity.ID      `json:"keyring_member_id"`
	Key             *KeyringMemberKey `json:"key"`
	// contains filtered or unexported fields
}

MEKShare is a V2 KeyringMember's share of the keyring master encryption key.

func (MEKShare) Immutable added in v0.10.0

func (MEKShare) Immutable()

func (MEKShare) Version added in v0.10.0

func (MEKShare) Version() int

Version returns the schema version of structs that embed this type.

type Machine added in v0.15.0

type Machine struct {
	Name        string       `json:"name"`
	OrgID       *identity.ID `json:"org_id"`
	CreatedBy   *identity.ID `json:"created_by"`
	Created     time.Time    `json:"created_at"`
	DestroyedBy *identity.ID `json:"destroyed_by"`
	Destroyed   *time.Time   `json:"destroyed_at"`
	State       string       `json:"state"`
	// contains filtered or unexported fields
}

Machine is an entity that represents a machine object

func (Machine) Mutable added in v0.15.0

func (Machine) Mutable()

func (Machine) Version added in v0.15.0

func (Machine) Version() int

Version returns the schema version of structs that embed this type.

type MachineToken added in v0.15.0

type MachineToken struct {
	OrgID       *identity.ID           `json:"org_id"`
	MachineID   *identity.ID           `json:"machine_id"`
	PublicKey   *MachineTokenPublicKey `json:"public_key"`
	Master      *MasterKey             `json:"master"`
	CreatedBy   *identity.ID           `json:"created_by"`
	Created     time.Time              `json:"created_at"`
	DestroyedBy *identity.ID           `json:"destroyed_by"`
	Destroyed   *time.Time             `json:"destroyed_at"`
	State       string                 `json:"state"`
	// contains filtered or unexported fields
}

MachineToken is an portion of the MachineSegment object

func (MachineToken) Mutable added in v0.15.0

func (MachineToken) Mutable()

func (MachineToken) Version added in v0.15.0

func (MachineToken) Version() int

Version returns the schema version of structs that embed this type.

type MachineTokenPublicKey added in v0.15.0

type MachineTokenPublicKey struct {
	Alg   string        `json:"alg"`
	Salt  *base64.Value `json:"salt"`
	Value *base64.Value `json:"value"`
}

MachineTokenPublicKey represents a public used by a machine to authenticate against the registry

type MasterKey added in v0.15.0

type MasterKey struct {
	Value *base64.Value `json:"value"`
	Alg   string        `json:"alg"`
}

MasterKey is the body.master object for a user and machine token

type Membership

type Membership struct {
	OrgID   *identity.ID `json:"org_id"`
	OwnerID *identity.ID `json:"owner_id"`
	TeamID  *identity.ID `json:"team_id"`
	// contains filtered or unexported fields
}

Membership is an entity that represents whether a user or machine is a part of a team in an organization.

func (Membership) Mutable added in v0.9.0

func (Membership) Mutable()

func (Membership) Version

func (Membership) Version() int

Version returns the schema version of structs that embed this type.

type Org

type Org struct {
	Name string `json:"name"`
	// contains filtered or unexported fields
}

Org is a grouping of users that collaborate with each other

func (Org) Mutable added in v0.9.0

func (Org) Mutable()

func (Org) Version

func (Org) Version() int

Version returns the schema version of structs that embed this type.

type OrgInvite

type OrgInvite struct {
	OrgID      *identity.ID `json:"org_id"`
	Email      string       `json:"email"`
	InviterID  *identity.ID `json:"inviter_id"`
	InviteeID  *identity.ID `json:"invitee_id"`
	ApproverID *identity.ID `json:"approver_id"`
	State      string       `json:"state"`
	Code       *struct {
		Alg   string        `json:"alg"`
		Salt  *base64.Value `json:"salt"`
		Value *base64.Value `json:"value"`
	} `json:"code"`
	PendingTeams []identity.ID `json:"pending_teams"`
	Created      *time.Time    `json:"created_at"`
	Accepted     *time.Time    `json:"accepted_at"`
	Approved     *time.Time    `json:"approved_at"`
	// contains filtered or unexported fields
}

OrgInvite is an invitation for an individual to join an organization

func (OrgInvite) Mutable added in v0.9.0

func (OrgInvite) Mutable()

func (OrgInvite) Version

func (OrgInvite) Version() int

Version returns the schema version of structs that embed this type.

type Policy

type Policy struct {
	PolicyType string       `json:"type"`
	Previous   *identity.ID `json:"previous"`
	OrgID      *identity.ID `json:"org_id"`
	Policy     struct {
		Name        string            `json:"name"`
		Description string            `json:"description"`
		Statements  []PolicyStatement `json:"statements"`
	} `json:"policy"`
	// contains filtered or unexported fields
}

Policy is an entity that represents a group of statements for acl

func (Policy) Mutable added in v0.9.0

func (Policy) Mutable()

func (Policy) Version

func (Policy) Version() int

Version returns the schema version of structs that embed this type.

type PolicyAction added in v0.8.0

type PolicyAction byte

PolicyAction represents the user actions that are covered by a statement.

func (*PolicyAction) MarshalJSON added in v0.8.0

func (pa *PolicyAction) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface. A PolicyAction is encoded in JSON either the string representations of its actions in a list, or a single string when there is only one action.

func (*PolicyAction) ShortString added in v0.9.0

func (pa *PolicyAction) ShortString() string

ShortString displays a single character representation of each of the policy's actions.

func (*PolicyAction) String added in v0.8.0

func (pa *PolicyAction) String() string

func (*PolicyAction) UnmarshalJSON added in v0.8.0

func (pa *PolicyAction) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

type PolicyAttachment

type PolicyAttachment struct {
	OwnerID  *identity.ID `json:"owner_id"`
	PolicyID *identity.ID `json:"policy_id"`
	OrgID    *identity.ID `json:"org_id"`
	// contains filtered or unexported fields
}

PolicyAttachment is an entity that represents the link between policies and teams

func (PolicyAttachment) Mutable added in v0.9.0

func (PolicyAttachment) Mutable()

func (PolicyAttachment) Version

func (PolicyAttachment) Version() int

Version returns the schema version of structs that embed this type.

type PolicyEffect added in v0.8.0

type PolicyEffect bool

PolicyEffect is the effect type of the statement (allow or deny)

func (*PolicyEffect) MarshalText added in v0.8.0

func (pe *PolicyEffect) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface, used for JSON marshaling.

func (*PolicyEffect) String added in v0.8.0

func (pe *PolicyEffect) String() string

String returns a string representation of the PolicyEffect (allow or deny)

func (*PolicyEffect) UnmarshalText added in v0.8.0

func (pe *PolicyEffect) UnmarshalText(b []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface, used for JSON unmarshaling.

type PolicyStatement

type PolicyStatement struct {
	Effect   PolicyEffect `json:"effect"`
	Action   PolicyAction `json:"action"`
	Resource string       `json:"resource"`
}

PolicyStatement is an acl statement on a policy object

type PrivateKey

type PrivateKey struct {
	Key         PrivateKeyValue `json:"key"`
	OrgID       *identity.ID    `json:"org_id"`
	OwnerID     *identity.ID    `json:"owner_id"`
	PNonce      *base64.Value   `json:"pnonce"`
	PublicKeyID *identity.ID    `json:"public_key_id"`
	// contains filtered or unexported fields
}

PrivateKey is the private portion of an asymetric key.

func (PrivateKey) Immutable added in v0.9.0

func (PrivateKey) Immutable()

func (PrivateKey) Version

func (PrivateKey) Version() int

Version returns the schema version of structs that embed this type.

type PrivateKeyValue

type PrivateKeyValue struct {
	Algorithm string        `json:"alg"`
	Value     *base64.Value `json:"value"`
}

PrivateKeyValue holds the encrypted value of the PrivateKey.

type Project

type Project struct {
	Name  string       `json:"name"`
	OrgID *identity.ID `json:"org_id"`
	// contains filtered or unexported fields
}

Project is an entity that represents a group of services

func (Project) Mutable added in v0.9.0

func (Project) Mutable()

func (Project) Version

func (Project) Version() int

Version returns the schema version of structs that embed this type.

type PublicKey

type PublicKey struct {
	Algorithm string         `json:"alg"`
	Created   time.Time      `json:"created_at"`
	Expires   time.Time      `json:"expires_at"`
	Key       PublicKeyValue `json:"key"`
	OrgID     *identity.ID   `json:"org_id"`
	OwnerID   *identity.ID   `json:"owner_id"`
	KeyType   KeyType        `json:"type"`
	// contains filtered or unexported fields
}

PublicKey is the public portion of an asymetric key.

func (PublicKey) Immutable added in v0.9.0

func (PublicKey) Immutable()

func (PublicKey) Version

func (PublicKey) Version() int

Version returns the schema version of structs that embed this type.

type PublicKeyValue

type PublicKeyValue struct {
	Value *base64.Value `json:"value"`
}

PublicKeyValue is the actual value of a PublicKey.

type Service

type Service struct {
	Name      string       `json:"name"`
	OrgID     *identity.ID `json:"org_id"`
	ProjectID *identity.ID `json:"project_id"`
	// contains filtered or unexported fields
}

Service is an entity that represents a group of processes

func (Service) Mutable added in v0.9.0

func (Service) Mutable()

func (Service) Version

func (Service) Version() int

Version returns the schema version of structs that embed this type.

type Signature

type Signature struct {
	Algorithm   string        `json:"alg"`
	PublicKeyID *identity.ID  `json:"public_key_id"`
	Value       *base64.Value `json:"value"`
}

Signature is an immutable object, but not technically a payload. If PublicKeyID is nil, the signature is self-signed.

type Team

type Team struct {
	Name     string       `json:"name"`
	OrgID    *identity.ID `json:"org_id"`
	TeamType string       `json:"type"`
	// contains filtered or unexported fields
}

Team is an entity that represents a group of users

func (Team) Mutable added in v0.9.0

func (Team) Mutable()

func (Team) Version

func (Team) Version() int

Version returns the schema version of structs that embed this type.

type User

type User struct {
	Username string        `json:"username"`
	Name     string        `json:"name"`
	Email    string        `json:"email"`
	State    string        `json:"state"`
	Password *UserPassword `json:"password"`
	Master   *MasterKey    `json:"master"`
	// contains filtered or unexported fields
}

User is the body of a user object

func (User) Mutable added in v0.9.0

func (User) Mutable()

func (User) Version

func (User) Version() int

Version returns the schema version of structs that embed this type.

type UserPassword

type UserPassword struct {
	Salt  string        `json:"salt"`
	Value *base64.Value `json:"value"`
	Alg   string        `json:"alg"`
}

UserPassword is the body.password object for a user

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL