model

package
v0.24.143 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 27, 2023 License: Apache-2.0 Imports: 67 Imported by: 1

Documentation

Overview

Copyright NetFoundry Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	ClientCertHeader       = "X-Client-CertPem"
	EdgeRouterProxyRequest = "X-Edge-Router-Proxy-Request"
)
View Source
const (
	AuthMethodExtJwt    = "ext-jwt"
	ExtJwtInternalClaim = "-internal-ext-jwt"
)
View Source
const (
	FormatSentinelStart       = "["
	FormatSentinelEnd         = "]"
	FormatSymbolCaName        = "caName"
	FormatSymbolCaId          = "caId"
	FormatSymbolCommonName    = "commonName"
	FormatSymbolRequestedName = "requestedName"
	FormatSymbolIdentityId    = "identityId"

	// DefaultCaIdentityNameFormat = "[caName] - [commonName]"
	DefaultCaIdentityNameFormat = FormatSentinelStart + FormatSymbolCaName + FormatSentinelEnd + "-" + FormatSentinelStart + FormatSymbolCommonName + FormatSentinelEnd
)
View Source
const (
	EdgeRouterEnrollmentCommonNameInvalidCode    = "EDGE_ROUTER_ENROLL_COMMON_NAME_INVALID"
	EdgeRouterEnrollmentCommonNameInvalidMessage = "The edge router CSR enrollment must have a common name that matches the edge router's id"
	MethodEnrollEdgeRouterOtt                    = "erott"
)
View Source
const (
	TotpMinLength = 4
	TotpMaxLength = 6
)
View Source
const (
	PostureCheckTypeOs           = "OS"
	PostureCheckTypeDomain       = "DOMAIN"
	PostureCheckTypeProcess      = "PROCESS"
	PostureCheckTypeProcessMulti = "PROCESS_MULTI"
	PostureCheckTypeMAC          = "MAC"
	PostureCheckTypeMFA          = "MFA"
)
View Source
const (
	ConfigTypeAll = "all"
)
View Source
const (
	EventIdentityPostureDataAltered = "EventIdentityPostureDataAltered"
)
View Source
const (
	IdentityActiveIntervalSeconds = 60
)
View Source
const (
	IdentityTypeUser = "User"
)
View Source
const MaxPostureFailures = 100
View Source
const (
	MethodEnrollTransitRouterOtt = "trott"
)
View Source
const MfaPromptGracePeriod = -5 * time.Minute //5m
View Source
const (
	MfaProviderZiti string = "ziti"
)
View Source
const (
	PostureCheckNoTimeout = int64(-1)
)
View Source
const (
	WindowSizeTOTP int = 5
)
View Source
const ZitiSdkTypeC = "ziti-sdk-c"

Variables

This section is empty.

Functions

func CleanHexString added in v0.17.5

func CleanHexString(hexString string) string

func NewFieldChecker

func NewFieldChecker(fields ...string) boltz.FieldChecker

func RegisterCommand added in v0.21.235

func RegisterCommand[MT any, CT any, M network.CommandMsg[MT], C decodableCommand[CT, M]](env Env, _ C, _ M)

RegisterCommand register a decoder for the given command and message pair MT is the message type (ex: cmd_pb.CreateServiceCommand) CT is the command type (ex: CreateServiceCommand) M is the CommandMsg/command.TypedMessage implementation (ex: *cmd_pb.CreateServiceCommand) C is the decodableCommand/command.Command implementation (ex: *CreateServiceCommand)

We only have both types specified so that we can enforce that each is a pointer type. If didn't enforce that the instances were pointer types, we couldn't use new to instantiate new instances.

Types

type AdvisorEdgeRouter

type AdvisorEdgeRouter struct {
	Router   *EdgeRouter
	IsOnline bool
}
type AdvisorIdentityEdgeRouterLinks struct {
	Identity   *Identity
	EdgeRouter *EdgeRouter
	Policies   []*EdgeRouterPolicy
}
type AdvisorIdentityServiceLinks struct {
	Identity *Identity
	Service  *Service
	Policies []*ServicePolicy
}
type AdvisorServiceEdgeRouterLinks struct {
	Service    *Service
	EdgeRouter *EdgeRouter
	Policies   []*ServiceEdgeRouterPolicy
}

type AdvisorServiceReachability

type AdvisorServiceReachability struct {
	Identity            *Identity
	Service             *Service
	IsBindAllowed       bool
	IsDialAllowed       bool
	IdentityRouterCount int
	ServiceRouterCount  int
	CommonRouters       []*AdvisorEdgeRouter
}

type AndFieldChecker

type AndFieldChecker struct {
	// contains filtered or unexported fields
}

func (*AndFieldChecker) IsUpdated

func (checker *AndFieldChecker) IsUpdated(field string) bool

type ApiSession

type ApiSession struct {
	models.BaseEntity
	Token              string
	IdentityId         string
	Identity           *Identity
	IPAddress          string
	ConfigTypes        map[string]struct{}
	MfaComplete        bool
	MfaRequired        bool
	ExpiresAt          time.Time
	ExpirationDuration time.Duration
	LastActivityAt     time.Time
	AuthenticatorId    string
}

type ApiSessionCertificate added in v0.17.30

type ApiSessionCertificate struct {
	models.BaseEntity
	ApiSession   *ApiSession
	ApiSessionId string
	Subject      string
	Fingerprint  string
	ValidAfter   *time.Time
	ValidBefore  *time.Time
	PEM          string
}

func NewApiSessionCertificate added in v0.24.35

func NewApiSessionCertificate(cert *x509.Certificate) *ApiSessionCertificate

type ApiSessionCertificateListResult added in v0.17.30

type ApiSessionCertificateListResult struct {
	ApiSessionCertificates []*ApiSessionCertificate
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionCertificateManager added in v0.22.46

type ApiSessionCertificateManager struct {
	// contains filtered or unexported fields
}

func NewApiSessionCertificateManager added in v0.22.46

func NewApiSessionCertificateManager(env Env) *ApiSessionCertificateManager

func (*ApiSessionCertificateManager) ApplyDelete added in v0.22.46

func (self *ApiSessionCertificateManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ApiSessionCertificateManager) BaseList added in v0.22.46

func (self *ApiSessionCertificateManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionCertificateManager) BaseLoad added in v0.22.46

func (self *ApiSessionCertificateManager) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionCertificateManager) BaseLoadInTx added in v0.22.46

func (self *ApiSessionCertificateManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionCertificateManager) BasePreparedList added in v0.22.46

func (self *ApiSessionCertificateManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionCertificateManager) BasePreparedListIndexed added in v0.22.46

func (self *ApiSessionCertificateManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionCertificateManager) Create added in v0.22.46

func (*ApiSessionCertificateManager) CreateFromCSR added in v0.22.46

func (self *ApiSessionCertificateManager) CreateFromCSR(apiSessionId string, lifespan time.Duration, csrPem []byte) (string, error)

func (*ApiSessionCertificateManager) Delete added in v0.22.46

func (self *ApiSessionCertificateManager) Delete(id string) error

func (*ApiSessionCertificateManager) Dispatch added in v0.22.46

func (self *ApiSessionCertificateManager) Dispatch(command command.Command) error

func (*ApiSessionCertificateManager) GetDb added in v0.22.46

func (self *ApiSessionCertificateManager) GetDb() boltz.Db

func (*ApiSessionCertificateManager) GetEntityTypeId added in v0.22.46

func (self *ApiSessionCertificateManager) GetEntityTypeId() string

func (*ApiSessionCertificateManager) GetEnv added in v0.22.46

func (self *ApiSessionCertificateManager) GetEnv() Env

func (*ApiSessionCertificateManager) GetStore added in v0.22.46

func (self *ApiSessionCertificateManager) GetStore() boltz.CrudStore

func (*ApiSessionCertificateManager) IsUpdated added in v0.22.46

func (self *ApiSessionCertificateManager) IsUpdated(_ string) bool

func (*ApiSessionCertificateManager) ListWithHandler added in v0.22.46

func (self *ApiSessionCertificateManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ApiSessionCertificateManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *ApiSessionCertificateManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ApiSessionCertificateManager) PreparedListWithHandler added in v0.22.46

func (self *ApiSessionCertificateManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ApiSessionCertificateManager) Query added in v0.22.46

func (*ApiSessionCertificateManager) Read added in v0.22.46

func (*ApiSessionCertificateManager) ReadByApiSessionId added in v0.22.46

func (self *ApiSessionCertificateManager) ReadByApiSessionId(tx *bbolt.Tx, apiSessionId string) ([]*ApiSessionCertificate, error)

type ApiSessionListResult

type ApiSessionListResult struct {
	ApiSessions []*ApiSession
	models.QueryMetaData
	// contains filtered or unexported fields
}

type ApiSessionManager added in v0.22.46

type ApiSessionManager struct {
	HeartbeatCollector *HeartbeatCollector
	// contains filtered or unexported fields
}

func NewApiSessionManager added in v0.22.46

func NewApiSessionManager(env Env) *ApiSessionManager

func (*ApiSessionManager) ApplyDelete added in v0.22.46

func (self *ApiSessionManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ApiSessionManager) BaseList added in v0.22.46

func (self *ApiSessionManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionManager) BaseLoad added in v0.22.46

func (self *ApiSessionManager) BaseLoad(id string) (models.Entity, error)

func (*ApiSessionManager) BaseLoadInTx added in v0.22.46

func (self *ApiSessionManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ApiSessionManager) BasePreparedList added in v0.22.46

func (self *ApiSessionManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionManager) BasePreparedListIndexed added in v0.22.46

func (self *ApiSessionManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ApiSessionManager) Create added in v0.22.46

func (self *ApiSessionManager) Create(entity *ApiSession, sessionCerts []*ApiSessionCertificate) (string, error)

func (*ApiSessionManager) Delete added in v0.22.46

func (self *ApiSessionManager) Delete(id string) error

func (*ApiSessionManager) DeleteBatch added in v0.22.46

func (self *ApiSessionManager) DeleteBatch(id []string) error

func (*ApiSessionManager) DeleteByIdentityId added in v0.22.46

func (self *ApiSessionManager) DeleteByIdentityId(identityId string) error

func (*ApiSessionManager) Dispatch added in v0.22.46

func (self *ApiSessionManager) Dispatch(command command.Command) error

func (*ApiSessionManager) GetDb added in v0.22.46

func (self *ApiSessionManager) GetDb() boltz.Db

func (*ApiSessionManager) GetEntityTypeId added in v0.22.46

func (self *ApiSessionManager) GetEntityTypeId() string

func (*ApiSessionManager) GetEnv added in v0.22.46

func (self *ApiSessionManager) GetEnv() Env

func (*ApiSessionManager) GetStore added in v0.22.46

func (self *ApiSessionManager) GetStore() boltz.CrudStore

func (*ApiSessionManager) IsUpdated added in v0.22.46

func (self *ApiSessionManager) IsUpdated(_ string) bool

func (*ApiSessionManager) ListWithHandler added in v0.22.46

func (self *ApiSessionManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ApiSessionManager) MarkActivityById added in v0.22.46

func (self *ApiSessionManager) MarkActivityById(apiSessionId string)

func (*ApiSessionManager) MarkActivityByTokens added in v0.22.46

func (self *ApiSessionManager) MarkActivityByTokens(tokens ...string) ([]string, error)

MarkActivityByTokens returns tokens that were not found if any and/or an error.

func (*ApiSessionManager) MfaCompleted added in v0.22.46

func (self *ApiSessionManager) MfaCompleted(apiSession *ApiSession) error

func (*ApiSessionManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *ApiSessionManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ApiSessionManager) PreparedListWithHandler added in v0.22.46

func (self *ApiSessionManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ApiSessionManager) Query added in v0.22.46

func (self *ApiSessionManager) Query(query string) (*ApiSessionListResult, error)

func (*ApiSessionManager) Read added in v0.22.46

func (self *ApiSessionManager) Read(id string) (*ApiSession, error)

func (*ApiSessionManager) ReadByToken added in v0.22.46

func (self *ApiSessionManager) ReadByToken(token string) (*ApiSession, error)

func (*ApiSessionManager) Stream added in v0.22.46

func (self *ApiSessionManager) Stream(query string, collect func(*ApiSession, error) error) error

func (*ApiSessionManager) StreamIds added in v0.22.46

func (self *ApiSessionManager) StreamIds(query string, collect func(string, error) error) error

func (*ApiSessionManager) Update added in v0.22.46

func (self *ApiSessionManager) Update(apiSession *ApiSession) error

func (*ApiSessionManager) UpdateWithFieldChecker added in v0.22.46

func (self *ApiSessionManager) UpdateWithFieldChecker(apiSession *ApiSession, fieldChecker boltz.FieldChecker) error

func (*ApiSessionManager) VisitFingerprintsForApiSession added in v0.22.46

func (self *ApiSessionManager) VisitFingerprintsForApiSession(tx *bbolt.Tx, identityId, apiSessionId string, visitor func(fingerprint string) bool) error

func (*ApiSessionManager) VisitFingerprintsForApiSessionId added in v0.22.46

func (self *ApiSessionManager) VisitFingerprintsForApiSessionId(apiSessionId string, visitor func(fingerprint string) bool) error

type ApiSessionPostureData added in v0.17.52

type ApiSessionPostureData struct {
	Mfa           *PostureResponseMfa           `json:"mfa"`
	EndpointState *PostureResponseEndpointState `json:"endpointState"`
	SdkInfo       *SdkInfo
}

func (*ApiSessionPostureData) GetPassedMfaAt added in v0.20.47

func (self *ApiSessionPostureData) GetPassedMfaAt() *time.Time

type AuthContext

type AuthContext interface {
	GetMethod() string
	GetData() map[string]interface{}
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
}

func NewAuthContextHttp added in v0.14.35

func NewAuthContextHttp(request *http.Request, method string, data interface{}) AuthContext

type AuthContextHttp

type AuthContextHttp struct {
	Method  string
	Data    map[string]interface{}
	Certs   []*x509.Certificate
	Headers map[string]interface{}
}

func (*AuthContextHttp) GetCerts

func (context *AuthContextHttp) GetCerts() []*x509.Certificate

func (*AuthContextHttp) GetData

func (context *AuthContextHttp) GetData() map[string]interface{}

func (*AuthContextHttp) GetHeaders

func (context *AuthContextHttp) GetHeaders() map[string]interface{}

func (*AuthContextHttp) GetMethod

func (context *AuthContextHttp) GetMethod() string

type AuthModuleCert

type AuthModuleCert struct {
	// contains filtered or unexported fields
}

func NewAuthModuleCert

func NewAuthModuleCert(env Env, caChain []byte) *AuthModuleCert

func (*AuthModuleCert) CanHandle

func (module *AuthModuleCert) CanHandle(method string) bool

func (*AuthModuleCert) Process

func (module *AuthModuleCert) Process(context AuthContext) (AuthResult, error)

Process will inspect the provided AuthContext and attempt to verify the client certificates provided during a TLS handshake. Authentication via client certificates follows these steps:

1) obtain client certificates 2) verify client certificates against known CAs 3) link a CA certificate back to a model.Ca if possible 4) obtain the target identity by authenticator (cert fingerprint) or by external id (claims stuffed into a x509.Certificate resolved by model.Ca) 5) verify identity status (disabled) 6) obtain the target identity's auth policy 7) verify according to auth policy

type AuthModuleExtJwt added in v0.21.148

type AuthModuleExtJwt struct {
	// contains filtered or unexported fields
}

func NewAuthModuleExtJwt added in v0.21.148

func NewAuthModuleExtJwt(env Env) *AuthModuleExtJwt

func (*AuthModuleExtJwt) CanHandle added in v0.21.148

func (a *AuthModuleExtJwt) CanHandle(method string) bool

func (*AuthModuleExtJwt) Process added in v0.21.148

func (a *AuthModuleExtJwt) Process(context AuthContext) (AuthResult, error)

func (*AuthModuleExtJwt) ProcessSecondary added in v0.21.160

func (a *AuthModuleExtJwt) ProcessSecondary(context AuthContext) (AuthResult, error)

type AuthModuleUpdb

type AuthModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewAuthModuleUpdb

func NewAuthModuleUpdb(env Env) *AuthModuleUpdb

func (*AuthModuleUpdb) CanHandle

func (module *AuthModuleUpdb) CanHandle(method string) bool

func (*AuthModuleUpdb) Process

func (module *AuthModuleUpdb) Process(context AuthContext) (AuthResult, error)

type AuthPolicy added in v0.21.153

type AuthPolicy struct {
	models.BaseEntity
	Name      string
	Primary   AuthPolicyPrimary
	Secondary AuthPolicySecondary
}

type AuthPolicyCert added in v0.21.153

type AuthPolicyCert struct {
	Allowed           bool
	AllowExpiredCerts bool
}

type AuthPolicyExtJwt added in v0.21.153

type AuthPolicyExtJwt struct {
	Allowed              bool
	AllowAllSigners      bool
	AllowedExtJwtSigners []string
}

type AuthPolicyManager added in v0.22.39

type AuthPolicyManager struct {
	// contains filtered or unexported fields
}

func NewAuthPolicyManager added in v0.22.39

func NewAuthPolicyManager(env Env) *AuthPolicyManager

func (*AuthPolicyManager) ApplyCreate added in v0.22.39

func (self *AuthPolicyManager) ApplyCreate(cmd *command.CreateEntityCommand[*AuthPolicy]) error

func (*AuthPolicyManager) ApplyDelete added in v0.22.39

func (self *AuthPolicyManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*AuthPolicyManager) ApplyUpdate added in v0.22.39

func (self *AuthPolicyManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*AuthPolicy]) error

func (*AuthPolicyManager) BaseList added in v0.22.39

func (self *AuthPolicyManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*AuthPolicyManager) BaseLoad added in v0.22.39

func (self *AuthPolicyManager) BaseLoad(id string) (models.Entity, error)

func (*AuthPolicyManager) BaseLoadInTx added in v0.22.39

func (self *AuthPolicyManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*AuthPolicyManager) BasePreparedList added in v0.22.39

func (self *AuthPolicyManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*AuthPolicyManager) BasePreparedListIndexed added in v0.22.39

func (self *AuthPolicyManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*AuthPolicyManager) Create added in v0.22.39

func (self *AuthPolicyManager) Create(entity *AuthPolicy) error

func (*AuthPolicyManager) Delete added in v0.22.39

func (self *AuthPolicyManager) Delete(id string) error

func (*AuthPolicyManager) Dispatch added in v0.22.39

func (self *AuthPolicyManager) Dispatch(command command.Command) error

func (*AuthPolicyManager) GetDb added in v0.22.39

func (self *AuthPolicyManager) GetDb() boltz.Db

func (*AuthPolicyManager) GetEntityTypeId added in v0.22.39

func (self *AuthPolicyManager) GetEntityTypeId() string

func (*AuthPolicyManager) GetEnv added in v0.22.39

func (self *AuthPolicyManager) GetEnv() Env

func (*AuthPolicyManager) GetStore added in v0.22.39

func (self *AuthPolicyManager) GetStore() boltz.CrudStore

func (*AuthPolicyManager) ListWithHandler added in v0.22.41

func (self *AuthPolicyManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*AuthPolicyManager) Marshall added in v0.22.39

func (self *AuthPolicyManager) Marshall(entity *AuthPolicy) ([]byte, error)

func (*AuthPolicyManager) PreparedListAssociatedWithHandler added in v0.22.41

func (self *AuthPolicyManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*AuthPolicyManager) PreparedListWithHandler added in v0.22.41

func (self *AuthPolicyManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*AuthPolicyManager) Read added in v0.22.39

func (self *AuthPolicyManager) Read(id string) (*AuthPolicy, error)

func (*AuthPolicyManager) Unmarshall added in v0.22.39

func (self *AuthPolicyManager) Unmarshall(bytes []byte) (*AuthPolicy, error)

func (*AuthPolicyManager) Update added in v0.22.39

func (self *AuthPolicyManager) Update(entity *AuthPolicy, checker fields.UpdatedFields) error

type AuthPolicyPrimary added in v0.21.153

type AuthPolicyPrimary struct {
	Cert   AuthPolicyCert
	Updb   AuthPolicyUpdb
	ExtJwt AuthPolicyExtJwt
}

type AuthPolicySecondary added in v0.21.153

type AuthPolicySecondary struct {
	RequireTotp          bool
	RequiredExtJwtSigner *string
}

type AuthPolicyUpdb added in v0.21.153

type AuthPolicyUpdb struct {
	Allowed                bool
	MinPasswordLength      int64
	RequireSpecialChar     bool
	RequireNumberChar      bool
	RequireMixedCase       bool
	MaxAttempts            int64
	LockoutDurationMinutes int64
}

type AuthProcessor

type AuthProcessor interface {
	CanHandle(method string) bool
	Process(context AuthContext) (AuthResult, error)
}

type AuthProcessorRegistryImpl

type AuthProcessorRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*AuthProcessorRegistryImpl) Add

func (registry *AuthProcessorRegistryImpl) Add(processor AuthProcessor)

func (*AuthProcessorRegistryImpl) GetByMethod

func (registry *AuthProcessorRegistryImpl) GetByMethod(method string) AuthProcessor

type AuthRegistry

type AuthRegistry interface {
	Add(method AuthProcessor)
	GetByMethod(method string) AuthProcessor
}

type AuthResult added in v0.21.221

type AuthResult interface {
	IdentityId() string
	ExternalId() string
	AuthenticatorId() string
	SessionCerts() []*x509.Certificate
	Identity() *Identity
	Authenticator() *Authenticator
	AuthPolicy() *AuthPolicy
	AuthPolicyId() string
	IsSuccessful() bool
}

type AuthResultBase added in v0.21.221

type AuthResultBase struct {
	// contains filtered or unexported fields
}

func (*AuthResultBase) AuthPolicy added in v0.21.221

func (a *AuthResultBase) AuthPolicy() *AuthPolicy

func (*AuthResultBase) AuthPolicyId added in v0.21.221

func (a *AuthResultBase) AuthPolicyId() string

func (*AuthResultBase) Authenticator added in v0.21.221

func (a *AuthResultBase) Authenticator() *Authenticator

func (*AuthResultBase) AuthenticatorId added in v0.21.221

func (a *AuthResultBase) AuthenticatorId() string

func (*AuthResultBase) ExternalId added in v0.21.221

func (a *AuthResultBase) ExternalId() string

func (*AuthResultBase) Identity added in v0.21.221

func (a *AuthResultBase) Identity() *Identity

func (*AuthResultBase) IdentityId added in v0.21.221

func (a *AuthResultBase) IdentityId() string

func (*AuthResultBase) IsSuccessful added in v0.21.221

func (a *AuthResultBase) IsSuccessful() bool

func (*AuthResultBase) SessionCerts added in v0.21.221

func (a *AuthResultBase) SessionCerts() []*x509.Certificate

type AuthResultJwt added in v0.21.221

type AuthResultJwt struct {
	AuthResultBase
	// contains filtered or unexported fields
}

func (*AuthResultJwt) AuthenticatorId added in v0.24.37

func (a *AuthResultJwt) AuthenticatorId() string

func (*AuthResultJwt) IsSuccessful added in v0.21.221

func (a *AuthResultJwt) IsSuccessful() bool

type Authenticator

type Authenticator struct {
	models.BaseEntity
	Method     string
	IdentityId string
	SubType    interface{}
}

func (*Authenticator) Fingerprints

func (entity *Authenticator) Fingerprints() []string

func (*Authenticator) ToCert

func (entity *Authenticator) ToCert() *AuthenticatorCert

func (*Authenticator) ToUpdb

func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb

type AuthenticatorCert

type AuthenticatorCert struct {
	*Authenticator
	Fingerprint string
	Pem         string

	UnverifiedFingerprint string
	UnverifiedPem         string
}

type AuthenticatorListQueryResult

type AuthenticatorListQueryResult struct {
	*models.EntityListResult[models.Entity]
	Authenticators []*Authenticator
}

type AuthenticatorManager added in v0.22.46

type AuthenticatorManager struct {
	// contains filtered or unexported fields
}

func NewAuthenticatorManager added in v0.22.46

func NewAuthenticatorManager(env Env) *AuthenticatorManager

func (*AuthenticatorManager) ApplyCreate added in v0.22.52

func (*AuthenticatorManager) ApplyDelete added in v0.22.46

func (self *AuthenticatorManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*AuthenticatorManager) ApplyUpdate added in v0.22.52

func (*AuthenticatorManager) AuthenticatorToProtobuf added in v0.22.53

func (self *AuthenticatorManager) AuthenticatorToProtobuf(entity *Authenticator) (*edge_cmd_pb.Authenticator, error)

func (*AuthenticatorManager) Authorize added in v0.22.46

func (self *AuthenticatorManager) Authorize(authContext AuthContext) (AuthResult, error)

func (*AuthenticatorManager) BaseList added in v0.22.46

func (self *AuthenticatorManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*AuthenticatorManager) BaseLoad added in v0.22.46

func (self *AuthenticatorManager) BaseLoad(id string) (models.Entity, error)

func (*AuthenticatorManager) BaseLoadInTx added in v0.22.46

func (self *AuthenticatorManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*AuthenticatorManager) BasePreparedList added in v0.22.46

func (self *AuthenticatorManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*AuthenticatorManager) BasePreparedListIndexed added in v0.22.46

func (self *AuthenticatorManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*AuthenticatorManager) Create added in v0.22.46

func (self *AuthenticatorManager) Create(entity *Authenticator) error

func (*AuthenticatorManager) Delete added in v0.22.46

func (self *AuthenticatorManager) Delete(id string) error

func (*AuthenticatorManager) Dispatch added in v0.22.46

func (self *AuthenticatorManager) Dispatch(command command.Command) error

func (*AuthenticatorManager) ExtendCertForIdentity added in v0.22.46

func (self *AuthenticatorManager) ExtendCertForIdentity(identityId string, authenticatorId string, peerCerts []*x509.Certificate, csrPem string) ([]byte, error)

func (*AuthenticatorManager) GetDb added in v0.22.46

func (self *AuthenticatorManager) GetDb() boltz.Db

func (*AuthenticatorManager) GetEntityTypeId added in v0.22.46

func (self *AuthenticatorManager) GetEntityTypeId() string

func (*AuthenticatorManager) GetEnv added in v0.22.46

func (self *AuthenticatorManager) GetEnv() Env

func (*AuthenticatorManager) GetStore added in v0.22.46

func (self *AuthenticatorManager) GetStore() boltz.CrudStore

func (*AuthenticatorManager) HashPassword added in v0.22.46

func (self *AuthenticatorManager) HashPassword(password string) *HashedPassword

func (*AuthenticatorManager) IsUpdated added in v0.22.46

func (self *AuthenticatorManager) IsUpdated(field string) bool

func (*AuthenticatorManager) ListForIdentity added in v0.22.46

func (self *AuthenticatorManager) ListForIdentity(identityId string, query ast.Query) (*AuthenticatorListQueryResult, error)

func (*AuthenticatorManager) ListWithHandler added in v0.22.46

func (self *AuthenticatorManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*AuthenticatorManager) Marshall added in v0.22.52

func (self *AuthenticatorManager) Marshall(entity *Authenticator) ([]byte, error)

func (*AuthenticatorManager) PatchSelf added in v0.22.46

func (self *AuthenticatorManager) PatchSelf(authenticatorSelf *AuthenticatorSelf, checker fields.UpdatedFields) error

func (*AuthenticatorManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *AuthenticatorManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*AuthenticatorManager) PreparedListWithHandler added in v0.22.46

func (self *AuthenticatorManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*AuthenticatorManager) ProtobufToAuthenticator added in v0.22.53

func (self *AuthenticatorManager) ProtobufToAuthenticator(msg *edge_cmd_pb.Authenticator) (*Authenticator, error)

func (*AuthenticatorManager) ReEnroll added in v0.22.46

func (self *AuthenticatorManager) ReEnroll(id string, expiresAt time.Time) (string, error)

ReEnroll converts the given authenticator `id` back to an enrollment of the same type with the same constraints that expires at the time specified by `expiresAt`. The result is a string id of the new enrollment or an error.

func (*AuthenticatorManager) ReHashPassword added in v0.22.46

func (self *AuthenticatorManager) ReHashPassword(password string, salt []byte) *HashedPassword

func (*AuthenticatorManager) Read added in v0.22.46

func (self *AuthenticatorManager) Read(id string) (*Authenticator, error)

func (*AuthenticatorManager) ReadByFingerprint added in v0.22.46

func (self *AuthenticatorManager) ReadByFingerprint(fingerprint string) (*Authenticator, error)

func (*AuthenticatorManager) ReadByUsername added in v0.22.46

func (self *AuthenticatorManager) ReadByUsername(username string) (*Authenticator, error)

func (*AuthenticatorManager) ReadFingerprints added in v0.22.46

func (self *AuthenticatorManager) ReadFingerprints(authenticatorId string) ([]string, error)

func (*AuthenticatorManager) ReadForIdentity added in v0.22.46

func (self *AuthenticatorManager) ReadForIdentity(identityId string, authenticatorId string) (*Authenticator, error)

func (*AuthenticatorManager) Unmarshall added in v0.22.52

func (self *AuthenticatorManager) Unmarshall(bytes []byte) (*Authenticator, error)

func (*AuthenticatorManager) Update added in v0.22.46

func (self *AuthenticatorManager) Update(entity *Authenticator, unrestricted bool, checker fields.UpdatedFields) error

func (*AuthenticatorManager) UpdateSelf added in v0.22.46

func (self *AuthenticatorManager) UpdateSelf(authenticatorSelf *AuthenticatorSelf) error

func (*AuthenticatorManager) VerifyExtendCertForIdentity added in v0.22.46

func (self *AuthenticatorManager) VerifyExtendCertForIdentity(identityId, authenticatorId string, verifyCertPem string) error

type AuthenticatorSelf

type AuthenticatorSelf struct {
	models.BaseEntity
	CurrentPassword string
	NewPassword     string
	IdentityId      string
	Username        string
}

type AuthenticatorUpdb

type AuthenticatorUpdb struct {
	*Authenticator
	Username string
	Password string
	Salt     string
}

func (*AuthenticatorUpdb) DecodedSalt

func (au *AuthenticatorUpdb) DecodedSalt() []byte

type Ca

type Ca struct {
	models.BaseEntity
	Name                      string
	Fingerprint               string
	CertPem                   string
	IsVerified                bool
	VerificationToken         string
	IsAutoCaEnrollmentEnabled bool
	IsOttCaEnrollmentEnabled  bool
	IsAuthEnabled             bool
	IdentityRoles             []string
	IdentityNameFormat        string
	ExternalIdClaim           *ExternalIdClaim
}

func (*Ca) GetExternalId added in v0.21.221

func (entity *Ca) GetExternalId(cert *x509.Certificate) (string, error)

GetExternalId will attempt to retrieve a string claim from a x509 Certificate based on location, matching, and parsing of various x509 Certificate fields.

type CaListResult

type CaListResult struct {
	Cas []*Ca
	models.QueryMetaData
	// contains filtered or unexported fields
}

type CaManager added in v0.22.42

type CaManager struct {
	// contains filtered or unexported fields
}

func NewCaManager added in v0.22.42

func NewCaManager(env Env) *CaManager

func (*CaManager) ApplyCreate added in v0.22.42

func (self *CaManager) ApplyCreate(cmd *command.CreateEntityCommand[*Ca]) error

func (*CaManager) ApplyDelete added in v0.22.42

func (self *CaManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*CaManager) ApplyUpdate added in v0.22.42

func (self *CaManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Ca]) error

func (*CaManager) BaseList added in v0.22.42

func (self *CaManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*CaManager) BaseLoad added in v0.22.42

func (self *CaManager) BaseLoad(id string) (models.Entity, error)

func (*CaManager) BaseLoadInTx added in v0.22.42

func (self *CaManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*CaManager) BasePreparedList added in v0.22.42

func (self *CaManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*CaManager) BasePreparedListIndexed added in v0.22.42

func (self *CaManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*CaManager) Create added in v0.22.42

func (self *CaManager) Create(entity *Ca) error

func (*CaManager) Delete added in v0.22.42

func (self *CaManager) Delete(id string) error

func (*CaManager) Dispatch added in v0.22.42

func (self *CaManager) Dispatch(command command.Command) error

func (*CaManager) GetDb added in v0.22.42

func (self *CaManager) GetDb() boltz.Db

func (*CaManager) GetEntityTypeId added in v0.22.42

func (self *CaManager) GetEntityTypeId() string

func (*CaManager) GetEnv added in v0.22.42

func (self *CaManager) GetEnv() Env

func (*CaManager) GetStore added in v0.22.42

func (self *CaManager) GetStore() boltz.CrudStore

func (*CaManager) IsUpdated added in v0.22.42

func (self *CaManager) IsUpdated(field string) bool

func (*CaManager) ListWithHandler added in v0.22.42

func (self *CaManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*CaManager) Marshall added in v0.22.42

func (self *CaManager) Marshall(entity *Ca) ([]byte, error)

func (*CaManager) PreparedListAssociatedWithHandler added in v0.22.42

func (self *CaManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*CaManager) PreparedListWithHandler added in v0.22.42

func (self *CaManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*CaManager) Query added in v0.22.42

func (self *CaManager) Query(query string) (*CaListResult, error)

func (*CaManager) Read added in v0.22.42

func (self *CaManager) Read(id string) (*Ca, error)

func (*CaManager) Stream added in v0.22.42

func (self *CaManager) Stream(query string, collect func(*Ca, error) error) error

func (*CaManager) Unmarshall added in v0.22.42

func (self *CaManager) Unmarshall(bytes []byte) (*Ca, error)

func (*CaManager) Update added in v0.22.42

func (self *CaManager) Update(entity *Ca, checker fields.UpdatedFields) error

func (*CaManager) Verified added in v0.22.42

func (self *CaManager) Verified(ca *Ca) error

type Config

type Config struct {
	models.BaseEntity
	Name   string
	TypeId string
	Data   map[string]interface{}
}

type ConfigManager added in v0.21.235

type ConfigManager struct {
	// contains filtered or unexported fields
}

func NewConfigManager added in v0.21.235

func NewConfigManager(env Env) *ConfigManager

func (*ConfigManager) ApplyCreate added in v0.21.235

func (self *ConfigManager) ApplyCreate(cmd *command.CreateEntityCommand[*Config]) error

func (*ConfigManager) ApplyDelete added in v0.21.235

func (self *ConfigManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ConfigManager) ApplyUpdate added in v0.21.235

func (self *ConfigManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Config]) error

func (*ConfigManager) BaseList added in v0.21.235

func (self *ConfigManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ConfigManager) BaseLoad added in v0.21.235

func (self *ConfigManager) BaseLoad(id string) (models.Entity, error)

func (*ConfigManager) BaseLoadInTx added in v0.21.235

func (self *ConfigManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigManager) BasePreparedList added in v0.21.235

func (self *ConfigManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ConfigManager) BasePreparedListIndexed added in v0.21.235

func (self *ConfigManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ConfigManager) Create added in v0.21.235

func (self *ConfigManager) Create(entity *Config) error

func (*ConfigManager) Delete added in v0.21.235

func (self *ConfigManager) Delete(id string) error

func (*ConfigManager) Dispatch added in v0.21.235

func (self *ConfigManager) Dispatch(command command.Command) error

func (*ConfigManager) GetDb added in v0.21.235

func (self *ConfigManager) GetDb() boltz.Db

func (*ConfigManager) GetEntityTypeId added in v0.21.235

func (self *ConfigManager) GetEntityTypeId() string

func (*ConfigManager) GetEnv added in v0.21.235

func (self *ConfigManager) GetEnv() Env

func (*ConfigManager) GetStore added in v0.21.235

func (self *ConfigManager) GetStore() boltz.CrudStore

func (*ConfigManager) IsUpdated added in v0.21.235

func (self *ConfigManager) IsUpdated(field string) bool

func (*ConfigManager) ListWithHandler added in v0.22.41

func (self *ConfigManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ConfigManager) Marshall added in v0.21.235

func (self *ConfigManager) Marshall(entity *Config) ([]byte, error)

func (*ConfigManager) PreparedListAssociatedWithHandler added in v0.22.41

func (self *ConfigManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ConfigManager) PreparedListWithHandler added in v0.22.41

func (self *ConfigManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ConfigManager) Read added in v0.21.235

func (self *ConfigManager) Read(id string) (*Config, error)

func (*ConfigManager) Unmarshall added in v0.21.235

func (self *ConfigManager) Unmarshall(bytes []byte) (*Config, error)

func (*ConfigManager) Update added in v0.21.235

func (self *ConfigManager) Update(entity *Config, checker fields.UpdatedFields) error

type ConfigType

type ConfigType struct {
	models.BaseEntity
	Name   string
	Schema map[string]interface{}
}

func (*ConfigType) GetCompiledSchema

func (entity *ConfigType) GetCompiledSchema() (*gojsonschema.Schema, error)

type ConfigTypeManager added in v0.22.42

type ConfigTypeManager struct {
	// contains filtered or unexported fields
}

func NewConfigTypeManager added in v0.22.42

func NewConfigTypeManager(env Env) *ConfigTypeManager

func (*ConfigTypeManager) ApplyCreate added in v0.22.42

func (self *ConfigTypeManager) ApplyCreate(cmd *command.CreateEntityCommand[*ConfigType]) error

func (*ConfigTypeManager) ApplyDelete added in v0.22.42

func (self *ConfigTypeManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ConfigTypeManager) ApplyUpdate added in v0.22.42

func (self *ConfigTypeManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*ConfigType]) error

func (*ConfigTypeManager) BaseList added in v0.22.42

func (self *ConfigTypeManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ConfigTypeManager) BaseLoad added in v0.22.42

func (self *ConfigTypeManager) BaseLoad(id string) (models.Entity, error)

func (*ConfigTypeManager) BaseLoadInTx added in v0.22.42

func (self *ConfigTypeManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ConfigTypeManager) BasePreparedList added in v0.22.42

func (self *ConfigTypeManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ConfigTypeManager) BasePreparedListIndexed added in v0.22.42

func (self *ConfigTypeManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ConfigTypeManager) Create added in v0.22.42

func (self *ConfigTypeManager) Create(entity *ConfigType) error

func (*ConfigTypeManager) Delete added in v0.22.42

func (self *ConfigTypeManager) Delete(id string) error

func (*ConfigTypeManager) Dispatch added in v0.22.42

func (self *ConfigTypeManager) Dispatch(command command.Command) error

func (*ConfigTypeManager) GetDb added in v0.22.42

func (self *ConfigTypeManager) GetDb() boltz.Db

func (*ConfigTypeManager) GetEntityTypeId added in v0.22.42

func (self *ConfigTypeManager) GetEntityTypeId() string

func (*ConfigTypeManager) GetEnv added in v0.22.42

func (self *ConfigTypeManager) GetEnv() Env

func (*ConfigTypeManager) GetStore added in v0.22.42

func (self *ConfigTypeManager) GetStore() boltz.CrudStore

func (*ConfigTypeManager) ListWithHandler added in v0.22.42

func (self *ConfigTypeManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ConfigTypeManager) MapConfigTypeNamesToIds added in v0.22.42

func (self *ConfigTypeManager) MapConfigTypeNamesToIds(values []string, identityId string) map[string]struct{}

func (*ConfigTypeManager) Marshall added in v0.22.42

func (self *ConfigTypeManager) Marshall(entity *ConfigType) ([]byte, error)

func (*ConfigTypeManager) PreparedListAssociatedWithHandler added in v0.22.42

func (self *ConfigTypeManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ConfigTypeManager) PreparedListWithHandler added in v0.22.42

func (self *ConfigTypeManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ConfigTypeManager) Read added in v0.22.42

func (self *ConfigTypeManager) Read(id string) (*ConfigType, error)

func (*ConfigTypeManager) ReadByName added in v0.22.42

func (self *ConfigTypeManager) ReadByName(name string) (*ConfigType, error)

func (*ConfigTypeManager) Unmarshall added in v0.22.42

func (self *ConfigTypeManager) Unmarshall(bytes []byte) (*ConfigType, error)

func (*ConfigTypeManager) Update added in v0.22.42

func (self *ConfigTypeManager) Update(entity *ConfigType, checker fields.UpdatedFields) error

type CreateEdgeRouterCmd added in v0.22.58

type CreateEdgeRouterCmd struct {
	// contains filtered or unexported fields
}

func (*CreateEdgeRouterCmd) Apply added in v0.22.58

func (self *CreateEdgeRouterCmd) Apply() error

func (*CreateEdgeRouterCmd) Decode added in v0.22.58

func (*CreateEdgeRouterCmd) Encode added in v0.22.58

func (self *CreateEdgeRouterCmd) Encode() ([]byte, error)

type CreateEdgeTerminatorCmd added in v0.21.235

type CreateEdgeTerminatorCmd struct {
	Env    Env
	Entity *network.Terminator
}

func (*CreateEdgeTerminatorCmd) Apply added in v0.21.235

func (self *CreateEdgeTerminatorCmd) Apply() error

func (*CreateEdgeTerminatorCmd) Decode added in v0.21.235

func (*CreateEdgeTerminatorCmd) Encode added in v0.21.235

func (self *CreateEdgeTerminatorCmd) Encode() ([]byte, error)

type CreateIdentityWithEnrollmentsCmd added in v0.22.64

type CreateIdentityWithEnrollmentsCmd struct {
	// contains filtered or unexported fields
}

func (*CreateIdentityWithEnrollmentsCmd) Apply added in v0.22.64

func (*CreateIdentityWithEnrollmentsCmd) Decode added in v0.22.64

func (*CreateIdentityWithEnrollmentsCmd) Encode added in v0.22.64

func (self *CreateIdentityWithEnrollmentsCmd) Encode() ([]byte, error)

type CreateTransitRouterCmd added in v0.22.59

type CreateTransitRouterCmd struct {
	// contains filtered or unexported fields
}

func (*CreateTransitRouterCmd) Apply added in v0.22.59

func (self *CreateTransitRouterCmd) Apply() error

func (*CreateTransitRouterCmd) Decode added in v0.22.59

func (*CreateTransitRouterCmd) Encode added in v0.22.59

func (self *CreateTransitRouterCmd) Encode() ([]byte, error)

type EdgeRouter

type EdgeRouter struct {
	models.BaseEntity
	Name                  string
	RoleAttributes        []string
	IsVerified            bool
	Fingerprint           *string
	CertPem               *string
	Hostname              *string
	EdgeRouterProtocols   map[string]string
	VersionInfo           *versions.VersionInfo
	IsTunnelerEnabled     bool
	AppData               map[string]interface{}
	UnverifiedFingerprint *string
	UnverifiedCertPem     *string
	Cost                  uint16
	NoTraversal           bool
}

type EdgeRouterListResult

type EdgeRouterListResult struct {
	EdgeRouters []*EdgeRouter
	models.QueryMetaData
	// contains filtered or unexported fields
}

type EdgeRouterManager added in v0.22.46

type EdgeRouterManager struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterManager added in v0.22.46

func NewEdgeRouterManager(env Env) *EdgeRouterManager

func (*EdgeRouterManager) ApplyCreate added in v0.22.58

func (self *EdgeRouterManager) ApplyCreate(cmd *CreateEdgeRouterCmd) error

func (*EdgeRouterManager) ApplyDelete added in v0.22.46

func (self *EdgeRouterManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*EdgeRouterManager) ApplyUpdate added in v0.22.58

func (self *EdgeRouterManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*EdgeRouter]) error

func (*EdgeRouterManager) BaseList added in v0.22.46

func (self *EdgeRouterManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterManager) BaseLoad added in v0.22.46

func (self *EdgeRouterManager) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterManager) BaseLoadInTx added in v0.22.46

func (self *EdgeRouterManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterManager) BasePreparedList added in v0.22.46

func (self *EdgeRouterManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterManager) BasePreparedListIndexed added in v0.22.46

func (self *EdgeRouterManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterManager) CollectEnrollments added in v0.22.46

func (self *EdgeRouterManager) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*EdgeRouterManager) Create added in v0.22.46

func (self *EdgeRouterManager) Create(edgeRouter *EdgeRouter) error

func (*EdgeRouterManager) Delete added in v0.22.46

func (self *EdgeRouterManager) Delete(id string) error

func (*EdgeRouterManager) Dispatch added in v0.22.46

func (self *EdgeRouterManager) Dispatch(command command.Command) error

func (*EdgeRouterManager) EdgeRouterToProtobuf added in v0.22.58

func (self *EdgeRouterManager) EdgeRouterToProtobuf(entity *EdgeRouter) (*edge_cmd_pb.EdgeRouter, error)

func (*EdgeRouterManager) ExtendEnrollment added in v0.22.46

func (self *EdgeRouterManager) ExtendEnrollment(router *EdgeRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*EdgeRouterManager) ExtendEnrollmentVerify added in v0.22.46

func (self *EdgeRouterManager) ExtendEnrollmentVerify(router *EdgeRouter) error

func (*EdgeRouterManager) ExtendEnrollmentWithVerify added in v0.22.46

func (self *EdgeRouterManager) ExtendEnrollmentWithVerify(router *EdgeRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*EdgeRouterManager) GetDb added in v0.22.46

func (self *EdgeRouterManager) GetDb() boltz.Db

func (*EdgeRouterManager) GetEntityTypeId added in v0.22.46

func (self *EdgeRouterManager) GetEntityTypeId() string

func (*EdgeRouterManager) GetEnv added in v0.22.46

func (self *EdgeRouterManager) GetEnv() Env

func (*EdgeRouterManager) GetStore added in v0.22.46

func (self *EdgeRouterManager) GetStore() boltz.CrudStore

func (*EdgeRouterManager) ListForIdentityAndService added in v0.22.46

func (self *EdgeRouterManager) ListForIdentityAndService(identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterManager) ListForIdentityAndServiceWithTx added in v0.22.46

func (self *EdgeRouterManager) ListForIdentityAndServiceWithTx(tx *bbolt.Tx, identityId, serviceId string, limit *int) (*EdgeRouterListResult, error)

func (*EdgeRouterManager) ListForSession added in v0.22.46

func (self *EdgeRouterManager) ListForSession(sessionId string) (*EdgeRouterListResult, error)

func (*EdgeRouterManager) ListWithHandler added in v0.22.46

func (self *EdgeRouterManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*EdgeRouterManager) Marshall added in v0.22.58

func (self *EdgeRouterManager) Marshall(entity *EdgeRouter) ([]byte, error)

func (*EdgeRouterManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *EdgeRouterManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*EdgeRouterManager) PreparedListWithHandler added in v0.22.46

func (self *EdgeRouterManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*EdgeRouterManager) ProtobufToEdgeRouter added in v0.22.58

func (self *EdgeRouterManager) ProtobufToEdgeRouter(msg *edge_cmd_pb.EdgeRouter) (*EdgeRouter, error)

func (*EdgeRouterManager) Query added in v0.22.46

func (self *EdgeRouterManager) Query(query string) (*EdgeRouterListResult, error)

func (*EdgeRouterManager) QueryRoleAttributes added in v0.22.46

func (self *EdgeRouterManager) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeRouterManager) ReEnroll added in v0.22.46

func (self *EdgeRouterManager) ReEnroll(router *EdgeRouter) error

ReEnroll creates a new JWT enrollment for an existing edge router. If the edge router already exists with a JWT, a new JWT is created. If the edge router was already enrolled, all record of the enrollment is reset and the edge router is disconnected forcing the edge router to complete enrollment before connecting.

func (*EdgeRouterManager) Read added in v0.22.46

func (self *EdgeRouterManager) Read(id string) (*EdgeRouter, error)

func (*EdgeRouterManager) ReadOneByFingerprint added in v0.22.46

func (self *EdgeRouterManager) ReadOneByFingerprint(fingerprint string) (*EdgeRouter, error)

func (*EdgeRouterManager) ReadOneByQuery added in v0.22.46

func (self *EdgeRouterManager) ReadOneByQuery(query string) (*EdgeRouter, error)

func (*EdgeRouterManager) ReadOneByUnverifiedFingerprint added in v0.22.46

func (self *EdgeRouterManager) ReadOneByUnverifiedFingerprint(fingerprint string) (*EdgeRouter, error)

func (*EdgeRouterManager) Unmarshall added in v0.22.58

func (self *EdgeRouterManager) Unmarshall(bytes []byte) (*EdgeRouter, error)

func (*EdgeRouterManager) Update added in v0.22.46

func (self *EdgeRouterManager) Update(entity *EdgeRouter, unrestricted bool, checker fields.UpdatedFields) error

type EdgeRouterPolicy

type EdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	IdentityRoles   []string
	EdgeRouterRoles []string
}

type EdgeRouterPolicyManager added in v0.22.43

type EdgeRouterPolicyManager struct {
	// contains filtered or unexported fields
}

func NewEdgeRouterPolicyManager added in v0.22.43

func NewEdgeRouterPolicyManager(env Env) *EdgeRouterPolicyManager

func (*EdgeRouterPolicyManager) ApplyCreate added in v0.22.43

func (*EdgeRouterPolicyManager) ApplyDelete added in v0.22.43

func (self *EdgeRouterPolicyManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*EdgeRouterPolicyManager) ApplyUpdate added in v0.22.43

func (*EdgeRouterPolicyManager) BaseList added in v0.22.43

func (self *EdgeRouterPolicyManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterPolicyManager) BaseLoad added in v0.22.43

func (self *EdgeRouterPolicyManager) BaseLoad(id string) (models.Entity, error)

func (*EdgeRouterPolicyManager) BaseLoadInTx added in v0.22.43

func (self *EdgeRouterPolicyManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeRouterPolicyManager) BasePreparedList added in v0.22.43

func (self *EdgeRouterPolicyManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterPolicyManager) BasePreparedListIndexed added in v0.22.43

func (self *EdgeRouterPolicyManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeRouterPolicyManager) Create added in v0.22.43

func (self *EdgeRouterPolicyManager) Create(entity *EdgeRouterPolicy) error

func (*EdgeRouterPolicyManager) Delete added in v0.22.43

func (self *EdgeRouterPolicyManager) Delete(id string) error

func (*EdgeRouterPolicyManager) Dispatch added in v0.22.43

func (self *EdgeRouterPolicyManager) Dispatch(command command.Command) error

func (*EdgeRouterPolicyManager) GetDb added in v0.22.43

func (self *EdgeRouterPolicyManager) GetDb() boltz.Db

func (*EdgeRouterPolicyManager) GetEntityTypeId added in v0.22.43

func (self *EdgeRouterPolicyManager) GetEntityTypeId() string

func (*EdgeRouterPolicyManager) GetEnv added in v0.22.43

func (self *EdgeRouterPolicyManager) GetEnv() Env

func (*EdgeRouterPolicyManager) GetStore added in v0.22.43

func (self *EdgeRouterPolicyManager) GetStore() boltz.CrudStore

func (*EdgeRouterPolicyManager) ListWithHandler added in v0.22.43

func (self *EdgeRouterPolicyManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*EdgeRouterPolicyManager) Marshall added in v0.22.43

func (self *EdgeRouterPolicyManager) Marshall(entity *EdgeRouterPolicy) ([]byte, error)

func (*EdgeRouterPolicyManager) PreparedListAssociatedWithHandler added in v0.22.43

func (self *EdgeRouterPolicyManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*EdgeRouterPolicyManager) PreparedListWithHandler added in v0.22.43

func (self *EdgeRouterPolicyManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*EdgeRouterPolicyManager) Read added in v0.22.43

func (*EdgeRouterPolicyManager) Unmarshall added in v0.22.43

func (self *EdgeRouterPolicyManager) Unmarshall(bytes []byte) (*EdgeRouterPolicy, error)

func (*EdgeRouterPolicyManager) Update added in v0.22.43

func (self *EdgeRouterPolicyManager) Update(entity *EdgeRouterPolicy, checker fields.UpdatedFields) error

type EdgeServiceManager added in v0.22.46

type EdgeServiceManager struct {
	// contains filtered or unexported fields
}

func NewEdgeServiceManager added in v0.22.46

func NewEdgeServiceManager(env Env) *EdgeServiceManager

func (*EdgeServiceManager) ApplyCreate added in v0.22.46

func (self *EdgeServiceManager) ApplyCreate(cmd *command.CreateEntityCommand[*Service]) error

func (*EdgeServiceManager) ApplyDelete added in v0.22.46

func (self *EdgeServiceManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*EdgeServiceManager) ApplyUpdate added in v0.22.46

func (self *EdgeServiceManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Service]) error

func (*EdgeServiceManager) BaseList added in v0.22.46

func (self *EdgeServiceManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*EdgeServiceManager) BaseLoad added in v0.22.46

func (self *EdgeServiceManager) BaseLoad(id string) (models.Entity, error)

func (*EdgeServiceManager) BaseLoadInTx added in v0.22.46

func (self *EdgeServiceManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EdgeServiceManager) BasePreparedList added in v0.22.46

func (self *EdgeServiceManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeServiceManager) BasePreparedListIndexed added in v0.22.46

func (self *EdgeServiceManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EdgeServiceManager) Create added in v0.22.46

func (self *EdgeServiceManager) Create(entity *Service) error

func (*EdgeServiceManager) Delete added in v0.22.46

func (self *EdgeServiceManager) Delete(id string) error

func (*EdgeServiceManager) Dispatch added in v0.22.46

func (self *EdgeServiceManager) Dispatch(command command.Command) error

func (*EdgeServiceManager) GetDb added in v0.22.46

func (self *EdgeServiceManager) GetDb() boltz.Db

func (*EdgeServiceManager) GetEntityTypeId added in v0.22.46

func (self *EdgeServiceManager) GetEntityTypeId() string

func (*EdgeServiceManager) GetEnv added in v0.22.46

func (self *EdgeServiceManager) GetEnv() Env

func (*EdgeServiceManager) GetPolicyPostureChecks added in v0.22.46

func (self *EdgeServiceManager) GetPolicyPostureChecks(identityId, serviceId string) map[string]*PolicyPostureChecks

func (*EdgeServiceManager) GetStore added in v0.22.46

func (self *EdgeServiceManager) GetStore() boltz.CrudStore

func (*EdgeServiceManager) ListWithHandler added in v0.22.46

func (self *EdgeServiceManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*EdgeServiceManager) Marshall added in v0.22.46

func (self *EdgeServiceManager) Marshall(entity *Service) ([]byte, error)

func (*EdgeServiceManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *EdgeServiceManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*EdgeServiceManager) PreparedListWithHandler added in v0.22.46

func (self *EdgeServiceManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*EdgeServiceManager) PublicQueryForIdentity added in v0.22.46

func (self *EdgeServiceManager) PublicQueryForIdentity(sessionIdentity *Identity, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceManager) QueryForIdentity added in v0.22.46

func (self *EdgeServiceManager) QueryForIdentity(identityId string, configTypes map[string]struct{}, query ast.Query) (*ServiceListResult, error)

func (*EdgeServiceManager) QueryRoleAttributes added in v0.22.46

func (self *EdgeServiceManager) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*EdgeServiceManager) Read added in v0.22.46

func (self *EdgeServiceManager) Read(id string) (*Service, error)

func (*EdgeServiceManager) ReadByName added in v0.22.46

func (self *EdgeServiceManager) ReadByName(name string) (*Service, error)

func (*EdgeServiceManager) ReadForIdentity added in v0.22.46

func (self *EdgeServiceManager) ReadForIdentity(id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceManager) ReadForIdentityInTx added in v0.22.46

func (self *EdgeServiceManager) ReadForIdentityInTx(tx *bbolt.Tx, id string, identityId string, configTypes map[string]struct{}) (*ServiceDetail, error)

func (*EdgeServiceManager) ReadForNonAdminIdentityInTx added in v0.22.46

func (self *EdgeServiceManager) ReadForNonAdminIdentityInTx(tx *bbolt.Tx, id string, identityId string) (*ServiceDetail, error)

func (*EdgeServiceManager) Unmarshall added in v0.22.46

func (self *EdgeServiceManager) Unmarshall(bytes []byte) (*Service, error)

func (*EdgeServiceManager) Update added in v0.22.46

func (self *EdgeServiceManager) Update(entity *Service, checker fields.UpdatedFields) error

type EnrollModuleCa

type EnrollModuleCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleCa

func NewEnrollModuleCa(env Env) *EnrollModuleCa

func (*EnrollModuleCa) CanHandle

func (module *EnrollModuleCa) CanHandle(method string) bool

func (*EnrollModuleCa) Process

func (module *EnrollModuleCa) Process(context EnrollmentContext) (*EnrollmentResult, error)

Process will attempt to verify a client certificate bundle (supplied via the TLS handshake) with known CAs. The first certificate must be the client certificate and all subsequent certificates are treated as untrusted intermediates. If a verifying CA has `externalIdClaim` configuration present, the claim will be searched for. If it resolves, the values will be used as the `externalId` for the resulting identity. Subsequent authentications will match the certificate `externalId`. If not present, a certificate authenticator will be created where the fingerprint of the certificate will be matched on subsequent authentications.

type EnrollModuleEr

type EnrollModuleEr struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleEdgeRouterOtt

func NewEnrollModuleEdgeRouterOtt(env Env) *EnrollModuleEr

func (*EnrollModuleEr) CanHandle

func (module *EnrollModuleEr) CanHandle(method string) bool

func (*EnrollModuleEr) Process

func (module *EnrollModuleEr) Process(context EnrollmentContext) (*EnrollmentResult, error)

func (*EnrollModuleEr) ProcessClientCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessClientCsrPem(clientCertCsrPem []byte, edgeRouterId string) ([]byte, error)

func (*EnrollModuleEr) ProcessServerCsrPem added in v0.19.81

func (module *EnrollModuleEr) ProcessServerCsrPem(serverCertCsrPem []byte) ([]byte, error)

type EnrollModuleOtt

type EnrollModuleOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOtt

func NewEnrollModuleOtt(env Env) *EnrollModuleOtt

func (*EnrollModuleOtt) CanHandle

func (module *EnrollModuleOtt) CanHandle(method string) bool

func (*EnrollModuleOtt) Process

func (module *EnrollModuleOtt) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleOttCa

type EnrollModuleOttCa struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleOttCa

func NewEnrollModuleOttCa(env Env) *EnrollModuleOttCa

func (*EnrollModuleOttCa) CanHandle

func (module *EnrollModuleOttCa) CanHandle(method string) bool

func (*EnrollModuleOttCa) Process

func (module *EnrollModuleOttCa) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleRouterOtt

type EnrollModuleRouterOtt struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleTransitRouterOtt

func NewEnrollModuleTransitRouterOtt(env Env) *EnrollModuleRouterOtt

func (*EnrollModuleRouterOtt) CanHandle

func (module *EnrollModuleRouterOtt) CanHandle(method string) bool

func (*EnrollModuleRouterOtt) Process

func (module *EnrollModuleRouterOtt) Process(context EnrollmentContext) (*EnrollmentResult, error)

type EnrollModuleUpdb

type EnrollModuleUpdb struct {
	// contains filtered or unexported fields
}

func NewEnrollModuleUpdb

func NewEnrollModuleUpdb(env Env) *EnrollModuleUpdb

func (*EnrollModuleUpdb) CanHandle

func (module *EnrollModuleUpdb) CanHandle(method string) bool

func (*EnrollModuleUpdb) Process

func (module *EnrollModuleUpdb) Process(ctx EnrollmentContext) (*EnrollmentResult, error)

type Enrollment

type Enrollment struct {
	models.BaseEntity
	Method          string
	IdentityId      *string
	TransitRouterId *string
	EdgeRouterId    *string
	Token           string
	IssuedAt        *time.Time
	ExpiresAt       *time.Time
	Jwt             string
	CaId            *string
	Username        *string
}

func (*Enrollment) FillJwtInfo

func (entity *Enrollment) FillJwtInfo(env Env, subject string) error

func (*Enrollment) FillJwtInfoWithExpiresAt added in v0.21.194

func (entity *Enrollment) FillJwtInfoWithExpiresAt(env Env, subject string, expiresAt time.Time) error

type EnrollmentContext

type EnrollmentContext interface {
	GetParameters() map[string]interface{}
	GetToken() string
	GetData() interface{}
	GetDataAsMap() map[string]interface{}
	GetDataAsByteArray() []byte
	GetCerts() []*x509.Certificate
	GetHeaders() map[string]interface{}
	GetMethod() string
}

type EnrollmentContextHttp

type EnrollmentContextHttp struct {
	Headers    map[string]interface{}
	Parameters map[string]interface{}
	Data       interface{}
	Certs      []*x509.Certificate
	Token      string
	Method     string
}

func (*EnrollmentContextHttp) FillFromHttpRequest

func (context *EnrollmentContextHttp) FillFromHttpRequest(request *http.Request) error

func (*EnrollmentContextHttp) GetCerts

func (context *EnrollmentContextHttp) GetCerts() []*x509.Certificate

func (*EnrollmentContextHttp) GetData

func (context *EnrollmentContextHttp) GetData() interface{}

func (*EnrollmentContextHttp) GetDataAsByteArray

func (context *EnrollmentContextHttp) GetDataAsByteArray() []byte

func (*EnrollmentContextHttp) GetDataAsMap

func (context *EnrollmentContextHttp) GetDataAsMap() map[string]interface{}

func (*EnrollmentContextHttp) GetHeaders

func (context *EnrollmentContextHttp) GetHeaders() map[string]interface{}

func (*EnrollmentContextHttp) GetMethod

func (context *EnrollmentContextHttp) GetMethod() string

func (*EnrollmentContextHttp) GetParameters

func (context *EnrollmentContextHttp) GetParameters() map[string]interface{}

func (*EnrollmentContextHttp) GetToken

func (context *EnrollmentContextHttp) GetToken() string

type EnrollmentManager added in v0.22.46

type EnrollmentManager struct {
	// contains filtered or unexported fields
}

func NewEnrollmentManager added in v0.22.46

func NewEnrollmentManager(env Env) *EnrollmentManager

func (*EnrollmentManager) ApplyCreate added in v0.22.53

func (self *EnrollmentManager) ApplyCreate(cmd *command.CreateEntityCommand[*Enrollment]) error

func (*EnrollmentManager) ApplyDelete added in v0.22.46

func (self *EnrollmentManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*EnrollmentManager) ApplyReplaceEncoderWithAuthenticatorCommand added in v0.22.53

func (self *EnrollmentManager) ApplyReplaceEncoderWithAuthenticatorCommand(cmd *ReplaceEnrollmentWithAuthenticatorCmd) error

func (*EnrollmentManager) ApplyUpdate added in v0.22.53

func (self *EnrollmentManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Enrollment]) error

func (*EnrollmentManager) BaseList added in v0.22.46

func (self *EnrollmentManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*EnrollmentManager) BaseLoad added in v0.22.46

func (self *EnrollmentManager) BaseLoad(id string) (models.Entity, error)

func (*EnrollmentManager) BaseLoadInTx added in v0.22.46

func (self *EnrollmentManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*EnrollmentManager) BasePreparedList added in v0.22.46

func (self *EnrollmentManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EnrollmentManager) BasePreparedListIndexed added in v0.22.46

func (self *EnrollmentManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*EnrollmentManager) Create added in v0.22.46

func (self *EnrollmentManager) Create(entity *Enrollment) error

func (*EnrollmentManager) Delete added in v0.22.46

func (self *EnrollmentManager) Delete(id string) error

func (*EnrollmentManager) Dispatch added in v0.22.46

func (self *EnrollmentManager) Dispatch(command command.Command) error

func (*EnrollmentManager) Enroll added in v0.22.46

func (*EnrollmentManager) EnrollmentToProtobuf added in v0.22.58

func (self *EnrollmentManager) EnrollmentToProtobuf(entity *Enrollment) (*edge_cmd_pb.Enrollment, error)

func (*EnrollmentManager) GetClientCertChain added in v0.24.38

func (self *EnrollmentManager) GetClientCertChain(certRaw []byte) (string, error)

func (*EnrollmentManager) GetDb added in v0.22.46

func (self *EnrollmentManager) GetDb() boltz.Db

func (*EnrollmentManager) GetEntityTypeId added in v0.22.46

func (self *EnrollmentManager) GetEntityTypeId() string

func (*EnrollmentManager) GetEnv added in v0.22.46

func (self *EnrollmentManager) GetEnv() Env

func (*EnrollmentManager) GetStore added in v0.22.46

func (self *EnrollmentManager) GetStore() boltz.CrudStore

func (*EnrollmentManager) ListWithHandler added in v0.22.46

func (self *EnrollmentManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*EnrollmentManager) Marshall added in v0.22.53

func (self *EnrollmentManager) Marshall(entity *Enrollment) ([]byte, error)

func (*EnrollmentManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *EnrollmentManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*EnrollmentManager) PreparedListWithHandler added in v0.22.46

func (self *EnrollmentManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*EnrollmentManager) ProtobufToEnrollment added in v0.22.58

func (self *EnrollmentManager) ProtobufToEnrollment(msg *edge_cmd_pb.Enrollment) (*Enrollment, error)

func (*EnrollmentManager) Query added in v0.22.46

func (self *EnrollmentManager) Query(query string) ([]*Enrollment, error)

func (*EnrollmentManager) Read added in v0.22.46

func (self *EnrollmentManager) Read(id string) (*Enrollment, error)

func (*EnrollmentManager) ReadByToken added in v0.22.46

func (self *EnrollmentManager) ReadByToken(token string) (*Enrollment, error)

func (*EnrollmentManager) RefreshJwt added in v0.22.46

func (self *EnrollmentManager) RefreshJwt(id string, expiresAt time.Time) error

func (*EnrollmentManager) ReplaceWithAuthenticator added in v0.22.46

func (self *EnrollmentManager) ReplaceWithAuthenticator(enrollmentId string, authenticator *Authenticator) error

func (*EnrollmentManager) Unmarshall added in v0.22.53

func (self *EnrollmentManager) Unmarshall(bytes []byte) (*Enrollment, error)

func (*EnrollmentManager) Update added in v0.22.53

func (self *EnrollmentManager) Update(entity *Enrollment, checker fields.UpdatedFields) error

type EnrollmentProcessor

type EnrollmentProcessor interface {
	CanHandle(method string) bool
	Process(context EnrollmentContext) (*EnrollmentResult, error)
}

type EnrollmentRegistry

type EnrollmentRegistry interface {
	Add(method EnrollmentProcessor)
	GetByMethod(method string) EnrollmentProcessor
}

type EnrollmentRegistryImpl

type EnrollmentRegistryImpl struct {
	// contains filtered or unexported fields
}

func (*EnrollmentRegistryImpl) Add

func (registry *EnrollmentRegistryImpl) Add(processor EnrollmentProcessor)

func (*EnrollmentRegistryImpl) GetByMethod

func (registry *EnrollmentRegistryImpl) GetByMethod(method string) EnrollmentProcessor

type EnrollmentResult

type EnrollmentResult struct {
	Identity      *Identity
	Authenticator *Authenticator
	Content       interface{}
	TextContent   []byte
	Producer      runtime.Producer
	Status        int
}

type EntityManager added in v0.21.235

type EntityManager interface {
	models.EntityRetriever[models.Entity]
	command.EntityDeleter
	GetEnv() Env
	// contains filtered or unexported methods
}

type Env

type Env interface {
	GetManagers() *Managers
	GetConfig() *config.Config
	GetJwtSigner() jwtsigner.Signer
	GetDbProvider() persistence.DbProvider
	GetStores() *persistence.Stores
	GetAuthRegistry() AuthRegistry
	GetEnrollRegistry() EnrollmentRegistry
	GetApiClientCsrSigner() cert.Signer
	GetApiServerCsrSigner() cert.Signer
	GetControlClientCsrSigner() cert.Signer
	GetHostController() HostController
	IsEdgeRouterOnline(id string) bool
	GetMetricsRegistry() metrics.Registry
	GetFingerprintGenerator() cert.FingerprintGenerator
	HandleServiceUpdatedEventForIdentityId(identityId string)
}

type EnvInfo

type EnvInfo struct {
	Arch      string
	Os        string
	OsRelease string
	OsVersion string
}

type ExtendedCerts added in v0.19.81

type ExtendedCerts struct {
	RawClientCert []byte
	RawServerCert []byte
}

type ExternalIdClaim added in v0.21.221

type ExternalIdClaim struct {
	Location        string
	Matcher         string
	MatcherCriteria string
	Parser          string
	ParserCriteria  string
	Index           int64
}

type ExternalIdFieldType added in v0.21.221

type ExternalIdFieldType string

type ExternalJwtSigner added in v0.21.148

type ExternalJwtSigner struct {
	models.BaseEntity
	Name            string
	CertPem         *string
	JwksEndpoint    *string
	Kid             *string
	Enabled         bool
	ExternalAuthUrl *string
	UseExternalId   bool
	ClaimsProperty  *string
	Issuer          *string
	Audience        *string

	CommonName  string
	Fingerprint *string
	NotAfter    time.Time
	NotBefore   time.Time
}

type ExternalJwtSignerManager added in v0.22.46

type ExternalJwtSignerManager struct {
	// contains filtered or unexported fields
}

func NewExternalJwtSignerManager added in v0.22.46

func NewExternalJwtSignerManager(env Env) *ExternalJwtSignerManager

func (*ExternalJwtSignerManager) ApplyCreate added in v0.22.46

func (*ExternalJwtSignerManager) ApplyDelete added in v0.22.46

func (self *ExternalJwtSignerManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ExternalJwtSignerManager) ApplyUpdate added in v0.22.46

func (*ExternalJwtSignerManager) BaseList added in v0.22.46

func (self *ExternalJwtSignerManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ExternalJwtSignerManager) BaseLoad added in v0.22.46

func (self *ExternalJwtSignerManager) BaseLoad(id string) (models.Entity, error)

func (*ExternalJwtSignerManager) BaseLoadInTx added in v0.22.46

func (self *ExternalJwtSignerManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ExternalJwtSignerManager) BasePreparedList added in v0.22.46

func (self *ExternalJwtSignerManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ExternalJwtSignerManager) BasePreparedListIndexed added in v0.22.46

func (self *ExternalJwtSignerManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ExternalJwtSignerManager) Create added in v0.22.46

func (self *ExternalJwtSignerManager) Create(entity *ExternalJwtSigner) error

func (*ExternalJwtSignerManager) Delete added in v0.22.46

func (self *ExternalJwtSignerManager) Delete(id string) error

func (*ExternalJwtSignerManager) Dispatch added in v0.22.46

func (self *ExternalJwtSignerManager) Dispatch(command command.Command) error

func (*ExternalJwtSignerManager) GetDb added in v0.22.46

func (self *ExternalJwtSignerManager) GetDb() boltz.Db

func (*ExternalJwtSignerManager) GetEntityTypeId added in v0.22.46

func (self *ExternalJwtSignerManager) GetEntityTypeId() string

func (*ExternalJwtSignerManager) GetEnv added in v0.22.46

func (self *ExternalJwtSignerManager) GetEnv() Env

func (*ExternalJwtSignerManager) GetStore added in v0.22.46

func (self *ExternalJwtSignerManager) GetStore() boltz.CrudStore

func (*ExternalJwtSignerManager) ListWithHandler added in v0.22.46

func (self *ExternalJwtSignerManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ExternalJwtSignerManager) Marshall added in v0.22.46

func (self *ExternalJwtSignerManager) Marshall(entity *ExternalJwtSigner) ([]byte, error)

func (*ExternalJwtSignerManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *ExternalJwtSignerManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ExternalJwtSignerManager) PreparedListWithHandler added in v0.22.46

func (self *ExternalJwtSignerManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ExternalJwtSignerManager) PublicQuery added in v0.22.46

func (self *ExternalJwtSignerManager) PublicQuery(query ast.Query) (*ListExtJwtSignerResult, error)

func (*ExternalJwtSignerManager) Read added in v0.22.46

func (*ExternalJwtSignerManager) Unmarshall added in v0.22.46

func (self *ExternalJwtSignerManager) Unmarshall(bytes []byte) (*ExternalJwtSigner, error)

func (*ExternalJwtSignerManager) Update added in v0.22.46

func (self *ExternalJwtSignerManager) Update(entity *ExternalJwtSigner, checker fields.UpdatedFields) error

type Formatter

type Formatter struct {
	// contains filtered or unexported fields
}

func NewFormatter

func NewFormatter(symbols map[string]string) *Formatter

func NewIdentityNameFormatter

func NewIdentityNameFormatter(ca *Ca, clientCert *x509.Certificate, identityName, identityId string) *Formatter

func (*Formatter) Format

func (formatter *Formatter) Format(name string) string

type HashedPassword

type HashedPassword struct {
	RawResult *crypto.HashResult //raw byte hash results
	Salt      string             //base64 encoded hash
	Password  string             //base64 encoded hash
}

type Heartbeat added in v0.19.39

type Heartbeat struct {
	ApiSessionId   string
	LastActivityAt time.Time
}

type HeartbeatCollector added in v0.19.39

type HeartbeatCollector struct {
	// contains filtered or unexported fields
}

func NewHeartbeatCollector added in v0.19.39

func NewHeartbeatCollector(env Env, batchSize int, updateInterval time.Duration, action func([]*Heartbeat)) *HeartbeatCollector

NewHeartbeatCollector creates a HeartbeatCollector which is used to manage situations where an SDK is connecting to multiple Edge Routers and making API calls that all update their last updated at and trigger writes. The heartbeat collector aggregates all of those calls into a single write and acts as an in memory buffer for last update times.

func (*HeartbeatCollector) LastAccessedAt added in v0.19.39

func (self *HeartbeatCollector) LastAccessedAt(apiSessionId string) (*time.Time, bool)

LastAccessedAt will return the last time an API Sessions was either connected to an Edge Router or made a REST API call and true. If no such action has happened or the API Session no longer exists nil and false will be returned.

func (*HeartbeatCollector) Mark added in v0.19.39

func (self *HeartbeatCollector) Mark(apiSessionId string)

func (*HeartbeatCollector) Remove added in v0.19.39

func (self *HeartbeatCollector) Remove(id string)

func (*HeartbeatCollector) Start added in v0.19.39

func (self *HeartbeatCollector) Start()

func (*HeartbeatCollector) Stop added in v0.19.39

func (self *HeartbeatCollector) Stop()

type HeartbeatStatus added in v0.19.39

type HeartbeatStatus struct {
	// contains filtered or unexported fields
}

type HostController

type HostController interface {
	GetNetwork() *network.Network
	Shutdown()
	GetCloseNotifyChannel() <-chan struct{}
	IsRaftEnabled() bool
	Identity() identity.Identity
}

type Identity

type Identity struct {
	models.BaseEntity
	Name                      string
	IdentityTypeId            string
	IsDefaultAdmin            bool
	IsAdmin                   bool
	RoleAttributes            []string
	EnvInfo                   *EnvInfo
	SdkInfo                   *SdkInfo
	HasHeartbeat              bool
	DefaultHostingPrecedence  ziti.Precedence
	DefaultHostingCost        uint16
	ServiceHostingPrecedences map[string]ziti.Precedence
	ServiceHostingCosts       map[string]uint16
	AppData                   map[string]interface{}
	AuthPolicyId              string
	ExternalId                *string
	Disabled                  bool
	DisabledAt                *time.Time
	DisabledUntil             *time.Time
}

type IdentityManager added in v0.22.46

type IdentityManager struct {
	// contains filtered or unexported fields
}

func NewIdentityManager added in v0.22.46

func NewIdentityManager(env Env) *IdentityManager

func (*IdentityManager) ApplyCreate added in v0.22.64

func (self *IdentityManager) ApplyCreate(cmd *command.CreateEntityCommand[*Identity]) error

func (*IdentityManager) ApplyCreateWithEnrollments added in v0.22.64

func (self *IdentityManager) ApplyCreateWithEnrollments(cmd *CreateIdentityWithEnrollmentsCmd) error

func (*IdentityManager) ApplyDelete added in v0.22.46

func (self *IdentityManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*IdentityManager) ApplyUpdate added in v0.22.64

func (self *IdentityManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Identity]) error

func (*IdentityManager) AssignServiceConfigs added in v0.22.46

func (self *IdentityManager) AssignServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityManager) BaseList added in v0.22.46

func (self *IdentityManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*IdentityManager) BaseLoad added in v0.22.46

func (self *IdentityManager) BaseLoad(id string) (models.Entity, error)

func (*IdentityManager) BaseLoadInTx added in v0.22.46

func (self *IdentityManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityManager) BasePreparedList added in v0.22.46

func (self *IdentityManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*IdentityManager) BasePreparedListIndexed added in v0.22.46

func (self *IdentityManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*IdentityManager) CollectAuthenticators added in v0.22.46

func (self *IdentityManager) CollectAuthenticators(id string, collector func(entity *Authenticator) error) error

func (*IdentityManager) CollectEnrollments added in v0.22.46

func (self *IdentityManager) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*IdentityManager) Create added in v0.22.46

func (self *IdentityManager) Create(entity *Identity) error

func (*IdentityManager) CreateWithAuthenticator added in v0.22.46

func (self *IdentityManager) CreateWithAuthenticator(identity *Identity, authenticator *Authenticator) (string, string, error)

func (*IdentityManager) CreateWithEnrollments added in v0.22.46

func (self *IdentityManager) CreateWithEnrollments(identityModel *Identity, enrollmentsModels []*Enrollment) error

func (*IdentityManager) Delete added in v0.22.46

func (self *IdentityManager) Delete(id string) error

func (*IdentityManager) Disable added in v0.22.46

func (self *IdentityManager) Disable(identityId string, duration time.Duration) error

func (*IdentityManager) Dispatch added in v0.22.46

func (self *IdentityManager) Dispatch(command command.Command) error

func (*IdentityManager) Enable added in v0.22.46

func (self *IdentityManager) Enable(identityId string) error

func (*IdentityManager) GetDb added in v0.22.46

func (self *IdentityManager) GetDb() boltz.Db

func (*IdentityManager) GetEntityTypeId added in v0.22.46

func (self *IdentityManager) GetEntityTypeId() string

func (*IdentityManager) GetEnv added in v0.22.46

func (self *IdentityManager) GetEnv() Env

func (*IdentityManager) GetServiceConfigs added in v0.22.46

func (self *IdentityManager) GetServiceConfigs(id string) ([]ServiceConfig, error)

func (*IdentityManager) GetStore added in v0.22.46

func (self *IdentityManager) GetStore() boltz.CrudStore

func (*IdentityManager) IdentityToProtobuf added in v0.22.64

func (self *IdentityManager) IdentityToProtobuf(entity *Identity) (*edge_cmd_pb.Identity, error)

func (*IdentityManager) InitializeDefaultAdmin added in v0.22.46

func (self *IdentityManager) InitializeDefaultAdmin(username, password, name string) error

func (*IdentityManager) IsActive added in v0.22.46

func (self *IdentityManager) IsActive(id string) bool

func (*IdentityManager) IsUpdated added in v0.22.46

func (self *IdentityManager) IsUpdated(field string) bool

func (*IdentityManager) ListWithHandler added in v0.22.46

func (self *IdentityManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*IdentityManager) Marshall added in v0.22.64

func (self *IdentityManager) Marshall(entity *Identity) ([]byte, error)

func (*IdentityManager) PatchInfo added in v0.22.46

func (self *IdentityManager) PatchInfo(identity *Identity) error

func (*IdentityManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *IdentityManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*IdentityManager) PreparedListWithHandler added in v0.22.46

func (self *IdentityManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*IdentityManager) ProtobufToIdentity added in v0.22.64

func (self *IdentityManager) ProtobufToIdentity(msg *edge_cmd_pb.Identity) (*Identity, error)

func (*IdentityManager) QueryRoleAttributes added in v0.22.46

func (self *IdentityManager) QueryRoleAttributes(queryString string) ([]string, *models.QueryMetaData, error)

func (*IdentityManager) Read added in v0.22.46

func (self *IdentityManager) Read(id string) (*Identity, error)

func (*IdentityManager) ReadByExternalId added in v0.22.46

func (self *IdentityManager) ReadByExternalId(externalId string) (*Identity, error)

func (*IdentityManager) ReadByName added in v0.22.46

func (self *IdentityManager) ReadByName(name string) (*Identity, error)

func (*IdentityManager) ReadDefaultAdmin added in v0.22.46

func (self *IdentityManager) ReadDefaultAdmin() (*Identity, error)

func (*IdentityManager) ReadOneByQuery added in v0.22.46

func (self *IdentityManager) ReadOneByQuery(query string) (*Identity, error)

func (*IdentityManager) RemoveServiceConfigs added in v0.22.46

func (self *IdentityManager) RemoveServiceConfigs(id string, serviceConfigs []ServiceConfig) error

func (*IdentityManager) SetActive added in v0.22.46

func (self *IdentityManager) SetActive(id string)

func (*IdentityManager) Unmarshall added in v0.22.64

func (self *IdentityManager) Unmarshall(bytes []byte) (*Identity, error)

func (*IdentityManager) Update added in v0.22.46

func (self *IdentityManager) Update(entity *Identity, checker fields.UpdatedFields) error

func (*IdentityManager) VisitIdentityAuthenticatorFingerprints added in v0.22.46

func (self *IdentityManager) VisitIdentityAuthenticatorFingerprints(tx *bbolt.Tx, identityId string, visitor func(string) bool) (bool, error)

type IdentityType

type IdentityType struct {
	models.BaseEntity
	Name string `json:"name"`
}

type IdentityTypeManager added in v0.22.46

type IdentityTypeManager struct {
	// contains filtered or unexported fields
}

func NewIdentityTypeManager added in v0.22.46

func NewIdentityTypeManager(env Env) *IdentityTypeManager

func (*IdentityTypeManager) ApplyDelete added in v0.22.46

func (self *IdentityTypeManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*IdentityTypeManager) BaseList added in v0.22.46

func (self *IdentityTypeManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*IdentityTypeManager) BaseLoad added in v0.22.46

func (self *IdentityTypeManager) BaseLoad(id string) (models.Entity, error)

func (*IdentityTypeManager) BaseLoadInTx added in v0.22.46

func (self *IdentityTypeManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*IdentityTypeManager) BasePreparedList added in v0.22.46

func (self *IdentityTypeManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*IdentityTypeManager) BasePreparedListIndexed added in v0.22.46

func (self *IdentityTypeManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*IdentityTypeManager) Delete added in v0.22.46

func (self *IdentityTypeManager) Delete(id string) error

func (*IdentityTypeManager) Dispatch added in v0.22.46

func (self *IdentityTypeManager) Dispatch(command command.Command) error

func (*IdentityTypeManager) GetDb added in v0.22.46

func (self *IdentityTypeManager) GetDb() boltz.Db

func (*IdentityTypeManager) GetEntityTypeId added in v0.22.46

func (self *IdentityTypeManager) GetEntityTypeId() string

func (*IdentityTypeManager) GetEnv added in v0.22.46

func (self *IdentityTypeManager) GetEnv() Env

func (*IdentityTypeManager) GetStore added in v0.22.46

func (self *IdentityTypeManager) GetStore() boltz.CrudStore

func (*IdentityTypeManager) ListWithHandler added in v0.22.46

func (self *IdentityTypeManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*IdentityTypeManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *IdentityTypeManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*IdentityTypeManager) PreparedListWithHandler added in v0.22.46

func (self *IdentityTypeManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*IdentityTypeManager) Read added in v0.22.46

func (self *IdentityTypeManager) Read(id string) (*IdentityType, error)

func (*IdentityTypeManager) ReadByIdOrName added in v0.22.46

func (self *IdentityTypeManager) ReadByIdOrName(idOrName string) (*IdentityType, error)

func (*IdentityTypeManager) ReadByName added in v0.22.46

func (self *IdentityTypeManager) ReadByName(name string) (*IdentityType, error)

type ListExtJwtSignerResult added in v0.21.157

type ListExtJwtSignerResult struct {
	QueryMetaData models.QueryMetaData
	ExtJwtSigners []*ExternalJwtSigner
	// contains filtered or unexported fields
}

type Managers added in v0.21.235

type Managers struct {
	// fabric
	Router     *network.RouterManager
	Service    *network.ServiceManager
	Terminator *network.TerminatorManager
	Command    *network.CommandManager

	// edge
	ApiSession              *ApiSessionManager
	ApiSessionCertificate   *ApiSessionCertificateManager
	Ca                      *CaManager
	Config                  *ConfigManager
	ConfigType              *ConfigTypeManager
	EdgeRouter              *EdgeRouterManager
	EdgeRouterPolicy        *EdgeRouterPolicyManager
	EdgeService             *EdgeServiceManager
	ExternalJwtSigner       *ExternalJwtSignerManager
	Identity                *IdentityManager
	IdentityType            *IdentityTypeManager
	PolicyAdvisor           *PolicyAdvisor
	ServiceEdgeRouterPolicy *ServiceEdgeRouterPolicyManager
	ServicePolicy           *ServicePolicyManager
	TransitRouter           *TransitRouterManager
	Session                 *SessionManager
	Authenticator           *AuthenticatorManager
	Enrollment              *EnrollmentManager
	PostureCheck            *PostureCheckManager
	PostureCheckType        *PostureCheckTypeManager
	PostureResponse         *PostureResponseManager
	Mfa                     *MfaManager
	AuthPolicy              *AuthPolicyManager
}

func InitEntityManagers added in v0.21.235

func InitEntityManagers(env Env) *Managers

type Mfa added in v0.17.52

type Mfa struct {
	models.BaseEntity
	IsVerified    bool
	IdentityId    string
	Identity      *Identity
	Secret        string
	RecoveryCodes []string
}

type MfaListResult added in v0.17.52

type MfaListResult struct {
	Mfas []*Mfa
	models.QueryMetaData
	// contains filtered or unexported fields
}

type MfaManager added in v0.22.46

type MfaManager struct {
	// contains filtered or unexported fields
}

func NewMfaManager added in v0.22.46

func NewMfaManager(env Env) *MfaManager

func (*MfaManager) ApplyCreate added in v0.22.51

func (self *MfaManager) ApplyCreate(cmd *command.CreateEntityCommand[*Mfa]) error

func (*MfaManager) ApplyDelete added in v0.22.46

func (self *MfaManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*MfaManager) ApplyUpdate added in v0.22.51

func (self *MfaManager) ApplyUpdate(cmd *command.UpdateEntityCommand[*Mfa]) error

func (*MfaManager) BaseList added in v0.22.46

func (self *MfaManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*MfaManager) BaseLoad added in v0.22.46

func (self *MfaManager) BaseLoad(id string) (models.Entity, error)

func (*MfaManager) BaseLoadInTx added in v0.22.46

func (self *MfaManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*MfaManager) BasePreparedList added in v0.22.46

func (self *MfaManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*MfaManager) BasePreparedListIndexed added in v0.22.46

func (self *MfaManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*MfaManager) Create added in v0.22.46

func (self *MfaManager) Create(entity *Mfa) error

func (*MfaManager) CreateForIdentity added in v0.22.46

func (self *MfaManager) CreateForIdentity(identity *Identity) (string, error)

func (*MfaManager) Delete added in v0.22.46

func (self *MfaManager) Delete(id string) error

func (*MfaManager) DeleteForIdentity added in v0.22.46

func (self *MfaManager) DeleteForIdentity(identity *Identity, code string) error

func (*MfaManager) Dispatch added in v0.22.46

func (self *MfaManager) Dispatch(command command.Command) error

func (*MfaManager) GetDb added in v0.22.46

func (self *MfaManager) GetDb() boltz.Db

func (*MfaManager) GetEntityTypeId added in v0.22.46

func (self *MfaManager) GetEntityTypeId() string

func (*MfaManager) GetEnv added in v0.22.46

func (self *MfaManager) GetEnv() Env

func (*MfaManager) GetProvisioningUrl added in v0.22.46

func (self *MfaManager) GetProvisioningUrl(mfa *Mfa) string

func (*MfaManager) GetStore added in v0.22.46

func (self *MfaManager) GetStore() boltz.CrudStore

func (*MfaManager) IsUpdated added in v0.22.46

func (self *MfaManager) IsUpdated(field string) bool

func (*MfaManager) ListWithHandler added in v0.22.46

func (self *MfaManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*MfaManager) Marshall added in v0.22.51

func (self *MfaManager) Marshall(entity *Mfa) ([]byte, error)

func (*MfaManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *MfaManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*MfaManager) PreparedListWithHandler added in v0.22.46

func (self *MfaManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*MfaManager) QrCodePng added in v0.22.46

func (self *MfaManager) QrCodePng(mfa *Mfa) ([]byte, error)

func (*MfaManager) Query added in v0.22.46

func (self *MfaManager) Query(query string) (*MfaListResult, error)

func (*MfaManager) Read added in v0.22.46

func (self *MfaManager) Read(id string) (*Mfa, error)

func (*MfaManager) ReadByIdentityId added in v0.22.46

func (self *MfaManager) ReadByIdentityId(identityId string) (*Mfa, error)

func (*MfaManager) RecreateRecoveryCodes added in v0.22.46

func (self *MfaManager) RecreateRecoveryCodes(mfa *Mfa) error

func (*MfaManager) Unmarshall added in v0.22.51

func (self *MfaManager) Unmarshall(bytes []byte) (*Mfa, error)

func (*MfaManager) Update added in v0.22.46

func (self *MfaManager) Update(entity *Mfa, checker fields.UpdatedFields) error

func (*MfaManager) Verify added in v0.22.46

func (self *MfaManager) Verify(mfa *Mfa, code string) (bool, error)

func (*MfaManager) VerifyTOTP added in v0.22.46

func (self *MfaManager) VerifyTOTP(mfa *Mfa, code string) (bool, error)

VerifyTOTP verifies TOTP values only, not recovery codes

type OperatingSystem added in v0.16.48

type OperatingSystem struct {
	OsType     string
	OsVersions []string
}

type OrFieldChecker

type OrFieldChecker struct {
	// contains filtered or unexported fields
}

func NewOrFieldChecker

func NewOrFieldChecker(checker boltz.FieldChecker, fields ...string) *OrFieldChecker

func (*OrFieldChecker) IsUpdated

func (checker *OrFieldChecker) IsUpdated(field string) bool

type PolicyAdvisor

type PolicyAdvisor struct {
	// contains filtered or unexported fields
}

func NewPolicyAdvisor

func NewPolicyAdvisor(env Env) *PolicyAdvisor

func (*PolicyAdvisor) AnalyzeServiceReachability

func (advisor *PolicyAdvisor) AnalyzeServiceReachability(identityId, serviceId string) (*AdvisorServiceReachability, error)
func (advisor *PolicyAdvisor) InspectIdentityEdgeRouterLinks(identityId, edgeRouterId string) (*AdvisorIdentityEdgeRouterLinks, error)
func (advisor *PolicyAdvisor) InspectIdentityServiceLinks(identityId, serviceId string) (*AdvisorIdentityServiceLinks, error)
func (advisor *PolicyAdvisor) InspectServiceEdgeRouterLinks(serviceId, edgeRouterId string) (*AdvisorServiceEdgeRouterLinks, error)

type PolicyPostureChecks added in v0.19.79

type PolicyPostureChecks struct {
	PostureChecks []*PostureCheck
	PolicyType    persistence.PolicyType
	PolicyName    string
}

type PostureCache added in v0.17.5

type PostureCache struct {
	events.EventEmmiter
	// contains filtered or unexported fields
}

func (*PostureCache) Add added in v0.17.5

func (pc *PostureCache) Add(identityId string, postureResponses []*PostureResponse)

func (*PostureCache) AddSessionRequestFailure added in v0.19.40

func (pc *PostureCache) AddSessionRequestFailure(identityId string, failure *PostureSessionRequestFailure)

func (*PostureCache) ApiSessionCreated added in v0.19.158

func (pc *PostureCache) ApiSessionCreated(args ...interface{})

func (*PostureCache) ApiSessionDeleted added in v0.19.158

func (pc *PostureCache) ApiSessionDeleted(args ...interface{})

func (*PostureCache) Evaluate added in v0.17.5

func (pc *PostureCache) Evaluate(identityId, apiSessionId string, postureChecks []*PostureCheck) (bool, []*PostureCheckFailure)

func (*PostureCache) IdentityDeleted added in v0.19.158

func (pc *PostureCache) IdentityDeleted(args ...interface{})

func (*PostureCache) PostureCheckChanged added in v0.20.35

func (pc *PostureCache) PostureCheckChanged(args ...interface{})

PostureCheckChanged notifies all associated identities that posture configuration has changed and that endpoints may need to reevaluate posture queries.

func (*PostureCache) PostureData added in v0.17.5

func (pc *PostureCache) PostureData(identityId string) *PostureData

PostureData returns a copy of the current posture data for an identity. Suitable for read only rendering. To alter/update posture data see Upsert.

func (*PostureCache) Upsert added in v0.19.158

func (pc *PostureCache) Upsert(identityId string, emitDataAltered bool, cb func(exist bool, valueInMap *PostureData, newValue *PostureData) *PostureData)

Upsert is a convenience function to alter the existing PostureData for an identity. If emitDataAltered is true, posture data listeners will be alerted: this will trigger service update notifications and posture check evaluation.

type PostureCheck added in v0.16.46

type PostureCheck struct {
	models.BaseEntity
	Name           string
	TypeId         string
	Version        int64
	RoleAttributes []string
	SubType        PostureCheckSubType
}

func (*PostureCheck) Evaluate added in v0.17.5

func (entity *PostureCheck) Evaluate(apiSessionId string, pd *PostureData) (bool, *PostureCheckFailure)

func (*PostureCheck) LastUpdatedAt added in v0.21.87

func (entity *PostureCheck) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

LastUpdatedAt returns the last time posture state changed for a specific posture check. If the posture state does not report changes, nil is returned.

func (*PostureCheck) TimeoutRemainingSeconds added in v0.19.168

func (entity *PostureCheck) TimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheck) TimeoutSeconds added in v0.19.158

func (entity *PostureCheck) TimeoutSeconds() int64

type PostureCheckDomains added in v0.19.40

type PostureCheckDomains struct {
	Domains []string
}

func (*PostureCheckDomains) ActualValue added in v0.19.40

func (p *PostureCheckDomains) ActualValue(_ string, pd *PostureData) interface{}

func (*PostureCheckDomains) Evaluate added in v0.19.40

func (p *PostureCheckDomains) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckDomains) ExpectedValue added in v0.19.40

func (p *PostureCheckDomains) ExpectedValue() interface{}

func (*PostureCheckDomains) FailureValues added in v0.19.40

func (*PostureCheckDomains) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckDomains) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckDomains) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckDomains) GetTimeoutSeconds() int64

func (*PostureCheckDomains) LastUpdatedAt added in v0.21.87

func (p *PostureCheckDomains) LastUpdatedAt(string, *PostureData) *time.Time

func (*PostureCheckDomains) TypeId added in v0.22.66

func (p *PostureCheckDomains) TypeId() string

type PostureCheckFailure added in v0.19.40

type PostureCheckFailure struct {
	PostureCheckId   string `json:"postureCheckId"`
	PostureCheckName string `json:"postureCheckName"`
	PostureCheckType string `json:"postureCheckType"`
	PostureCheckFailureValues
}

func (PostureCheckFailure) ToClientErrorData added in v0.19.40

func (self PostureCheckFailure) ToClientErrorData() interface{}

type PostureCheckFailureSubType added in v0.19.40

type PostureCheckFailureSubType interface {
	Value() interface{}
	Expected() interface{}
}

type PostureCheckFailureValues added in v0.19.40

type PostureCheckFailureValues interface {
	Expected() interface{}
	Actual() interface{}
}

type PostureCheckFailureValuesDomain added in v0.19.40

type PostureCheckFailureValuesDomain struct {
	ActualValue   string
	ExpectedValue []string
}

func (PostureCheckFailureValuesDomain) Actual added in v0.19.40

func (p PostureCheckFailureValuesDomain) Actual() interface{}

func (PostureCheckFailureValuesDomain) Expected added in v0.19.40

func (p PostureCheckFailureValuesDomain) Expected() interface{}

type PostureCheckFailureValuesMac added in v0.19.40

type PostureCheckFailureValuesMac struct {
	ActualValue   []string
	ExpectedValue []string
}

func (PostureCheckFailureValuesMac) Actual added in v0.19.40

func (p PostureCheckFailureValuesMac) Actual() interface{}

func (PostureCheckFailureValuesMac) Expected added in v0.19.40

func (p PostureCheckFailureValuesMac) Expected() interface{}

type PostureCheckFailureValuesMfa added in v0.19.40

type PostureCheckFailureValuesMfa struct {
	ActualValue   PostureCheckMfaValues
	ExpectedValue PostureCheckMfaValues
	Criteria      PostureCheckMfaCriteria
}

func (PostureCheckFailureValuesMfa) Actual added in v0.19.40

func (p PostureCheckFailureValuesMfa) Actual() interface{}

func (PostureCheckFailureValuesMfa) Expected added in v0.19.40

func (p PostureCheckFailureValuesMfa) Expected() interface{}

type PostureCheckFailureValuesOperatingSystem added in v0.19.40

type PostureCheckFailureValuesOperatingSystem struct {
	ActualValue   PostureResponseOs
	ExpectedValue []OperatingSystem
}

func (PostureCheckFailureValuesOperatingSystem) Actual added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Actual() interface{}

func (PostureCheckFailureValuesOperatingSystem) Expected added in v0.19.40

func (p PostureCheckFailureValuesOperatingSystem) Expected() interface{}

type PostureCheckFailureValuesProcess added in v0.19.40

type PostureCheckFailureValuesProcess struct {
	ActualValue   PostureResponseProcess
	ExpectedValue PostureCheckProcess
}

func (PostureCheckFailureValuesProcess) Actual added in v0.19.40

func (p PostureCheckFailureValuesProcess) Actual() interface{}

func (PostureCheckFailureValuesProcess) Expected added in v0.19.40

func (p PostureCheckFailureValuesProcess) Expected() interface{}

type PostureCheckFailureValuesProcessMulti added in v0.19.93

type PostureCheckFailureValuesProcessMulti struct {
	ActualValue   []PostureResponseProcess
	ExpectedValue PostureCheckProcessMulti
}

func (PostureCheckFailureValuesProcessMulti) Actual added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Actual() interface{}

func (PostureCheckFailureValuesProcessMulti) Expected added in v0.19.93

func (p PostureCheckFailureValuesProcessMulti) Expected() interface{}

type PostureCheckListResult added in v0.16.46

type PostureCheckListResult struct {
	PostureChecks []*PostureCheck
	models.QueryMetaData
	// contains filtered or unexported fields
}

type PostureCheckMacAddresses added in v0.16.48

type PostureCheckMacAddresses struct {
	MacAddresses []string
}

func (*PostureCheckMacAddresses) Evaluate added in v0.17.5

func (p *PostureCheckMacAddresses) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckMacAddresses) FailureValues added in v0.19.40

func (*PostureCheckMacAddresses) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMacAddresses) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckMacAddresses) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMacAddresses) GetTimeoutSeconds() int64

func (*PostureCheckMacAddresses) LastUpdatedAt added in v0.21.87

func (p *PostureCheckMacAddresses) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

func (*PostureCheckMacAddresses) TypeId added in v0.22.66

func (p *PostureCheckMacAddresses) TypeId() string

type PostureCheckManager added in v0.22.46

type PostureCheckManager struct {
	// contains filtered or unexported fields
}

func NewPostureCheckManager added in v0.22.46

func NewPostureCheckManager(env Env) *PostureCheckManager

func (*PostureCheckManager) ApplyCreate added in v0.22.65

func (*PostureCheckManager) ApplyDelete added in v0.22.46

func (self *PostureCheckManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*PostureCheckManager) ApplyUpdate added in v0.22.65

func (*PostureCheckManager) BaseList added in v0.22.46

func (self *PostureCheckManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckManager) BaseLoad added in v0.22.46

func (self *PostureCheckManager) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckManager) BaseLoadInTx added in v0.22.46

func (self *PostureCheckManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckManager) BasePreparedList added in v0.22.46

func (self *PostureCheckManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckManager) BasePreparedListIndexed added in v0.22.46

func (self *PostureCheckManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckManager) Create added in v0.22.46

func (self *PostureCheckManager) Create(entity *PostureCheck) error

func (*PostureCheckManager) Delete added in v0.22.46

func (self *PostureCheckManager) Delete(id string) error

func (*PostureCheckManager) Dispatch added in v0.22.46

func (self *PostureCheckManager) Dispatch(command command.Command) error

func (*PostureCheckManager) GetDb added in v0.22.46

func (self *PostureCheckManager) GetDb() boltz.Db

func (*PostureCheckManager) GetEntityTypeId added in v0.22.46

func (self *PostureCheckManager) GetEntityTypeId() string

func (*PostureCheckManager) GetEnv added in v0.22.46

func (self *PostureCheckManager) GetEnv() Env

func (*PostureCheckManager) GetStore added in v0.22.46

func (self *PostureCheckManager) GetStore() boltz.CrudStore

func (*PostureCheckManager) IsUpdated added in v0.22.46

func (self *PostureCheckManager) IsUpdated(field string) bool

func (*PostureCheckManager) ListWithHandler added in v0.22.46

func (self *PostureCheckManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*PostureCheckManager) Marshall added in v0.22.65

func (self *PostureCheckManager) Marshall(entity *PostureCheck) ([]byte, error)

func (*PostureCheckManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *PostureCheckManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*PostureCheckManager) PreparedListWithHandler added in v0.22.46

func (self *PostureCheckManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*PostureCheckManager) Query added in v0.22.46

func (self *PostureCheckManager) Query(query string) (*PostureCheckListResult, error)

func (*PostureCheckManager) QueryPostureChecks added in v0.22.46

func (self *PostureCheckManager) QueryPostureChecks(query ast.Query) (*PostureCheckListResult, error)

func (*PostureCheckManager) Read added in v0.22.46

func (self *PostureCheckManager) Read(id string) (*PostureCheck, error)

func (*PostureCheckManager) Unmarshall added in v0.22.65

func (self *PostureCheckManager) Unmarshall(bytes []byte) (*PostureCheck, error)

func (*PostureCheckManager) Update added in v0.22.46

func (self *PostureCheckManager) Update(entity *PostureCheck, checker fields.UpdatedFields) error

type PostureCheckMfa added in v0.17.52

type PostureCheckMfa struct {
	TimeoutSeconds        int64
	PromptOnWake          bool
	PromptOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

func (*PostureCheckMfa) Evaluate added in v0.17.52

func (p *PostureCheckMfa) Evaluate(apiSessionId string, pd *PostureData) bool

func (*PostureCheckMfa) FailureValues added in v0.19.40

func (p *PostureCheckMfa) FailureValues(apiSessionId string, pd *PostureData) PostureCheckFailureValues

func (*PostureCheckMfa) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckMfa) GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

func (*PostureCheckMfa) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckMfa) GetTimeoutSeconds() int64

func (*PostureCheckMfa) IsLegacyClient added in v0.19.158

func (p *PostureCheckMfa) IsLegacyClient(apiSessionData *ApiSessionPostureData) bool

func (*PostureCheckMfa) LastUpdatedAt added in v0.21.87

func (p *PostureCheckMfa) LastUpdatedAt(apiSessionId string, pd *PostureData) *time.Time

func (*PostureCheckMfa) PassedOnUnlock added in v0.19.158

func (p *PostureCheckMfa) PassedOnUnlock(apiSessionData *ApiSessionPostureData, now time.Time) bool

func (*PostureCheckMfa) PassedOnWake added in v0.19.158

func (p *PostureCheckMfa) PassedOnWake(apiSessionData *ApiSessionPostureData, now time.Time) bool

func (*PostureCheckMfa) TypeId added in v0.22.66

func (p *PostureCheckMfa) TypeId() string

type PostureCheckMfaCriteria added in v0.21.82

type PostureCheckMfaCriteria struct {
	PassedMfaAt             *time.Time
	WokenAt                 *time.Time
	UnlockedAt              *time.Time
	TimeoutSeconds          int64
	TimeoutRemainingSeconds int64
}

type PostureCheckMfaValues added in v0.19.158

type PostureCheckMfaValues struct {
	TimedOutSeconds       bool
	PassedMfa             bool
	PassedOnWake          bool
	PassedOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

type PostureCheckOperatingSystem added in v0.16.48

type PostureCheckOperatingSystem struct {
	OperatingSystems []OperatingSystem
}

func (*PostureCheckOperatingSystem) Evaluate added in v0.17.5

func (p *PostureCheckOperatingSystem) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckOperatingSystem) FailureValues added in v0.19.40

func (*PostureCheckOperatingSystem) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckOperatingSystem) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckOperatingSystem) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckOperatingSystem) GetTimeoutSeconds() int64

func (*PostureCheckOperatingSystem) LastUpdatedAt added in v0.21.87

func (p *PostureCheckOperatingSystem) LastUpdatedAt(id string, pd *PostureData) *time.Time

func (*PostureCheckOperatingSystem) TypeId added in v0.22.66

func (p *PostureCheckOperatingSystem) TypeId() string

type PostureCheckProcess added in v0.16.48

type PostureCheckProcess struct {
	PostureCheckId string
	OsType         string
	Path           string
	Hashes         []string
	Fingerprint    string
}

func (*PostureCheckProcess) Evaluate added in v0.17.5

func (p *PostureCheckProcess) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcess) FailureValues added in v0.19.40

func (*PostureCheckProcess) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcess) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcess) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcess) GetTimeoutSeconds() int64

func (*PostureCheckProcess) LastUpdatedAt added in v0.21.87

func (p *PostureCheckProcess) LastUpdatedAt(id string, pd *PostureData) *time.Time

func (*PostureCheckProcess) TypeId added in v0.22.66

func (p *PostureCheckProcess) TypeId() string

type PostureCheckProcessMulti added in v0.19.93

type PostureCheckProcessMulti struct {
	PostureCheckId string
	Semantic       string
	Processes      []*ProcessMulti
}

func (*PostureCheckProcessMulti) Evaluate added in v0.19.93

func (p *PostureCheckProcessMulti) Evaluate(_ string, pd *PostureData) bool

func (*PostureCheckProcessMulti) FailureValues added in v0.19.93

func (*PostureCheckProcessMulti) GetTimeoutRemainingSeconds added in v0.19.168

func (p *PostureCheckProcessMulti) GetTimeoutRemainingSeconds(_ string, _ *PostureData) int64

func (*PostureCheckProcessMulti) GetTimeoutSeconds added in v0.19.158

func (p *PostureCheckProcessMulti) GetTimeoutSeconds() int64

func (*PostureCheckProcessMulti) LastUpdatedAt added in v0.21.87

func (p *PostureCheckProcessMulti) LastUpdatedAt(string, *PostureData) *time.Time

func (*PostureCheckProcessMulti) TypeId added in v0.22.66

func (p *PostureCheckProcessMulti) TypeId() string

type PostureCheckSubType added in v0.16.48

type PostureCheckSubType interface {
	TypeId() string

	Evaluate(apiSessionId string, pd *PostureData) bool
	FailureValues(_ string, pd *PostureData) PostureCheckFailureValues
	GetTimeoutSeconds() int64
	GetTimeoutRemainingSeconds(apiSessionId string, pd *PostureData) int64

	// LastUpdatedAt returns the last time the posture state changed or nil if not supported.
	LastUpdatedAt(id string, pd *PostureData) *time.Time
	// contains filtered or unexported methods
}

type PostureCheckType added in v0.16.48

type PostureCheckType struct {
	models.BaseEntity
	Name             string
	OperatingSystems []OperatingSystem
}

type PostureCheckTypeManager added in v0.22.46

type PostureCheckTypeManager struct {
	// contains filtered or unexported fields
}

func NewPostureCheckTypeManager added in v0.22.46

func NewPostureCheckTypeManager(env Env) *PostureCheckTypeManager

func (*PostureCheckTypeManager) ApplyDelete added in v0.22.46

func (self *PostureCheckTypeManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*PostureCheckTypeManager) BaseList added in v0.22.46

func (self *PostureCheckTypeManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckTypeManager) BaseLoad added in v0.22.46

func (self *PostureCheckTypeManager) BaseLoad(id string) (models.Entity, error)

func (*PostureCheckTypeManager) BaseLoadInTx added in v0.22.46

func (self *PostureCheckTypeManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*PostureCheckTypeManager) BasePreparedList added in v0.22.46

func (self *PostureCheckTypeManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckTypeManager) BasePreparedListIndexed added in v0.22.46

func (self *PostureCheckTypeManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*PostureCheckTypeManager) Delete added in v0.22.46

func (self *PostureCheckTypeManager) Delete(id string) error

func (*PostureCheckTypeManager) Dispatch added in v0.22.46

func (self *PostureCheckTypeManager) Dispatch(command command.Command) error

func (*PostureCheckTypeManager) GetDb added in v0.22.46

func (self *PostureCheckTypeManager) GetDb() boltz.Db

func (*PostureCheckTypeManager) GetEntityTypeId added in v0.22.46

func (self *PostureCheckTypeManager) GetEntityTypeId() string

func (*PostureCheckTypeManager) GetEnv added in v0.22.46

func (self *PostureCheckTypeManager) GetEnv() Env

func (*PostureCheckTypeManager) GetStore added in v0.22.46

func (self *PostureCheckTypeManager) GetStore() boltz.CrudStore

func (*PostureCheckTypeManager) ListWithHandler added in v0.22.46

func (self *PostureCheckTypeManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*PostureCheckTypeManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *PostureCheckTypeManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*PostureCheckTypeManager) PreparedListWithHandler added in v0.22.46

func (self *PostureCheckTypeManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*PostureCheckTypeManager) Read added in v0.22.46

func (*PostureCheckTypeManager) ReadByName added in v0.22.46

func (self *PostureCheckTypeManager) ReadByName(name string) (*PostureCheckType, error)

type PostureData added in v0.17.5

type PostureData struct {
	Mac                    PostureResponseMac
	Domain                 PostureResponseDomain
	Os                     PostureResponseOs
	Processes              []*PostureResponseProcess
	ProcessPathMap         map[string]*PostureResponseProcess
	ApiSessions            map[string]*ApiSessionPostureData
	SessionRequestFailures []*PostureSessionRequestFailure
}

func (*PostureData) Copy added in v0.20.24

func (pd *PostureData) Copy() *PostureData

func (*PostureData) Evaluate added in v0.17.5

func (pd *PostureData) Evaluate(apiSessionId string, checks []*PostureCheck) (bool, []*PostureCheckFailure)

type PosturePolicyFailure added in v0.19.40

type PosturePolicyFailure struct {
	PolicyId   string
	PolicyName string
	Checks     []*PostureCheckFailure
}

type PostureResponse added in v0.17.5

type PostureResponse struct {
	PostureCheckId string
	TypeId         string
	TimedOut       bool
	LastUpdatedAt  time.Time
	SubType        PostureResponseSubType
}

func (*PostureResponse) Apply added in v0.17.5

func (pr *PostureResponse) Apply(postureData *PostureData)

type PostureResponseDomain added in v0.17.5

type PostureResponseDomain struct {
	*PostureResponse
	Name string `json:"name"`
}

func (*PostureResponseDomain) Apply added in v0.17.5

func (pr *PostureResponseDomain) Apply(postureData *PostureData)

type PostureResponseEndpointState added in v0.19.158

type PostureResponseEndpointState struct {
	*PostureResponse
	ApiSessionId string
	WokenAt      *time.Time
	UnlockedAt   *time.Time
}

func (*PostureResponseEndpointState) Apply added in v0.19.158

func (pr *PostureResponseEndpointState) Apply(postureData *PostureData)

type PostureResponseMac added in v0.17.5

type PostureResponseMac struct {
	*PostureResponse
	Addresses []string `json:"addresses"`
}

func (*PostureResponseMac) Apply added in v0.17.5

func (pr *PostureResponseMac) Apply(postureData *PostureData)

type PostureResponseManager added in v0.22.46

type PostureResponseManager struct {
	// contains filtered or unexported fields
}

func NewPostureResponseManager added in v0.22.46

func NewPostureResponseManager(env Env) *PostureResponseManager

func (*PostureResponseManager) AddPostureDataListener added in v0.22.46

func (self *PostureResponseManager) AddPostureDataListener(cb func(env Env, identityId string))

func (*PostureResponseManager) Create added in v0.22.46

func (self *PostureResponseManager) Create(identityId string, postureResponses []*PostureResponse)

func (*PostureResponseManager) Evaluate added in v0.22.46

func (self *PostureResponseManager) Evaluate(identityId, apiSessionId string, check *PostureCheck) (bool, *PostureCheckFailure)

func (*PostureResponseManager) GetEndpointStateChangeAffectedServices added in v0.22.46

func (self *PostureResponseManager) GetEndpointStateChangeAffectedServices(timeSinceLastMfa, gracePeriod time.Duration, onWake bool, onUnlock bool) []*ServiceWithTimeout

func (*PostureResponseManager) PostureData added in v0.22.46

func (self *PostureResponseManager) PostureData(id string) *PostureData

func (*PostureResponseManager) SetMfaPosture added in v0.22.46

func (self *PostureResponseManager) SetMfaPosture(identityId string, apiSessionId string, isPassed bool)

SetMfaPosture sets the MFA passing status a specific API Session owned by an identity

func (*PostureResponseManager) SetMfaPostureForIdentity added in v0.22.46

func (self *PostureResponseManager) SetMfaPostureForIdentity(identityId string, isPassed bool)

SetMfaPostureForIdentity sets the MFA passing status for all API Sessions associated to an identity

func (*PostureResponseManager) SetSdkInfo added in v0.22.46

func (self *PostureResponseManager) SetSdkInfo(identityId, apiSessionId string, sdkInfo *SdkInfo)

type PostureResponseMfa added in v0.17.52

type PostureResponseMfa struct {
	*PostureResponse
	ApiSessionId string     `json:"-"`
	PassedMfaAt  *time.Time `json:"passedMfaAt"`
}

func (*PostureResponseMfa) Apply added in v0.17.52

func (pr *PostureResponseMfa) Apply(postureData *PostureData)

type PostureResponseOs added in v0.17.5

type PostureResponseOs struct {
	*PostureResponse
	Type    string `json:"type"`
	Version string `json:"version"`
	Build   string `json:"build"`
}

func (*PostureResponseOs) Apply added in v0.17.5

func (pr *PostureResponseOs) Apply(postureData *PostureData)

type PostureResponseProcess added in v0.17.5

type PostureResponseProcess struct {
	*PostureResponse
	Path               string
	IsRunning          bool
	BinaryHash         string
	SignerFingerprints []string
}

func (*PostureResponseProcess) Apply added in v0.17.5

func (pr *PostureResponseProcess) Apply(postureData *PostureData)

func (*PostureResponseProcess) VerifyMultiCriteria added in v0.19.93

func (pr *PostureResponseProcess) VerifyMultiCriteria(process *ProcessMulti) bool

type PostureResponseSubType added in v0.17.5

type PostureResponseSubType interface {
	Apply(postureData *PostureData)
}

type PostureSessionData added in v0.19.158

type PostureSessionData struct {
	MfaTimeout int64
}

type PostureSessionRequestFailure added in v0.19.40

type PostureSessionRequestFailure struct {
	When           time.Time
	ServiceId      string
	ServiceName    string
	SessionType    string
	PolicyFailures []*PosturePolicyFailure
	ApiSessionId   string
}

type ProcessMulti added in v0.19.93

type ProcessMulti struct {
	OsType             string
	Path               string
	Hashes             []string
	SignerFingerprints []string
}

type ReplaceEnrollmentWithAuthenticatorCmd added in v0.22.53

type ReplaceEnrollmentWithAuthenticatorCmd struct {
	// contains filtered or unexported fields
}

func (*ReplaceEnrollmentWithAuthenticatorCmd) Apply added in v0.22.53

func (*ReplaceEnrollmentWithAuthenticatorCmd) Decode added in v0.22.53

func (*ReplaceEnrollmentWithAuthenticatorCmd) Encode added in v0.22.53

func (self *ReplaceEnrollmentWithAuthenticatorCmd) Encode() ([]byte, error)

type Schemas

type Schemas interface {
	GetEnrollErPost() *gojsonschema.Schema
	GetEnrollUpdbPost() *gojsonschema.Schema
}

type SdkInfo

type SdkInfo struct {
	AppId      string
	AppVersion string
	Branch     string
	Revision   string
	Type       string
	Version    string
}

type Service

type Service struct {
	models.BaseEntity
	Name               string   `json:"name"`
	TerminatorStrategy string   `json:"terminatorStrategy"`
	RoleAttributes     []string `json:"roleAttributes"`
	Configs            []string `json:"configs"`
	EncryptionRequired bool     `json:"encryptionRequired"`
}

type ServiceConfig

type ServiceConfig struct {
	Service string
	Config  string
}

type ServiceDetail

type ServiceDetail struct {
	models.BaseEntity
	Name               string                            `json:"name"`
	TerminatorStrategy string                            `json:"terminatorStrategy"`
	RoleAttributes     []string                          `json:"roleAttributes"`
	Permissions        []string                          `json:"permissions"`
	Configs            []string                          `json:"configs"`
	Config             map[string]map[string]interface{} `json:"config"`
	EncryptionRequired bool                              `json:"encryptionRequired"`
}

type ServiceEdgeRouterPolicy

type ServiceEdgeRouterPolicy struct {
	models.BaseEntity
	Name            string
	Semantic        string
	ServiceRoles    []string
	EdgeRouterRoles []string
}

type ServiceEdgeRouterPolicyManager added in v0.22.44

type ServiceEdgeRouterPolicyManager struct {
	// contains filtered or unexported fields
}

func NewServiceEdgeRouterPolicyManager added in v0.22.44

func NewServiceEdgeRouterPolicyManager(env Env) *ServiceEdgeRouterPolicyManager

func (*ServiceEdgeRouterPolicyManager) ApplyCreate added in v0.22.44

func (*ServiceEdgeRouterPolicyManager) ApplyDelete added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ServiceEdgeRouterPolicyManager) ApplyUpdate added in v0.22.44

func (*ServiceEdgeRouterPolicyManager) BaseList added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ServiceEdgeRouterPolicyManager) BaseLoad added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) BaseLoad(id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyManager) BaseLoadInTx added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServiceEdgeRouterPolicyManager) BasePreparedList added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ServiceEdgeRouterPolicyManager) BasePreparedListIndexed added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ServiceEdgeRouterPolicyManager) Create added in v0.22.44

func (*ServiceEdgeRouterPolicyManager) Delete added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) Delete(id string) error

func (*ServiceEdgeRouterPolicyManager) Dispatch added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) Dispatch(command command.Command) error

func (*ServiceEdgeRouterPolicyManager) GetDb added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) GetDb() boltz.Db

func (*ServiceEdgeRouterPolicyManager) GetEntityTypeId added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) GetEntityTypeId() string

func (*ServiceEdgeRouterPolicyManager) GetEnv added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) GetEnv() Env

func (*ServiceEdgeRouterPolicyManager) GetStore added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) GetStore() boltz.CrudStore

func (*ServiceEdgeRouterPolicyManager) ListWithHandler added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ServiceEdgeRouterPolicyManager) Marshall added in v0.22.44

func (*ServiceEdgeRouterPolicyManager) PreparedListAssociatedWithHandler added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ServiceEdgeRouterPolicyManager) PreparedListWithHandler added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ServiceEdgeRouterPolicyManager) Read added in v0.22.44

func (*ServiceEdgeRouterPolicyManager) Unmarshall added in v0.22.44

func (self *ServiceEdgeRouterPolicyManager) Unmarshall(bytes []byte) (*ServiceEdgeRouterPolicy, error)

func (*ServiceEdgeRouterPolicyManager) Update added in v0.22.44

type ServiceListResult

type ServiceListResult struct {
	Services []*ServiceDetail

	models.QueryMetaData
	// contains filtered or unexported fields
}

type ServicePolicy

type ServicePolicy struct {
	models.BaseEntity
	Name              string
	PolicyType        string
	Semantic          string
	IdentityRoles     []string
	ServiceRoles      []string
	PostureCheckRoles []string
}

type ServicePolicyManager added in v0.22.44

type ServicePolicyManager struct {
	// contains filtered or unexported fields
}

func NewServicePolicyManager added in v0.22.44

func NewServicePolicyManager(env Env) *ServicePolicyManager

func (*ServicePolicyManager) ApplyCreate added in v0.22.44

func (*ServicePolicyManager) ApplyDelete added in v0.22.44

func (self *ServicePolicyManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*ServicePolicyManager) ApplyUpdate added in v0.22.44

func (*ServicePolicyManager) BaseList added in v0.22.44

func (self *ServicePolicyManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*ServicePolicyManager) BaseLoad added in v0.22.44

func (self *ServicePolicyManager) BaseLoad(id string) (models.Entity, error)

func (*ServicePolicyManager) BaseLoadInTx added in v0.22.44

func (self *ServicePolicyManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*ServicePolicyManager) BasePreparedList added in v0.22.44

func (self *ServicePolicyManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ServicePolicyManager) BasePreparedListIndexed added in v0.22.44

func (self *ServicePolicyManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*ServicePolicyManager) Create added in v0.22.44

func (self *ServicePolicyManager) Create(entity *ServicePolicy) error

func (*ServicePolicyManager) Delete added in v0.22.44

func (self *ServicePolicyManager) Delete(id string) error

func (*ServicePolicyManager) Dispatch added in v0.22.44

func (self *ServicePolicyManager) Dispatch(command command.Command) error

func (*ServicePolicyManager) GetDb added in v0.22.44

func (self *ServicePolicyManager) GetDb() boltz.Db

func (*ServicePolicyManager) GetEntityTypeId added in v0.22.44

func (self *ServicePolicyManager) GetEntityTypeId() string

func (*ServicePolicyManager) GetEnv added in v0.22.44

func (self *ServicePolicyManager) GetEnv() Env

func (*ServicePolicyManager) GetStore added in v0.22.44

func (self *ServicePolicyManager) GetStore() boltz.CrudStore

func (*ServicePolicyManager) ListWithHandler added in v0.22.44

func (self *ServicePolicyManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*ServicePolicyManager) Marshall added in v0.22.44

func (self *ServicePolicyManager) Marshall(entity *ServicePolicy) ([]byte, error)

func (*ServicePolicyManager) PreparedListAssociatedWithHandler added in v0.22.44

func (self *ServicePolicyManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*ServicePolicyManager) PreparedListWithHandler added in v0.22.44

func (self *ServicePolicyManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*ServicePolicyManager) Read added in v0.22.44

func (self *ServicePolicyManager) Read(id string) (*ServicePolicy, error)

func (*ServicePolicyManager) Unmarshall added in v0.22.44

func (self *ServicePolicyManager) Unmarshall(bytes []byte) (*ServicePolicy, error)

func (*ServicePolicyManager) Update added in v0.22.44

func (self *ServicePolicyManager) Update(entity *ServicePolicy, checker fields.UpdatedFields) error

type ServiceWithTimeout added in v0.20.35

type ServiceWithTimeout struct {
	Service *Service
	Timeout int64
}

type Session

type Session struct {
	models.BaseEntity
	Token           string
	IdentityId      string
	ApiSessionId    string
	ServiceId       string
	Type            string
	SessionCerts    []*SessionCert
	ServicePolicies []string
}

type SessionCert

type SessionCert struct {
	Cert        string
	Fingerprint string
	ValidFrom   time.Time
	ValidTo     time.Time
}

func (*SessionCert) FillFrom

func (entity *SessionCert) FillFrom(_ EntityManager, _ *bbolt.Tx, boltEntity boltz.Entity) error

type SessionListResult

type SessionListResult struct {
	Sessions []*Session
	models.QueryMetaData
	// contains filtered or unexported fields
}

type SessionManager added in v0.22.46

type SessionManager struct {
	// contains filtered or unexported fields
}

func NewSessionManager added in v0.22.46

func NewSessionManager(env Env) *SessionManager

func (*SessionManager) ApplyDelete added in v0.22.46

func (self *SessionManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*SessionManager) BaseList added in v0.22.46

func (self *SessionManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*SessionManager) BaseLoad added in v0.22.46

func (self *SessionManager) BaseLoad(id string) (models.Entity, error)

func (*SessionManager) BaseLoadInTx added in v0.22.46

func (self *SessionManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*SessionManager) BasePreparedList added in v0.22.46

func (self *SessionManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*SessionManager) BasePreparedListIndexed added in v0.22.46

func (self *SessionManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*SessionManager) Create added in v0.22.46

func (self *SessionManager) Create(entity *Session) (string, error)

func (*SessionManager) Delete added in v0.22.46

func (self *SessionManager) Delete(id string) error

func (*SessionManager) DeleteForIdentity added in v0.22.46

func (self *SessionManager) DeleteForIdentity(id, identityId string) error

func (*SessionManager) Dispatch added in v0.22.46

func (self *SessionManager) Dispatch(command command.Command) error

func (*SessionManager) EvaluatePostureForService added in v0.22.46

func (self *SessionManager) EvaluatePostureForService(identityId, apiSessionId, sessionType, serviceId, serviceName string) *SessionPostureResult

func (*SessionManager) GetDb added in v0.22.46

func (self *SessionManager) GetDb() boltz.Db

func (*SessionManager) GetEntityTypeId added in v0.22.46

func (self *SessionManager) GetEntityTypeId() string

func (*SessionManager) GetEnv added in v0.22.46

func (self *SessionManager) GetEnv() Env

func (*SessionManager) GetStore added in v0.22.46

func (self *SessionManager) GetStore() boltz.CrudStore

func (*SessionManager) ListSessionsForEdgeRouter added in v0.22.46

func (self *SessionManager) ListSessionsForEdgeRouter(edgeRouterId string) (*SessionListResult, error)

func (*SessionManager) ListWithHandler added in v0.22.46

func (self *SessionManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*SessionManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *SessionManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*SessionManager) PreparedListWithHandler added in v0.22.46

func (self *SessionManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*SessionManager) PublicQueryForIdentity added in v0.22.46

func (self *SessionManager) PublicQueryForIdentity(sessionIdentity *Identity, query ast.Query) (*SessionListResult, error)

func (*SessionManager) Query added in v0.22.46

func (self *SessionManager) Query(query string) (*SessionListResult, error)

func (*SessionManager) Read added in v0.22.46

func (self *SessionManager) Read(id string) (*Session, error)

func (*SessionManager) ReadByToken added in v0.22.46

func (self *SessionManager) ReadByToken(token string) (*Session, error)

func (*SessionManager) ReadForIdentity added in v0.22.46

func (self *SessionManager) ReadForIdentity(id string, identityId string) (*Session, error)

func (*SessionManager) ReadSessionCerts added in v0.22.46

func (self *SessionManager) ReadSessionCerts(sessionId string) ([]*SessionCert, error)

type SessionPostureResult added in v0.20.35

type SessionPostureResult struct {
	Passed           bool
	Failure          *PostureSessionRequestFailure
	PassingPolicyIds []string
	Cause            *fabricApiError.GenericCauseError
}

type TestContext

type TestContext struct {
	*persistence.TestContext
	// contains filtered or unexported fields
}

func NewTestContext added in v0.20.36

func NewTestContext(t *testing.T) *TestContext

func (*TestContext) Cleanup

func (ctx *TestContext) Cleanup()

func (*TestContext) Generate

func (ctx *TestContext) Generate(string, string, jwt.MapClaims) (string, error)

func (*TestContext) GetApiClientCsrSigner

func (ctx *TestContext) GetApiClientCsrSigner() cert.Signer

func (*TestContext) GetApiServerCsrSigner

func (ctx *TestContext) GetApiServerCsrSigner() cert.Signer

func (*TestContext) GetAuthRegistry

func (ctx *TestContext) GetAuthRegistry() AuthRegistry

func (*TestContext) GetConfig

func (ctx *TestContext) GetConfig() *config.Config

func (*TestContext) GetControlClientCsrSigner

func (ctx *TestContext) GetControlClientCsrSigner() cert.Signer

func (*TestContext) GetEnrollRegistry

func (ctx *TestContext) GetEnrollRegistry() EnrollmentRegistry

func (*TestContext) GetFingerprintGenerator added in v0.17.30

func (ctx *TestContext) GetFingerprintGenerator() cert.FingerprintGenerator

func (*TestContext) GetHostController

func (ctx *TestContext) GetHostController() HostController

func (*TestContext) GetJwtSigner added in v0.19.109

func (ctx *TestContext) GetJwtSigner() jwtsigner.Signer

func (*TestContext) GetManagers added in v0.21.235

func (ctx *TestContext) GetManagers() *Managers

func (*TestContext) GetMetricsRegistry added in v0.16.0

func (ctx *TestContext) GetMetricsRegistry() metrics.Registry

func (*TestContext) GetSchemas

func (ctx *TestContext) GetSchemas() Schemas

func (*TestContext) HandleServiceUpdatedEventForIdentityId added in v0.19.46

func (ctx *TestContext) HandleServiceUpdatedEventForIdentityId(identityId string)

func (*TestContext) Init

func (ctx *TestContext) Init()

func (*TestContext) InitWithDbFile added in v0.20.110

func (ctx *TestContext) InitWithDbFile(dbPath string)

func (*TestContext) IsEdgeRouterOnline

func (ctx *TestContext) IsEdgeRouterOnline(string) bool

type TransitRouter

type TransitRouter struct {
	models.BaseEntity
	Name                  string
	Fingerprint           *string
	IsVerified            bool
	IsBase                bool
	UnverifiedFingerprint *string
	UnverifiedCertPem     *string
	Cost                  uint16
	NoTraversal           bool
}

type TransitRouterManager added in v0.22.46

type TransitRouterManager struct {
	// contains filtered or unexported fields
}

func NewTransitRouterManager added in v0.22.46

func NewTransitRouterManager(env Env) *TransitRouterManager

func (*TransitRouterManager) ApplyCreate added in v0.22.59

func (self *TransitRouterManager) ApplyCreate(cmd *CreateTransitRouterCmd) error

func (*TransitRouterManager) ApplyDelete added in v0.22.46

func (self *TransitRouterManager) ApplyDelete(cmd *command.DeleteEntityCommand) error

func (*TransitRouterManager) ApplyUpdate added in v0.22.59

func (*TransitRouterManager) BaseList added in v0.22.46

func (self *TransitRouterManager) BaseList(query string) (*models.EntityListResult[models.Entity], error)

func (*TransitRouterManager) BaseLoad added in v0.22.46

func (self *TransitRouterManager) BaseLoad(id string) (models.Entity, error)

func (*TransitRouterManager) BaseLoadInTx added in v0.22.46

func (self *TransitRouterManager) BaseLoadInTx(tx *bbolt.Tx, id string) (models.Entity, error)

func (*TransitRouterManager) BasePreparedList added in v0.22.46

func (self *TransitRouterManager) BasePreparedList(query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*TransitRouterManager) BasePreparedListIndexed added in v0.22.46

func (self *TransitRouterManager) BasePreparedListIndexed(cursorProvider ast.SetCursorProvider, query ast.Query) (*models.EntityListResult[models.Entity], error)

func (*TransitRouterManager) CollectEnrollments added in v0.22.46

func (self *TransitRouterManager) CollectEnrollments(id string, collector func(entity *Enrollment) error) error

func (*TransitRouterManager) Create added in v0.22.46

func (self *TransitRouterManager) Create(txRouter *TransitRouter) error

func (*TransitRouterManager) Delete added in v0.22.46

func (self *TransitRouterManager) Delete(id string) error

func (*TransitRouterManager) Dispatch added in v0.22.46

func (self *TransitRouterManager) Dispatch(command command.Command) error

func (*TransitRouterManager) ExtendEnrollment added in v0.22.46

func (self *TransitRouterManager) ExtendEnrollment(router *TransitRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*TransitRouterManager) ExtendEnrollmentVerify added in v0.22.46

func (self *TransitRouterManager) ExtendEnrollmentVerify(router *TransitRouter) error

func (*TransitRouterManager) ExtendEnrollmentWithVerify added in v0.22.46

func (self *TransitRouterManager) ExtendEnrollmentWithVerify(router *TransitRouter, clientCsrPem []byte, serverCertCsrPem []byte) (*ExtendedCerts, error)

func (*TransitRouterManager) GetDb added in v0.22.46

func (self *TransitRouterManager) GetDb() boltz.Db

func (*TransitRouterManager) GetEntityTypeId added in v0.22.46

func (self *TransitRouterManager) GetEntityTypeId() string

func (*TransitRouterManager) GetEnv added in v0.22.46

func (self *TransitRouterManager) GetEnv() Env

func (*TransitRouterManager) GetStore added in v0.22.46

func (self *TransitRouterManager) GetStore() boltz.CrudStore

func (*TransitRouterManager) ListWithHandler added in v0.22.46

func (self *TransitRouterManager) ListWithHandler(queryString string, resultHandler models.ListResultHandler) error

func (*TransitRouterManager) Marshall added in v0.22.59

func (self *TransitRouterManager) Marshall(entity *TransitRouter) ([]byte, error)

func (*TransitRouterManager) PreparedListAssociatedWithHandler added in v0.22.46

func (self *TransitRouterManager) PreparedListAssociatedWithHandler(id string, association string, query ast.Query, handler models.ListResultHandler) error

func (*TransitRouterManager) PreparedListWithHandler added in v0.22.46

func (self *TransitRouterManager) PreparedListWithHandler(query ast.Query, resultHandler models.ListResultHandler) error

func (*TransitRouterManager) ProtobufToTransitRouter added in v0.22.59

func (self *TransitRouterManager) ProtobufToTransitRouter(msg *edge_cmd_pb.TransitRouter) (*TransitRouter, error)

func (*TransitRouterManager) Read added in v0.22.46

func (self *TransitRouterManager) Read(id string) (*TransitRouter, error)

func (*TransitRouterManager) ReadOneByFingerprint added in v0.22.46

func (self *TransitRouterManager) ReadOneByFingerprint(fingerprint string) (*TransitRouter, error)

func (*TransitRouterManager) ReadOneByQuery added in v0.22.46

func (self *TransitRouterManager) ReadOneByQuery(query string) (*TransitRouter, error)

func (*TransitRouterManager) ReadOneByUnverifiedFingerprint added in v0.22.46

func (self *TransitRouterManager) ReadOneByUnverifiedFingerprint(fingerprint string) (*TransitRouter, error)

func (*TransitRouterManager) TransitRouterToProtobuf added in v0.22.59

func (self *TransitRouterManager) TransitRouterToProtobuf(entity *TransitRouter) (*edge_cmd_pb.TransitRouter, error)

func (*TransitRouterManager) Unmarshall added in v0.22.59

func (self *TransitRouterManager) Unmarshall(bytes []byte) (*TransitRouter, error)

func (*TransitRouterManager) Update added in v0.22.46

func (self *TransitRouterManager) Update(entity *TransitRouter, unrestricted bool, checker fields.UpdatedFields) error

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL