model

package
v0.20.13 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2021 License: Apache-2.0 Imports: 54 Imported by: 1

Documentation

Index

Constants

View Source
const (
	ClientCertHeader       = "X-Client-CertPem"
	EdgeRouterProxyRequest = "X-Edge-Router-Proxy-Request"
)
View Source
const (
	FormatSentinelStart       = "["
	FormatSentinelEnd         = "]"
	FormatSymbolCaName        = "caName"
	FormatSymbolCaId          = "caId"
	FormatSymbolCommonName    = "commonName"
	FormatSymbolRequestedName = "requestedName"
	FormatSymbolIdentityId    = "identityId"

	// DefaultCaIdentityNameFormat = "[caName] - [commonName]"
	DefaultCaIdentityNameFormat = FormatSentinelStart + FormatSymbolCaName + FormatSentinelEnd + "-" + FormatSentinelStart + FormatSymbolCommonName + FormatSentinelEnd
)
View Source
const (
	EdgeRouterEnrollmentCommonNameInvalidCode    = "EDGE_ROUTER_ENROLL_COMMON_NAME_INVALID"
	EdgeRouterEnrollmentCommonNameInvalidMessage = "The edge router CSR enrollment must have a common name that matches the edge router's id"
	MethodEnrollEdgeRouterOtt                    = "erott"
)
View Source
const (
	TotpMinLength = 4
	TotpMaxLength = 6
)
View Source
const (
	PostureCheckTypeOs           = "OS"
	PostureCheckTypeDomain       = "DOMAIN"
	PostureCheckTypeProcess      = "PROCESS"
	PostureCheckTypeProcessMulti = "PROCESS_MULTI"
	PostureCheckTypeMAC          = "MAC"
	PostureCheckTypeMFA          = "MFA"
)
View Source
const (
	EventIdentityPostureDataAltered   = "EventIdentityPostureDataAltered"
	EventApiSessionPostureDataAltered = "EventApiSessionPostureDataAltered"
)
View Source
const (
	ConfigTypeAll = "all"
)
View Source
const (
	IdentityActiveIntervalSeconds = 60
)
View Source
const (
	IdentityTypeUser = "User"
)
View Source
const MaxPostureFailures = 100
View Source
const (
	MethodEnrollTransitRouterOtt = "trott"
)
View Source
const MfaPromptGracePeriod = -5 * time.Minute //5m
View Source
const (
	MfaProviderZiti string = "ziti"
)
View Source
const (
	PostureCheckNoTimeout = int64(-1)
)
View Source
const (
	WindowSizeTOTP int = 5
)
View Source
const ZitiSdkTypeC = "ziti-sdk-c"

Variables

This section is empty.

Functions

func CleanHexString added in v0.17.5

func CleanHexString(hexString string) string

func NewFieldChecker

func NewFieldChecker(fields ...string) boltz.FieldChecker

Types

type AdvisorEdgeRouter

type AdvisorEdgeRouter struct {
	Router   *EdgeRouter
	IsOnline bool
}
type AdvisorIdentityEdgeRouterLinks struct {
	Identity   *Identity
	EdgeRouter *EdgeRouter
	Policies   []*EdgeRouterPolicy
}
type AdvisorIdentityServiceLinks struct {
	Identity *Identity
	Service  *Service
	Policies []*ServicePolicy
}
type AdvisorServiceEdgeRouterLinks struct {
	Service    *Service
	EdgeRouter *EdgeRouter
	Policies   []*ServiceEdgeRouterPolicy
}

type AdvisorServiceReachability

type AdvisorServiceReachability struct {
	Identity            *Identity
	Service             *Service
	IsBindAllowed       bool
	IsDialAllowed       bool
	IdentityRouterCount int
	ServiceRouterCount  int
	CommonRouters       []*AdvisorEdgeRouter
}

type AndFieldChecker

type AndFieldChecker struct {
	// contains filtered or unexported fields
}

func (*AndFieldChecker) IsUpdated

func (checker *AndFieldChecker) IsUpdated(field string) bool

type ApiSession

type ApiSession struct {
	models.BaseEntity
	Token              string
	IdentityId         string
	Identity           *Identity
	IPAddress          string
	ConfigTypes        map[string]struct{}
	MfaComplete        bool
	MfaRequired        bool
	ExpiresAt          time.Time
	ExpirationDuration time.Duration
	LastActivityAt     time.Time
}

type ApiSessionCertificate added in v0.17.30

type ApiSessionCertificate struct {
	models.BaseEntity
	ApiSession   *ApiSession
	ApiSessionId string
	Subject      string
	Fingerprint  string
	ValidAfter   *time.Time
	ValidBefore  *time.Time
	PEM          string
}

type ApiSessionCertificateHandler added in v0.17.30

type ApiSessionCertificateHandler struct {
	// contains filtered or unexported fields
}

func NewApiSessionCertificateHandler added in v0.17.30

func NewApiSessionCertificateHandler(env Env) *ApiSessionCertificateHandler

func (*ApiSessionCertificateHandler) BaseList added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BaseLoad added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionCertificateHandler) BaseLoadInTx added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionCertificateHandler) BasePreparedList added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BasePreparedListAssociated added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BasePreparedListIndexed added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) Create added in v0.17.30

func (handler *ApiSessionCertificateHandler) Create(entity *ApiSessionCertificate) (string, error)

func (*ApiSessionCertificateHandler) CreateFromCSR added in v0.17.30

func (handler *ApiSessionCertificateHandler) CreateFromCSR(apiSessionId string, lifespan time.Duration, csrPem []byte) (string, error)

func (*ApiSessionCertificateHandler) Delete added in v0.17.30

func (handler *ApiSessionCertificateHandler) Delete(id string) error

func (*ApiSessionCertificateHandler) GetDb added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetDb() boltz.Db

func (*ApiSessionCertificateHandler) GetEnv added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetEnv() Env

func (*ApiSessionCertificateHandler) GetStore added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetStore() boltz.CrudStore

func (*ApiSessionCertificateHandler) IsUpdated added in v0.17.30

func (handler *ApiSessionCertificateHandler) IsUpdated(_ string) bool

func (*ApiSessionCertificateHandler) Query added in v0.17.30

func (*ApiSessionCertificateHandler) Read added in v0.17.30

func (*ApiSessionCertificateHandler) ReadByApiSessionId added in v0.17.30

func (handler *ApiSessionCertificateHandler) ReadByApiSessionId(tx *bbolt.Tx, apiSessionId string) ([]*ApiSessionCertificate, error)

func (*ApiSessionCertificateHandler) ReadByFingerprint added in v0.17.30

func (handler *ApiSessionCertificateHandler) ReadByFingerprint(fingerprint string) (*ApiSessionCertificate, error)

type ApiSessionCertificateListResult added in v0.17.30

type ApiSessionCertificateListResult struct {
	ApiSessionCertificates []*ApiSessionCertificate
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionHandler

type ApiSessionHandler struct {
	HeartbeatCollector *HeartbeatCollector
	// contains filtered or unexported fields
}

func NewApiSessionHandler

func NewApiSessionHandler(env Env) *ApiSessionHandler

func (*ApiSessionHandler) BaseList

func (handler *ApiSessionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ApiSessionHandler) BaseLoad

func (handler *ApiSessionHandler) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionHandler) BaseLoadInTx

func (handler *ApiSessionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionHandler) BasePreparedList

func (handler *ApiSessionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) BasePreparedListAssociated

func (handler *ApiSessionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) BasePreparedListIndexed

func (handler *ApiSessionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) Create

func (handler *ApiSessionHandler) Create(entity *ApiSession) (string, error)

func (*ApiSessionHandler) Delete

func (handler *ApiSessionHandler) Delete(id string) error

func (*ApiSessionHandler) DeleteBatch added in v0.19.132

func (handler *ApiSessionHandler) DeleteBatch(id []string) error

func (*ApiSessionHandler) GetDb

func (handler *ApiSessionHandler) GetDb() boltz.Db

func (*ApiSessionHandler) GetEnv

func (handler *ApiSessionHandler) GetEnv() Env

func (*ApiSessionHandler) GetStore

func (handler *ApiSessionHandler) GetStore() boltz.CrudStore

func (*ApiSessionHandler) IsUpdated

func (handler *ApiSessionHandler) IsUpdated(_ string) bool

func (*ApiSessionHandler) MarkActivityById added in v0.19.33

func (handler *ApiSessionHandler) MarkActivityById(apiSessionId string)

func (*ApiSessionHandler) MarkActivityByTokens added in v0.19.33

func (handler *ApiSessionHandler) MarkActivityByTokens(tokens ...string) ([]string, error)

MarkActivityByTokens returns tokens that were not found if any and/or an error.

func (*ApiSessionHandler) MfaCompleted added in v0.17.52

func (handler *ApiSessionHandler) MfaCompleted(apiSession *ApiSession) error

func (*ApiSessionHandler) Query

func (handler *ApiSessionHandler) Query(query string) (*ApiSessionListResult, error)

func (*ApiSessionHandler) Read

func (handler *ApiSessionHandler) Read(id string) (*ApiSession, error)

func (*ApiSessionHandler) ReadByToken

func (handler *ApiSessionHandler) ReadByToken(token string) (*ApiSession, error)

func (*ApiSessionHandler) Stream added in v0.16.4

func (handler *ApiSessionHandler) Stream(query string, collect func(*ApiSession, error) error) error

func (*ApiSessionHandler) StreamIds added in v0.16.4

func (handler *ApiSessionHandler) StreamIds(query string, collect func(string, error) error) error

func (*ApiSessionHandler) Update

func (handler *ApiSessionHandler) Update(apiSession *ApiSession) error

func (*ApiSessionHandler) UpdateWithFieldChecker added in v0.19.46

func (handler *ApiSessionHandler) UpdateWithFieldChecker(apiSession *ApiSession, fieldChecker boltz.FieldChecker) error

func (*ApiSessionHandler) VisitFingerprintsForApiSession added in v0.19.0

func (handler *ApiSessionHandler) VisitFingerprintsForApiSession(tx *bbolt.Tx, identityId, apiSessionId string, visitor func(fingerprint string) bool) error

func (*ApiSessionHandler) VisitFingerprintsForApiSessionId added in v0.19.0

func (handler *ApiSessionHandler) VisitFingerprintsForApiSessionId(apiSessionId string, visitor func(fingerprint string) bool) error

type ApiSessionListResult

type ApiSessionListResult struct {
	ApiSessions []*ApiSession
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionPostureData added in v0.17.52

type ApiSessionPostureData struct {
	Mfa           *PostureResponseMfa           `json:"mfa"`
	EndpointState *PostureResponseEndpointState `json:"endpointState"`
	Sessions      map[string]*PostureSessionData
	SdkInfo       *SdkInfo
}

type AuthContext

type AuthContext interface {
	GetMethod() string
	GetData() map[string]interface{}
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
}

func NewAuthContextHttp added in v0.14.35

func NewAuthContextHttp(request *http.Request, method string, data interface{}) AuthContext

type AuthContextHttp

type AuthContextHttp struct {
	Method  string
	Data    map[string]interface{}
	Certs   []*x509.Certificate
	Headers map[string]interface{}
}

func (*AuthContextHttp) GetCerts

func (context *AuthContextHttp) GetCerts() []*x509.Certificate

func (*AuthContextHttp) GetData

func (context *AuthContextHttp) GetData() map[string]interface{}

func (*AuthContextHttp) GetHeaders

func (context *AuthContextHttp) GetHeaders() map[string]interface{}

func (*AuthContextHttp) GetMethod

func (context *AuthContextHttp) GetMethod() string

type AuthModuleCert

type AuthModuleCert struct {
	// contains filtered or unexported fields
}

func NewAuthModuleCert

func NewAuthModuleCert(env Env, caChain []byte) *AuthModuleCert

func (*AuthModuleCert) CanHandle

func (module *AuthModuleCert) CanHandle(method string) bool

func (*AuthModuleCert) GetFingerprints

func (module *AuthModuleCert) GetFingerprints(ctx AuthContext) (cert.Fingerprints, error)

func (*AuthModuleCert) Process

func (module *AuthModuleCert) Process(context AuthContext) (string, error)

type AuthModuleUpdb

type AuthModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewAuthModuleUpdb

func NewAuthModuleUpdb(env Env) *AuthModuleUpdb

func (*AuthModuleUpdb) CanHandle

func (handler *AuthModuleUpdb) CanHandle(method string) bool

func (*AuthModuleUpdb) Process

func (handler *AuthModuleUpdb) Process(context AuthContext) (string, error)

type AuthProcessor

type AuthProcessor interface {
	CanHandle(method string) bool
	Process(context AuthContext) (string, error)
}

type AuthProcessorRegistryImpl

type AuthProcessorRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*AuthProcessorRegistryImpl) Add

func (registry *AuthProcessorRegistryImpl) Add(processor AuthProcessor)

func (*AuthProcessorRegistryImpl) GetByMethod

func (registry *AuthProcessorRegistryImpl) GetByMethod(method string) AuthProcessor

type AuthRegistry

type AuthRegistry interface {
	Add(method AuthProcessor)
	GetByMethod(method string) AuthProcessor
}

type Authenticator

type Authenticator struct {
	models.BaseEntity
	Method     string
	IdentityId string
	SubType    interface{}
}

func (*Authenticator) Fingerprints

func (entity *Authenticator) Fingerprints() []string

func (*Authenticator) ToCert

func (entity *Authenticator) ToCert() *AuthenticatorCert

func (*Authenticator) ToUpdb

func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb

type AuthenticatorCert

type AuthenticatorCert struct {
	*Authenticator
	Fingerprint string
	Pem         string
}

type AuthenticatorHandler

type AuthenticatorHandler struct {
	// contains filtered or unexported fields
}

func NewAuthenticatorHandler

func NewAuthenticatorHandler(env Env) *AuthenticatorHandler

func (*AuthenticatorHandler) BaseList

func (handler *AuthenticatorHandler) BaseList(query string) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BaseLoad

func (handler *AuthenticatorHandler) BaseLoad(id string) (models.Entity, error)

func (*AuthenticatorHandler) BaseLoadInTx

func (handler *AuthenticatorHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*AuthenticatorHandler) BasePreparedList

func (handler *AuthenticatorHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BasePreparedListAssociated

func (handler *AuthenticatorHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BasePreparedListIndexed

func (handler *AuthenticatorHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) Create

func (handler *AuthenticatorHandler) Create(authenticator *Authenticator) (string, error)

func (AuthenticatorHandler) Delete

func (handler AuthenticatorHandler) Delete(id string) error

func (*AuthenticatorHandler) GetDb

func (handler *AuthenticatorHandler) GetDb() boltz.Db

func (*AuthenticatorHandler) GetEnv

func (handler *AuthenticatorHandler) GetEnv() Env

func (*AuthenticatorHandler) GetStore

func (handler *AuthenticatorHandler) GetStore() boltz.CrudStore

func (AuthenticatorHandler) HashPassword

func (handler AuthenticatorHandler) HashPassword(password string) *HashedPassword

func (AuthenticatorHandler) IsAuthorized

func (handler AuthenticatorHandler) IsAuthorized(authContext AuthContext) (*Identity, error)

func (AuthenticatorHandler) IsUpdated

func (handler AuthenticatorHandler) IsUpdated(field string) bool

func (AuthenticatorHandler) ListForIdentity

func (handler AuthenticatorHandler) ListForIdentity(identityId string, query ast.Query) (*AuthenticatorListQueryResult, error)

func (AuthenticatorHandler) Patch

func (handler AuthenticatorHandler) Patch(authenticator *Authenticator, checker boltz.FieldChecker) error

func (AuthenticatorHandler) PatchSelf

func (handler AuthenticatorHandler) PatchSelf(authenticatorSelf *AuthenticatorSelf, checker boltz.FieldChecker) error

func (AuthenticatorHandler) ReHashPassword

func (handler AuthenticatorHandler) ReHashPassword(password string, salt []byte) *HashedPassword

func (*AuthenticatorHandler) Read

func (handler *AuthenticatorHandler) Read(id string) (*Authenticator, error)

func (AuthenticatorHandler) ReadByFingerprint

func (handler AuthenticatorHandler) ReadByFingerprint(fingerprint string) (*Authenticator, error)

func (AuthenticatorHandler) ReadByUsername

func (handler AuthenticatorHandler) ReadByUsername(username string) (*Authenticator, error)

func (AuthenticatorHandler) ReadFingerprints

func (handler AuthenticatorHandler) ReadFingerprints(authenticatorId string) ([]string, error)

func (AuthenticatorHandler) ReadForIdentity

func (handler AuthenticatorHandler) ReadForIdentity(identityId string, authenticatorId string) (*Authenticator, error)

func (AuthenticatorHandler) Update

func (handler AuthenticatorHandler) Update(authenticator *Authenticator) error

func (AuthenticatorHandler) UpdateSelf

func (handler AuthenticatorHandler) UpdateSelf(authenticatorSelf *AuthenticatorSelf) error

type AuthenticatorListQueryResult

type AuthenticatorListQueryResult struct {
	*models.EntityListResult
	Authenticators []*Authenticator
}

type AuthenticatorSelf

type AuthenticatorSelf struct {
	models.BaseEntity
	CurrentPassword string
	NewPassword     string
	IdentityId      string
	Username        string
}

type AuthenticatorUpdb

type AuthenticatorUpdb struct {
	*Authenticator
	Username string
	Password string
	Salt     string
}

func (*AuthenticatorUpdb) DecodedSalt

func (au *AuthenticatorUpdb) DecodedSalt() []byte

type Ca

type Ca struct {
	models.BaseEntity
	Name                      string
	Fingerprint               string
	CertPem                   string
	IsVerified                bool
	VerificationToken         string
	IsAutoCaEnrollmentEnabled bool
	IsOttCaEnrollmentEnabled  bool
	IsAuthEnabled             bool
	IdentityRoles             []string
	IdentityNameFormat        string
}

type CaHandler

type CaHandler struct {
	// contains filtered or unexported fields
}

func NewCaHandler

func NewCaHandler(env Env) *CaHandler

func (*CaHandler) BaseList

func (handler *CaHandler) BaseList(query string) (*models.EntityListResult, error)

func (*CaHandler) BaseLoad

func (handler *CaHandler) BaseLoad(id string) (models.Entity, error)

func (*CaHandler) BaseLoadInTx

func (handler *CaHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*CaHandler) BasePreparedList

func (handler *CaHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) BasePreparedListAssociated

func (handler *CaHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) BasePreparedListIndexed

func (handler *CaHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) Create

func (handler *CaHandler) Create(caModel *Ca) (string, error)

func (*CaHandler) Delete

func (handler *CaHandler) Delete(id string) error

func (*CaHandler) GetDb

func (handler *CaHandler) GetDb() boltz.Db

func (*CaHandler) GetEnv

func (handler *CaHandler) GetEnv() Env

func (*CaHandler) GetStore

func (handler *CaHandler) GetStore() boltz.CrudStore

func (*CaHandler) IsUpdated

func (handler *CaHandler) IsUpdated(field string) bool

func (*CaHandler) Patch

func (handler *CaHandler) Patch(ca *Ca, checker boltz.FieldChecker) error

func (*CaHandler) Query

func (handler *CaHandler) Query(query string) (*CaListResult, error)

func (*CaHandler) Read

func (handler *CaHandler) Read(id string) (*Ca, error)

func (*CaHandler) Stream added in v0.16.19

func (handler *CaHandler) Stream(query string, collect func(*Ca, error) error) error

func (*CaHandler) Update

func (handler *CaHandler) Update(ca *Ca) error

func (*CaHandler) Verified

func (handler *CaHandler) Verified(ca *Ca) error

type CaListResult

type CaListResult struct {
	Cas []*Ca
	models.QueryMetaData
	// contains filtered or unexported fields
}

type Config

type Config struct {
	models.BaseEntity
	Name   string
	TypeId string
	Data   map[string]interface{}
}

type ConfigHandler

type ConfigHandler struct {
	// contains filtered or unexported fields
}

func NewConfigHandler

func NewConfigHandler(env Env) *ConfigHandler

func (*ConfigHandler) BaseList

func (handler *ConfigHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ConfigHandler) BaseLoad

func (handler *ConfigHandler) BaseLoad(id string) (models.Entity, error)

func (*ConfigHandler) BaseLoadInTx

func (handler *ConfigHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigHandler) BasePreparedList

func (handler *ConfigHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) BasePreparedListAssociated

func (handler *ConfigHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) BasePreparedListIndexed

func (handler *ConfigHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) Create

func (handler *ConfigHandler) Create(config *Config) (string, error)

func (*ConfigHandler) Delete

func (handler *ConfigHandler) Delete(id string) error

func (*ConfigHandler) GetDb

func (handler *ConfigHandler) GetDb() boltz.Db

func (*ConfigHandler) GetEnv

func (handler *ConfigHandler) GetEnv() Env

func (*ConfigHandler) GetStore

func (handler *ConfigHandler) GetStore() boltz.CrudStore

func (*ConfigHandler) IsUpdated

func (handler *ConfigHandler) IsUpdated(field string) bool

func (*ConfigHandler) Patch

func (handler *ConfigHandler) Patch(config *Config, checker boltz.FieldChecker) error

func (*ConfigHandler) Read

func (handler *ConfigHandler) Read(id string) (*Config, error)

func (*ConfigHandler) Update

func (handler *ConfigHandler) Update(config *Config) error

type ConfigListResult

type ConfigListResult struct {
	Configs []*Config
	models.QueryMetaData
}

type ConfigType

type ConfigType struct {
	models.BaseEntity
	Name   string
	Schema map[string]interface{}
}

func (*ConfigType) GetCompiledSchema

func (entity *ConfigType) GetCompiledSchema() (*gojsonschema.Schema, error)

type ConfigTypeHandler

type ConfigTypeHandler struct {
	// contains filtered or unexported fields
}

func NewConfigTypeHandler

func NewConfigTypeHandler(env Env) *ConfigTypeHandler

func (*ConfigTypeHandler) BaseList

func (handler *ConfigTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BaseLoad

func (handler *ConfigTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*ConfigTypeHandler) BaseLoadInTx

func (handler *ConfigTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigTypeHandler) BasePreparedList

func (handler *ConfigTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BasePreparedListAssociated

func (handler *ConfigTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BasePreparedListIndexed

func (handler *ConfigTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) Create

func (handler *ConfigTypeHandler) Create(configType *ConfigType) (string, error)

func (*ConfigTypeHandler) Delete

func (handler *ConfigTypeHandler) Delete(id string) error

func (*ConfigTypeHandler) GetDb

func (handler *ConfigTypeHandler) GetDb() boltz.Db

func (*ConfigTypeHandler) GetEnv

func (handler *ConfigTypeHandler) GetEnv() Env

func (*ConfigTypeHandler) GetStore

func (handler *ConfigTypeHandler) GetStore() boltz.CrudStore

func (*ConfigTypeHandler) MapConfigTypeNamesToIds added in v0.19.36

func (handler *ConfigTypeHandler) MapConfigTypeNamesToIds(values []string, identityId string) map[string]struct{}

func (*ConfigTypeHandler) Patch

func (handler *ConfigTypeHandler) Patch(configType *ConfigType, checker boltz.FieldChecker) error

func (*ConfigTypeHandler) Read

func (handler *ConfigTypeHandler) Read(id string) (*ConfigType, error)

func (*ConfigTypeHandler) ReadByName

func (handler *ConfigTypeHandler) ReadByName(name string) (*ConfigType, error)

func (*ConfigTypeHandler) Update

func (handler *ConfigTypeHandler) Update(configType *ConfigType) error

type EdgeRouter

type EdgeRouter struct {
	models.BaseEntity
	Name                string
	RoleAttributes      []string
	IsVerified          bool
	Fingerprint         *string
	CertPem             *string
	Hostname            *string
	EdgeRouterProtocols map[string]string
	VersionInfo         *common.VersionInfo
	IsTunnelerEnabled   bool
	AppData             map[string]interface{}
}

type EdgeRouterHandler

type EdgeRouterHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterHandler

func NewEdgeRouterHandler(env Env) *EdgeRouterHandler

func (*EdgeRouterHandler) BaseList

func (handler *EdgeRouterHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BaseLoad

func (handler *EdgeRouterHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterHandler) BaseLoadInTx

func (handler *EdgeRouterHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterHandler) BasePreparedList

func (handler *EdgeRouterHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BasePreparedListAssociated

func (handler *EdgeRouterHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BasePreparedListIndexed

func (handler *EdgeRouterHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) CollectEnrollments

func (handler *EdgeRouterHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*EdgeRouterHandler) Create

func (handler *EdgeRouterHandler) Create(modelEntity *EdgeRouter) (string, error)

func (*EdgeRouterHandler) CreateWithEnrollment

func (handler *EdgeRouterHandler) CreateWithEnrollment(edgeRouter *EdgeRouter, enrollment *Enrollment) (string, string, error)

func (*EdgeRouterHandler) Delete

func (handler *EdgeRouterHandler) Delete(id string) error

func (*EdgeRouterHandler) ExtendEnrollment added in v0.19.81

func (handler *EdgeRouterHandler) ExtendEnrollment(router *EdgeRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*EdgeRouterHandler) GetDb

func (handler *EdgeRouterHandler) GetDb() boltz.Db

func (*EdgeRouterHandler) GetEnv

func (handler *EdgeRouterHandler) GetEnv() Env

func (*EdgeRouterHandler) GetStore

func (handler *EdgeRouterHandler) GetStore() boltz.CrudStore

func (*EdgeRouterHandler) ListForIdentityAndService added in v0.19.40

func (handler *EdgeRouterHandler) ListForIdentityAndService(identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) ListForIdentityAndServiceWithTx

func (handler *EdgeRouterHandler) ListForIdentityAndServiceWithTx(tx *bbolt.Tx, identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) ListForSession

func (handler *EdgeRouterHandler) ListForSession(sessionId string) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) Patch

func (handler *EdgeRouterHandler) Patch(modelEntity *EdgeRouter, checker boltz.FieldChecker) error

func (*EdgeRouterHandler) PatchUnrestricted added in v0.19.81

func (handler *EdgeRouterHandler) PatchUnrestricted(modelEntity *EdgeRouter, checker boltz.FieldChecker) error

func (*EdgeRouterHandler) Query

func (handler *EdgeRouterHandler) Query(query string) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) QueryRoleAttributes

func (handler *EdgeRouterHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeRouterHandler) Read

func (handler *EdgeRouterHandler) Read(id string) (*EdgeRouter, error)

func (*EdgeRouterHandler) ReadOneByFingerprint

func (handler *EdgeRouterHandler) ReadOneByFingerprint(fingerprint string) (*EdgeRouter, error)

func (*EdgeRouterHandler) ReadOneByQuery

func (handler *EdgeRouterHandler) ReadOneByQuery(query string) (*EdgeRouter, error)

func (*EdgeRouterHandler) Update

func (handler *EdgeRouterHandler) Update(modelEntity *EdgeRouter, restrictFields bool) error

type EdgeRouterListResult

type EdgeRouterListResult struct {
	EdgeRouters []*EdgeRouter
	models.QueryMetaData
	// contains filtered or unexported fields
}

type EdgeRouterPolicy

type EdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	IdentityRoles   []string
	EdgeRouterRoles []string
}

type EdgeRouterPolicyHandler

type EdgeRouterPolicyHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterPolicyHandler

func NewEdgeRouterPolicyHandler(env Env) *EdgeRouterPolicyHandler

func (*EdgeRouterPolicyHandler) BaseList

func (handler *EdgeRouterPolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BaseLoad

func (handler *EdgeRouterPolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterPolicyHandler) BaseLoadInTx

func (handler *EdgeRouterPolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterPolicyHandler) BasePreparedList

func (handler *EdgeRouterPolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BasePreparedListAssociated

func (handler *EdgeRouterPolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BasePreparedListIndexed

func (handler *EdgeRouterPolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) Create

func (handler *EdgeRouterPolicyHandler) Create(edgeRouterPolicy *EdgeRouterPolicy) (string, error)

func (*EdgeRouterPolicyHandler) Delete

func (handler *EdgeRouterPolicyHandler) Delete(id string) error

func (*EdgeRouterPolicyHandler) GetDb

func (handler *EdgeRouterPolicyHandler) GetDb() boltz.Db

func (*EdgeRouterPolicyHandler) GetEnv

func (handler *EdgeRouterPolicyHandler) GetEnv() Env

func (*EdgeRouterPolicyHandler) GetStore

func (handler *EdgeRouterPolicyHandler) GetStore() boltz.CrudStore

func (*EdgeRouterPolicyHandler) Patch

func (handler *EdgeRouterPolicyHandler) Patch(edgeRouterPolicy *EdgeRouterPolicy, checker boltz.FieldChecker) error

func (*EdgeRouterPolicyHandler) Read

func (handler *EdgeRouterPolicyHandler) Read(id string) (*EdgeRouterPolicy, error)

func (*EdgeRouterPolicyHandler) Update

func (handler *EdgeRouterPolicyHandler) Update(edgeRouterPolicy *EdgeRouterPolicy) error

type EdgeRouterPolicyListResult

type EdgeRouterPolicyListResult struct {
	EdgeRouterPolicies []*EdgeRouterPolicy
	models.QueryMetaData
}

type EdgeServiceHandler

type EdgeServiceHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeServiceHandler

func NewEdgeServiceHandler(env Env) *EdgeServiceHandler

func (*EdgeServiceHandler) BaseList

func (handler *EdgeServiceHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BaseLoad

func (handler *EdgeServiceHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeServiceHandler) BaseLoadInTx

func (handler *EdgeServiceHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeServiceHandler) BasePreparedList

func (handler *EdgeServiceHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BasePreparedListAssociated

func (handler *EdgeServiceHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BasePreparedListIndexed

func (handler *EdgeServiceHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) Create

func (handler *EdgeServiceHandler) Create(service *Service) (string, error)

func (*EdgeServiceHandler) Delete

func (handler *EdgeServiceHandler) Delete(id string) error

func (*EdgeServiceHandler) GetDb

func (handler *EdgeServiceHandler) GetDb() boltz.Db

func (*EdgeServiceHandler) GetEnv

func (handler *EdgeServiceHandler) GetEnv() Env

func (*EdgeServiceHandler) GetPolicyPostureChecks added in v0.19.79

func (handler *EdgeServiceHandler) GetPolicyPostureChecks(identityId, serviceId string) map[string]*PolicyPostureChecks

func (*EdgeServiceHandler) GetStore

func (handler *EdgeServiceHandler) GetStore() boltz.CrudStore

func (*EdgeServiceHandler) Patch

func (handler *EdgeServiceHandler) Patch(service *Service, checker boltz.FieldChecker) error

func (*EdgeServiceHandler) PublicQueryForIdentity

func (handler *EdgeServiceHandler) PublicQueryForIdentity(sessionIdentity *Identity, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceHandler) QueryForIdentity

func (handler *EdgeServiceHandler) QueryForIdentity(identityId string, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceHandler) QueryRoleAttributes

func (handler *EdgeServiceHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeServiceHandler) Read

func (handler *EdgeServiceHandler) Read(id string) (*Service, error)

func (*EdgeServiceHandler) ReadByName added in v0.19.36

func (handler *EdgeServiceHandler) ReadByName(name string) (*Service, error)

func (*EdgeServiceHandler) ReadForIdentity

func (handler *EdgeServiceHandler) ReadForIdentity(id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceHandler) ReadForIdentityInTx

func (handler *EdgeServiceHandler) ReadForIdentityInTx(tx *bbolt.Tx, id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceHandler) ReadForNonAdminIdentityInTx added in v0.15.15

func (handler *EdgeServiceHandler) ReadForNonAdminIdentityInTx(tx *bbolt.Tx, id string, identityId string) (*ServiceDetail, error)

func (*EdgeServiceHandler) Update

func (handler *EdgeServiceHandler) Update(service *Service) error

type EnrollModuleCa

type EnrollModuleCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleCa

func NewEnrollModuleCa(env Env) *EnrollModuleCa

func (*EnrollModuleCa) CanHandle

func (module *EnrollModuleCa) CanHandle(method string) bool

func (*EnrollModuleCa) Process

func (module *EnrollModuleCa) Process(context EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleEr

type EnrollModuleEr struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleEdgeRouterOtt

func NewEnrollModuleEdgeRouterOtt(env Env) *EnrollModuleEr

func (*EnrollModuleEr) CanHandle

func (module *EnrollModuleEr) CanHandle(method string) bool

func (*EnrollModuleEr) Process

func (module *EnrollModuleEr) Process(context EnrollmentContext) (*EnrollmentResult, error)

func (*EnrollModuleEr) ProcessClientCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessClientCsrPem(clientCertCsrPem []byte, edgeRouterId string) ([]byte, error)

func (*EnrollModuleEr) ProcessServerCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessServerCsrPem(serverCertCsrPem []byte) ([]byte, error)

type EnrollModuleOtt

type EnrollModuleOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOtt

func NewEnrollModuleOtt(env Env) *EnrollModuleOtt

func (*EnrollModuleOtt) CanHandle

func (module *EnrollModuleOtt) CanHandle(method string) bool

func (*EnrollModuleOtt) Process

func (module *EnrollModuleOtt) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleOttCa

type EnrollModuleOttCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOttCa

func NewEnrollModuleOttCa(env Env) *EnrollModuleOttCa

func (*EnrollModuleOttCa) CanHandle

func (module *EnrollModuleOttCa) CanHandle(method string) bool

func (*EnrollModuleOttCa) Process

func (module *EnrollModuleOttCa) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleRouterOtt

type EnrollModuleRouterOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleTransitRouterOtt

func NewEnrollModuleTransitRouterOtt(env Env) *EnrollModuleRouterOtt

func (*EnrollModuleRouterOtt) CanHandle

func (module *EnrollModuleRouterOtt) CanHandle(method string) bool

func (*EnrollModuleRouterOtt) Process

func (module *EnrollModuleRouterOtt) Process(context EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleUpdb

type EnrollModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleUpdb

func NewEnrollModuleUpdb(env Env) *EnrollModuleUpdb

func (*EnrollModuleUpdb) CanHandle

func (module *EnrollModuleUpdb) CanHandle(method string) bool

func (*EnrollModuleUpdb) Process

func (module *EnrollModuleUpdb) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type Enrollment

type Enrollment struct {
	models.BaseEntity
	Method          string
	IdentityId      *string
	TransitRouterId *string
	EdgeRouterId    *string
	Token           string
	IssuedAt        *time.Time
	ExpiresAt       *time.Time
	Jwt             string
	CaId            *string
	Username        *string
}

func (*Enrollment) FillJwtInfo

func (entity *Enrollment) FillJwtInfo(env Env, subject string) error

type EnrollmentContext

type EnrollmentContext interface {
	GetParameters() map[string]interface{}
	GetToken() string
	GetData() interface{}
	GetDataAsMap() map[string]interface{}
	GetDataAsByteArray() []byte
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
	GetMethod() string
}

type EnrollmentContextHttp

type EnrollmentContextHttp struct {
	Headers    map[string]interface{}
	Parameters map[string]interface{}
	Data       interface{}
	Certs      []*x509.Certificate
	Token      string
	Method     string
}

func (*EnrollmentContextHttp) FillFromHttpRequest

func (context *EnrollmentContextHttp) FillFromHttpRequest(request *http.Request) error

func (*EnrollmentContextHttp) GetCerts

func (context *EnrollmentContextHttp) GetCerts() []*x509.Certificate

func (*EnrollmentContextHttp) GetData

func (context *EnrollmentContextHttp) GetData() interface{}

func (*EnrollmentContextHttp) GetDataAsByteArray

func (context *EnrollmentContextHttp) GetDataAsByteArray() []byte

func (*EnrollmentContextHttp) GetDataAsMap

func (context *EnrollmentContextHttp) GetDataAsMap() map[string]interface{}

func (*EnrollmentContextHttp) GetHeaders

func (context *EnrollmentContextHttp) GetHeaders() map[string]interface{}

func (*EnrollmentContextHttp) GetMethod

func (context *EnrollmentContextHttp) GetMethod() string

func (*EnrollmentContextHttp) GetParameters

func (context *EnrollmentContextHttp) GetParameters() map[string]interface{}

func (*EnrollmentContextHttp) GetToken

func (context *EnrollmentContextHttp) GetToken() string

type EnrollmentHandler

type EnrollmentHandler struct {
	// contains filtered or unexported fields
}

func NewEnrollmentHandler

func NewEnrollmentHandler(env Env) *EnrollmentHandler

func (*EnrollmentHandler) BaseList

func (handler *EnrollmentHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EnrollmentHandler) BaseLoad

func (handler *EnrollmentHandler) BaseLoad(id string) (models.Entity, error)

func (*EnrollmentHandler) BaseLoadInTx

func (handler *EnrollmentHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EnrollmentHandler) BasePreparedList

func (handler *EnrollmentHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) BasePreparedListAssociated

func (handler *EnrollmentHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) BasePreparedListIndexed

func (handler *EnrollmentHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) Delete

func (handler *EnrollmentHandler) Delete(id string) error

func (*EnrollmentHandler) Enroll

func (handler *EnrollmentHandler) Enroll(ctx EnrollmentContext) (*EnrollmentResult, error)

func (*EnrollmentHandler) GetDb

func (handler *EnrollmentHandler) GetDb() boltz.Db

func (*EnrollmentHandler) GetEnv

func (handler *EnrollmentHandler) GetEnv() Env

func (*EnrollmentHandler) GetStore

func (handler *EnrollmentHandler) GetStore() boltz.CrudStore

func (*EnrollmentHandler) Read

func (handler *EnrollmentHandler) Read(id string) (*Enrollment, error)

func (*EnrollmentHandler) ReadByToken

func (handler *EnrollmentHandler) ReadByToken(token string) (*Enrollment, error)

func (*EnrollmentHandler) ReplaceWithAuthenticator

func (handler *EnrollmentHandler) ReplaceWithAuthenticator(enrollmentId string, authenticator *Authenticator) error

type EnrollmentProcessor

type EnrollmentProcessor interface {
	CanHandle(method string) bool
	Process(context EnrollmentContext) (*EnrollmentResult, error)
}

type EnrollmentRegistry

type EnrollmentRegistry interface {
	Add(method EnrollmentProcessor)
	GetByMethod(method string) EnrollmentProcessor
}

type EnrollmentRegistryImpl

type EnrollmentRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*EnrollmentRegistryImpl) Add

func (registry *EnrollmentRegistryImpl) Add(processor EnrollmentProcessor)

func (*EnrollmentRegistryImpl) GetByMethod

func (registry *EnrollmentRegistryImpl) GetByMethod(method string) EnrollmentProcessor

type EnrollmentResult

type EnrollmentResult struct {
	Identity      *Identity
	Authenticator *Authenticator
	Content       interface{}
	TextContent   []byte
	Producer      runtime.Producer
	Status        int
}

type Env

type Env interface {
	GetHandlers() *Handlers
	GetConfig() *config.Config
	GetJwtSigner() jwtsigner.Signer
	GetDbProvider() persistence.DbProvider
	GetStores() *persistence.Stores
	GetAuthRegistry() AuthRegistry
	GetEnrollRegistry() EnrollmentRegistry
	GetApiClientCsrSigner() cert.Signer
	GetApiServerCsrSigner() cert.Signer
	GetControlClientCsrSigner() cert.Signer
	GetHostController() HostController
	IsEdgeRouterOnline(id string) bool
	GetMetricsRegistry() metrics.Registry
	GetFingerprintGenerator() cert.FingerprintGenerator
	HandleServiceUpdatedEventForIdentityId(identityId string)
}

type EnvInfo

type EnvInfo struct {
	Arch      string
	Os        string
	OsRelease string
	OsVersion string
}

type EventLog

type EventLog struct {
	models.BaseEntity
	Type             string
	ActorType        string
	ActorId          string
	EntityType       string
	EntityId         string
	FormattedMessage string
	FormatString     string
	FormatData       string
	Data             map[string]interface{}
}

type EventLogHandler

type EventLogHandler struct {
	// contains filtered or unexported fields
}

func NewEventLogHandler

func NewEventLogHandler(env Env) *EventLogHandler

func (*EventLogHandler) BaseList

func (handler *EventLogHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EventLogHandler) BaseLoad

func (handler *EventLogHandler) BaseLoad(id string) (models.Entity, error)

func (*EventLogHandler) BaseLoadInTx

func (handler *EventLogHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EventLogHandler) BasePreparedList

func (handler *EventLogHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) BasePreparedListAssociated

func (handler *EventLogHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) BasePreparedListIndexed

func (handler *EventLogHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) Create

func (handler *EventLogHandler) Create(entity *EventLog) (string, error)

func (*EventLogHandler) GetDb

func (handler *EventLogHandler) GetDb() boltz.Db

func (*EventLogHandler) GetEnv

func (handler *EventLogHandler) GetEnv() Env

func (*EventLogHandler) GetStore

func (handler *EventLogHandler) GetStore() boltz.CrudStore

type ExtendedCerts added in v0.19.81

type ExtendedCerts struct {
	RawClientCert []byte
	RawServerCert []byte
}

type Formatter

type Formatter struct {
	// contains filtered or unexported fields
}

func NewFormatter

func NewFormatter(symbols map[string]string) *Formatter

func NewIdentityNameFormatter

func NewIdentityNameFormatter(ca *Ca, clientCert *x509.Certificate, identityName, identityId string) *Formatter

func (*Formatter) Format

func (formatter *Formatter) Format(name string) string

type GeoRegion

type GeoRegion struct {
	models.BaseEntity
	Name string `json:"name"`
}

type GeoRegionHandler

type GeoRegionHandler struct {
	// contains filtered or unexported fields
}

func NewGeoRegionHandler

func NewGeoRegionHandler(env Env) *GeoRegionHandler

func (*GeoRegionHandler) BaseList

func (handler *GeoRegionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*GeoRegionHandler) BaseLoad

func (handler *GeoRegionHandler) BaseLoad(id string) (models.Entity, error)

func (*GeoRegionHandler) BaseLoadInTx

func (handler *GeoRegionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*GeoRegionHandler) BasePreparedList

func (handler *GeoRegionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) BasePreparedListAssociated

func (handler *GeoRegionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) BasePreparedListIndexed

func (handler *GeoRegionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) Create

func (handler *GeoRegionHandler) Create(geoRegionModel *GeoRegion) (string, error)

func (*GeoRegionHandler) Delete

func (handler *GeoRegionHandler) Delete(id string) error

func (*GeoRegionHandler) GetDb

func (handler *GeoRegionHandler) GetDb() boltz.Db

func (*GeoRegionHandler) GetEnv

func (handler *GeoRegionHandler) GetEnv() Env

func (*GeoRegionHandler) GetStore

func (handler *GeoRegionHandler) GetStore() boltz.CrudStore

type Handler

type Handler interface {
	models.EntityRetriever

	GetEnv() Env
	// contains filtered or unexported methods
}

type Handlers

type Handlers struct {
	// fabric
	Router     *network.RouterController
	Service    *network.ServiceController
	Terminator *network.TerminatorController

	// edge
	ApiSession              *ApiSessionHandler
	ApiSessionCertificate   *ApiSessionCertificateHandler
	Ca                      *CaHandler
	Config                  *ConfigHandler
	ConfigType              *ConfigTypeHandler
	EdgeRouter              *EdgeRouterHandler
	EdgeRouterPolicy        *EdgeRouterPolicyHandler
	EdgeService             *EdgeServiceHandler
	EventLog                *EventLogHandler
	GeoRegion               *GeoRegionHandler
	Identity                *IdentityHandler
	IdentityType            *IdentityTypeHandler
	PolicyAdvisor           *PolicyAdvisor
	ServiceEdgeRouterPolicy *ServiceEdgeRouterPolicyHandler
	ServicePolicy           *ServicePolicyHandler
	TransitRouter           *TransitRouterHandler
	Session                 *SessionHandler
	Authenticator           *AuthenticatorHandler
	Enrollment              *EnrollmentHandler
	PostureCheck            *PostureCheckHandler
	PostureCheckType        *PostureCheckTypeHandler
	PostureResponse         *PostureResponseHandler
	Mfa                     *MfaHandler
}

func InitHandlers

func InitHandlers(env Env) *Handlers

type HashedPassword

type HashedPassword struct {
	RawResult *crypto.HashResult //raw byte hash results
	Salt      string             //base64 encoded hash
	Password  string             //base64 encoded hash
}

type Heartbeat added in v0.19.39

type Heartbeat struct {
	ApiSessionId   string
	LastActivityAt time.Time
}

type HeartbeatCollector added in v0.19.39

type HeartbeatCollector struct {
	// contains filtered or unexported fields
}

func NewHeartbeatCollector added in v0.19.39

func NewHeartbeatCollector(env Env, batchSize int, updateInterval time.Duration, action func([]*Heartbeat)) *HeartbeatCollector

Creates a new HeartbeatCollector which is used to manage situations where an SDK is connecting to multiiple Edge Routers and making API calls that all update their last updated at and trigger a write. The heartbeat collector aggregates all of those calls into a single write and acts as an in memory buffer for last update times.

func (*HeartbeatCollector) LastAccessedAt added in v0.19.39

func (self *HeartbeatCollector) LastAccessedAt(apiSessionId string) (time.Time, bool)

func (*HeartbeatCollector) Mark added in v0.19.39

func (self *HeartbeatCollector) Mark(apiSessionId string)

func (*HeartbeatCollector) Remove added in v0.19.39

func (self *HeartbeatCollector) Remove(id string)

func (*HeartbeatCollector) Start added in v0.19.39

func (self *HeartbeatCollector) Start()

func (*HeartbeatCollector) Stop added in v0.19.39

func (self *HeartbeatCollector) Stop()

type HeartbeatStatus added in v0.19.39

type HeartbeatStatus struct {
	// contains filtered or unexported fields
}

type HostController

type HostController interface {
	GetNetwork() *network.Network
	Shutdown()
	GetCloseNotifyChannel() <-chan struct{}
}

type Identity

type Identity struct {
	models.BaseEntity
	Name                      string
	IdentityTypeId            string
	IsDefaultAdmin            bool
	IsAdmin                   bool
	RoleAttributes            []string
	EnvInfo                   *EnvInfo
	SdkInfo                   *SdkInfo
	HasHeartbeat              bool
	DefaultHostingPrecedence  ziti.Precedence
	DefaultHostingCost        uint16
	ServiceHostingPrecedences map[string]ziti.Precedence
	ServiceHostingCosts       map[string]uint16
	AppData                   map[string]interface{}
}

type IdentityHandler

type IdentityHandler struct {
	// contains filtered or unexported fields
}

func NewIdentityHandler

func NewIdentityHandler(env Env) *IdentityHandler

func (*IdentityHandler) AssignServiceConfigs

func (handler *IdentityHandler) AssignServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityHandler) BaseList

func (handler *IdentityHandler) BaseList(query string) (*models.EntityListResult, error)

func (*IdentityHandler) BaseLoad

func (handler *IdentityHandler) BaseLoad(id string) (models.Entity, error)

func (*IdentityHandler) BaseLoadInTx

func (handler *IdentityHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityHandler) BasePreparedList

func (handler *IdentityHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) BasePreparedListAssociated

func (handler *IdentityHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) BasePreparedListIndexed

func (handler *IdentityHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) CollectAuthenticators

func (handler *IdentityHandler) CollectAuthenticators(id string, collector func(entity *Authenticator) error) error

func (*IdentityHandler) CollectEnrollments

func (handler *IdentityHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*IdentityHandler) Create

func (handler *IdentityHandler) Create(identityModel *Identity) (string, error)

func (*IdentityHandler) CreateWithAuthenticator

func (handler *IdentityHandler) CreateWithAuthenticator(identity *Identity, authenticator *Authenticator) (string, string, error)

func (*IdentityHandler) CreateWithEnrollments

func (handler *IdentityHandler) CreateWithEnrollments(identityModel *Identity, enrollmentsModels []*Enrollment) (string, []string, error)

func (*IdentityHandler) Delete

func (handler *IdentityHandler) Delete(id string) error

func (*IdentityHandler) GetDb

func (handler *IdentityHandler) GetDb() boltz.Db

func (*IdentityHandler) GetEnv

func (handler *IdentityHandler) GetEnv() Env

func (*IdentityHandler) GetServiceConfigs

func (handler *IdentityHandler) GetServiceConfigs(id string) ([]ServiceConfig, error)

func (*IdentityHandler) GetStore

func (handler *IdentityHandler) GetStore() boltz.CrudStore

func (*IdentityHandler) InitializeDefaultAdmin

func (handler *IdentityHandler) InitializeDefaultAdmin(username, password, name string) error

func (*IdentityHandler) IsActive added in v0.17.8

func (handler *IdentityHandler) IsActive(id string) bool

func (IdentityHandler) IsUpdated

func (handler IdentityHandler) IsUpdated(field string) bool

func (*IdentityHandler) Patch

func (handler *IdentityHandler) Patch(identity *Identity, checker boltz.FieldChecker) error

func (*IdentityHandler) PatchInfo

func (handler *IdentityHandler) PatchInfo(identity *Identity) error

func (*IdentityHandler) QueryRoleAttributes

func (handler *IdentityHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*IdentityHandler) Read

func (handler *IdentityHandler) Read(id string) (*Identity, error)

func (*IdentityHandler) ReadByName added in v0.19.36

func (handler *IdentityHandler) ReadByName(name string) (*Identity, error)

func (*IdentityHandler) ReadDefaultAdmin

func (handler *IdentityHandler) ReadDefaultAdmin() (*Identity, error)

func (*IdentityHandler) ReadOneByQuery

func (handler *IdentityHandler) ReadOneByQuery(query string) (*Identity, error)

func (*IdentityHandler) RemoveServiceConfigs

func (handler *IdentityHandler) RemoveServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityHandler) SetActive added in v0.17.8

func (handler *IdentityHandler) SetActive(id string)

func (*IdentityHandler) Update

func (handler *IdentityHandler) Update(identity *Identity) error

func (*IdentityHandler) VisitIdentityAuthenticatorFingerprints added in v0.19.0

func (handler *IdentityHandler) VisitIdentityAuthenticatorFingerprints(tx *bbolt.Tx, identityId string, visitor func(string) bool) (bool, error)

type IdentityType

type IdentityType struct {
	models.BaseEntity
	Name string `json:"name"`
}

type IdentityTypeHandler

type IdentityTypeHandler struct {
	// contains filtered or unexported fields
}

func NewIdentityTypeHandler

func NewIdentityTypeHandler(env Env) *IdentityTypeHandler

func (*IdentityTypeHandler) BaseList

func (handler *IdentityTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BaseLoad

func (handler *IdentityTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*IdentityTypeHandler) BaseLoadInTx

func (handler *IdentityTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityTypeHandler) BasePreparedList

func (handler *IdentityTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BasePreparedListAssociated

func (handler *IdentityTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BasePreparedListIndexed

func (handler *IdentityTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) Create

func (handler *IdentityTypeHandler) Create(IdentityTypeModel *IdentityType) (string, error)

func (*IdentityTypeHandler) Delete

func (handler *IdentityTypeHandler) Delete(id string) error

func (*IdentityTypeHandler) GetDb

func (handler *IdentityTypeHandler) GetDb() boltz.Db

func (*IdentityTypeHandler) GetEnv

func (handler *IdentityTypeHandler) GetEnv() Env

func (*IdentityTypeHandler) GetStore

func (handler *IdentityTypeHandler) GetStore() boltz.CrudStore

func (*IdentityTypeHandler) Read

func (handler *IdentityTypeHandler) Read(id string) (*IdentityType, error)

func (*IdentityTypeHandler) ReadByIdOrName

func (handler *IdentityTypeHandler) ReadByIdOrName(idOrName string) (*IdentityType, error)

func (*IdentityTypeHandler) ReadByName

func (handler *IdentityTypeHandler) ReadByName(name string) (*IdentityType, error)

type Mfa added in v0.17.52

type Mfa struct {
	models.BaseEntity
	IsVerified    bool
	IdentityId    string
	Identity      *Identity
	Secret        string
	RecoveryCodes []string
}

type MfaHandler added in v0.17.52

type MfaHandler struct {
	// contains filtered or unexported fields
}

func NewMfaHandler added in v0.17.52

func NewMfaHandler(env Env) *MfaHandler

func (*MfaHandler) BaseList added in v0.17.52

func (handler *MfaHandler) BaseList(query string) (*models.EntityListResult, error)

func (*MfaHandler) BaseLoad added in v0.17.52

func (handler *MfaHandler) BaseLoad(id string) (models.Entity, error)

func (*MfaHandler) BaseLoadInTx added in v0.17.52

func (handler *MfaHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*MfaHandler) BasePreparedList added in v0.17.52

func (handler *MfaHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) BasePreparedListAssociated added in v0.17.52

func (handler *MfaHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) BasePreparedListIndexed added in v0.17.52

func (handler *MfaHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) Create added in v0.17.52

func (handler *MfaHandler) Create(entity *Mfa) (string, error)

func (*MfaHandler) CreateForIdentity added in v0.17.52

func (handler *MfaHandler) CreateForIdentity(identity *Identity) (string, error)

func (*MfaHandler) Delete added in v0.17.52

func (handler *MfaHandler) Delete(id string) error

func (*MfaHandler) DeleteForIdentity added in v0.17.52

func (handler *MfaHandler) DeleteForIdentity(identity *Identity, code string) error

func (*MfaHandler) GetDb added in v0.17.52

func (handler *MfaHandler) GetDb() boltz.Db

func (*MfaHandler) GetEnv added in v0.17.52

func (handler *MfaHandler) GetEnv() Env

func (*MfaHandler) GetProvisioningUrl added in v0.17.52

func (handler *MfaHandler) GetProvisioningUrl(mfa *Mfa) string

func (*MfaHandler) GetStore added in v0.17.52

func (handler *MfaHandler) GetStore() boltz.CrudStore

func (*MfaHandler) IsUpdated added in v0.17.52

func (handler *MfaHandler) IsUpdated(field string) bool

func (*MfaHandler) QrCodePng added in v0.17.52

func (handler *MfaHandler) QrCodePng(mfa *Mfa) ([]byte, error)

func (*MfaHandler) Query added in v0.17.52

func (handler *MfaHandler) Query(query string) (*MfaListResult, error)

func (*MfaHandler) Read added in v0.17.52

func (handler *MfaHandler) Read(id string) (*Mfa, error)

func (*MfaHandler) ReadByIdentityId added in v0.17.52

func (handler *MfaHandler) ReadByIdentityId(identityId string) (*Mfa, error)

func (*MfaHandler) RecreateRecoveryCodes added in v0.17.52

func (handler *MfaHandler) RecreateRecoveryCodes(mfa *Mfa) error

func (*MfaHandler) Update added in v0.17.52

func (handler *MfaHandler) Update(Mfa *Mfa) error

func (*MfaHandler) Verify added in v0.17.52

func (handler *MfaHandler) Verify(mfa *Mfa, code string) (bool, error)

func (*MfaHandler) VerifyTOTP added in v0.17.52

func (handler *MfaHandler) VerifyTOTP(mfa *Mfa, code string) (bool, error)

VerifyTOTP verifies TOTP values only, not recovery codes

type MfaListResult added in v0.17.52

type MfaListResult struct {
	Mfas []*Mfa
	models.QueryMetaData
	// contains filtered or unexported fields
}

type OperatingSystem added in v0.16.48

type OperatingSystem struct {
	OsType     string
	OsVersions []string
}

type OrFieldChecker

type OrFieldChecker struct {
	// contains filtered or unexported fields
}

func NewOrFieldChecker

func NewOrFieldChecker(checker boltz.FieldChecker, fields ...string) *OrFieldChecker

func (*OrFieldChecker) IsUpdated

func (checker *OrFieldChecker) IsUpdated(field string) bool

type PolicyAdvisor

type PolicyAdvisor struct {
	// contains filtered or unexported fields
}

func NewPolicyAdvisor

func NewPolicyAdvisor(env Env) *PolicyAdvisor

func (*PolicyAdvisor) AnalyzeServiceReachability

func (advisor *PolicyAdvisor) AnalyzeServiceReachability(identityId, serviceId string) (*AdvisorServiceReachability, error)
func (advisor *PolicyAdvisor) InspectIdentityEdgeRouterLinks(identityId, edgeRouterId string) (*AdvisorIdentityEdgeRouterLinks, error)
func (advisor *PolicyAdvisor) InspectIdentityServiceLinks(identityId, serviceId string) (*AdvisorIdentityServiceLinks, error)
func (advisor *PolicyAdvisor) InspectServiceEdgeRouterLinks(serviceId, edgeRouterId string) (*AdvisorServiceEdgeRouterLinks, error)

type PolicyPostureChecks added in v0.19.79

type PolicyPostureChecks struct {
	PostureChecks []*PostureCheck
	PolicyType    persistence.PolicyType
}

type PostureCache added in v0.17.5

type PostureCache struct {
	events.EventEmmiter
	// contains filtered or unexported fields
}

func (*PostureCache) Add added in v0.17.5

func (pc *PostureCache) Add(identityId string, postureResponses []*PostureResponse)

func (*PostureCache) AddSessionRequestFailure added in v0.19.40

func (pc *PostureCache) AddSessionRequestFailure(identityId string, failure *PostureSessionRequestFailure)

func (*PostureCache) ApiSessionCreated added in v0.19.158

func (pc *PostureCache) ApiSessionCreated(args ...interface{})

func (*PostureCache) ApiSessionDeleted added in v0.19.158

func (pc *PostureCache) ApiSessionDeleted(args ...interface{})

func (*PostureCache) Evaluate added in v0.17.5

func (pc *PostureCache) Evaluate(identityId, apiSessionId string, postureChecks []*PostureCheck) (bool, []*PostureCheckFailure)

func (*PostureCache) IdentityDeleted added in v0.19.158

func (pc *PostureCache) IdentityDeleted(args ...interface{})

func (*PostureCache) PostureData added in v0.17.5

func (pc *PostureCache) PostureData(identityId string) *PostureData

PostureData returns a copy of the current posture data for an identity. Suitable for read only rendering. To alter/update posture data see Upsert.

func (*PostureCache) SessionCreated added in v0.19.158

func (pc *PostureCache) SessionCreated(args ...interface{})

func (*PostureCache) SessionDeleted added in v0.19.158

func (pc *PostureCache) SessionDeleted(args ...interface{})

func (*PostureCache) Upsert added in v0.19.158

func (pc *PostureCache) Upsert(identityId string, emitDataAltered bool, cb func(exist bool, valueInMap interface{}, newValue interface{}) interface{})

Upsert is a convenience function to alter the existing PostureData for an identity. If emitDataAltered is true, posture data listeners will be alerted: this will trigger service update notifications and posture check evaluation.

type PostureCheck added in v0.16.46

type PostureCheck struct {
	models.BaseEntity
	Name           string
	TypeId         string
	Version        int64
	RoleAttributes []string
	SubType        PostureCheckSubType
}

func (*PostureCheck) Evaluate added in v0.17.5

func (entity *PostureCheck) Evaluate(apiSessionId string, pd *PostureData) (bool, *PostureCheckFailure)

func (*PostureCheck) TimeoutRemainingSeconds added in v0.19.168

func (entity *PostureCheck) TimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheck) TimeoutSeconds added in v0.19.158

func (entity *PostureCheck) TimeoutSeconds() int64

type PostureCheckDomains added in v0.19.40

type PostureCheckDomains struct {
	Domains []string
}

func (*PostureCheckDomains) ActualValue added in v0.19.40

func (p *PostureCheckDomains) ActualValue(apiSessionId string, pd *PostureData) interface{}

func (*PostureCheckDomains) Evaluate added in v0.19.40

func (p *PostureCheckDomains) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckDomains) ExpectedValue added in v0.19.40

func (p *PostureCheckDomains) ExpectedValue() interface{}

func (*PostureCheckDomains) FailureValues added in v0.19.40

func (*PostureCheckDomains) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckDomains) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckDomains) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckDomains) GetTimeoutSeconds() int64

type PostureCheckFailure added in v0.19.40

type PostureCheckFailure struct {
	PostureCheckId   string `json:"postureCheckId'"`
	PostureCheckName string `json:"postureCheckName"`
	PostureCheckType string `json:"postureCheckType"`
	PostureCheckFailureValues
}

func (PostureCheckFailure) ToClientErrorData added in v0.19.40

func (self PostureCheckFailure) ToClientErrorData() interface{}

type PostureCheckFailureSubType added in v0.19.40

type PostureCheckFailureSubType interface {
	Value() interface{}
	Expected() interface{}
}

type PostureCheckFailureValues added in v0.19.40

type PostureCheckFailureValues interface {
	Expected() interface{}
	Actual() interface{}
}

type PostureCheckFailureValuesDomain added in v0.19.40

type PostureCheckFailureValuesDomain struct {
	ActualValue   string
	ExpectedValue []string
}

func (PostureCheckFailureValuesDomain) Actual added in v0.19.40

func (p PostureCheckFailureValuesDomain) Actual() interface{}

func (PostureCheckFailureValuesDomain) Expected added in v0.19.40

func (p PostureCheckFailureValuesDomain) Expected() interface{}

type PostureCheckFailureValuesMac added in v0.19.40

type PostureCheckFailureValuesMac struct {
	ActualValue   []string
	ExpectedValue []string
}

func (PostureCheckFailureValuesMac) Actual added in v0.19.40

func (p PostureCheckFailureValuesMac) Actual() interface{}

func (PostureCheckFailureValuesMac) Expected added in v0.19.40

func (p PostureCheckFailureValuesMac) Expected() interface{}

type PostureCheckFailureValuesMfa added in v0.19.40

type PostureCheckFailureValuesMfa struct {
	ActualValue   PostureCheckMfaValues
	ExpectedValue PostureCheckMfaValues
}

func (PostureCheckFailureValuesMfa) Actual added in v0.19.40

func (p PostureCheckFailureValuesMfa) Actual() interface{}

func (PostureCheckFailureValuesMfa) Expected added in v0.19.40

func (p PostureCheckFailureValuesMfa) Expected() interface{}

type PostureCheckFailureValuesOperatingSystem added in v0.19.40

type PostureCheckFailureValuesOperatingSystem struct {
	ActualValue   PostureResponseOs
	ExpectedValue []OperatingSystem
}

func (PostureCheckFailureValuesOperatingSystem) Actual added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Actual() interface{}

func (PostureCheckFailureValuesOperatingSystem) Expected added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Expected() interface{}

type PostureCheckFailureValuesProcess added in v0.19.40

type PostureCheckFailureValuesProcess struct {
	ActualValue   PostureResponseProcess
	ExpectedValue PostureCheckProcess
}

func (PostureCheckFailureValuesProcess) Actual added in v0.19.40

func (p PostureCheckFailureValuesProcess) Actual() interface{}

func (PostureCheckFailureValuesProcess) Expected added in v0.19.40

func (p PostureCheckFailureValuesProcess) Expected() interface{}

type PostureCheckFailureValuesProcessMulti added in v0.19.93

type PostureCheckFailureValuesProcessMulti struct {
	ActualValue   []PostureResponseProcess
	ExpectedValue PostureCheckProcessMulti
}

func (PostureCheckFailureValuesProcessMulti) Actual added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Actual() interface{}

func (PostureCheckFailureValuesProcessMulti) Expected added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Expected() interface{}

type PostureCheckHandler added in v0.16.46

type PostureCheckHandler struct {
	// contains filtered or unexported fields
}

func NewPostureCheckHandler added in v0.16.46

func NewPostureCheckHandler(env Env) *PostureCheckHandler

func (*PostureCheckHandler) BaseList added in v0.16.46

func (handler *PostureCheckHandler) BaseList(query string) (*models.EntityListResult, error)

func (*PostureCheckHandler) BaseLoad added in v0.16.46

func (handler *PostureCheckHandler) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckHandler) BaseLoadInTx added in v0.16.46

func (handler *PostureCheckHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckHandler) BasePreparedList added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) BasePreparedListAssociated added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) BasePreparedListIndexed added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) Create added in v0.16.46

func (handler *PostureCheckHandler) Create(postureCheckModel *PostureCheck) (string, error)

func (*PostureCheckHandler) Delete added in v0.16.46

func (handler *PostureCheckHandler) Delete(id string) error

func (*PostureCheckHandler) GetDb added in v0.16.46

func (handler *PostureCheckHandler) GetDb() boltz.Db

func (*PostureCheckHandler) GetEnv added in v0.16.46

func (handler *PostureCheckHandler) GetEnv() Env

func (*PostureCheckHandler) GetStore added in v0.16.46

func (handler *PostureCheckHandler) GetStore() boltz.CrudStore

func (*PostureCheckHandler) IsUpdated added in v0.16.46

func (handler *PostureCheckHandler) IsUpdated(field string) bool

func (*PostureCheckHandler) Patch added in v0.16.46

func (handler *PostureCheckHandler) Patch(ca *PostureCheck, checker boltz.FieldChecker) error

func (*PostureCheckHandler) Query added in v0.16.46

func (handler *PostureCheckHandler) Query(query string) (*PostureCheckListResult, error)

func (*PostureCheckHandler) QueryPostureChecks added in v0.17.5

func (handler *PostureCheckHandler) QueryPostureChecks(query ast.Query) (*PostureCheckListResult, error)

func (*PostureCheckHandler) Read added in v0.16.46

func (handler *PostureCheckHandler) Read(id string) (*PostureCheck, error)

func (*PostureCheckHandler) Update added in v0.16.46

func (handler *PostureCheckHandler) Update(ca *PostureCheck) error

type PostureCheckListResult added in v0.16.46

type PostureCheckListResult struct {
	PostureChecks []*PostureCheck
	models.QueryMetaData
	// contains filtered or unexported fields
}

type PostureCheckMacAddresses added in v0.16.48

type PostureCheckMacAddresses struct {
	MacAddresses []string
}

func (*PostureCheckMacAddresses) Evaluate added in v0.17.5

func (p *PostureCheckMacAddresses) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckMacAddresses) FailureValues added in v0.19.40

func (*PostureCheckMacAddresses) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMacAddresses) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckMacAddresses) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMacAddresses) GetTimeoutSeconds() int64

type PostureCheckMfa added in v0.17.52

type PostureCheckMfa struct {
	TimeoutSeconds        int64
	PromptOnWake          bool
	PromptOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

func (*PostureCheckMfa) Evaluate added in v0.17.52

func (p *PostureCheckMfa) Evaluate(apiSessionId string, pd *PostureData) bool

func (*PostureCheckMfa) FailureValues added in v0.19.40

func (p *PostureCheckMfa) FailureValues(apiSessionId string, pd *PostureData) PostureCheckFailureValues

func (*PostureCheckMfa) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMfa) GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheckMfa) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMfa) GetTimeoutSeconds() int64

func (*PostureCheckMfa) IsLegacyClient added in v0.19.158

func (p *PostureCheckMfa) IsLegacyClient(apiSessionData *ApiSessionPostureData) bool

func (*PostureCheckMfa) PassedOnUnlock added in v0.19.158

func (p *PostureCheckMfa) PassedOnUnlock(apiSessionData *ApiSessionPostureData) bool

func (*PostureCheckMfa) PassedOnWake added in v0.19.158

func (p *PostureCheckMfa) PassedOnWake(apiSessionData *ApiSessionPostureData) bool

type PostureCheckMfaValues added in v0.19.158

type PostureCheckMfaValues struct {
	TimedOutSeconds       bool
	PassedMfa             bool
	PassedOnWake          bool
	PassedOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

type PostureCheckOperatingSystem added in v0.16.48

type PostureCheckOperatingSystem struct {
	OperatingSystems []OperatingSystem
}

func (*PostureCheckOperatingSystem) Evaluate added in v0.17.5

func (p *PostureCheckOperatingSystem) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckOperatingSystem) FailureValues added in v0.19.40

func (*PostureCheckOperatingSystem) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckOperatingSystem) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckOperatingSystem) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckOperatingSystem) GetTimeoutSeconds() int64

type PostureCheckProcess added in v0.16.48

type PostureCheckProcess struct {
	PostureCheckId string
	OsType         string
	Path           string
	Hashes         []string
	Fingerprint    string
}

func (*PostureCheckProcess) Evaluate added in v0.17.5

func (p *PostureCheckProcess) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcess) FailureValues added in v0.19.40

func (*PostureCheckProcess) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcess) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcess) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcess) GetTimeoutSeconds() int64

type PostureCheckProcessMulti added in v0.19.93

type PostureCheckProcessMulti struct {
	PostureCheckId string
	Semantic       string
	Processes      []*ProcessMulti
}

func (*PostureCheckProcessMulti) Evaluate added in v0.19.93

func (p *PostureCheckProcessMulti) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcessMulti) FailureValues added in v0.19.93

func (*PostureCheckProcessMulti) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcessMulti) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcessMulti) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcessMulti) GetTimeoutSeconds() int64

type PostureCheckSubType added in v0.16.48

type PostureCheckSubType interface {
	Evaluate(apiSessionId string, pd *PostureData) bool
	FailureValues(_ string, pd *PostureData) PostureCheckFailureValues
	GetTimeoutSeconds() int64
	GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64
	// contains filtered or unexported methods
}

type PostureCheckType added in v0.16.48

type PostureCheckType struct {
	models.BaseEntity
	Name             string
	OperatingSystems []OperatingSystem
}

type PostureCheckTypeHandler added in v0.16.48

type PostureCheckTypeHandler struct {
	// contains filtered or unexported fields
}

func NewPostureCheckTypeHandler added in v0.16.48

func NewPostureCheckTypeHandler(env Env) *PostureCheckTypeHandler

func (*PostureCheckTypeHandler) BaseList added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BaseLoad added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckTypeHandler) BaseLoadInTx added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckTypeHandler) BasePreparedList added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BasePreparedListAssociated added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BasePreparedListIndexed added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) Create added in v0.16.48

func (handler *PostureCheckTypeHandler) Create(PostureCheckTypeModel *PostureCheckType) (string, error)

func (*PostureCheckTypeHandler) Delete added in v0.16.48

func (handler *PostureCheckTypeHandler) Delete(id string) error

func (*PostureCheckTypeHandler) GetDb added in v0.16.48

func (handler *PostureCheckTypeHandler) GetDb() boltz.Db

func (*PostureCheckTypeHandler) GetEnv added in v0.16.48

func (handler *PostureCheckTypeHandler) GetEnv() Env

func (*PostureCheckTypeHandler) GetStore added in v0.16.48

func (handler *PostureCheckTypeHandler) GetStore() boltz.CrudStore

func (*PostureCheckTypeHandler) Read added in v0.16.48

func (handler *PostureCheckTypeHandler) Read(id string) (*PostureCheckType, error)

func (*PostureCheckTypeHandler) ReadByName added in v0.16.48

func (handler *PostureCheckTypeHandler) ReadByName(name string) (*PostureCheckType, error)

type PostureData added in v0.17.5

type PostureData struct {
	Mac                    PostureResponseMac
	Domain                 PostureResponseDomain
	Os                     PostureResponseOs
	Processes              []*PostureResponseProcess
	ProcessPathMap         map[string]*PostureResponseProcess
	ApiSessions            map[string]*ApiSessionPostureData
	SessionRequestFailures []*PostureSessionRequestFailure
}

func (*PostureData) CheckTimeouts added in v0.19.158

func (pd *PostureData) CheckTimeouts() bool

func (*PostureData) Copy added in v0.20.24

func (pd *PostureData) Copy() *PostureData

func (*PostureData) Evaluate added in v0.17.5

func (pd *PostureData) Evaluate(apiSessionId string, checks []*PostureCheck) (bool, []*PostureCheckFailure)

type PosturePolicyFailure added in v0.19.40

type PosturePolicyFailure struct {
	PolicyId   string
	PolicyName string
	Checks     []*PostureCheckFailure
}

type PostureResponse added in v0.17.5

type PostureResponse struct {
	PostureCheckId string
	TypeId         string
	TimedOut       bool
	LastUpdatedAt  time.Time
	SubType        PostureResponseSubType
}

func (*PostureResponse) Apply added in v0.17.5

func (pr *PostureResponse) Apply(postureData *PostureData)

type PostureResponseDomain added in v0.17.5

type PostureResponseDomain struct {
	*PostureResponse
	Name string `json:"name"`
}

func (*PostureResponseDomain) Apply added in v0.17.5

func (pr *PostureResponseDomain) Apply(postureData *PostureData)

type PostureResponseEndpointState added in v0.19.158

type PostureResponseEndpointState struct {
	*PostureResponse
	ApiSessionId string
	WokenAt      *time.Time
	UnlockedAt   *time.Time
}

func (*PostureResponseEndpointState) Apply added in v0.19.158

func (pr *PostureResponseEndpointState) Apply(postureData *PostureData)

type PostureResponseHandler added in v0.17.5

type PostureResponseHandler struct {
	// contains filtered or unexported fields
}

func NewPostureResponseHandler added in v0.17.5

func NewPostureResponseHandler(env Env) *PostureResponseHandler

func (*PostureResponseHandler) AddPostureDataListener added in v0.17.5

func (handler *PostureResponseHandler) AddPostureDataListener(cb func(env Env, identityId string))

func (*PostureResponseHandler) Create added in v0.17.5

func (handler *PostureResponseHandler) Create(identityId string, postureResponses []*PostureResponse)

func (*PostureResponseHandler) Evaluate added in v0.17.5

func (handler *PostureResponseHandler) Evaluate(identityId, apiSessionId string, check *PostureCheck) (bool, *PostureCheckFailure)

func (*PostureResponseHandler) PostureData added in v0.17.5

func (handler *PostureResponseHandler) PostureData(id string) *PostureData

func (*PostureResponseHandler) SetMfaPosture added in v0.19.46

func (handler *PostureResponseHandler) SetMfaPosture(identityId string, apiSessionId string, isPassed bool)

SetMfaPosture sets the MFA passing status a specific API Session owned by an identity

func (*PostureResponseHandler) SetMfaPostureForIdentity added in v0.19.46

func (handler *PostureResponseHandler) SetMfaPostureForIdentity(identityId string, isPassed bool)

SetMfaPostureForIdentity sets the MFA passing status for all API Sessions associated to an identity

func (*PostureResponseHandler) SetSdkInfo added in v0.19.158

func (handler *PostureResponseHandler) SetSdkInfo(identityId, apiSessionId string, sdkInfo *SdkInfo)

type PostureResponseMac added in v0.17.5

type PostureResponseMac struct {
	*PostureResponse
	Addresses []string `json:"addresses"`
}

func (*PostureResponseMac) Apply added in v0.17.5

func (pr *PostureResponseMac) Apply(postureData *PostureData)

type PostureResponseMfa added in v0.17.52

type PostureResponseMfa struct {
	*PostureResponse
	ApiSessionId string     `json:"-"`
	PassedMfaAt  *time.Time `json:"passedMfaAt"`
}

func (*PostureResponseMfa) Apply added in v0.17.52

func (pr *PostureResponseMfa) Apply(postureData *PostureData)

type PostureResponseOs added in v0.17.5

type PostureResponseOs struct {
	*PostureResponse
	Type    string `json:"type"`
	Version string `json:"version"`
	Build   string `json:"build"`
}

func (*PostureResponseOs) Apply added in v0.17.5

func (pr *PostureResponseOs) Apply(postureData *PostureData)

type PostureResponseProcess added in v0.17.5

type PostureResponseProcess struct {
	*PostureResponse
	Path               string
	IsRunning          bool
	BinaryHash         string
	SignerFingerprints []string
}

func (*PostureResponseProcess) Apply added in v0.17.5

func (pr *PostureResponseProcess) Apply(postureData *PostureData)

func (*PostureResponseProcess) VerifyMultiCriteria added in v0.19.93

func (pr *PostureResponseProcess) VerifyMultiCriteria(process *ProcessMulti) bool

type PostureResponseSubType added in v0.17.5

type PostureResponseSubType interface {
	Apply(postureData *PostureData)
}

type PostureSessionData added in v0.19.158

type PostureSessionData struct {
	MfaTimeout int64
}

type PostureSessionRequestFailure added in v0.19.40

type PostureSessionRequestFailure struct {
	When           time.Time
	ServiceId      string
	ServiceName    string
	SessionType    string
	PolicyFailures []*PosturePolicyFailure
	ApiSessionId   string
}

type ProcessMulti added in v0.19.93

type ProcessMulti struct {
	OsType             string
	Path               string
	Hashes             []string
	SignerFingerprints []string
}

type Schemas

type Schemas interface {
	GetEnrollErPost() *gojsonschema.Schema
	GetEnrollUpdbPost() *gojsonschema.Schema
}

type SdkInfo

type SdkInfo struct {
	AppId      string
	AppVersion string
	Branch     string
	Revision   string
	Type       string
	Version    string
}

type Service

type Service struct {
	models.BaseEntity
	Name               string   `json:"name"`
	TerminatorStrategy string   `json:"terminatorStrategy"`
	RoleAttributes     []string `json:"roleAttributes"`
	Configs            []string `json:"configs"`
	EncryptionRequired bool     `json:"encryptionRequired"`
}

type ServiceConfig

type ServiceConfig struct {
	Service string
	Config  string
}

type ServiceDetail

type ServiceDetail struct {
	models.BaseEntity
	Name               string                            `json:"name"`
	TerminatorStrategy string                            `json:"terminatorStrategy"`
	RoleAttributes     []string                          `json:"roleAttributes"`
	Permissions        []string                          `json:"permissions"`
	Configs            []string                          `json:"configs"`
	Config             map[string]map[string]interface{} `json:"config"`
	EncryptionRequired bool                              `json:"encryptionRequired"`
}

type ServiceEdgeRouterPolicy

type ServiceEdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	ServiceRoles    []string
	EdgeRouterRoles []string
}

type ServiceEdgeRouterPolicyHandler

type ServiceEdgeRouterPolicyHandler struct {
	// contains filtered or unexported fields
}

func NewServiceEdgeRouterPolicyHandler

func NewServiceEdgeRouterPolicyHandler(env Env) *ServiceEdgeRouterPolicyHandler

func (*ServiceEdgeRouterPolicyHandler) BaseList

func (handler *ServiceEdgeRouterPolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BaseLoad

func (handler *ServiceEdgeRouterPolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyHandler) BaseLoadInTx

func (handler *ServiceEdgeRouterPolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedList

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedListAssociated

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedListIndexed

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) Create

func (handler *ServiceEdgeRouterPolicyHandler) Create(edgeRouterPolicy *ServiceEdgeRouterPolicy) (string, error)

func (*ServiceEdgeRouterPolicyHandler) Delete

func (handler *ServiceEdgeRouterPolicyHandler) Delete(id string) error

func (*ServiceEdgeRouterPolicyHandler) GetDb

func (handler *ServiceEdgeRouterPolicyHandler) GetDb() boltz.Db

func (*ServiceEdgeRouterPolicyHandler) GetEnv

func (handler *ServiceEdgeRouterPolicyHandler) GetEnv() Env

func (*ServiceEdgeRouterPolicyHandler) GetStore

func (handler *ServiceEdgeRouterPolicyHandler) GetStore() boltz.CrudStore

func (*ServiceEdgeRouterPolicyHandler) Patch

func (handler *ServiceEdgeRouterPolicyHandler) Patch(edgeRouterPolicy *ServiceEdgeRouterPolicy, checker boltz.FieldChecker) error

func (*ServiceEdgeRouterPolicyHandler) Read

func (*ServiceEdgeRouterPolicyHandler) Update

func (handler *ServiceEdgeRouterPolicyHandler) Update(edgeRouterPolicy *ServiceEdgeRouterPolicy) error

type ServiceEdgeRouterPolicyListResult

type ServiceEdgeRouterPolicyListResult struct {
	ServiceEdgeRouterPolicies []*ServiceEdgeRouterPolicy
	models.QueryMetaData
}

type ServiceListResult

type ServiceListResult struct {
	Services []*ServiceDetail

	models.QueryMetaData
	// contains filtered or unexported fields
}

type ServicePolicy

type ServicePolicy struct {
	models.BaseEntity
	Name              string
	PolicyType        string
	Semantic          string
	IdentityRoles     []string
	ServiceRoles      []string
	PostureCheckRoles []string
}

type ServicePolicyHandler

type ServicePolicyHandler struct {
	// contains filtered or unexported fields
}

func NewServicePolicyHandler

func NewServicePolicyHandler(env Env) *ServicePolicyHandler

func (*ServicePolicyHandler) BaseList

func (handler *ServicePolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BaseLoad

func (handler *ServicePolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*ServicePolicyHandler) BaseLoadInTx

func (handler *ServicePolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServicePolicyHandler) BasePreparedList

func (handler *ServicePolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BasePreparedListAssociated

func (handler *ServicePolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BasePreparedListIndexed

func (handler *ServicePolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) Create

func (handler *ServicePolicyHandler) Create(servicePolicy *ServicePolicy) (string, error)

func (*ServicePolicyHandler) Delete

func (handler *ServicePolicyHandler) Delete(id string) error

func (*ServicePolicyHandler) GetDb

func (handler *ServicePolicyHandler) GetDb() boltz.Db

func (*ServicePolicyHandler) GetEnv

func (handler *ServicePolicyHandler) GetEnv() Env

func (*ServicePolicyHandler) GetStore

func (handler *ServicePolicyHandler) GetStore() boltz.CrudStore

func (*ServicePolicyHandler) Patch

func (handler *ServicePolicyHandler) Patch(servicePolicy *ServicePolicy, checker boltz.FieldChecker) error

func (*ServicePolicyHandler) Read

func (handler *ServicePolicyHandler) Read(id string) (*ServicePolicy, error)

func (*ServicePolicyHandler) Update

func (handler *ServicePolicyHandler) Update(servicePolicy *ServicePolicy) error

type Session

type Session struct {
	models.BaseEntity
	Token           string
	ApiSessionId    string
	ServiceId       string
	Type            string
	SessionCerts    []*SessionCert
	ServicePolicies []string
}

type SessionCert

type SessionCert struct {
	Cert        string
	Fingerprint string
	ValidFrom   time.Time
	ValidTo     time.Time
}

func (*SessionCert) FillFrom

func (entity *SessionCert) FillFrom(_ Handler, _ *bbolt.Tx, boltEntity boltz.Entity) error

type SessionHandler

type SessionHandler struct {
	// contains filtered or unexported fields
}

func NewSessionHandler

func NewSessionHandler(env Env) *SessionHandler

func (*SessionHandler) BaseList

func (handler *SessionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*SessionHandler) BaseLoad

func (handler *SessionHandler) BaseLoad(id string) (models.Entity, error)

func (*SessionHandler) BaseLoadInTx

func (handler *SessionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*SessionHandler) BasePreparedList

func (handler *SessionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) BasePreparedListAssociated

func (handler *SessionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) BasePreparedListIndexed

func (handler *SessionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) Create

func (handler *SessionHandler) Create(entity *Session) (string, error)

func (*SessionHandler) Delete

func (handler *SessionHandler) Delete(id string) error

func (*SessionHandler) DeleteForIdentity

func (handler *SessionHandler) DeleteForIdentity(id, identityId string) error

func (*SessionHandler) GetDb

func (handler *SessionHandler) GetDb() boltz.Db

func (*SessionHandler) GetEnv

func (handler *SessionHandler) GetEnv() Env

func (*SessionHandler) GetStore

func (handler *SessionHandler) GetStore() boltz.CrudStore

func (*SessionHandler) ListSessionsForEdgeRouter

func (handler *SessionHandler) ListSessionsForEdgeRouter(edgeRouterId string) (*SessionListResult, error)

func (*SessionHandler) PublicQueryForIdentity

func (handler *SessionHandler) PublicQueryForIdentity(sessionIdentity *Identity, query ast.Query) (*SessionListResult, error)

func (*SessionHandler) Query

func (handler *SessionHandler) Query(query string) (*SessionListResult, error)

func (*SessionHandler) Read

func (handler *SessionHandler) Read(id string) (*Session, error)

func (*SessionHandler) ReadByToken added in v0.19.0

func (handler *SessionHandler) ReadByToken(token string) (*Session, error)

func (*SessionHandler) ReadForIdentity

func (handler *SessionHandler) ReadForIdentity(id string, identityId string) (*Session, error)

func (*SessionHandler) ReadSessionCerts

func (handler *SessionHandler) ReadSessionCerts(sessionId string) ([]*SessionCert, error)

type SessionListResult

type SessionListResult struct {
	Sessions []*Session
	models.QueryMetaData
	// contains filtered or unexported fields
}

type TestContext

type TestContext struct {
	*persistence.TestContext
	// contains filtered or unexported fields
}

func (*TestContext) Cleanup

func (ctx *TestContext) Cleanup()

func (*TestContext) Generate

func (ctx *TestContext) Generate(string, string, jwt.MapClaims) (string, error)

func (*TestContext) GetApiClientCsrSigner

func (ctx *TestContext) GetApiClientCsrSigner() cert.Signer

func (*TestContext) GetApiServerCsrSigner

func (ctx *TestContext) GetApiServerCsrSigner() cert.Signer

func (*TestContext) GetAuthRegistry

func (ctx *TestContext) GetAuthRegistry() AuthRegistry

func (*TestContext) GetConfig

func (ctx *TestContext) GetConfig() *config.Config

func (*TestContext) GetControlClientCsrSigner

func (ctx *TestContext) GetControlClientCsrSigner() cert.Signer

func (*TestContext) GetEnrollRegistry

func (ctx *TestContext) GetEnrollRegistry() EnrollmentRegistry

func (*TestContext) GetFingerprintGenerator added in v0.17.30

func (ctx *TestContext) GetFingerprintGenerator() cert.FingerprintGenerator

func (*TestContext) GetHandlers

func (ctx *TestContext) GetHandlers() *Handlers

func (*TestContext) GetHostController

func (ctx *TestContext) GetHostController() HostController

func (*TestContext) GetJwtSigner added in v0.19.109

func (ctx *TestContext) GetJwtSigner() jwtsigner.Signer

func (*TestContext) GetMetricsRegistry added in v0.16.0

func (ctx *TestContext) GetMetricsRegistry() metrics.Registry

func (*TestContext) GetSchemas

func (ctx *TestContext) GetSchemas() Schemas

func (*TestContext) HandleServiceUpdatedEventForIdentityId added in v0.19.46

func (ctx *TestContext) HandleServiceUpdatedEventForIdentityId(identityId string)

func (*TestContext) Init

func (ctx *TestContext) Init()

func (*TestContext) IsEdgeRouterOnline

func (ctx *TestContext) IsEdgeRouterOnline(string) bool

type TransitRouter

type TransitRouter struct {
	models.BaseEntity
	Name        string
	Fingerprint *string
	IsVerified  bool
	IsBase      bool
}

type TransitRouterHandler

type TransitRouterHandler struct {
	// contains filtered or unexported fields
}

func NewTransitRouterHandler

func NewTransitRouterHandler(env Env) *TransitRouterHandler

func (*TransitRouterHandler) BaseList

func (handler *TransitRouterHandler) BaseList(query string) (*models.EntityListResult, error)

func (*TransitRouterHandler) BaseLoad

func (handler *TransitRouterHandler) BaseLoad(id string) (models.Entity, error)

func (*TransitRouterHandler) BaseLoadInTx

func (handler *TransitRouterHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*TransitRouterHandler) BasePreparedList

func (handler *TransitRouterHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) BasePreparedListAssociated

func (handler *TransitRouterHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) BasePreparedListIndexed

func (handler *TransitRouterHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) CollectEnrollments

func (handler *TransitRouterHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*TransitRouterHandler) Create

func (handler *TransitRouterHandler) Create(entity *TransitRouter) (string, error)

func (*TransitRouterHandler) CreateWithEnrollment

func (handler *TransitRouterHandler) CreateWithEnrollment(txRouter *TransitRouter, enrollment *Enrollment) (string, string, error)

func (*TransitRouterHandler) Delete

func (handler *TransitRouterHandler) Delete(id string) error

func (*TransitRouterHandler) ExtendEnrollment added in v0.19.81

func (handler *TransitRouterHandler) ExtendEnrollment(router *TransitRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*TransitRouterHandler) GetDb

func (handler *TransitRouterHandler) GetDb() boltz.Db

func (*TransitRouterHandler) GetEnv

func (handler *TransitRouterHandler) GetEnv() Env

func (*TransitRouterHandler) GetStore

func (handler *TransitRouterHandler) GetStore() boltz.CrudStore

func (*TransitRouterHandler) Patch

func (handler *TransitRouterHandler) Patch(entity *TransitRouter, checker boltz.FieldChecker, allowAllFields bool) error

func (*TransitRouterHandler) Read

func (handler *TransitRouterHandler) Read(id string) (*TransitRouter, error)

func (*TransitRouterHandler) ReadOneByFingerprint added in v0.19.81

func (handler *TransitRouterHandler) ReadOneByFingerprint(fingerprint string) (*TransitRouter, error)

func (*TransitRouterHandler) ReadOneByQuery

func (handler *TransitRouterHandler) ReadOneByQuery(query string) (*TransitRouter, error)

func (*TransitRouterHandler) Update

func (handler *TransitRouterHandler) Update(entity *TransitRouter, allowAllFields bool) error

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL