authmate

package
v0.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 13, 2022 License: AGPL-3.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Agent

type Agent struct {
	// contains filtered or unexported fields
}

Agent contains client communicating with NeoFS and logger.

func New

func New(log *zap.Logger, neoFS NeoFS) *Agent

New creates an object of type Agent that consists of Client and logger.

func (*Agent) IssueSecret

func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecretOptions) error

IssueSecret creates an auth token, puts it in the NeoFS network and writes to io.Writer a new secret access key.

func (*Agent) ObtainSecret

func (a *Agent) ObtainSecret(ctx context.Context, w io.Writer, options *ObtainSecretOptions) error

ObtainSecret receives an existing secret access key from NeoFS and writes to io.Writer the secret access key.

type ContainerOptions added in v0.19.0

type ContainerOptions struct {
	ID              *cid.ID
	FriendlyName    string
	PlacementPolicy string
}

ContainerOptions groups parameters of auth container to put the secret into.

type ContainerPolicies added in v0.17.0

type ContainerPolicies map[string]string

ContainerPolicies contains mapping of aws LocationConstraint to neofs PlacementPolicy.

type IssueSecretOptions

type IssueSecretOptions struct {
	Container             ContainerOptions
	NeoFSKey              *keys.PrivateKey
	GatesPublicKeys       []*keys.PublicKey
	EACLRules             []byte
	SessionTokenRules     []byte
	SkipSessionRules      bool
	Lifetime              time.Duration
	AwsCliCredentialsFile string
	ContainerPolicies     ContainerPolicies
}

IssueSecretOptions contains options for passing to Agent.IssueSecret method.

type NeoFS added in v0.19.0

type NeoFS interface {
	// NeoFS interface required by credential tool.
	tokens.NeoFS

	// ContainerExists checks container presence in NeoFS by identifier.
	// Returns nil if container exists.
	ContainerExists(context.Context, cid.ID) error

	// CreateContainer creates and saves parameterized container in NeoFS.
	// It sets 'Timestamp' attribute to the current time.
	// It returns the ID of the saved container.
	//
	// The container must be private with GET access for OTHERS group.
	// Creation time should also be stamped.
	//
	// It returns exactly one non-nil value. It returns any error encountered which
	// prevented the container from being created.
	CreateContainer(context.Context, PrmContainerCreate) (*cid.ID, error)

	// TimeToEpoch computes the current epoch and the epoch that corresponds to the provided time.
	// Note:
	// * time must be in the future
	// * time will be ceil rounded to match epoch
	//
	// It returns any error encountered which prevented computing epochs.
	TimeToEpoch(context.Context, time.Time) (uint64, uint64, error)
}

NeoFS represents virtual connection to NeoFS network.

type NetworkState added in v0.19.0

type NetworkState struct {
	// Current NeoFS time.
	Epoch uint64
	// Duration of the Morph chain block in ms.
	BlockDuration int64
	// Duration of the NeoFS epoch in Morph chain blocks.
	EpochDuration uint64
}

NetworkState represents NeoFS network state which is needed for authmate processing.

type ObtainSecretOptions

type ObtainSecretOptions struct {
	SecretAddress  string
	GatePrivateKey *keys.PrivateKey
}

ObtainSecretOptions contains options for passing to Agent.ObtainSecret method.

type PrmContainerCreate added in v0.19.0

type PrmContainerCreate struct {
	// NeoFS identifier of the container creator.
	Owner user.ID

	// Container placement policy.
	Policy netmap.PlacementPolicy

	// Friendly name for the container (optional).
	FriendlyName string
}

PrmContainerCreate groups parameters of containers created by authmate.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL