model

package
v0.21.97 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 24, 2022 License: Apache-2.0 Imports: 55 Imported by: 1

Documentation

Index

Constants

View Source
const (
	ClientCertHeader       = "X-Client-CertPem"
	EdgeRouterProxyRequest = "X-Edge-Router-Proxy-Request"
)
View Source
const (
	FormatSentinelStart       = "["
	FormatSentinelEnd         = "]"
	FormatSymbolCaName        = "caName"
	FormatSymbolCaId          = "caId"
	FormatSymbolCommonName    = "commonName"
	FormatSymbolRequestedName = "requestedName"
	FormatSymbolIdentityId    = "identityId"

	// DefaultCaIdentityNameFormat = "[caName] - [commonName]"
	DefaultCaIdentityNameFormat = FormatSentinelStart + FormatSymbolCaName + FormatSentinelEnd + "-" + FormatSentinelStart + FormatSymbolCommonName + FormatSentinelEnd
)
View Source
const (
	EdgeRouterEnrollmentCommonNameInvalidCode    = "EDGE_ROUTER_ENROLL_COMMON_NAME_INVALID"
	EdgeRouterEnrollmentCommonNameInvalidMessage = "The edge router CSR enrollment must have a common name that matches the edge router's id"
	MethodEnrollEdgeRouterOtt                    = "erott"
)
View Source
const (
	TotpMinLength = 4
	TotpMaxLength = 6
)
View Source
const (
	PostureCheckTypeOs           = "OS"
	PostureCheckTypeDomain       = "DOMAIN"
	PostureCheckTypeProcess      = "PROCESS"
	PostureCheckTypeProcessMulti = "PROCESS_MULTI"
	PostureCheckTypeMAC          = "MAC"
	PostureCheckTypeMFA          = "MFA"
)
View Source
const (
	ConfigTypeAll = "all"
)
View Source
const (
	EventIdentityPostureDataAltered = "EventIdentityPostureDataAltered"
)
View Source
const (
	IdentityActiveIntervalSeconds = 60
)
View Source
const (
	IdentityTypeUser = "User"
)
View Source
const MaxPostureFailures = 100
View Source
const (
	MethodEnrollTransitRouterOtt = "trott"
)
View Source
const MfaPromptGracePeriod = -5 * time.Minute //5m
View Source
const (
	MfaProviderZiti string = "ziti"
)
View Source
const (
	PostureCheckNoTimeout = int64(-1)
)
View Source
const (
	WindowSizeTOTP int = 5
)
View Source
const ZitiSdkTypeC = "ziti-sdk-c"

Variables

This section is empty.

Functions

func CleanHexString added in v0.17.5

func CleanHexString(hexString string) string

func NewFieldChecker

func NewFieldChecker(fields ...string) boltz.FieldChecker

Types

type AdvisorEdgeRouter

type AdvisorEdgeRouter struct {
	Router   *EdgeRouter
	IsOnline bool
}
type AdvisorIdentityEdgeRouterLinks struct {
	Identity   *Identity
	EdgeRouter *EdgeRouter
	Policies   []*EdgeRouterPolicy
}
type AdvisorIdentityServiceLinks struct {
	Identity *Identity
	Service  *Service
	Policies []*ServicePolicy
}
type AdvisorServiceEdgeRouterLinks struct {
	Service    *Service
	EdgeRouter *EdgeRouter
	Policies   []*ServiceEdgeRouterPolicy
}

type AdvisorServiceReachability

type AdvisorServiceReachability struct {
	Identity            *Identity
	Service             *Service
	IsBindAllowed       bool
	IsDialAllowed       bool
	IdentityRouterCount int
	ServiceRouterCount  int
	CommonRouters       []*AdvisorEdgeRouter
}

type AndFieldChecker

type AndFieldChecker struct {
	// contains filtered or unexported fields
}

func (*AndFieldChecker) IsUpdated

func (checker *AndFieldChecker) IsUpdated(field string) bool

type ApiSession

type ApiSession struct {
	models.BaseEntity
	Token              string
	IdentityId         string
	Identity           *Identity
	IPAddress          string
	ConfigTypes        map[string]struct{}
	MfaComplete        bool
	MfaRequired        bool
	ExpiresAt          time.Time
	ExpirationDuration time.Duration
	LastActivityAt     time.Time
}

type ApiSessionCertificate added in v0.17.30

type ApiSessionCertificate struct {
	models.BaseEntity
	ApiSession   *ApiSession
	ApiSessionId string
	Subject      string
	Fingerprint  string
	ValidAfter   *time.Time
	ValidBefore  *time.Time
	PEM          string
}

type ApiSessionCertificateHandler added in v0.17.30

type ApiSessionCertificateHandler struct {
	// contains filtered or unexported fields
}

func NewApiSessionCertificateHandler added in v0.17.30

func NewApiSessionCertificateHandler(env Env) *ApiSessionCertificateHandler

func (*ApiSessionCertificateHandler) BaseList added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BaseLoad added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionCertificateHandler) BaseLoadInTx added in v0.17.30

func (handler *ApiSessionCertificateHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionCertificateHandler) BasePreparedList added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BasePreparedListAssociated added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) BasePreparedListIndexed added in v0.17.30

func (handler *ApiSessionCertificateHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionCertificateHandler) Create added in v0.17.30

func (handler *ApiSessionCertificateHandler) Create(entity *ApiSessionCertificate) (string, error)

func (*ApiSessionCertificateHandler) CreateFromCSR added in v0.17.30

func (handler *ApiSessionCertificateHandler) CreateFromCSR(apiSessionId string, lifespan time.Duration, csrPem []byte) (string, error)

func (*ApiSessionCertificateHandler) Delete added in v0.17.30

func (handler *ApiSessionCertificateHandler) Delete(id string) error

func (*ApiSessionCertificateHandler) GetDb added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetDb() boltz.Db

func (*ApiSessionCertificateHandler) GetEnv added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetEnv() Env

func (*ApiSessionCertificateHandler) GetStore added in v0.17.30

func (handler *ApiSessionCertificateHandler) GetStore() boltz.CrudStore

func (*ApiSessionCertificateHandler) IsUpdated added in v0.17.30

func (handler *ApiSessionCertificateHandler) IsUpdated(_ string) bool

func (*ApiSessionCertificateHandler) Query added in v0.17.30

func (*ApiSessionCertificateHandler) Read added in v0.17.30

func (*ApiSessionCertificateHandler) ReadByApiSessionId added in v0.17.30

func (handler *ApiSessionCertificateHandler) ReadByApiSessionId(tx *bbolt.Tx, apiSessionId string) ([]*ApiSessionCertificate, error)

func (*ApiSessionCertificateHandler) ReadByFingerprint added in v0.17.30

func (handler *ApiSessionCertificateHandler) ReadByFingerprint(fingerprint string) (*ApiSessionCertificate, error)

type ApiSessionCertificateListResult added in v0.17.30

type ApiSessionCertificateListResult struct {
	ApiSessionCertificates []*ApiSessionCertificate
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionHandler

type ApiSessionHandler struct {
	HeartbeatCollector *HeartbeatCollector
	// contains filtered or unexported fields
}

func NewApiSessionHandler

func NewApiSessionHandler(env Env) *ApiSessionHandler

func (*ApiSessionHandler) BaseList

func (handler *ApiSessionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ApiSessionHandler) BaseLoad

func (handler *ApiSessionHandler) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionHandler) BaseLoadInTx

func (handler *ApiSessionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionHandler) BasePreparedList

func (handler *ApiSessionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) BasePreparedListAssociated

func (handler *ApiSessionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) BasePreparedListIndexed

func (handler *ApiSessionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ApiSessionHandler) Create

func (handler *ApiSessionHandler) Create(entity *ApiSession) (string, error)

func (*ApiSessionHandler) Delete

func (handler *ApiSessionHandler) Delete(id string) error

func (*ApiSessionHandler) DeleteBatch added in v0.19.132

func (handler *ApiSessionHandler) DeleteBatch(id []string) error

func (*ApiSessionHandler) GetDb

func (handler *ApiSessionHandler) GetDb() boltz.Db

func (*ApiSessionHandler) GetEnv

func (handler *ApiSessionHandler) GetEnv() Env

func (*ApiSessionHandler) GetStore

func (handler *ApiSessionHandler) GetStore() boltz.CrudStore

func (*ApiSessionHandler) IsUpdated

func (handler *ApiSessionHandler) IsUpdated(_ string) bool

func (*ApiSessionHandler) MarkActivityById added in v0.19.33

func (handler *ApiSessionHandler) MarkActivityById(apiSessionId string)

func (*ApiSessionHandler) MarkActivityByTokens added in v0.19.33

func (handler *ApiSessionHandler) MarkActivityByTokens(tokens ...string) ([]string, error)

MarkActivityByTokens returns tokens that were not found if any and/or an error.

func (*ApiSessionHandler) MfaCompleted added in v0.17.52

func (handler *ApiSessionHandler) MfaCompleted(apiSession *ApiSession) error

func (*ApiSessionHandler) Query

func (handler *ApiSessionHandler) Query(query string) (*ApiSessionListResult, error)

func (*ApiSessionHandler) Read

func (handler *ApiSessionHandler) Read(id string) (*ApiSession, error)

func (*ApiSessionHandler) ReadByToken

func (handler *ApiSessionHandler) ReadByToken(token string) (*ApiSession, error)

func (*ApiSessionHandler) Stream added in v0.16.4

func (handler *ApiSessionHandler) Stream(query string, collect func(*ApiSession, error) error) error

func (*ApiSessionHandler) StreamIds added in v0.16.4

func (handler *ApiSessionHandler) StreamIds(query string, collect func(string, error) error) error

func (*ApiSessionHandler) Update

func (handler *ApiSessionHandler) Update(apiSession *ApiSession) error

func (*ApiSessionHandler) UpdateWithFieldChecker added in v0.19.46

func (handler *ApiSessionHandler) UpdateWithFieldChecker(apiSession *ApiSession, fieldChecker boltz.FieldChecker) error

func (*ApiSessionHandler) VisitFingerprintsForApiSession added in v0.19.0

func (handler *ApiSessionHandler) VisitFingerprintsForApiSession(tx *bbolt.Tx, identityId, apiSessionId string, visitor func(fingerprint string) bool) error

func (*ApiSessionHandler) VisitFingerprintsForApiSessionId added in v0.19.0

func (handler *ApiSessionHandler) VisitFingerprintsForApiSessionId(apiSessionId string, visitor func(fingerprint string) bool) error

type ApiSessionListResult

type ApiSessionListResult struct {
	ApiSessions []*ApiSession
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionPostureData added in v0.17.52

type ApiSessionPostureData struct {
	Mfa           *PostureResponseMfa           `json:"mfa"`
	EndpointState *PostureResponseEndpointState `json:"endpointState"`
	SdkInfo       *SdkInfo
}

func (*ApiSessionPostureData) GetPassedMfaAt added in v0.20.47

func (self *ApiSessionPostureData) GetPassedMfaAt() *time.Time

type AuthContext

type AuthContext interface {
	GetMethod() string
	GetData() map[string]interface{}
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
}

func NewAuthContextHttp added in v0.14.35

func NewAuthContextHttp(request *http.Request, method string, data interface{}) AuthContext

type AuthContextHttp

type AuthContextHttp struct {
	Method  string
	Data    map[string]interface{}
	Certs   []*x509.Certificate
	Headers map[string]interface{}
}

func (*AuthContextHttp) GetCerts

func (context *AuthContextHttp) GetCerts() []*x509.Certificate

func (*AuthContextHttp) GetData

func (context *AuthContextHttp) GetData() map[string]interface{}

func (*AuthContextHttp) GetHeaders

func (context *AuthContextHttp) GetHeaders() map[string]interface{}

func (*AuthContextHttp) GetMethod

func (context *AuthContextHttp) GetMethod() string

type AuthModuleCert

type AuthModuleCert struct {
	// contains filtered or unexported fields
}

func NewAuthModuleCert

func NewAuthModuleCert(env Env, caChain []byte) *AuthModuleCert

func (*AuthModuleCert) CanHandle

func (module *AuthModuleCert) CanHandle(method string) bool

func (*AuthModuleCert) GetFingerprints

func (module *AuthModuleCert) GetFingerprints(ctx AuthContext) (cert.Fingerprints, error)

func (*AuthModuleCert) Process

func (module *AuthModuleCert) Process(context AuthContext) (string, error)

type AuthModuleUpdb

type AuthModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewAuthModuleUpdb

func NewAuthModuleUpdb(env Env) *AuthModuleUpdb

func (*AuthModuleUpdb) CanHandle

func (handler *AuthModuleUpdb) CanHandle(method string) bool

func (*AuthModuleUpdb) Process

func (handler *AuthModuleUpdb) Process(context AuthContext) (string, error)

type AuthProcessor

type AuthProcessor interface {
	CanHandle(method string) bool
	Process(context AuthContext) (string, error)
}

type AuthProcessorRegistryImpl

type AuthProcessorRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*AuthProcessorRegistryImpl) Add

func (registry *AuthProcessorRegistryImpl) Add(processor AuthProcessor)

func (*AuthProcessorRegistryImpl) GetByMethod

func (registry *AuthProcessorRegistryImpl) GetByMethod(method string) AuthProcessor

type AuthRegistry

type AuthRegistry interface {
	Add(method AuthProcessor)
	GetByMethod(method string) AuthProcessor
}

type Authenticator

type Authenticator struct {
	models.BaseEntity
	Method     string
	IdentityId string
	SubType    interface{}
}

func (*Authenticator) Fingerprints

func (entity *Authenticator) Fingerprints() []string

func (*Authenticator) ToCert

func (entity *Authenticator) ToCert() *AuthenticatorCert

func (*Authenticator) ToUpdb

func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb

type AuthenticatorCert

type AuthenticatorCert struct {
	*Authenticator
	Fingerprint string
	Pem         string
}

type AuthenticatorHandler

type AuthenticatorHandler struct {
	// contains filtered or unexported fields
}

func NewAuthenticatorHandler

func NewAuthenticatorHandler(env Env) *AuthenticatorHandler

func (*AuthenticatorHandler) BaseList

func (handler *AuthenticatorHandler) BaseList(query string) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BaseLoad

func (handler *AuthenticatorHandler) BaseLoad(id string) (models.Entity, error)

func (*AuthenticatorHandler) BaseLoadInTx

func (handler *AuthenticatorHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*AuthenticatorHandler) BasePreparedList

func (handler *AuthenticatorHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BasePreparedListAssociated

func (handler *AuthenticatorHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) BasePreparedListIndexed

func (handler *AuthenticatorHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*AuthenticatorHandler) Create

func (handler *AuthenticatorHandler) Create(authenticator *Authenticator) (string, error)

func (AuthenticatorHandler) Delete

func (handler AuthenticatorHandler) Delete(id string) error

func (AuthenticatorHandler) ExtendCertForIdentity added in v0.20.117

func (handler AuthenticatorHandler) ExtendCertForIdentity(identityId string, authenticatorId string, peerCerts []*x509.Certificate, csrPem string) ([]byte, error)

func (*AuthenticatorHandler) GetDb

func (handler *AuthenticatorHandler) GetDb() boltz.Db

func (*AuthenticatorHandler) GetEnv

func (handler *AuthenticatorHandler) GetEnv() Env

func (*AuthenticatorHandler) GetStore

func (handler *AuthenticatorHandler) GetStore() boltz.CrudStore

func (AuthenticatorHandler) HashPassword

func (handler AuthenticatorHandler) HashPassword(password string) *HashedPassword

func (AuthenticatorHandler) IsAuthorized

func (handler AuthenticatorHandler) IsAuthorized(authContext AuthContext) (*Identity, error)

func (AuthenticatorHandler) IsUpdated

func (handler AuthenticatorHandler) IsUpdated(field string) bool

func (AuthenticatorHandler) ListForIdentity

func (handler AuthenticatorHandler) ListForIdentity(identityId string, query ast.Query) (*AuthenticatorListQueryResult, error)

func (AuthenticatorHandler) Patch

func (handler AuthenticatorHandler) Patch(authenticator *Authenticator, checker boltz.FieldChecker) error

func (AuthenticatorHandler) PatchSelf

func (handler AuthenticatorHandler) PatchSelf(authenticatorSelf *AuthenticatorSelf, checker boltz.FieldChecker) error

func (AuthenticatorHandler) ReHashPassword

func (handler AuthenticatorHandler) ReHashPassword(password string, salt []byte) *HashedPassword

func (*AuthenticatorHandler) Read

func (handler *AuthenticatorHandler) Read(id string) (*Authenticator, error)

func (AuthenticatorHandler) ReadByFingerprint

func (handler AuthenticatorHandler) ReadByFingerprint(fingerprint string) (*Authenticator, error)

func (AuthenticatorHandler) ReadByUsername

func (handler AuthenticatorHandler) ReadByUsername(username string) (*Authenticator, error)

func (AuthenticatorHandler) ReadFingerprints

func (handler AuthenticatorHandler) ReadFingerprints(authenticatorId string) ([]string, error)

func (AuthenticatorHandler) ReadForIdentity

func (handler AuthenticatorHandler) ReadForIdentity(identityId string, authenticatorId string) (*Authenticator, error)

func (AuthenticatorHandler) Update

func (handler AuthenticatorHandler) Update(authenticator *Authenticator) error

func (AuthenticatorHandler) UpdateSelf

func (handler AuthenticatorHandler) UpdateSelf(authenticatorSelf *AuthenticatorSelf) error

type AuthenticatorListQueryResult

type AuthenticatorListQueryResult struct {
	*models.EntityListResult
	Authenticators []*Authenticator
}

type AuthenticatorSelf

type AuthenticatorSelf struct {
	models.BaseEntity
	CurrentPassword string
	NewPassword     string
	IdentityId      string
	Username        string
}

type AuthenticatorUpdb

type AuthenticatorUpdb struct {
	*Authenticator
	Username string
	Password string
	Salt     string
}

func (*AuthenticatorUpdb) DecodedSalt

func (au *AuthenticatorUpdb) DecodedSalt() []byte

type Ca

type Ca struct {
	models.BaseEntity
	Name                      string
	Fingerprint               string
	CertPem                   string
	IsVerified                bool
	VerificationToken         string
	IsAutoCaEnrollmentEnabled bool
	IsOttCaEnrollmentEnabled  bool
	IsAuthEnabled             bool
	IdentityRoles             []string
	IdentityNameFormat        string
}

type CaHandler

type CaHandler struct {
	// contains filtered or unexported fields
}

func NewCaHandler

func NewCaHandler(env Env) *CaHandler

func (*CaHandler) BaseList

func (handler *CaHandler) BaseList(query string) (*models.EntityListResult, error)

func (*CaHandler) BaseLoad

func (handler *CaHandler) BaseLoad(id string) (models.Entity, error)

func (*CaHandler) BaseLoadInTx

func (handler *CaHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*CaHandler) BasePreparedList

func (handler *CaHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) BasePreparedListAssociated

func (handler *CaHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) BasePreparedListIndexed

func (handler *CaHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*CaHandler) Create

func (handler *CaHandler) Create(caModel *Ca) (string, error)

func (*CaHandler) Delete

func (handler *CaHandler) Delete(id string) error

func (*CaHandler) GetDb

func (handler *CaHandler) GetDb() boltz.Db

func (*CaHandler) GetEnv

func (handler *CaHandler) GetEnv() Env

func (*CaHandler) GetStore

func (handler *CaHandler) GetStore() boltz.CrudStore

func (*CaHandler) IsUpdated

func (handler *CaHandler) IsUpdated(field string) bool

func (*CaHandler) Patch

func (handler *CaHandler) Patch(ca *Ca, checker boltz.FieldChecker) error

func (*CaHandler) Query

func (handler *CaHandler) Query(query string) (*CaListResult, error)

func (*CaHandler) Read

func (handler *CaHandler) Read(id string) (*Ca, error)

func (*CaHandler) Stream added in v0.16.19

func (handler *CaHandler) Stream(query string, collect func(*Ca, error) error) error

func (*CaHandler) Update

func (handler *CaHandler) Update(ca *Ca) error

func (*CaHandler) Verified

func (handler *CaHandler) Verified(ca *Ca) error

type CaListResult

type CaListResult struct {
	Cas []*Ca
	models.QueryMetaData
	// contains filtered or unexported fields
}

type Config

type Config struct {
	models.BaseEntity
	Name   string
	TypeId string
	Data   map[string]interface{}
}

type ConfigHandler

type ConfigHandler struct {
	// contains filtered or unexported fields
}

func NewConfigHandler

func NewConfigHandler(env Env) *ConfigHandler

func (*ConfigHandler) BaseList

func (handler *ConfigHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ConfigHandler) BaseLoad

func (handler *ConfigHandler) BaseLoad(id string) (models.Entity, error)

func (*ConfigHandler) BaseLoadInTx

func (handler *ConfigHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigHandler) BasePreparedList

func (handler *ConfigHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) BasePreparedListAssociated

func (handler *ConfigHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) BasePreparedListIndexed

func (handler *ConfigHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ConfigHandler) Create

func (handler *ConfigHandler) Create(config *Config) (string, error)

func (*ConfigHandler) Delete

func (handler *ConfigHandler) Delete(id string) error

func (*ConfigHandler) GetDb

func (handler *ConfigHandler) GetDb() boltz.Db

func (*ConfigHandler) GetEnv

func (handler *ConfigHandler) GetEnv() Env

func (*ConfigHandler) GetStore

func (handler *ConfigHandler) GetStore() boltz.CrudStore

func (*ConfigHandler) IsUpdated

func (handler *ConfigHandler) IsUpdated(field string) bool

func (*ConfigHandler) Patch

func (handler *ConfigHandler) Patch(config *Config, checker boltz.FieldChecker) error

func (*ConfigHandler) Read

func (handler *ConfigHandler) Read(id string) (*Config, error)

func (*ConfigHandler) Update

func (handler *ConfigHandler) Update(config *Config) error

type ConfigListResult

type ConfigListResult struct {
	Configs []*Config
	models.QueryMetaData
}

type ConfigType

type ConfigType struct {
	models.BaseEntity
	Name   string
	Schema map[string]interface{}
}

func (*ConfigType) GetCompiledSchema

func (entity *ConfigType) GetCompiledSchema() (*gojsonschema.Schema, error)

type ConfigTypeHandler

type ConfigTypeHandler struct {
	// contains filtered or unexported fields
}

func NewConfigTypeHandler

func NewConfigTypeHandler(env Env) *ConfigTypeHandler

func (*ConfigTypeHandler) BaseList

func (handler *ConfigTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BaseLoad

func (handler *ConfigTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*ConfigTypeHandler) BaseLoadInTx

func (handler *ConfigTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigTypeHandler) BasePreparedList

func (handler *ConfigTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BasePreparedListAssociated

func (handler *ConfigTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) BasePreparedListIndexed

func (handler *ConfigTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ConfigTypeHandler) Create

func (handler *ConfigTypeHandler) Create(configType *ConfigType) (string, error)

func (*ConfigTypeHandler) Delete

func (handler *ConfigTypeHandler) Delete(id string) error

func (*ConfigTypeHandler) GetDb

func (handler *ConfigTypeHandler) GetDb() boltz.Db

func (*ConfigTypeHandler) GetEnv

func (handler *ConfigTypeHandler) GetEnv() Env

func (*ConfigTypeHandler) GetStore

func (handler *ConfigTypeHandler) GetStore() boltz.CrudStore

func (*ConfigTypeHandler) MapConfigTypeNamesToIds added in v0.19.36

func (handler *ConfigTypeHandler) MapConfigTypeNamesToIds(values []string, identityId string) map[string]struct{}

func (*ConfigTypeHandler) Patch

func (handler *ConfigTypeHandler) Patch(configType *ConfigType, checker boltz.FieldChecker) error

func (*ConfigTypeHandler) Read

func (handler *ConfigTypeHandler) Read(id string) (*ConfigType, error)

func (*ConfigTypeHandler) ReadByName

func (handler *ConfigTypeHandler) ReadByName(name string) (*ConfigType, error)

func (*ConfigTypeHandler) Update

func (handler *ConfigTypeHandler) Update(configType *ConfigType) error

type EdgeRouter

type EdgeRouter struct {
	models.BaseEntity
	Name                  string
	RoleAttributes        []string
	IsVerified            bool
	Fingerprint           *string
	CertPem               *string
	Hostname              *string
	EdgeRouterProtocols   map[string]string
	VersionInfo           *common.VersionInfo
	IsTunnelerEnabled     bool
	AppData               map[string]interface{}
	UnverifiedFingerprint *string
	UnverifiedCertPem     *string
}

type EdgeRouterHandler

type EdgeRouterHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterHandler

func NewEdgeRouterHandler(env Env) *EdgeRouterHandler

func (*EdgeRouterHandler) BaseList

func (handler *EdgeRouterHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BaseLoad

func (handler *EdgeRouterHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterHandler) BaseLoadInTx

func (handler *EdgeRouterHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterHandler) BasePreparedList

func (handler *EdgeRouterHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BasePreparedListAssociated

func (handler *EdgeRouterHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) BasePreparedListIndexed

func (handler *EdgeRouterHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterHandler) CollectEnrollments

func (handler *EdgeRouterHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*EdgeRouterHandler) Create

func (handler *EdgeRouterHandler) Create(modelEntity *EdgeRouter) (string, error)

func (*EdgeRouterHandler) CreateWithEnrollment

func (handler *EdgeRouterHandler) CreateWithEnrollment(edgeRouter *EdgeRouter, enrollment *Enrollment) (string, string, error)

func (*EdgeRouterHandler) Delete

func (handler *EdgeRouterHandler) Delete(id string) error

func (*EdgeRouterHandler) ExtendEnrollment added in v0.19.81

func (handler *EdgeRouterHandler) ExtendEnrollment(router *EdgeRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*EdgeRouterHandler) ExtendEnrollmentVerify added in v0.21.20

func (handler *EdgeRouterHandler) ExtendEnrollmentVerify(router *EdgeRouter) error

func (*EdgeRouterHandler) ExtendEnrollmentWithVerify added in v0.21.20

func (handler *EdgeRouterHandler) ExtendEnrollmentWithVerify(router *EdgeRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*EdgeRouterHandler) GetDb

func (handler *EdgeRouterHandler) GetDb() boltz.Db

func (*EdgeRouterHandler) GetEnv

func (handler *EdgeRouterHandler) GetEnv() Env

func (*EdgeRouterHandler) GetStore

func (handler *EdgeRouterHandler) GetStore() boltz.CrudStore

func (*EdgeRouterHandler) ListForIdentityAndService added in v0.19.40

func (handler *EdgeRouterHandler) ListForIdentityAndService(identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) ListForIdentityAndServiceWithTx

func (handler *EdgeRouterHandler) ListForIdentityAndServiceWithTx(tx *bbolt.Tx, identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) ListForSession

func (handler *EdgeRouterHandler) ListForSession(sessionId string) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) Patch

func (handler *EdgeRouterHandler) Patch(modelEntity *EdgeRouter, checker boltz.FieldChecker) error

func (*EdgeRouterHandler) PatchUnrestricted added in v0.19.81

func (handler *EdgeRouterHandler) PatchUnrestricted(modelEntity *EdgeRouter, checker boltz.FieldChecker) error

func (*EdgeRouterHandler) Query

func (handler *EdgeRouterHandler) Query(query string) (*EdgeRouterListResult, error)

func (*EdgeRouterHandler) QueryRoleAttributes

func (handler *EdgeRouterHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeRouterHandler) ReEnroll added in v0.21.32

func (handler *EdgeRouterHandler) ReEnroll(router *EdgeRouter) error

ReEnroll creates a new JWT enrollment for an existing edge router. If the edge router already exists with a JWT, a new JWT is created. If the edge router was already enrolled, all record of the enrollment is reset and the edge router is disconnected forcing the edge router to complete enrollment before connecting.

func (*EdgeRouterHandler) Read

func (handler *EdgeRouterHandler) Read(id string) (*EdgeRouter, error)

func (*EdgeRouterHandler) ReadOneByFingerprint

func (handler *EdgeRouterHandler) ReadOneByFingerprint(fingerprint string) (*EdgeRouter, error)

func (*EdgeRouterHandler) ReadOneByQuery

func (handler *EdgeRouterHandler) ReadOneByQuery(query string) (*EdgeRouter, error)

func (*EdgeRouterHandler) ReadOneByUnverifiedFingerprint added in v0.21.20

func (handler *EdgeRouterHandler) ReadOneByUnverifiedFingerprint(fingerprint string) (*EdgeRouter, error)

func (*EdgeRouterHandler) Update

func (handler *EdgeRouterHandler) Update(modelEntity *EdgeRouter, restrictFields bool) error

type EdgeRouterListResult

type EdgeRouterListResult struct {
	EdgeRouters []*EdgeRouter
	models.QueryMetaData
	// contains filtered or unexported fields
}

type EdgeRouterPolicy

type EdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	IdentityRoles   []string
	EdgeRouterRoles []string
}

type EdgeRouterPolicyHandler

type EdgeRouterPolicyHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterPolicyHandler

func NewEdgeRouterPolicyHandler(env Env) *EdgeRouterPolicyHandler

func (*EdgeRouterPolicyHandler) BaseList

func (handler *EdgeRouterPolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BaseLoad

func (handler *EdgeRouterPolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterPolicyHandler) BaseLoadInTx

func (handler *EdgeRouterPolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterPolicyHandler) BasePreparedList

func (handler *EdgeRouterPolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BasePreparedListAssociated

func (handler *EdgeRouterPolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) BasePreparedListIndexed

func (handler *EdgeRouterPolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeRouterPolicyHandler) Create

func (handler *EdgeRouterPolicyHandler) Create(edgeRouterPolicy *EdgeRouterPolicy) (string, error)

func (*EdgeRouterPolicyHandler) Delete

func (handler *EdgeRouterPolicyHandler) Delete(id string) error

func (*EdgeRouterPolicyHandler) GetDb

func (handler *EdgeRouterPolicyHandler) GetDb() boltz.Db

func (*EdgeRouterPolicyHandler) GetEnv

func (handler *EdgeRouterPolicyHandler) GetEnv() Env

func (*EdgeRouterPolicyHandler) GetStore

func (handler *EdgeRouterPolicyHandler) GetStore() boltz.CrudStore

func (*EdgeRouterPolicyHandler) Patch

func (handler *EdgeRouterPolicyHandler) Patch(edgeRouterPolicy *EdgeRouterPolicy, checker boltz.FieldChecker) error

func (*EdgeRouterPolicyHandler) Read

func (handler *EdgeRouterPolicyHandler) Read(id string) (*EdgeRouterPolicy, error)

func (*EdgeRouterPolicyHandler) Update

func (handler *EdgeRouterPolicyHandler) Update(edgeRouterPolicy *EdgeRouterPolicy) error

type EdgeRouterPolicyListResult

type EdgeRouterPolicyListResult struct {
	EdgeRouterPolicies []*EdgeRouterPolicy
	models.QueryMetaData
}

type EdgeServiceHandler

type EdgeServiceHandler struct {
	// contains filtered or unexported fields
}

func NewEdgeServiceHandler

func NewEdgeServiceHandler(env Env) *EdgeServiceHandler

func (*EdgeServiceHandler) BaseList

func (handler *EdgeServiceHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BaseLoad

func (handler *EdgeServiceHandler) BaseLoad(id string) (models.Entity, error)

func (*EdgeServiceHandler) BaseLoadInTx

func (handler *EdgeServiceHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeServiceHandler) BasePreparedList

func (handler *EdgeServiceHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BasePreparedListAssociated

func (handler *EdgeServiceHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) BasePreparedListIndexed

func (handler *EdgeServiceHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EdgeServiceHandler) Create

func (handler *EdgeServiceHandler) Create(service *Service) (string, error)

func (*EdgeServiceHandler) Delete

func (handler *EdgeServiceHandler) Delete(id string) error

func (*EdgeServiceHandler) GetDb

func (handler *EdgeServiceHandler) GetDb() boltz.Db

func (*EdgeServiceHandler) GetEnv

func (handler *EdgeServiceHandler) GetEnv() Env

func (*EdgeServiceHandler) GetPolicyPostureChecks added in v0.19.79

func (handler *EdgeServiceHandler) GetPolicyPostureChecks(identityId, serviceId string) map[string]*PolicyPostureChecks

func (*EdgeServiceHandler) GetStore

func (handler *EdgeServiceHandler) GetStore() boltz.CrudStore

func (*EdgeServiceHandler) Patch

func (handler *EdgeServiceHandler) Patch(service *Service, checker boltz.FieldChecker) error

func (*EdgeServiceHandler) PublicQueryForIdentity

func (handler *EdgeServiceHandler) PublicQueryForIdentity(sessionIdentity *Identity, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceHandler) QueryForIdentity

func (handler *EdgeServiceHandler) QueryForIdentity(identityId string, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceHandler) QueryRoleAttributes

func (handler *EdgeServiceHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeServiceHandler) Read

func (handler *EdgeServiceHandler) Read(id string) (*Service, error)

func (*EdgeServiceHandler) ReadByName added in v0.19.36

func (handler *EdgeServiceHandler) ReadByName(name string) (*Service, error)

func (*EdgeServiceHandler) ReadForIdentity

func (handler *EdgeServiceHandler) ReadForIdentity(id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceHandler) ReadForIdentityInTx

func (handler *EdgeServiceHandler) ReadForIdentityInTx(tx *bbolt.Tx, id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceHandler) ReadForNonAdminIdentityInTx added in v0.15.15

func (handler *EdgeServiceHandler) ReadForNonAdminIdentityInTx(tx *bbolt.Tx, id string, identityId string) (*ServiceDetail, error)

func (*EdgeServiceHandler) Update

func (handler *EdgeServiceHandler) Update(service *Service) error

type EnrollModuleCa

type EnrollModuleCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleCa

func NewEnrollModuleCa(env Env) *EnrollModuleCa

func (*EnrollModuleCa) CanHandle

func (module *EnrollModuleCa) CanHandle(method string) bool

func (*EnrollModuleCa) Process

func (module *EnrollModuleCa) Process(context EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleEr

type EnrollModuleEr struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleEdgeRouterOtt

func NewEnrollModuleEdgeRouterOtt(env Env) *EnrollModuleEr

func (*EnrollModuleEr) CanHandle

func (module *EnrollModuleEr) CanHandle(method string) bool

func (*EnrollModuleEr) Process

func (module *EnrollModuleEr) Process(context EnrollmentContext) (*EnrollmentResult, error)

func (*EnrollModuleEr) ProcessClientCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessClientCsrPem(clientCertCsrPem []byte, edgeRouterId string) ([]byte, error)

func (*EnrollModuleEr) ProcessServerCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessServerCsrPem(serverCertCsrPem []byte) ([]byte, error)

type EnrollModuleOtt

type EnrollModuleOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOtt

func NewEnrollModuleOtt(env Env) *EnrollModuleOtt

func (*EnrollModuleOtt) CanHandle

func (module *EnrollModuleOtt) CanHandle(method string) bool

func (*EnrollModuleOtt) Process

func (module *EnrollModuleOtt) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleOttCa

type EnrollModuleOttCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOttCa

func NewEnrollModuleOttCa(env Env) *EnrollModuleOttCa

func (*EnrollModuleOttCa) CanHandle

func (module *EnrollModuleOttCa) CanHandle(method string) bool

func (*EnrollModuleOttCa) Process

func (module *EnrollModuleOttCa) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleRouterOtt

type EnrollModuleRouterOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleTransitRouterOtt

func NewEnrollModuleTransitRouterOtt(env Env) *EnrollModuleRouterOtt

func (*EnrollModuleRouterOtt) CanHandle

func (module *EnrollModuleRouterOtt) CanHandle(method string) bool

func (*EnrollModuleRouterOtt) Process

func (module *EnrollModuleRouterOtt) Process(context EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleUpdb

type EnrollModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleUpdb

func NewEnrollModuleUpdb(env Env) *EnrollModuleUpdb

func (*EnrollModuleUpdb) CanHandle

func (module *EnrollModuleUpdb) CanHandle(method string) bool

func (*EnrollModuleUpdb) Process

func (module *EnrollModuleUpdb) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type Enrollment

type Enrollment struct {
	models.BaseEntity
	Method          string
	IdentityId      *string
	TransitRouterId *string
	EdgeRouterId    *string
	Token           string
	IssuedAt        *time.Time
	ExpiresAt       *time.Time
	Jwt             string
	CaId            *string
	Username        *string
}

func (*Enrollment) FillJwtInfo

func (entity *Enrollment) FillJwtInfo(env Env, subject string) error

type EnrollmentContext

type EnrollmentContext interface {
	GetParameters() map[string]interface{}
	GetToken() string
	GetData() interface{}
	GetDataAsMap() map[string]interface{}
	GetDataAsByteArray() []byte
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
	GetMethod() string
}

type EnrollmentContextHttp

type EnrollmentContextHttp struct {
	Headers    map[string]interface{}
	Parameters map[string]interface{}
	Data       interface{}
	Certs      []*x509.Certificate
	Token      string
	Method     string
}

func (*EnrollmentContextHttp) FillFromHttpRequest

func (context *EnrollmentContextHttp) FillFromHttpRequest(request *http.Request) error

func (*EnrollmentContextHttp) GetCerts

func (context *EnrollmentContextHttp) GetCerts() []*x509.Certificate

func (*EnrollmentContextHttp) GetData

func (context *EnrollmentContextHttp) GetData() interface{}

func (*EnrollmentContextHttp) GetDataAsByteArray

func (context *EnrollmentContextHttp) GetDataAsByteArray() []byte

func (*EnrollmentContextHttp) GetDataAsMap

func (context *EnrollmentContextHttp) GetDataAsMap() map[string]interface{}

func (*EnrollmentContextHttp) GetHeaders

func (context *EnrollmentContextHttp) GetHeaders() map[string]interface{}

func (*EnrollmentContextHttp) GetMethod

func (context *EnrollmentContextHttp) GetMethod() string

func (*EnrollmentContextHttp) GetParameters

func (context *EnrollmentContextHttp) GetParameters() map[string]interface{}

func (*EnrollmentContextHttp) GetToken

func (context *EnrollmentContextHttp) GetToken() string

type EnrollmentHandler

type EnrollmentHandler struct {
	// contains filtered or unexported fields
}

func NewEnrollmentHandler

func NewEnrollmentHandler(env Env) *EnrollmentHandler

func (*EnrollmentHandler) BaseList

func (handler *EnrollmentHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EnrollmentHandler) BaseLoad

func (handler *EnrollmentHandler) BaseLoad(id string) (models.Entity, error)

func (*EnrollmentHandler) BaseLoadInTx

func (handler *EnrollmentHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EnrollmentHandler) BasePreparedList

func (handler *EnrollmentHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) BasePreparedListAssociated

func (handler *EnrollmentHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) BasePreparedListIndexed

func (handler *EnrollmentHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EnrollmentHandler) Delete

func (handler *EnrollmentHandler) Delete(id string) error

func (*EnrollmentHandler) Enroll

func (handler *EnrollmentHandler) Enroll(ctx EnrollmentContext) (*EnrollmentResult, error)

func (*EnrollmentHandler) GetDb

func (handler *EnrollmentHandler) GetDb() boltz.Db

func (*EnrollmentHandler) GetEnv

func (handler *EnrollmentHandler) GetEnv() Env

func (*EnrollmentHandler) GetStore

func (handler *EnrollmentHandler) GetStore() boltz.CrudStore

func (*EnrollmentHandler) Read

func (handler *EnrollmentHandler) Read(id string) (*Enrollment, error)

func (*EnrollmentHandler) ReadByToken

func (handler *EnrollmentHandler) ReadByToken(token string) (*Enrollment, error)

func (*EnrollmentHandler) ReplaceWithAuthenticator

func (handler *EnrollmentHandler) ReplaceWithAuthenticator(enrollmentId string, authenticator *Authenticator) error

type EnrollmentProcessor

type EnrollmentProcessor interface {
	CanHandle(method string) bool
	Process(context EnrollmentContext) (*EnrollmentResult, error)
}

type EnrollmentRegistry

type EnrollmentRegistry interface {
	Add(method EnrollmentProcessor)
	GetByMethod(method string) EnrollmentProcessor
}

type EnrollmentRegistryImpl

type EnrollmentRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*EnrollmentRegistryImpl) Add

func (registry *EnrollmentRegistryImpl) Add(processor EnrollmentProcessor)

func (*EnrollmentRegistryImpl) GetByMethod

func (registry *EnrollmentRegistryImpl) GetByMethod(method string) EnrollmentProcessor

type EnrollmentResult

type EnrollmentResult struct {
	Identity      *Identity
	Authenticator *Authenticator
	Content       interface{}
	TextContent   []byte
	Producer      runtime.Producer
	Status        int
}

type Env

type Env interface {
	GetHandlers() *Handlers
	GetConfig() *config.Config
	GetJwtSigner() jwtsigner.Signer
	GetDbProvider() persistence.DbProvider
	GetStores() *persistence.Stores
	GetAuthRegistry() AuthRegistry
	GetEnrollRegistry() EnrollmentRegistry
	GetApiClientCsrSigner() cert.Signer
	GetApiServerCsrSigner() cert.Signer
	GetControlClientCsrSigner() cert.Signer
	GetHostController() HostController
	IsEdgeRouterOnline(id string) bool
	GetMetricsRegistry() metrics.Registry
	GetFingerprintGenerator() cert.FingerprintGenerator
	HandleServiceUpdatedEventForIdentityId(identityId string)
}

type EnvInfo

type EnvInfo struct {
	Arch      string
	Os        string
	OsRelease string
	OsVersion string
}

type EventLog

type EventLog struct {
	models.BaseEntity
	Type             string
	ActorType        string
	ActorId          string
	EntityType       string
	EntityId         string
	FormattedMessage string
	FormatString     string
	FormatData       string
	Data             map[string]interface{}
}

type EventLogHandler

type EventLogHandler struct {
	// contains filtered or unexported fields
}

func NewEventLogHandler

func NewEventLogHandler(env Env) *EventLogHandler

func (*EventLogHandler) BaseList

func (handler *EventLogHandler) BaseList(query string) (*models.EntityListResult, error)

func (*EventLogHandler) BaseLoad

func (handler *EventLogHandler) BaseLoad(id string) (models.Entity, error)

func (*EventLogHandler) BaseLoadInTx

func (handler *EventLogHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EventLogHandler) BasePreparedList

func (handler *EventLogHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) BasePreparedListAssociated

func (handler *EventLogHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) BasePreparedListIndexed

func (handler *EventLogHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*EventLogHandler) Create

func (handler *EventLogHandler) Create(entity *EventLog) (string, error)

func (*EventLogHandler) GetDb

func (handler *EventLogHandler) GetDb() boltz.Db

func (*EventLogHandler) GetEnv

func (handler *EventLogHandler) GetEnv() Env

func (*EventLogHandler) GetStore

func (handler *EventLogHandler) GetStore() boltz.CrudStore

type ExtendedCerts added in v0.19.81

type ExtendedCerts struct {
	RawClientCert []byte
	RawServerCert []byte
}

type Formatter

type Formatter struct {
	// contains filtered or unexported fields
}

func NewFormatter

func NewFormatter(symbols map[string]string) *Formatter

func NewIdentityNameFormatter

func NewIdentityNameFormatter(ca *Ca, clientCert *x509.Certificate, identityName, identityId string) *Formatter

func (*Formatter) Format

func (formatter *Formatter) Format(name string) string

type GeoRegion

type GeoRegion struct {
	models.BaseEntity
	Name string `json:"name"`
}

type GeoRegionHandler

type GeoRegionHandler struct {
	// contains filtered or unexported fields
}

func NewGeoRegionHandler

func NewGeoRegionHandler(env Env) *GeoRegionHandler

func (*GeoRegionHandler) BaseList

func (handler *GeoRegionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*GeoRegionHandler) BaseLoad

func (handler *GeoRegionHandler) BaseLoad(id string) (models.Entity, error)

func (*GeoRegionHandler) BaseLoadInTx

func (handler *GeoRegionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*GeoRegionHandler) BasePreparedList

func (handler *GeoRegionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) BasePreparedListAssociated

func (handler *GeoRegionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) BasePreparedListIndexed

func (handler *GeoRegionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*GeoRegionHandler) Create

func (handler *GeoRegionHandler) Create(geoRegionModel *GeoRegion) (string, error)

func (*GeoRegionHandler) Delete

func (handler *GeoRegionHandler) Delete(id string) error

func (*GeoRegionHandler) GetDb

func (handler *GeoRegionHandler) GetDb() boltz.Db

func (*GeoRegionHandler) GetEnv

func (handler *GeoRegionHandler) GetEnv() Env

func (*GeoRegionHandler) GetStore

func (handler *GeoRegionHandler) GetStore() boltz.CrudStore

type Handler

type Handler interface {
	models.EntityRetriever

	GetEnv() Env
	// contains filtered or unexported methods
}

type Handlers

type Handlers struct {
	// fabric
	Router     *network.RouterController
	Service    *network.ServiceController
	Terminator *network.TerminatorController

	// edge
	ApiSession              *ApiSessionHandler
	ApiSessionCertificate   *ApiSessionCertificateHandler
	Ca                      *CaHandler
	Config                  *ConfigHandler
	ConfigType              *ConfigTypeHandler
	EdgeRouter              *EdgeRouterHandler
	EdgeRouterPolicy        *EdgeRouterPolicyHandler
	EdgeService             *EdgeServiceHandler
	EventLog                *EventLogHandler
	GeoRegion               *GeoRegionHandler
	Identity                *IdentityHandler
	IdentityType            *IdentityTypeHandler
	PolicyAdvisor           *PolicyAdvisor
	ServiceEdgeRouterPolicy *ServiceEdgeRouterPolicyHandler
	ServicePolicy           *ServicePolicyHandler
	TransitRouter           *TransitRouterHandler
	Session                 *SessionHandler
	Authenticator           *AuthenticatorHandler
	Enrollment              *EnrollmentHandler
	PostureCheck            *PostureCheckHandler
	PostureCheckType        *PostureCheckTypeHandler
	PostureResponse         *PostureResponseHandler
	Mfa                     *MfaHandler
}

func InitHandlers

func InitHandlers(env Env) *Handlers

type HashedPassword

type HashedPassword struct {
	RawResult *crypto.HashResult //raw byte hash results
	Salt      string             //base64 encoded hash
	Password  string             //base64 encoded hash
}

type Heartbeat added in v0.19.39

type Heartbeat struct {
	ApiSessionId   string
	LastActivityAt time.Time
}

type HeartbeatCollector added in v0.19.39

type HeartbeatCollector struct {
	// contains filtered or unexported fields
}

func NewHeartbeatCollector added in v0.19.39

func NewHeartbeatCollector(env Env, batchSize int, updateInterval time.Duration, action func([]*Heartbeat)) *HeartbeatCollector

NewHeartbeatCollector creates a HeartbeatCollector which is used to manage situations where an SDK is connecting to multiple Edge Routers and making API calls that all update their last updated at and trigger writes. The heartbeat collector aggregates all of those calls into a single write and acts as an in memory buffer for last update times.

func (*HeartbeatCollector) LastAccessedAt added in v0.19.39

func (self *HeartbeatCollector) LastAccessedAt(apiSessionId string) (*time.Time, bool)

LastAccessedAt will return the last time an API Sessions was either connected to an Edge Router or made a REST API call and true. If no such action has happened or the API Session no longer exists nil and false will be returned.

func (*HeartbeatCollector) Mark added in v0.19.39

func (self *HeartbeatCollector) Mark(apiSessionId string)

func (*HeartbeatCollector) Remove added in v0.19.39

func (self *HeartbeatCollector) Remove(id string)

func (*HeartbeatCollector) Start added in v0.19.39

func (self *HeartbeatCollector) Start()

func (*HeartbeatCollector) Stop added in v0.19.39

func (self *HeartbeatCollector) Stop()

type HeartbeatStatus added in v0.19.39

type HeartbeatStatus struct {
	// contains filtered or unexported fields
}

type HostController

type HostController interface {
	GetNetwork() *network.Network
	Shutdown()
	GetCloseNotifyChannel() <-chan struct{}
}

type Identity

type Identity struct {
	models.BaseEntity
	Name                      string
	IdentityTypeId            string
	IsDefaultAdmin            bool
	IsAdmin                   bool
	RoleAttributes            []string
	EnvInfo                   *EnvInfo
	SdkInfo                   *SdkInfo
	HasHeartbeat              bool
	DefaultHostingPrecedence  ziti.Precedence
	DefaultHostingCost        uint16
	ServiceHostingPrecedences map[string]ziti.Precedence
	ServiceHostingCosts       map[string]uint16
	AppData                   map[string]interface{}
}

type IdentityHandler

type IdentityHandler struct {
	// contains filtered or unexported fields
}

func NewIdentityHandler

func NewIdentityHandler(env Env) *IdentityHandler

func (*IdentityHandler) AssignServiceConfigs

func (handler *IdentityHandler) AssignServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityHandler) BaseList

func (handler *IdentityHandler) BaseList(query string) (*models.EntityListResult, error)

func (*IdentityHandler) BaseLoad

func (handler *IdentityHandler) BaseLoad(id string) (models.Entity, error)

func (*IdentityHandler) BaseLoadInTx

func (handler *IdentityHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityHandler) BasePreparedList

func (handler *IdentityHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) BasePreparedListAssociated

func (handler *IdentityHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) BasePreparedListIndexed

func (handler *IdentityHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*IdentityHandler) CollectAuthenticators

func (handler *IdentityHandler) CollectAuthenticators(id string, collector func(entity *Authenticator) error) error

func (*IdentityHandler) CollectEnrollments

func (handler *IdentityHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*IdentityHandler) Create

func (handler *IdentityHandler) Create(identityModel *Identity) (string, error)

func (*IdentityHandler) CreateWithAuthenticator

func (handler *IdentityHandler) CreateWithAuthenticator(identity *Identity, authenticator *Authenticator) (string, string, error)

func (*IdentityHandler) CreateWithEnrollments

func (handler *IdentityHandler) CreateWithEnrollments(identityModel *Identity, enrollmentsModels []*Enrollment) (string, []string, error)

func (*IdentityHandler) Delete

func (handler *IdentityHandler) Delete(id string) error

func (*IdentityHandler) GetDb

func (handler *IdentityHandler) GetDb() boltz.Db

func (*IdentityHandler) GetEnv

func (handler *IdentityHandler) GetEnv() Env

func (*IdentityHandler) GetServiceConfigs

func (handler *IdentityHandler) GetServiceConfigs(id string) ([]ServiceConfig, error)

func (*IdentityHandler) GetStore

func (handler *IdentityHandler) GetStore() boltz.CrudStore

func (*IdentityHandler) InitializeDefaultAdmin

func (handler *IdentityHandler) InitializeDefaultAdmin(username, password, name string) error

func (*IdentityHandler) IsActive added in v0.17.8

func (handler *IdentityHandler) IsActive(id string) bool

func (IdentityHandler) IsUpdated

func (handler IdentityHandler) IsUpdated(field string) bool

func (*IdentityHandler) Patch

func (handler *IdentityHandler) Patch(identity *Identity, checker boltz.FieldChecker) error

func (*IdentityHandler) PatchInfo

func (handler *IdentityHandler) PatchInfo(identity *Identity) error

func (*IdentityHandler) QueryRoleAttributes

func (handler *IdentityHandler) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*IdentityHandler) Read

func (handler *IdentityHandler) Read(id string) (*Identity, error)

func (*IdentityHandler) ReadByName added in v0.19.36

func (handler *IdentityHandler) ReadByName(name string) (*Identity, error)

func (*IdentityHandler) ReadDefaultAdmin

func (handler *IdentityHandler) ReadDefaultAdmin() (*Identity, error)

func (*IdentityHandler) ReadOneByQuery

func (handler *IdentityHandler) ReadOneByQuery(query string) (*Identity, error)

func (*IdentityHandler) RemoveServiceConfigs

func (handler *IdentityHandler) RemoveServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityHandler) SetActive added in v0.17.8

func (handler *IdentityHandler) SetActive(id string)

func (*IdentityHandler) Update

func (handler *IdentityHandler) Update(identity *Identity) error

func (*IdentityHandler) VisitIdentityAuthenticatorFingerprints added in v0.19.0

func (handler *IdentityHandler) VisitIdentityAuthenticatorFingerprints(tx *bbolt.Tx, identityId string, visitor func(string) bool) (bool, error)

type IdentityType

type IdentityType struct {
	models.BaseEntity
	Name string `json:"name"`
}

type IdentityTypeHandler

type IdentityTypeHandler struct {
	// contains filtered or unexported fields
}

func NewIdentityTypeHandler

func NewIdentityTypeHandler(env Env) *IdentityTypeHandler

func (*IdentityTypeHandler) BaseList

func (handler *IdentityTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BaseLoad

func (handler *IdentityTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*IdentityTypeHandler) BaseLoadInTx

func (handler *IdentityTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityTypeHandler) BasePreparedList

func (handler *IdentityTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BasePreparedListAssociated

func (handler *IdentityTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) BasePreparedListIndexed

func (handler *IdentityTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*IdentityTypeHandler) Create

func (handler *IdentityTypeHandler) Create(IdentityTypeModel *IdentityType) (string, error)

func (*IdentityTypeHandler) Delete

func (handler *IdentityTypeHandler) Delete(id string) error

func (*IdentityTypeHandler) GetDb

func (handler *IdentityTypeHandler) GetDb() boltz.Db

func (*IdentityTypeHandler) GetEnv

func (handler *IdentityTypeHandler) GetEnv() Env

func (*IdentityTypeHandler) GetStore

func (handler *IdentityTypeHandler) GetStore() boltz.CrudStore

func (*IdentityTypeHandler) Read

func (handler *IdentityTypeHandler) Read(id string) (*IdentityType, error)

func (*IdentityTypeHandler) ReadByIdOrName

func (handler *IdentityTypeHandler) ReadByIdOrName(idOrName string) (*IdentityType, error)

func (*IdentityTypeHandler) ReadByName

func (handler *IdentityTypeHandler) ReadByName(name string) (*IdentityType, error)

type Mfa added in v0.17.52

type Mfa struct {
	models.BaseEntity
	IsVerified    bool
	IdentityId    string
	Identity      *Identity
	Secret        string
	RecoveryCodes []string
}

type MfaHandler added in v0.17.52

type MfaHandler struct {
	// contains filtered or unexported fields
}

func NewMfaHandler added in v0.17.52

func NewMfaHandler(env Env) *MfaHandler

func (*MfaHandler) BaseList added in v0.17.52

func (handler *MfaHandler) BaseList(query string) (*models.EntityListResult, error)

func (*MfaHandler) BaseLoad added in v0.17.52

func (handler *MfaHandler) BaseLoad(id string) (models.Entity, error)

func (*MfaHandler) BaseLoadInTx added in v0.17.52

func (handler *MfaHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*MfaHandler) BasePreparedList added in v0.17.52

func (handler *MfaHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) BasePreparedListAssociated added in v0.17.52

func (handler *MfaHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) BasePreparedListIndexed added in v0.17.52

func (handler *MfaHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*MfaHandler) Create added in v0.17.52

func (handler *MfaHandler) Create(entity *Mfa) (string, error)

func (*MfaHandler) CreateForIdentity added in v0.17.52

func (handler *MfaHandler) CreateForIdentity(identity *Identity) (string, error)

func (*MfaHandler) Delete added in v0.17.52

func (handler *MfaHandler) Delete(id string) error

func (*MfaHandler) DeleteForIdentity added in v0.17.52

func (handler *MfaHandler) DeleteForIdentity(identity *Identity, code string) error

func (*MfaHandler) GetDb added in v0.17.52

func (handler *MfaHandler) GetDb() boltz.Db

func (*MfaHandler) GetEnv added in v0.17.52

func (handler *MfaHandler) GetEnv() Env

func (*MfaHandler) GetProvisioningUrl added in v0.17.52

func (handler *MfaHandler) GetProvisioningUrl(mfa *Mfa) string

func (*MfaHandler) GetStore added in v0.17.52

func (handler *MfaHandler) GetStore() boltz.CrudStore

func (*MfaHandler) IsUpdated added in v0.17.52

func (handler *MfaHandler) IsUpdated(field string) bool

func (*MfaHandler) QrCodePng added in v0.17.52

func (handler *MfaHandler) QrCodePng(mfa *Mfa) ([]byte, error)

func (*MfaHandler) Query added in v0.17.52

func (handler *MfaHandler) Query(query string) (*MfaListResult, error)

func (*MfaHandler) Read added in v0.17.52

func (handler *MfaHandler) Read(id string) (*Mfa, error)

func (*MfaHandler) ReadByIdentityId added in v0.17.52

func (handler *MfaHandler) ReadByIdentityId(identityId string) (*Mfa, error)

func (*MfaHandler) RecreateRecoveryCodes added in v0.17.52

func (handler *MfaHandler) RecreateRecoveryCodes(mfa *Mfa) error

func (*MfaHandler) Update added in v0.17.52

func (handler *MfaHandler) Update(Mfa *Mfa) error

func (*MfaHandler) Verify added in v0.17.52

func (handler *MfaHandler) Verify(mfa *Mfa, code string) (bool, error)

func (*MfaHandler) VerifyTOTP added in v0.17.52

func (handler *MfaHandler) VerifyTOTP(mfa *Mfa, code string) (bool, error)

VerifyTOTP verifies TOTP values only, not recovery codes

type MfaListResult added in v0.17.52

type MfaListResult struct {
	Mfas []*Mfa
	models.QueryMetaData
	// contains filtered or unexported fields
}

type OperatingSystem added in v0.16.48

type OperatingSystem struct {
	OsType     string
	OsVersions []string
}

type OrFieldChecker

type OrFieldChecker struct {
	// contains filtered or unexported fields
}

func NewOrFieldChecker

func NewOrFieldChecker(checker boltz.FieldChecker, fields ...string) *OrFieldChecker

func (*OrFieldChecker) IsUpdated

func (checker *OrFieldChecker) IsUpdated(field string) bool

type PolicyAdvisor

type PolicyAdvisor struct {
	// contains filtered or unexported fields
}

func NewPolicyAdvisor

func NewPolicyAdvisor(env Env) *PolicyAdvisor

func (*PolicyAdvisor) AnalyzeServiceReachability

func (advisor *PolicyAdvisor) AnalyzeServiceReachability(identityId, serviceId string) (*AdvisorServiceReachability, error)
func (advisor *PolicyAdvisor) InspectIdentityEdgeRouterLinks(identityId, edgeRouterId string) (*AdvisorIdentityEdgeRouterLinks, error)
func (advisor *PolicyAdvisor) InspectIdentityServiceLinks(identityId, serviceId string) (*AdvisorIdentityServiceLinks, error)
func (advisor *PolicyAdvisor) InspectServiceEdgeRouterLinks(serviceId, edgeRouterId string) (*AdvisorServiceEdgeRouterLinks, error)

type PolicyPostureChecks added in v0.19.79

type PolicyPostureChecks struct {
	PostureChecks []*PostureCheck
	PolicyType    persistence.PolicyType
	PolicyName    string
}

type PostureCache added in v0.17.5

type PostureCache struct {
	events.EventEmmiter
	// contains filtered or unexported fields
}

func (*PostureCache) Add added in v0.17.5

func (pc *PostureCache) Add(identityId string, postureResponses []*PostureResponse)

func (*PostureCache) AddSessionRequestFailure added in v0.19.40

func (pc *PostureCache) AddSessionRequestFailure(identityId string, failure *PostureSessionRequestFailure)

func (*PostureCache) ApiSessionCreated added in v0.19.158

func (pc *PostureCache) ApiSessionCreated(args ...interface{})

func (*PostureCache) ApiSessionDeleted added in v0.19.158

func (pc *PostureCache) ApiSessionDeleted(args ...interface{})

func (*PostureCache) Evaluate added in v0.17.5

func (pc *PostureCache) Evaluate(identityId, apiSessionId string, postureChecks []*PostureCheck) (bool, []*PostureCheckFailure)

func (*PostureCache) IdentityDeleted added in v0.19.158

func (pc *PostureCache) IdentityDeleted(args ...interface{})

func (*PostureCache) PostureCheckChanged added in v0.20.35

func (pc *PostureCache) PostureCheckChanged(args ...interface{})

PostureCheckChanged notifies all associated identities that posture configuration has changed and that endpoints may need to reevaluate posture queries.

func (*PostureCache) PostureData added in v0.17.5

func (pc *PostureCache) PostureData(identityId string) *PostureData

PostureData returns a copy of the current posture data for an identity. Suitable for read only rendering. To alter/update posture data see Upsert.

func (*PostureCache) Upsert added in v0.19.158

func (pc *PostureCache) Upsert(identityId string, emitDataAltered bool, cb func(exist bool, valueInMap interface{}, newValue interface{}) interface{})

Upsert is a convenience function to alter the existing PostureData for an identity. If emitDataAltered is true, posture data listeners will be alerted: this will trigger service update notifications and posture check evaluation.

type PostureCheck added in v0.16.46

type PostureCheck struct {
	models.BaseEntity
	Name           string
	TypeId         string
	Version        int64
	RoleAttributes []string
	SubType        PostureCheckSubType
}

func (*PostureCheck) Evaluate added in v0.17.5

func (entity *PostureCheck) Evaluate(apiSessionId string, pd *PostureData) (bool, *PostureCheckFailure)

func (*PostureCheck) LastUpdatedAt added in v0.21.87

func (entity *PostureCheck) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

LastUpdatedAt returns the last time posture state changed for a specific posture check. If the posture state does not report changes, nil is returned.

func (*PostureCheck) TimeoutRemainingSeconds added in v0.19.168

func (entity *PostureCheck) TimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheck) TimeoutSeconds added in v0.19.158

func (entity *PostureCheck) TimeoutSeconds() int64

type PostureCheckDomains added in v0.19.40

type PostureCheckDomains struct {
	Domains []string
}

func (*PostureCheckDomains) ActualValue added in v0.19.40

func (p *PostureCheckDomains) ActualValue(apiSessionId string, pd *PostureData) interface{}

func (*PostureCheckDomains) Evaluate added in v0.19.40

func (p *PostureCheckDomains) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckDomains) ExpectedValue added in v0.19.40

func (p *PostureCheckDomains) ExpectedValue() interface{}

func (*PostureCheckDomains) FailureValues added in v0.19.40

func (*PostureCheckDomains) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckDomains) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckDomains) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckDomains) GetTimeoutSeconds() int64

func (*PostureCheckDomains) LastUpdatedAt added in v0.21.87

func (p *PostureCheckDomains) LastUpdatedAt(id string, pd *PostureData) *time.Time

type PostureCheckFailure added in v0.19.40

type PostureCheckFailure struct {
	PostureCheckId   string `json:"postureCheckId'"`
	PostureCheckName string `json:"postureCheckName"`
	PostureCheckType string `json:"postureCheckType"`
	PostureCheckFailureValues
}

func (PostureCheckFailure) ToClientErrorData added in v0.19.40

func (self PostureCheckFailure) ToClientErrorData() interface{}

type PostureCheckFailureSubType added in v0.19.40

type PostureCheckFailureSubType interface {
	Value() interface{}
	Expected() interface{}
}

type PostureCheckFailureValues added in v0.19.40

type PostureCheckFailureValues interface {
	Expected() interface{}
	Actual() interface{}
}

type PostureCheckFailureValuesDomain added in v0.19.40

type PostureCheckFailureValuesDomain struct {
	ActualValue   string
	ExpectedValue []string
}

func (PostureCheckFailureValuesDomain) Actual added in v0.19.40

func (p PostureCheckFailureValuesDomain) Actual() interface{}

func (PostureCheckFailureValuesDomain) Expected added in v0.19.40

func (p PostureCheckFailureValuesDomain) Expected() interface{}

type PostureCheckFailureValuesMac added in v0.19.40

type PostureCheckFailureValuesMac struct {
	ActualValue   []string
	ExpectedValue []string
}

func (PostureCheckFailureValuesMac) Actual added in v0.19.40

func (p PostureCheckFailureValuesMac) Actual() interface{}

func (PostureCheckFailureValuesMac) Expected added in v0.19.40

func (p PostureCheckFailureValuesMac) Expected() interface{}

type PostureCheckFailureValuesMfa added in v0.19.40

type PostureCheckFailureValuesMfa struct {
	ActualValue   PostureCheckMfaValues
	ExpectedValue PostureCheckMfaValues
	Criteria      PostureCheckMfaCriteria
}

func (PostureCheckFailureValuesMfa) Actual added in v0.19.40

func (p PostureCheckFailureValuesMfa) Actual() interface{}

func (PostureCheckFailureValuesMfa) Expected added in v0.19.40

func (p PostureCheckFailureValuesMfa) Expected() interface{}

type PostureCheckFailureValuesOperatingSystem added in v0.19.40

type PostureCheckFailureValuesOperatingSystem struct {
	ActualValue   PostureResponseOs
	ExpectedValue []OperatingSystem
}

func (PostureCheckFailureValuesOperatingSystem) Actual added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Actual() interface{}

func (PostureCheckFailureValuesOperatingSystem) Expected added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Expected() interface{}

type PostureCheckFailureValuesProcess added in v0.19.40

type PostureCheckFailureValuesProcess struct {
	ActualValue   PostureResponseProcess
	ExpectedValue PostureCheckProcess
}

func (PostureCheckFailureValuesProcess) Actual added in v0.19.40

func (p PostureCheckFailureValuesProcess) Actual() interface{}

func (PostureCheckFailureValuesProcess) Expected added in v0.19.40

func (p PostureCheckFailureValuesProcess) Expected() interface{}

type PostureCheckFailureValuesProcessMulti added in v0.19.93

type PostureCheckFailureValuesProcessMulti struct {
	ActualValue   []PostureResponseProcess
	ExpectedValue PostureCheckProcessMulti
}

func (PostureCheckFailureValuesProcessMulti) Actual added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Actual() interface{}

func (PostureCheckFailureValuesProcessMulti) Expected added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Expected() interface{}

type PostureCheckHandler added in v0.16.46

type PostureCheckHandler struct {
	// contains filtered or unexported fields
}

func NewPostureCheckHandler added in v0.16.46

func NewPostureCheckHandler(env Env) *PostureCheckHandler

func (*PostureCheckHandler) BaseList added in v0.16.46

func (handler *PostureCheckHandler) BaseList(query string) (*models.EntityListResult, error)

func (*PostureCheckHandler) BaseLoad added in v0.16.46

func (handler *PostureCheckHandler) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckHandler) BaseLoadInTx added in v0.16.46

func (handler *PostureCheckHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckHandler) BasePreparedList added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) BasePreparedListAssociated added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) BasePreparedListIndexed added in v0.16.46

func (handler *PostureCheckHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckHandler) Create added in v0.16.46

func (handler *PostureCheckHandler) Create(postureCheckModel *PostureCheck) (string, error)

func (*PostureCheckHandler) Delete added in v0.16.46

func (handler *PostureCheckHandler) Delete(id string) error

func (*PostureCheckHandler) GetDb added in v0.16.46

func (handler *PostureCheckHandler) GetDb() boltz.Db

func (*PostureCheckHandler) GetEnv added in v0.16.46

func (handler *PostureCheckHandler) GetEnv() Env

func (*PostureCheckHandler) GetStore added in v0.16.46

func (handler *PostureCheckHandler) GetStore() boltz.CrudStore

func (*PostureCheckHandler) IsUpdated added in v0.16.46

func (handler *PostureCheckHandler) IsUpdated(field string) bool

func (*PostureCheckHandler) Patch added in v0.16.46

func (handler *PostureCheckHandler) Patch(ca *PostureCheck, checker boltz.FieldChecker) error

func (*PostureCheckHandler) Query added in v0.16.46

func (handler *PostureCheckHandler) Query(query string) (*PostureCheckListResult, error)

func (*PostureCheckHandler) QueryPostureChecks added in v0.17.5

func (handler *PostureCheckHandler) QueryPostureChecks(query ast.Query) (*PostureCheckListResult, error)

func (*PostureCheckHandler) Read added in v0.16.46

func (handler *PostureCheckHandler) Read(id string) (*PostureCheck, error)

func (*PostureCheckHandler) Update added in v0.16.46

func (handler *PostureCheckHandler) Update(ca *PostureCheck) error

type PostureCheckListResult added in v0.16.46

type PostureCheckListResult struct {
	PostureChecks []*PostureCheck
	models.QueryMetaData
	// contains filtered or unexported fields
}

type PostureCheckMacAddresses added in v0.16.48

type PostureCheckMacAddresses struct {
	MacAddresses []string
}

func (*PostureCheckMacAddresses) Evaluate added in v0.17.5

func (p *PostureCheckMacAddresses) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckMacAddresses) FailureValues added in v0.19.40

func (*PostureCheckMacAddresses) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMacAddresses) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckMacAddresses) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMacAddresses) GetTimeoutSeconds() int64

func (*PostureCheckMacAddresses) LastUpdatedAt added in v0.21.87

func (p *PostureCheckMacAddresses) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

type PostureCheckMfa added in v0.17.52

type PostureCheckMfa struct {
	TimeoutSeconds        int64
	PromptOnWake          bool
	PromptOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

func (*PostureCheckMfa) Evaluate added in v0.17.52

func (p *PostureCheckMfa) Evaluate(apiSessionId string, pd *PostureData) bool

func (*PostureCheckMfa) FailureValues added in v0.19.40

func (p *PostureCheckMfa) FailureValues(apiSessionId string, pd *PostureData) PostureCheckFailureValues

func (*PostureCheckMfa) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMfa) GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheckMfa) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMfa) GetTimeoutSeconds() int64

func (*PostureCheckMfa) IsLegacyClient added in v0.19.158

func (p *PostureCheckMfa) IsLegacyClient(apiSessionData *ApiSessionPostureData) bool

func (*PostureCheckMfa) LastUpdatedAt added in v0.21.87

func (p *PostureCheckMfa) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

func (*PostureCheckMfa) PassedOnUnlock added in v0.19.158

func (p *PostureCheckMfa) PassedOnUnlock(apiSessionData *ApiSessionPostureData, now time.Time) bool

func (*PostureCheckMfa) PassedOnWake added in v0.19.158

func (p *PostureCheckMfa) PassedOnWake(apiSessionData *ApiSessionPostureData, now time.Time) bool

type PostureCheckMfaCriteria added in v0.21.82

type PostureCheckMfaCriteria struct {
	PassedMfaAt             *time.Time
	WokenAt                 *time.Time
	UnlockedAt              *time.Time
	TimeoutSeconds          int64
	TimeoutRemainingSeconds int64
}

type PostureCheckMfaValues added in v0.19.158

type PostureCheckMfaValues struct {
	TimedOutSeconds       bool
	PassedMfa             bool
	PassedOnWake          bool
	PassedOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

type PostureCheckOperatingSystem added in v0.16.48

type PostureCheckOperatingSystem struct {
	OperatingSystems []OperatingSystem
}

func (*PostureCheckOperatingSystem) Evaluate added in v0.17.5

func (p *PostureCheckOperatingSystem) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckOperatingSystem) FailureValues added in v0.19.40

func (*PostureCheckOperatingSystem) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckOperatingSystem) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckOperatingSystem) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckOperatingSystem) GetTimeoutSeconds() int64

func (*PostureCheckOperatingSystem) LastUpdatedAt added in v0.21.87

func (p *PostureCheckOperatingSystem) LastUpdatedAt(id string, pd *PostureData) *time.Time

type PostureCheckProcess added in v0.16.48

type PostureCheckProcess struct {
	PostureCheckId string
	OsType         string
	Path           string
	Hashes         []string
	Fingerprint    string
}

func (*PostureCheckProcess) Evaluate added in v0.17.5

func (p *PostureCheckProcess) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcess) FailureValues added in v0.19.40

func (*PostureCheckProcess) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcess) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcess) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcess) GetTimeoutSeconds() int64

func (*PostureCheckProcess) LastUpdatedAt added in v0.21.87

func (p *PostureCheckProcess) LastUpdatedAt(id string, pd *PostureData) *time.Time

type PostureCheckProcessMulti added in v0.19.93

type PostureCheckProcessMulti struct {
	PostureCheckId string
	Semantic       string
	Processes      []*ProcessMulti
}

func (*PostureCheckProcessMulti) Evaluate added in v0.19.93

func (p *PostureCheckProcessMulti) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcessMulti) FailureValues added in v0.19.93

func (*PostureCheckProcessMulti) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcessMulti) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcessMulti) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcessMulti) GetTimeoutSeconds() int64

func (*PostureCheckProcessMulti) LastUpdatedAt added in v0.21.87

func (p *PostureCheckProcessMulti) LastUpdatedAt(id string, pd *PostureData) *time.Time

type PostureCheckSubType added in v0.16.48

type PostureCheckSubType interface {
	Evaluate(apiSessionId string, pd *PostureData) bool
	FailureValues(_ string, pd *PostureData) PostureCheckFailureValues
	GetTimeoutSeconds() int64
	GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

	// LastUpdatedAt returns the last time the posture state changed or nil if not supported.
	LastUpdatedAt(id string, pd *PostureData) *time.Time
	// contains filtered or unexported methods
}

type PostureCheckType added in v0.16.48

type PostureCheckType struct {
	models.BaseEntity
	Name             string
	OperatingSystems []OperatingSystem
}

type PostureCheckTypeHandler added in v0.16.48

type PostureCheckTypeHandler struct {
	// contains filtered or unexported fields
}

func NewPostureCheckTypeHandler added in v0.16.48

func NewPostureCheckTypeHandler(env Env) *PostureCheckTypeHandler

func (*PostureCheckTypeHandler) BaseList added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseList(query string) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BaseLoad added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckTypeHandler) BaseLoadInTx added in v0.16.48

func (handler *PostureCheckTypeHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckTypeHandler) BasePreparedList added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BasePreparedListAssociated added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) BasePreparedListIndexed added in v0.16.48

func (handler *PostureCheckTypeHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*PostureCheckTypeHandler) Create added in v0.16.48

func (handler *PostureCheckTypeHandler) Create(PostureCheckTypeModel *PostureCheckType) (string, error)

func (*PostureCheckTypeHandler) Delete added in v0.16.48

func (handler *PostureCheckTypeHandler) Delete(id string) error

func (*PostureCheckTypeHandler) GetDb added in v0.16.48

func (handler *PostureCheckTypeHandler) GetDb() boltz.Db

func (*PostureCheckTypeHandler) GetEnv added in v0.16.48

func (handler *PostureCheckTypeHandler) GetEnv() Env

func (*PostureCheckTypeHandler) GetStore added in v0.16.48

func (handler *PostureCheckTypeHandler) GetStore() boltz.CrudStore

func (*PostureCheckTypeHandler) Read added in v0.16.48

func (handler *PostureCheckTypeHandler) Read(id string) (*PostureCheckType, error)

func (*PostureCheckTypeHandler) ReadByName added in v0.16.48

func (handler *PostureCheckTypeHandler) ReadByName(name string) (*PostureCheckType, error)

type PostureData added in v0.17.5

type PostureData struct {
	Mac                    PostureResponseMac
	Domain                 PostureResponseDomain
	Os                     PostureResponseOs
	Processes              []*PostureResponseProcess
	ProcessPathMap         map[string]*PostureResponseProcess
	ApiSessions            map[string]*ApiSessionPostureData
	SessionRequestFailures []*PostureSessionRequestFailure
}

func (*PostureData) Copy added in v0.20.24

func (pd *PostureData) Copy() *PostureData

func (*PostureData) Evaluate added in v0.17.5

func (pd *PostureData) Evaluate(apiSessionId string, checks []*PostureCheck) (bool, []*PostureCheckFailure)

type PosturePolicyFailure added in v0.19.40

type PosturePolicyFailure struct {
	PolicyId   string
	PolicyName string
	Checks     []*PostureCheckFailure
}

type PostureResponse added in v0.17.5

type PostureResponse struct {
	PostureCheckId string
	TypeId         string
	TimedOut       bool
	LastUpdatedAt  time.Time
	SubType        PostureResponseSubType
}

func (*PostureResponse) Apply added in v0.17.5

func (pr *PostureResponse) Apply(postureData *PostureData)

type PostureResponseDomain added in v0.17.5

type PostureResponseDomain struct {
	*PostureResponse
	Name string `json:"name"`
}

func (*PostureResponseDomain) Apply added in v0.17.5

func (pr *PostureResponseDomain) Apply(postureData *PostureData)

type PostureResponseEndpointState added in v0.19.158

type PostureResponseEndpointState struct {
	*PostureResponse
	ApiSessionId string
	WokenAt      *time.Time
	UnlockedAt   *time.Time
}

func (*PostureResponseEndpointState) Apply added in v0.19.158

func (pr *PostureResponseEndpointState) Apply(postureData *PostureData)

type PostureResponseHandler added in v0.17.5

type PostureResponseHandler struct {
	// contains filtered or unexported fields
}

func NewPostureResponseHandler added in v0.17.5

func NewPostureResponseHandler(env Env) *PostureResponseHandler

func (*PostureResponseHandler) AddPostureDataListener added in v0.17.5

func (handler *PostureResponseHandler) AddPostureDataListener(cb func(env Env, identityId string))

func (*PostureResponseHandler) Create added in v0.17.5

func (handler *PostureResponseHandler) Create(identityId string, postureResponses []*PostureResponse)

func (*PostureResponseHandler) Evaluate added in v0.17.5

func (handler *PostureResponseHandler) Evaluate(identityId, apiSessionId string, check *PostureCheck) (bool, *PostureCheckFailure)

func (*PostureResponseHandler) GetEndpointStateChangeAffectedServices added in v0.20.35

func (handler *PostureResponseHandler) GetEndpointStateChangeAffectedServices(timeSinceLastMfa, gracePeriod time.Duration, onWake bool, onUnlock bool) []*ServiceWithTimeout

func (*PostureResponseHandler) PostureData added in v0.17.5

func (handler *PostureResponseHandler) PostureData(id string) *PostureData

func (*PostureResponseHandler) SetMfaPosture added in v0.19.46

func (handler *PostureResponseHandler) SetMfaPosture(identityId string, apiSessionId string, isPassed bool)

SetMfaPosture sets the MFA passing status a specific API Session owned by an identity

func (*PostureResponseHandler) SetMfaPostureForIdentity added in v0.19.46

func (handler *PostureResponseHandler) SetMfaPostureForIdentity(identityId string, isPassed bool)

SetMfaPostureForIdentity sets the MFA passing status for all API Sessions associated to an identity

func (*PostureResponseHandler) SetSdkInfo added in v0.19.158

func (handler *PostureResponseHandler) SetSdkInfo(identityId, apiSessionId string, sdkInfo *SdkInfo)

type PostureResponseMac added in v0.17.5

type PostureResponseMac struct {
	*PostureResponse
	Addresses []string `json:"addresses"`
}

func (*PostureResponseMac) Apply added in v0.17.5

func (pr *PostureResponseMac) Apply(postureData *PostureData)

type PostureResponseMfa added in v0.17.52

type PostureResponseMfa struct {
	*PostureResponse
	ApiSessionId string     `json:"-"`
	PassedMfaAt  *time.Time `json:"passedMfaAt"`
}

func (*PostureResponseMfa) Apply added in v0.17.52

func (pr *PostureResponseMfa) Apply(postureData *PostureData)

type PostureResponseOs added in v0.17.5

type PostureResponseOs struct {
	*PostureResponse
	Type    string `json:"type"`
	Version string `json:"version"`
	Build   string `json:"build"`
}

func (*PostureResponseOs) Apply added in v0.17.5

func (pr *PostureResponseOs) Apply(postureData *PostureData)

type PostureResponseProcess added in v0.17.5

type PostureResponseProcess struct {
	*PostureResponse
	Path               string
	IsRunning          bool
	BinaryHash         string
	SignerFingerprints []string
}

func (*PostureResponseProcess) Apply added in v0.17.5

func (pr *PostureResponseProcess) Apply(postureData *PostureData)

func (*PostureResponseProcess) VerifyMultiCriteria added in v0.19.93

func (pr *PostureResponseProcess) VerifyMultiCriteria(process *ProcessMulti) bool

type PostureResponseSubType added in v0.17.5

type PostureResponseSubType interface {
	Apply(postureData *PostureData)
}

type PostureSessionData added in v0.19.158

type PostureSessionData struct {
	MfaTimeout int64
}

type PostureSessionRequestFailure added in v0.19.40

type PostureSessionRequestFailure struct {
	When           time.Time
	ServiceId      string
	ServiceName    string
	SessionType    string
	PolicyFailures []*PosturePolicyFailure
	ApiSessionId   string
}

type ProcessMulti added in v0.19.93

type ProcessMulti struct {
	OsType             string
	Path               string
	Hashes             []string
	SignerFingerprints []string
}

type Schemas

type Schemas interface {
	GetEnrollErPost() *gojsonschema.Schema
	GetEnrollUpdbPost() *gojsonschema.Schema
}

type SdkInfo

type SdkInfo struct {
	AppId      string
	AppVersion string
	Branch     string
	Revision   string
	Type       string
	Version    string
}

type Service

type Service struct {
	models.BaseEntity
	Name               string   `json:"name"`
	TerminatorStrategy string   `json:"terminatorStrategy"`
	RoleAttributes     []string `json:"roleAttributes"`
	Configs            []string `json:"configs"`
	EncryptionRequired bool     `json:"encryptionRequired"`
}

type ServiceConfig

type ServiceConfig struct {
	Service string
	Config  string
}

type ServiceDetail

type ServiceDetail struct {
	models.BaseEntity
	Name               string                            `json:"name"`
	TerminatorStrategy string                            `json:"terminatorStrategy"`
	RoleAttributes     []string                          `json:"roleAttributes"`
	Permissions        []string                          `json:"permissions"`
	Configs            []string                          `json:"configs"`
	Config             map[string]map[string]interface{} `json:"config"`
	EncryptionRequired bool                              `json:"encryptionRequired"`
}

type ServiceEdgeRouterPolicy

type ServiceEdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	ServiceRoles    []string
	EdgeRouterRoles []string
}

type ServiceEdgeRouterPolicyHandler

type ServiceEdgeRouterPolicyHandler struct {
	// contains filtered or unexported fields
}

func NewServiceEdgeRouterPolicyHandler

func NewServiceEdgeRouterPolicyHandler(env Env) *ServiceEdgeRouterPolicyHandler

func (*ServiceEdgeRouterPolicyHandler) BaseList

func (handler *ServiceEdgeRouterPolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BaseLoad

func (handler *ServiceEdgeRouterPolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyHandler) BaseLoadInTx

func (handler *ServiceEdgeRouterPolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedList

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedListAssociated

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) BasePreparedListIndexed

func (handler *ServiceEdgeRouterPolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ServiceEdgeRouterPolicyHandler) Create

func (handler *ServiceEdgeRouterPolicyHandler) Create(edgeRouterPolicy *ServiceEdgeRouterPolicy) (string, error)

func (*ServiceEdgeRouterPolicyHandler) Delete

func (handler *ServiceEdgeRouterPolicyHandler) Delete(id string) error

func (*ServiceEdgeRouterPolicyHandler) GetDb

func (handler *ServiceEdgeRouterPolicyHandler) GetDb() boltz.Db

func (*ServiceEdgeRouterPolicyHandler) GetEnv

func (handler *ServiceEdgeRouterPolicyHandler) GetEnv() Env

func (*ServiceEdgeRouterPolicyHandler) GetStore

func (handler *ServiceEdgeRouterPolicyHandler) GetStore() boltz.CrudStore

func (*ServiceEdgeRouterPolicyHandler) Patch

func (handler *ServiceEdgeRouterPolicyHandler) Patch(edgeRouterPolicy *ServiceEdgeRouterPolicy, checker boltz.FieldChecker) error

func (*ServiceEdgeRouterPolicyHandler) Read

func (*ServiceEdgeRouterPolicyHandler) Update

func (handler *ServiceEdgeRouterPolicyHandler) Update(edgeRouterPolicy *ServiceEdgeRouterPolicy) error

type ServiceEdgeRouterPolicyListResult

type ServiceEdgeRouterPolicyListResult struct {
	ServiceEdgeRouterPolicies []*ServiceEdgeRouterPolicy
	models.QueryMetaData
}

type ServiceListResult

type ServiceListResult struct {
	Services []*ServiceDetail

	models.QueryMetaData
	// contains filtered or unexported fields
}

type ServicePolicy

type ServicePolicy struct {
	models.BaseEntity
	Name              string
	PolicyType        string
	Semantic          string
	IdentityRoles     []string
	ServiceRoles      []string
	PostureCheckRoles []string
}

type ServicePolicyHandler

type ServicePolicyHandler struct {
	// contains filtered or unexported fields
}

func NewServicePolicyHandler

func NewServicePolicyHandler(env Env) *ServicePolicyHandler

func (*ServicePolicyHandler) BaseList

func (handler *ServicePolicyHandler) BaseList(query string) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BaseLoad

func (handler *ServicePolicyHandler) BaseLoad(id string) (models.Entity, error)

func (*ServicePolicyHandler) BaseLoadInTx

func (handler *ServicePolicyHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServicePolicyHandler) BasePreparedList

func (handler *ServicePolicyHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BasePreparedListAssociated

func (handler *ServicePolicyHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) BasePreparedListIndexed

func (handler *ServicePolicyHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*ServicePolicyHandler) Create

func (handler *ServicePolicyHandler) Create(servicePolicy *ServicePolicy) (string, error)

func (*ServicePolicyHandler) Delete

func (handler *ServicePolicyHandler) Delete(id string) error

func (*ServicePolicyHandler) GetDb

func (handler *ServicePolicyHandler) GetDb() boltz.Db

func (*ServicePolicyHandler) GetEnv

func (handler *ServicePolicyHandler) GetEnv() Env

func (*ServicePolicyHandler) GetStore

func (handler *ServicePolicyHandler) GetStore() boltz.CrudStore

func (*ServicePolicyHandler) Patch

func (handler *ServicePolicyHandler) Patch(servicePolicy *ServicePolicy, checker boltz.FieldChecker) error

func (*ServicePolicyHandler) Read

func (handler *ServicePolicyHandler) Read(id string) (*ServicePolicy, error)

func (*ServicePolicyHandler) Update

func (handler *ServicePolicyHandler) Update(servicePolicy *ServicePolicy) error

type ServiceWithTimeout added in v0.20.35

type ServiceWithTimeout struct {
	Service *Service
	Timeout int64
}

type Session

type Session struct {
	models.BaseEntity
	Token           string
	IdentityId      string
	ApiSessionId    string
	ServiceId       string
	Type            string
	SessionCerts    []*SessionCert
	ServicePolicies []string
}

type SessionCert

type SessionCert struct {
	Cert        string
	Fingerprint string
	ValidFrom   time.Time
	ValidTo     time.Time
}

func (*SessionCert) FillFrom

func (entity *SessionCert) FillFrom(_ Handler, _ *bbolt.Tx, boltEntity boltz.Entity) error

type SessionHandler

type SessionHandler struct {
	// contains filtered or unexported fields
}

func NewSessionHandler

func NewSessionHandler(env Env) *SessionHandler

func (*SessionHandler) BaseList

func (handler *SessionHandler) BaseList(query string) (*models.EntityListResult, error)

func (*SessionHandler) BaseLoad

func (handler *SessionHandler) BaseLoad(id string) (models.Entity, error)

func (*SessionHandler) BaseLoadInTx

func (handler *SessionHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*SessionHandler) BasePreparedList

func (handler *SessionHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) BasePreparedListAssociated

func (handler *SessionHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) BasePreparedListIndexed

func (handler *SessionHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*SessionHandler) Create

func (handler *SessionHandler) Create(entity *Session) (string, error)

func (*SessionHandler) Delete

func (handler *SessionHandler) Delete(id string) error

func (*SessionHandler) DeleteForIdentity

func (handler *SessionHandler) DeleteForIdentity(id, identityId string) error

func (*SessionHandler) EvaluatePostureForService added in v0.20.35

func (handler *SessionHandler) EvaluatePostureForService(identityId, apiSessionId, sessionType, serviceId, serviceName string) *SessionPostureResult

func (*SessionHandler) GetDb

func (handler *SessionHandler) GetDb() boltz.Db

func (*SessionHandler) GetEnv

func (handler *SessionHandler) GetEnv() Env

func (*SessionHandler) GetStore

func (handler *SessionHandler) GetStore() boltz.CrudStore

func (*SessionHandler) ListSessionsForEdgeRouter

func (handler *SessionHandler) ListSessionsForEdgeRouter(edgeRouterId string) (*SessionListResult, error)

func (*SessionHandler) PublicQueryForIdentity

func (handler *SessionHandler) PublicQueryForIdentity(sessionIdentity *Identity, query ast.Query) (*SessionListResult, error)

func (*SessionHandler) Query

func (handler *SessionHandler) Query(query string) (*SessionListResult, error)

func (*SessionHandler) Read

func (handler *SessionHandler) Read(id string) (*Session, error)

func (*SessionHandler) ReadByToken added in v0.19.0

func (handler *SessionHandler) ReadByToken(token string) (*Session, error)

func (*SessionHandler) ReadForIdentity

func (handler *SessionHandler) ReadForIdentity(id string, identityId string) (*Session, error)

func (*SessionHandler) ReadSessionCerts

func (handler *SessionHandler) ReadSessionCerts(sessionId string) ([]*SessionCert, error)

type SessionListResult

type SessionListResult struct {
	Sessions []*Session
	models.QueryMetaData
	// contains filtered or unexported fields
}

type SessionPostureResult added in v0.20.35

type SessionPostureResult struct {
	Passed           bool
	Failure          *PostureSessionRequestFailure
	PassingPolicyIds []string
	Cause            *fabricApiError.GenericCauseError
}

type TestContext

type TestContext struct {
	*persistence.TestContext
	// contains filtered or unexported fields
}

func NewTestContext added in v0.20.36

func NewTestContext(t *testing.T) *TestContext

func (*TestContext) Cleanup

func (ctx *TestContext) Cleanup()

func (*TestContext) Generate

func (ctx *TestContext) Generate(string, string, jwt.MapClaims) (string, error)

func (*TestContext) GetApiClientCsrSigner

func (ctx *TestContext) GetApiClientCsrSigner() cert.Signer

func (*TestContext) GetApiServerCsrSigner

func (ctx *TestContext) GetApiServerCsrSigner() cert.Signer

func (*TestContext) GetAuthRegistry

func (ctx *TestContext) GetAuthRegistry() AuthRegistry

func (*TestContext) GetConfig

func (ctx *TestContext) GetConfig() *config.Config

func (*TestContext) GetControlClientCsrSigner

func (ctx *TestContext) GetControlClientCsrSigner() cert.Signer

func (*TestContext) GetEnrollRegistry

func (ctx *TestContext) GetEnrollRegistry() EnrollmentRegistry

func (*TestContext) GetFingerprintGenerator added in v0.17.30

func (ctx *TestContext) GetFingerprintGenerator() cert.FingerprintGenerator

func (*TestContext) GetHandlers

func (ctx *TestContext) GetHandlers() *Handlers

func (*TestContext) GetHostController

func (ctx *TestContext) GetHostController() HostController

func (*TestContext) GetJwtSigner added in v0.19.109

func (ctx *TestContext) GetJwtSigner() jwtsigner.Signer

func (*TestContext) GetMetricsRegistry added in v0.16.0

func (ctx *TestContext) GetMetricsRegistry() metrics.Registry

func (*TestContext) GetSchemas

func (ctx *TestContext) GetSchemas() Schemas

func (*TestContext) HandleServiceUpdatedEventForIdentityId added in v0.19.46

func (ctx *TestContext) HandleServiceUpdatedEventForIdentityId(identityId string)

func (*TestContext) Init

func (ctx *TestContext) Init()

func (*TestContext) InitWithDbFile added in v0.20.110

func (ctx *TestContext) InitWithDbFile(dbPath string)

func (*TestContext) IsEdgeRouterOnline

func (ctx *TestContext) IsEdgeRouterOnline(string) bool

type TransitRouter

type TransitRouter struct {
	models.BaseEntity
	Name                  string
	Fingerprint           *string
	IsVerified            bool
	IsBase                bool
	UnverifiedFingerprint *string
	UnverifiedCertPem     *string
}

type TransitRouterHandler

type TransitRouterHandler struct {
	// contains filtered or unexported fields
}

func NewTransitRouterHandler

func NewTransitRouterHandler(env Env) *TransitRouterHandler

func (*TransitRouterHandler) BaseList

func (handler *TransitRouterHandler) BaseList(query string) (*models.EntityListResult, error)

func (*TransitRouterHandler) BaseLoad

func (handler *TransitRouterHandler) BaseLoad(id string) (models.Entity, error)

func (*TransitRouterHandler) BaseLoadInTx

func (handler *TransitRouterHandler) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*TransitRouterHandler) BasePreparedList

func (handler *TransitRouterHandler) BasePreparedList(query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) BasePreparedListAssociated

func (handler *TransitRouterHandler) BasePreparedListAssociated(id string, typeLoader models.EntityRetriever, query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) BasePreparedListIndexed

func (handler *TransitRouterHandler) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult, error)

func (*TransitRouterHandler) CollectEnrollments

func (handler *TransitRouterHandler) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*TransitRouterHandler) Create

func (handler *TransitRouterHandler) Create(entity *TransitRouter) (string, error)

func (*TransitRouterHandler) CreateWithEnrollment

func (handler *TransitRouterHandler) CreateWithEnrollment(txRouter *TransitRouter, enrollment *Enrollment) (string, string, error)

func (*TransitRouterHandler) Delete

func (handler *TransitRouterHandler) Delete(id string) error

func (*TransitRouterHandler) ExtendEnrollment added in v0.19.81

func (handler *TransitRouterHandler) ExtendEnrollment(router *TransitRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*TransitRouterHandler) ExtendEnrollmentVerify added in v0.21.20

func (handler *TransitRouterHandler) ExtendEnrollmentVerify(router *TransitRouter) error

func (*TransitRouterHandler) ExtendEnrollmentWithVerify added in v0.21.20

func (handler *TransitRouterHandler) ExtendEnrollmentWithVerify(router *TransitRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*TransitRouterHandler) GetDb

func (handler *TransitRouterHandler) GetDb() boltz.Db

func (*TransitRouterHandler) GetEnv

func (handler *TransitRouterHandler) GetEnv() Env

func (*TransitRouterHandler) GetStore

func (handler *TransitRouterHandler) GetStore() boltz.CrudStore

func (*TransitRouterHandler) Patch

func (handler *TransitRouterHandler) Patch(entity *TransitRouter, checker boltz.FieldChecker, allowAllFields bool) error

func (*TransitRouterHandler) Read

func (handler *TransitRouterHandler) Read(id string) (*TransitRouter, error)

func (*TransitRouterHandler) ReadOneByFingerprint added in v0.19.81

func (handler *TransitRouterHandler) ReadOneByFingerprint(fingerprint string) (*TransitRouter, error)

func (*TransitRouterHandler) ReadOneByQuery

func (handler *TransitRouterHandler) ReadOneByQuery(query string) (*TransitRouter, error)

func (*TransitRouterHandler) ReadOneByUnverifiedFingerprint added in v0.21.20

func (handler *TransitRouterHandler) ReadOneByUnverifiedFingerprint(fingerprint string) (*TransitRouter, error)

func (*TransitRouterHandler) Update

func (handler *TransitRouterHandler) Update(entity *TransitRouter, allowAllFields bool) error

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL