Documentation
¶
Overview ¶
Package registry provides access to the Arigato registry REST API.
Index ¶
- type ClaimTree
- type ClaimTreeClient
- type ClaimedKeyPair
- type Client
- func (c *Client) Do(ctx context.Context, r *http.Request, v interface{}) (*http.Response, error)
- func (c *Client) NewRequest(method, path string, query *url.Values, body interface{}) (*http.Request, error)
- func (c *Client) NewTokenRequest(token, method, path string, query *url.Values, body interface{}) (*http.Request, error)
- type CredentialTree
- type CredentialTreeClient
- type Credentials
- type Error
- type KeyPairs
- type KeyringClient
- type KeyringMemberClient
- type KeyringSection
- type MembershipsClient
- type OrgInviteClient
- type Orgs
- type PublicKeySegment
- type TeamsClient
- type Tokens
- type Users
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClaimTree ¶
type ClaimTree struct {
Org *envelope.Signed `json:"org"`
PublicKeys []PublicKeySegment `json:"public_keys"`
}
ClaimTree represents an organizations claim tree which contains public signing and encryption keys for every member.
type ClaimTreeClient ¶
type ClaimTreeClient struct {
// contains filtered or unexported fields
}
ClaimTreeClient represents the `/claimtree` registry endpoint, used for retrieving the public keys and their associated claims for an organization.
func (*ClaimTreeClient) List ¶
func (c *ClaimTreeClient) List(ctx context.Context, orgID *identity.ID, ownerID *identity.ID) ([]ClaimTree, error)
List returns a list of all claimtrees for a given orgID. If no orgID is provided then it returns all claimtrees for every organization the user belongs too.
If an ownerID is provided then only public keys and claims related to that user or machine will be returned.
type ClaimedKeyPair ¶
type ClaimedKeyPair struct {
PublicKey *envelope.Signed `json:"public_key"`
PrivateKey *envelope.Signed `json:"private_key"`
Claims []envelope.Signed `json:"claims"`
}
ClaimedKeyPair contains a public/private keypair, and all the Claims made against it (system and user signatures).
type Client ¶
type Client struct {
KeyPairs *KeyPairs
Tokens *Tokens
Users *Users
Teams *TeamsClient
Memberships *MembershipsClient
Credentials *Credentials
Orgs *Orgs
OrgInvite *OrgInviteClient
Keyring *KeyringClient
KeyringMember *KeyringMemberClient
ClaimTree *ClaimTreeClient
CredentialTree *CredentialTreeClient
// contains filtered or unexported fields
}
Client exposes the registry REST API.
func NewClient ¶
func NewClient(prefix string, apiVersion string, version string, sess session.Session, t *http.Transport) *Client
NewClient returns a new Client.
func (*Client) Do ¶
Do executes an http.Request, populating v with the JSON response on success.
If the request errors with a JSON formatted response body, it will be unmarshaled into the returned error.
func (*Client) NewRequest ¶
func (c *Client) NewRequest(method, path string, query *url.Values, body interface{}) (*http.Request, error)
NewRequest constructs a new http.Request, with a body containing the json representation of body, if provided.
func (*Client) NewTokenRequest ¶
func (c *Client) NewTokenRequest(token, method, path string, query *url.Values, body interface{}) (*http.Request, error)
NewTokenRequest constructs a new http.Request, with a body containing the json representation of body, if provided.
The request will be authorized with the provided token.
type CredentialTree ¶
type CredentialTree struct {
Keyring *envelope.Signed `json:"keyring"`
Members []envelope.Signed `json:"members"`
Credentials []envelope.Signed `json:"credentials"`
}
CredentialTree represents a Keyring, it's members, and associated Credentials.
type CredentialTreeClient ¶
type CredentialTreeClient struct {
// contains filtered or unexported fields
}
CredentialTreeClient represents the `/credentialtree` registry endpoint, user for retrieving keyrings, keyring members, and credentials associated with claims.
func (*CredentialTreeClient) List ¶
func (c *CredentialTreeClient) List(ctx context.Context, name, path, pathexp string, ownerID *identity.ID) ([]CredentialTree, error)
List returns back all segments of the CredentialGraph (Keyring, Keyring Members, and Credentials) that match the given name, path, or path expression.
func (*CredentialTreeClient) Post ¶
func (c *CredentialTreeClient) Post(ctx context.Context, t *CredentialTree) (*CredentialTree, error)
Post creates a new CredentialTree on the registry.
The CredentialTree includes the keyring, it's members, and credentials.
type Credentials ¶
type Credentials struct {
// contains filtered or unexported fields
}
Credentials represents the `/credentials` registry endpoint, used for accessing encrypted credentials/secrets.
type KeyPairs ¶
type KeyPairs struct {
// contains filtered or unexported fields
}
KeyPairs represents the `/keypairs` registry endpoint, used for accessing users' signing and encryption keypairs.
func (*KeyPairs) List ¶
List returns all KeyPairs for the logged in user in the given, or all orgs if orgID is nil.
func (*KeyPairs) Post ¶
func (k *KeyPairs) Post(ctx context.Context, pubKey, privKey, claim *envelope.Signed) (*envelope.Signed, *envelope.Signed, []envelope.Signed, error)
Post creates a new keypair on the registry.
The keypair includes the user's public key, private key, and a self-signed claim on the public key.
keys may be either signing or encryption keys.
type KeyringClient ¶
type KeyringClient struct {
// contains filtered or unexported fields
}
KeyringClient represents the `/keyrings` registry end point for accessing keyrings the user or machine belong too.
type KeyringMemberClient ¶
type KeyringMemberClient struct {
// contains filtered or unexported fields
}
KeyringMemberClient represents the `/keyring-members` registry end point for accessand creating memberships related to a set of Keyrings.
type KeyringSection ¶
type KeyringSection struct {
Keyring *envelope.Signed `json:"keyring"`
Members []envelope.Signed `json:"members"`
}
KeyringSection represents a section of the CredentialTree only pertaining to a keyring and it's membership.
type MembershipsClient ¶
type MembershipsClient struct {
// contains filtered or unexported fields
}
MembershipsClient represents the `/memberships` registry endpoint, used for accessing the relationship between users, organization, and teams.
type OrgInviteClient ¶
type OrgInviteClient struct {
// contains filtered or unexported fields
}
OrgInviteClient represents the `/org-invites` registry endpoint, used for sending, accepting, and approving invitations to organizations in Arigato.
type Orgs ¶
type Orgs struct {
// contains filtered or unexported fields
}
Orgs represents the `/orgs` registry endpoint, used for accessing organizations stored in Arigato.
type PublicKeySegment ¶
type PublicKeySegment struct {
Key *envelope.Signed `json:"public_key"`
Claims []envelope.Signed `json:"claims"`
}
PublicKeySegment represents a sub section of a claimtree targeting a specific public key and it's claims.
type TeamsClient ¶
type TeamsClient struct {
// contains filtered or unexported fields
}
TeamsClient represents the `/teams` registry endpoint, used for accessing teams stored in Arigato.
type Tokens ¶
type Tokens struct {
// contains filtered or unexported fields
}
Tokens represents the registry '/tokens' endpoints, used for session management.
Logging in is a two step process. We must first request a login token. This token is then HMAC'd and returned to the server, exchanging it for an auth token, which is used for all other operations.
func (*Tokens) Delete ¶
Delete deletes the token with the provided value from the registry. This effectively logs a user out.
Source Files