Documentation
¶
Overview ¶
Package nats contains the secure message bus implementation for the nats-server.
Index ¶
- Variables
- func VerifyServerCertificate(conf SecurableConfig, certificates [][]byte) error
- type InMemorySecureConfig
- type OnDiskSecureConfig
- type RootCertParseError
- type SecurableConfig
- type SecureMessageBus
- func (m *SecureMessageBus) Close() error
- func (m *SecureMessageBus) Connect(url string, opts ...nats.Option) error
- func (m *SecureMessageBus) IsConnected() bool
- func (m *SecureMessageBus) Publish(subj string, msg []byte) error
- func (m *SecureMessageBus) Subscribe(subj string, msgCh chan []byte) error
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNoConnection indicates there is no nats connection. ErrNoConnection = errors.New("no nats connection found") // ErrInvalidConfig indicates an invalid secure NATs configuration. ErrInvalidConfig = errors.New("invalid secure NATs configuration") // ErrNoServerName indicates that no server name was provided. ErrNoServerName = errors.New("no server name provided") // ErrNoCertificate indicates that no certificate was presented. ErrNoCertificate = errors.New("server did not present a certificate") )
Functions ¶
func VerifyServerCertificate ¶
func VerifyServerCertificate(conf SecurableConfig, certificates [][]byte) error
VerifyServerCertificate uses a custom CA File from a securable config to validate a NATS server during connection.
Types ¶
type InMemorySecureConfig ¶
type InMemorySecureConfig struct {
// contains filtered or unexported fields
}
InMemorySecureConfig implements the securableconfig interface from the nats package in a way that allows you to provide an in memory certificate getter to the NATS client.
func NewInMemorySecureConfig ¶
func NewInMemorySecureConfig( server, caBundle string, cert func(*tls.CertificateRequestInfo) (*tls.Certificate, error), ) InMemorySecureConfig
NewInMemorySecureConfig creates a new InMemorySecureConfig.
func (InMemorySecureConfig) CAFile ¶
func (i InMemorySecureConfig) CAFile() string
CAFile getter for CA Filepath. implements SecurableConfig from NATS package.
func (*InMemorySecureConfig) CreateTLSConfig ¶
func (i *InMemorySecureConfig) CreateTLSConfig() (*tls.Config, error)
CreateTLSConfig creates a TLS Config for NATS connection. implements SecurableConfig from NATS package.
func (InMemorySecureConfig) ServerName ¶
func (i InMemorySecureConfig) ServerName() string
ServerName getter for ServerName. implements SecurableConfig from NATS package.
func (*InMemorySecureConfig) Validate ¶
func (i *InMemorySecureConfig) Validate() error
Validate validates potential TLS Config. implements SecurableConfig from NATS package.
type OnDiskSecureConfig ¶
type OnDiskSecureConfig struct {
// contains filtered or unexported fields
}
OnDiskSecureConfig contains the configuration needed to connect to NATs securely. All fields must be provided and all file paths must exist.
func NewOnDiskSecureConfig ¶
func NewOnDiskSecureConfig( serverName, certFile, keyFile, caFile string, ) OnDiskSecureConfig
NewOnDiskSecureConfig make an OnDiskSecureConfig.
func (OnDiskSecureConfig) CAFile ¶
func (sc OnDiskSecureConfig) CAFile() string
CAFile implements getter for SecurableConfig interface.
func (OnDiskSecureConfig) CreateTLSConfig ¶
func (sc OnDiskSecureConfig) CreateTLSConfig() (*tls.Config, error)
CreateTLSConfig creates a TLS config using the client cert and key in the secure config.
func (OnDiskSecureConfig) ServerName ¶
func (sc OnDiskSecureConfig) ServerName() string
ServerName implements getter for SecurableConfig interface.
func (OnDiskSecureConfig) Validate ¶
func (sc OnDiskSecureConfig) Validate() error
Validate validates that all files in the config exist and that the server name is non-empty.
type RootCertParseError ¶
type RootCertParseError struct {
// contains filtered or unexported fields
}
RootCertParseError indicates that the root certificate could not be parsed.
func (RootCertParseError) Error ¶
func (e RootCertParseError) Error() string
type SecurableConfig ¶
type SecurableConfig interface { Validate() error CreateTLSConfig() (*tls.Config, error) CAFile() string ServerName() string }
SecurableConfig implements everything that NewSecureMessageBus needs to kick off a secure connection to a NATS server.
type SecureMessageBus ¶
type SecureMessageBus struct { Conn *nats.Conn // contains filtered or unexported fields }
SecureMessageBus securely connects to NATs and provides methods to publish and subscribe to subjects.
func NewSecureMessageBus ¶
func NewSecureMessageBus(secureConfig SecurableConfig) (*SecureMessageBus, error)
NewSecureMessageBus returns a new instance of a Secure Message Bus. Must provide a valid secure config in order to enable mTLS with the NATs server.
func (*SecureMessageBus) Close ¶
func (m *SecureMessageBus) Close() error
Close closes the NATs connection if it exists. Returns an error if no connection is found.
func (*SecureMessageBus) Connect ¶
func (m *SecureMessageBus) Connect(url string, opts ...nats.Option) error
Connect connects to NATs with the specified opts.
func (*SecureMessageBus) IsConnected ¶
func (m *SecureMessageBus) IsConnected() bool
IsConnected returns whether or not the secure message bus is connected to NATs.
func (*SecureMessageBus) Publish ¶
func (m *SecureMessageBus) Publish(subj string, msg []byte) error
Publish publishes message to the subject. If publish is called before connection to NATs an error will be returned.
func (*SecureMessageBus) Subscribe ¶
func (m *SecureMessageBus) Subscribe(subj string, msgCh chan []byte) error
Subscribe subscribes to the provided subject. If subscribe is called before connection to NATs an error will be returned. Data from messages sent to the subject will be placed on the msgCh channel.