ziti

package
v0.20.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 4, 2023 License: Apache-2.0 Imports: 53 Imported by: 86

Documentation

Overview

Package ziti provides methods for loading Contexts which interact with an OpenZiti Controller via the Edge Client API to bind (host) services or dial (connect) to services.

Each context is required to authenticate with the Edge Client API via Credentials instance. Credentials come in the form of identity files, username/password, JWTs, and more.

Identity files specified in `ZITI_IDENTITIES` environment variable (semicolon separates) are loaded automatically at startup to populate the DefaultCollection. This behavior is deprecated, and explicit usage of an CtxCollection is suggested. This behavior can be replicated via NewSdkCollectionFromEnv().

Index

Constants

View Source 
const (
	PrecedenceDefault  Precedence = 0
	PrecedenceRequired Precedence = 1
	PrecedenceFailed   Precedence = 2

	PrecedenceDefaultLabel  = string(rest_model.TerminatorPrecedenceDefault)
	PrecedenceRequiredLabel = string(rest_model.TerminatorPrecedenceRequired)
	PrecedenceFailedLabel   = string(rest_model.TerminatorPrecedenceFailed)
)
View Source 
const (
	LatencyCheckInterval = 30 * time.Second
	LatencyCheckTimeout  = 10 * time.Second

	ClientConfigV1 = "ziti-tunneler-client.v1"
	InterceptV1    = "intercept.v1"

	SessionDial = rest_model.DialBindDial
	SessionBind = rest_model.DialBindBind
)
View Source 
const IdentitiesEnv = "ZITI_IDENTITIES"

IdentitiesEnv is the string environment variable that is used to load identity files to populate DefaultCollection

Variables

View Source 
var DefaultOptions = &Options{
	RefreshInterval: 5 * time.Minute,
	OnServiceUpdate: nil,
}
View Source 
var EnrollUrl, _ = url.Parse("/edge/client/v1/enroll")

Functions

func ForAllContexts deprecated added in v0.17.0 

func ForAllContexts(f func(ctx Context) bool)

Deprecated: ForAllContexts iterates over all Context instances in the DefaultCollection and call the provided function `f`. Usage of the DefaultCollection is advised against, and if this functionality is needed, implementations should instantiate their own CtxCollection via NewSdkCollection() or NewSdkCollectionFromEnv()

func GetControllerWellKnownCaPool added in v0.20.0 

func GetControllerWellKnownCaPool(controllerAddr string) (*x509.CertPool, error)

GetControllerWellKnownCaPool will return a x509.CertPool. The target controller will not be verified via TLS and must be verified by some other means (i.e. enrollment JWT token).

func NewId added in v0.20.7 

func NewId() string

NewId will return a unique string id suitable for ziti.Context Id functionality.

Types

type Config added in v0.20.0 

type Config struct {
	//ZtAPI should be in the form of https://<domain>[:<port>]/edge/client/v1
	ZtAPI string `json:"ztAPI"`

	//ConfigTypes is an array of string configuration types that will be requested from the controller
	//for services.
	ConfigTypes []string `json:"configTypes"`

	//The ID field allows configurations is maintained for backwards compatability with previous SDK versions.
	//If set, it will be used to set the Credentials field.
	ID identity.Config `json:"id"`

	//The Credentials field is used to authenticate with the Edge Client API. If the ID field is set, it will be used
	//to populate this field with credentials.
	Credentials apis.Credentials `json:"-"`
}

func NewConfig added in v0.20.0 

func NewConfig(ztApi string, idConfig identity.Config) *Config

NewConfig will create a new Config object from a provided Ziti Edge Client API URL and identity configuration. The Ziti Edge Client API is usually in the format of `https://host:port/edge/client/v1`.

func NewConfigFromFile added in v0.20.0 

func NewConfigFromFile(confFile string) (*Config, error)

NewConfigFromFile attempts to load a Config object from the provided path.

The file that is indicated should be in the following format: ``` 

{
  "ztAPI": "https://ziti.controller.example.com/edge/client/v1",
  "configTypes": ["config1", "config2"],
  "id": { "cert": "...", "key": "..." },
}

```

type Context 

type Context interface {
	// Authenticate attempts to use credentials configured on the Context to perform authentication. The authentication
	// implementation used is configured via the Credentials field on an Option struct provided during Context
	// creation.
	Authenticate() error

	// SetCredentials sets the credentials used to authenticate against the Edge Client API.
	SetCredentials(authenticator apis.Credentials)

	// GetCredentials returns the currently set credentials used to authenticate against the Edge Client API.
	GetCredentials() apis.Credentials

	// GetCurrentIdentity returns the Edge API details of the currently authenticated identity.
	GetCurrentIdentity() (*rest_model.IdentityDetail, error)

	// Dial attempts to connect to a service using a given service name; authenticating as necessary in order to obtain
	// a service session, attach to Edge Routers, and connect to a service.
	Dial(serviceName string) (edge.Conn, error)

	// DialWithOptions performs the same logic as Dial but allows specification of DialOptions.
	DialWithOptions(serviceName string, options *DialOptions) (edge.Conn, error)

	// DialAddr finds the service for given address and performs a Dial for it.
	DialAddr(network string, addr string) (edge.Conn, error)

	// Listen attempts to host a service by the given service name;  authenticating as necessary in order to obtain
	// a service session, attach to Edge Routers, and bind (host) the service.
	Listen(serviceName string) (edge.Listener, error)

	// ListenWithOptions performs the same logic as Listen, but allows the specification of ListenOptions.
	ListenWithOptions(serviceName string, options *ListenOptions) (edge.Listener, error)

	// GetServiceId will return the id of a specific service by service name. If not found, false, will be returned
	// with an empty string.
	GetServiceId(serviceName string) (string, bool, error)

	// GetServices will return a slice of service details that the current authenticating identity can access for
	// dial (connect) or bind (host/listen).
	GetServices() ([]rest_model.ServiceDetail, error)

	// GetService will return the service details of a specific service by service name.
	GetService(serviceName string) (*rest_model.ServiceDetail, bool)

	// GetServiceForAddr finds the service with intercept that matches best to given address
	GetServiceForAddr(network, hostname string, port uint16) (*rest_model.ServiceDetail, int, error)

	// RefreshServices forces the context to refresh the list of services the current authenticating identity has access
	// to.
	RefreshServices() error

	// GetServiceTerminators will return a slice of rest_model.TerminatorClientDetail for a specific service name.
	// The offset and limit options can be used to page through excessive lists of items. A max of 500 is imposed on
	// limit.
	GetServiceTerminators(serviceName string, offset, limit int) ([]*rest_model.TerminatorClientDetail, int, error)

	// GetSession will return the session detail associated with a specific session id.
	GetSession(id string) (*rest_model.SessionDetail, error)

	// Metrics will return the current context's metrics Registry.
	Metrics() metrics.Registry

	// Close closes any connections open to edge routers
	Close()

	// AddZitiMfaHandler adds a Ziti MFA handler, invoked during authentication
	AddZitiMfaHandler(handler func(query *rest_model.AuthQueryDetail, resp func(code string) error) error)

	// EnrollZitiMfa will attempt to enable TOTP 2FA on the currently authenticating identity if not already enrolled.
	EnrollZitiMfa() (*rest_model.DetailMfa, error)

	// VerifyZitiMfa will attempt to complete enrollment of TOTP 2FA with the given code.
	VerifyZitiMfa(code string) error

	// RemoveZitiMfa will attempt to remove TOTP 2FA for the current identity
	RemoveZitiMfa(code string) error

	// GetId returns a unique context id
	GetId() string

	// SetId allows the setting of a context's id
	SetId(id string)
}

Context is the main interface for SDK instances that may be used to authenticate, connect to services, or host services.

func LoadContext deprecated added in v0.17.0 

func LoadContext(configPath string) (Context, error)

Deprecated: LoadContext loads a configuration from the supplied path into the DefaultCollection as a convenience. Usage of the DefaultCollection is advised against, and if this functionality is needed, implementations should instantiate their own CtxCollection via NewSdkCollection() or NewSdkCollectionFromEnv().

This function's behavior can be replicated with: ```

collection = NewSdkCollection() collection.ConfigTypes = []string{InterceptV1, ClientConfigV1} collection.NewContextFromFile(configPath)

```

LoadContext will attempt to load a Config from the provided path, see NewConfigFromFile() for details. Additionally, LoadContext will attempt to authenticate the Context. If it does not authenticate, it will not be added to the DefaultCollection and an error will be returned. ```

func NewContext 

func NewContext(cfg *Config) (Context, error)

NewContext creates a Context from the supplied Config with the default options. See NewContextWithOpts().

func NewContextFromFile added in v0.20.7 

func NewContextFromFile(path string) (Context, error)

NewContextFromFile attempts to load a new Config from the provided path and then uses that config to instantiate a new Context. See NewConfigFromFile() for configuration file details.

func NewContextFromFileWithOpts added in v0.20.7 

func NewContextFromFileWithOpts(path string, options *Options) (Context, error)

NewContextFromFileWithOpts does the same as NewContextFromFile but allow Options to be supplied.

func NewContextWithOpts added in v0.13.0 

func NewContextWithOpts(cfg *Config, options *Options) (Context, error)

NewContextWithOpts creates a Context from the supplied Config and Options. The configuration requires either the `ID` field or the `Credentials` field to be populated. If both are supplied, the `ID` field is used.

type ContextDialer added in v0.17.0 

type ContextDialer interface {
	DialContext(ctx context.Context, network, address string) (net.Conn, error)
}

type ContextImpl added in v0.19.0 

type ContextImpl struct {
	Id string

	CtrlClt *CtrlClient
	// contains filtered or unexported fields
}

func (*ContextImpl) AddZitiMfaHandler added in v0.19.0 

func (context *ContextImpl) AddZitiMfaHandler(handler func(query *rest_model.AuthQueryDetail, resp func(code string) error) error)

func (*ContextImpl) Authenticate added in v0.19.0 

func (context *ContextImpl) Authenticate() error

func (*ContextImpl) Close added in v0.19.0 

func (context *ContextImpl) Close()

func (*ContextImpl) Dial added in v0.19.0 

func (context *ContextImpl) Dial(serviceName string) (edge.Conn, error)

func (*ContextImpl) DialAddr added in v0.19.0 

func (context *ContextImpl) DialAddr(network string, addr string) (edge.Conn, error)

func (*ContextImpl) DialWithOptions added in v0.19.0 

func (context *ContextImpl) DialWithOptions(serviceName string, options *DialOptions) (edge.Conn, error)

func (*ContextImpl) EnrollZitiMfa added in v0.19.0 

func (context *ContextImpl) EnrollZitiMfa() (*rest_model.DetailMfa, error)

func (*ContextImpl) EnsureAuthenticated added in v0.19.0 

func (context *ContextImpl) EnsureAuthenticated(options edge.ConnOptions) error

func (*ContextImpl) GetCredentials added in v0.20.0 

func (context *ContextImpl) GetCredentials() apis.Credentials

func (*ContextImpl) GetCurrentIdentity added in v0.19.0 

func (context *ContextImpl) GetCurrentIdentity() (*rest_model.IdentityDetail, error)

func (*ContextImpl) GetId added in v0.20.7 

func (context *ContextImpl) GetId() string

func (*ContextImpl) GetService added in v0.19.0 

func (context *ContextImpl) GetService(name string) (*rest_model.ServiceDetail, bool)

func (*ContextImpl) GetServiceForAddr added in v0.19.0 

func (context *ContextImpl) GetServiceForAddr(network, hostname string, port uint16) (*rest_model.ServiceDetail, int, error)

GetServiceForAddr finds the service with intercept that matches best to given address

func (*ContextImpl) GetServiceId added in v0.19.0 

func (context *ContextImpl) GetServiceId(name string) (string, bool, error)

func (*ContextImpl) GetServiceTerminators added in v0.19.0 

func (context *ContextImpl) GetServiceTerminators(serviceName string, offset, limit int) ([]*rest_model.TerminatorClientDetail, int, error)

func (*ContextImpl) GetServices added in v0.19.0 

func (context *ContextImpl) GetServices() ([]rest_model.ServiceDetail, error)

func (*ContextImpl) GetSession added in v0.19.0 

func (context *ContextImpl) GetSession(serviceId string) (*rest_model.SessionDetail, error)

func (*ContextImpl) Listen added in v0.19.0 

func (context *ContextImpl) Listen(serviceName string) (edge.Listener, error)

func (*ContextImpl) ListenWithOptions added in v0.19.0 

func (context *ContextImpl) ListenWithOptions(serviceName string, options *ListenOptions) (edge.Listener, error)

func (*ContextImpl) Metrics added in v0.19.0 

func (context *ContextImpl) Metrics() metrics.Registry

func (*ContextImpl) OnClose added in v0.19.0 

func (context *ContextImpl) OnClose(factory edge.RouterConn)

func (*ContextImpl) RefreshServices added in v0.19.0 

func (context *ContextImpl) RefreshServices() error

func (*ContextImpl) RemoveZitiMfa added in v0.19.0 

func (context *ContextImpl) RemoveZitiMfa(code string) error

func (*ContextImpl) Sessions added in v0.19.0 

func (context *ContextImpl) Sessions() ([]*rest_model.SessionDetail, error)

func (*ContextImpl) SetCredentials added in v0.20.0 

func (context *ContextImpl) SetCredentials(credentials apis.Credentials)

func (*ContextImpl) SetId added in v0.20.7 

func (context *ContextImpl) SetId(id string)

func (*ContextImpl) VerifyZitiMfa added in v0.19.0 

func (context *ContextImpl) VerifyZitiMfa(code string) error

type CtrlClient added in v0.19.0 

type CtrlClient struct {
	*apis.ClientApiClient
	Credentials apis.Credentials

	ApiSessionCertificateDetail rest_model.CurrentAPISessionCertificateDetail
	ApiSessionCsr               x509.CertificateRequest
	ApiSessionCertificate       *x509.Certificate
	ApiSessionPrivateKey        *ecdsa.PrivateKey
	ApiSessionCertInstance      string

	PostureCache *posture.Cache
	ConfigTypes  []string
	// contains filtered or unexported fields
}

CtrlClient is a stateful version of ZitiEdgeClient that simplifies operations

func (*CtrlClient) Authenticate added in v0.19.0 

func (self *CtrlClient) Authenticate() (*rest_model.CurrentAPISessionDetail, error)

Authenticate attempts to use authenticate, overwriting any existing ApiSession.

func (*CtrlClient) AuthenticateMFA added in v0.19.0 

func (self *CtrlClient) AuthenticateMFA(code string) error

AuthenticateMFA handles MFA authentication queries may be provided. AuthenticateMFA allows the current identity for their current api session to attempt to pass MFA authentication.

func (*CtrlClient) CreateSession added in v0.19.0 

func (self *CtrlClient) CreateSession(id string, sessionType SessionType) (*rest_model.SessionDetail, error)

CreateSession will attempt to obtain a session token for a specific service id and type.

func (*CtrlClient) EnrollMfa added in v0.19.0 

func (self *CtrlClient) EnrollMfa() (*rest_model.DetailMfa, error)

EnrollMfa will attempt to start TOTP MFA enrollment for the currently authenticated identity.

func (*CtrlClient) EnsureApiSessionCertificate added in v0.19.0 

func (self *CtrlClient) EnsureApiSessionCertificate() error

EnsureApiSessionCertificate will create an ApiSessionCertificate if one does not already exist.

func (*CtrlClient) GetCurrentApiSession added in v0.19.0 

func (self *CtrlClient) GetCurrentApiSession() *rest_model.CurrentAPISessionDetail

GetCurrentApiSession returns the current cached ApiSession or nil

func (*CtrlClient) GetCurrentIdentity added in v0.19.0 

func (self *CtrlClient) GetCurrentIdentity() (*rest_model.IdentityDetail, error)

GetCurrentIdentity returns the rest_model.IdentityDetail for the currently authenticated ApiSession.

func (*CtrlClient) GetIdentity added in v0.19.0 

func (self *CtrlClient) GetIdentity() (identity.Identity, error)

GetIdentity returns the identity.Identity used to facilitate authentication. Each identity.Identity instance may provide authentication material in the form of x509 certificates and private keys and/or trusted CA pools.

func (*CtrlClient) GetServiceTerminators added in v0.19.0 

func (self *CtrlClient) GetServiceTerminators(svc *rest_model.ServiceDetail, offset int, limit int) ([]*rest_model.TerminatorClientDetail, int, error)

GetServiceTerminators returns the client terminator details for a specific service.

func (*CtrlClient) GetServices added in v0.19.0 

func (self *CtrlClient) GetServices() ([]*rest_model.ServiceDetail, error)

GetServices will fetch the list of services that the identity of the current ApiSession has access to for dialing or binding.

func (*CtrlClient) GetSession added in v0.19.0 

func (self *CtrlClient) GetSession(id string) (*rest_model.SessionDetail, error)

GetSession returns the full rest_model.SessionDetail for a specific id

func (*CtrlClient) IsServiceListUpdateAvailable added in v0.19.0 

func (self *CtrlClient) IsServiceListUpdateAvailable() (bool, error)

IsServiceListUpdateAvailable will contact the controller to determine if a new set of services are available. Service updates could entail gaining/losing services access via policy or runtime authorization revocation due to posture checks.

func (*CtrlClient) NewApiSessionCertificate added in v0.19.0 

func (self *CtrlClient) NewApiSessionCertificate() error

NewApiSessionCertificate will create a new ephemeral private key used to generate an ephemeral certificate that may be used with the current ApiSession. The generated certificate and private key are scoped to the ApiSession used to create it.

func (*CtrlClient) Refresh added in v0.19.0 

func (self *CtrlClient) Refresh() (*time.Time, error)

Refresh will contact the controller extending the current ApiSession

func (*CtrlClient) RemoveMfa added in v0.19.0 

func (self *CtrlClient) RemoveMfa(code string) error

RemoveMfa will remove the currently enrolled TOTP MFA added by EnrollMfa() and verified by VerifyMfa()

func (*CtrlClient) SendPostureResponse added in v0.19.0 

func (self *CtrlClient) SendPostureResponse(response rest_model.PostureResponseCreate) error

SendPostureResponse creates a posture response (some state data the controller has requested) for services. This information is used to determine runtime authorization access to services via posture checks.

func (*CtrlClient) SendPostureResponseBulk added in v0.19.0 

func (self *CtrlClient) SendPostureResponseBulk(responses []rest_model.PostureResponseCreate) error

SendPostureResponseBulk provides the same functionality as SendPostureResponse but allows multiple responses to be sent in a single request.

func (*CtrlClient) VerifyMfa added in v0.19.0 

func (self *CtrlClient) VerifyMfa(code string) error

VerifyMfa will complete a TOTP MFA enrollment created via EnrollMfa.

type CtxCollection added in v0.20.7 

type CtxCollection struct {
	ConfigTypes []string
	// contains filtered or unexported fields
}

An CtxCollection allows Context instances to be instantiated and maintained as a group. Useful in scenarios where multiple Context instances are managed together. Instead of using ziti.NewContext() like functions, use the function provided on this type to automatically have contexts added as they are created. If ConfigTypes is set, they will be automatically added to any instantiated Context through `New*` functions.

Context instances can be created directly from CtxCollection instances. Doing so automatically adds new Context instances to the CtxCollection:

``` collection := ziti.NewCtxCollection() cfg, err := ziti.NewConfigFromFile(str) ctx, err := collection.NewContext(cfg) //return the ctx and adds it to the collection ```

If more control over Config and Context instantiation is desired before the Context is added to the collection the Add() function can be used:

``` collection := ziti.NewCtxCollection() cfg, err := ziti.NewConfigFromFile(str) ctx, err := ziti.NewContext(cfg) collection.Add(ctx) //manual collection add ``` 

var DefaultCollection *CtxCollection

Deprecated: DefaultCollection is deprecated and is included for legacy support. It powers two other deprecated functions: `ForAllContext() and and `LoadContext()` which rely on it. The intended replacement is for implementations that wish to have this functionality to use NewSdkCollection() or NewSdkCollectionFromEnv() on their own.

func NewSdkCollection added in v0.20.7 

func NewSdkCollection() *CtxCollection

NewSdkCollection creates a new empty collection.

func NewSdkCollectionFromEnv added in v0.20.7 

func NewSdkCollectionFromEnv(envVariable string) *CtxCollection

NewSdkCollectionFromEnv will create an empty CtxCollection and then attempt to populate it from configuration files provided in a semicolon separate list of file paths retrieved from an environment variable.

func (*CtxCollection) Add added in v0.20.7 

func (set *CtxCollection) Add(ctx Context)

Add allows the arbitrary idempotent inclusion of a Context in the current collection. If a Context with the same id as an existing Context is added and is a different instance, the original is closed and removed.

func (*CtxCollection) ForAll added in v0.20.7 

func (set *CtxCollection) ForAll(f func(ctx Context))

ForAll call the provided function `f` on each Context.

func (*CtxCollection) NewContext added in v0.20.7 

func (set *CtxCollection) NewContext(cfg *Config) (Context, error)

NewContext is the same as ziti.NewContext but will also add the resulting context to the current collection.

func (*CtxCollection) NewContextFromFile added in v0.20.7 

func (set *CtxCollection) NewContextFromFile(file string) (Context, error)

NewContextFromFile is the same as ziti.NewContextFromFile but will also add the resulting context to the current collection.

func (*CtxCollection) NewContextFromFileWithOpts added in v0.20.7 

func (set *CtxCollection) NewContextFromFileWithOpts(file string, options *Options) (Context, error)

NewContextFromFileWithOpts is the same as ziti.NewContextFromFileWithOpts but will also add the resulting context to the current collection.

func (*CtxCollection) NewContextWithOpts added in v0.20.7 

func (set *CtxCollection) NewContextWithOpts(cfg *Config, options *Options) (Context, error)

NewContextWithOpts is the same as ziti.NewContextWithOpts but will also add the resulting context to the current collection.

func (*CtxCollection) NewDialer added in v0.20.7 

func (set *CtxCollection) NewDialer() Dialer

NewDialer will return a dialer that will iterate over the Context instances inside the collection, searching for the context that best matches the service.

If a matching service is not found, an error is returned. Matching is based on Match() logic in edge.InterceptV1Config.

func (*CtxCollection) NewDialerWithFallback added in v0.20.7 

func (set *CtxCollection) NewDialerWithFallback(ctx context.Context, fallback Dialer) Dialer

NewDialerWithFallback will return a dialer that will iterate over the Context instances inside the collection, searching for the context that best matches the service.

If a matching service is not found, a dial is attempted using the fallback dialer. Matching is based on Match() logic in edge.InterceptV1Config.

func (*CtxCollection) Remove added in v0.20.7 

func (set *CtxCollection) Remove(ctx Context)

Remove removes the supplied Context from the collection. It is not closed or altered in any way.

func (*CtxCollection) RemoveById added in v0.20.7 

func (set *CtxCollection) RemoveById(id string)

RemoveById removes a context by its string id. It is not closed or altered in any way.

type DialOptions added in v0.13.47 

type DialOptions struct {
	ConnectTimeout time.Duration
	Identity       string
	AppData        []byte
}

func (DialOptions) GetConnectTimeout added in v0.13.47 

func (d DialOptions) GetConnectTimeout() time.Duration

type Dialer added in v0.17.0 

type Dialer interface {
	Dial(network, address string) (net.Conn, error)
}

func NewDialer deprecated added in v0.17.0 

func NewDialer() Dialer

Deprecated: NewDialer will return a dialer from the DefaultCollection that will iterate over the Context instances inside the collection searching for the context that best matches the service.

It is suggested that implementations construct their own CtxCollection and use the NewDialer/NewDialerWithFallback present there.

If a matching service is not found, an error is returned. Matching is based on Match() logic in edge.InterceptV1Config.

func NewDialerWithFallback deprecated added in v0.17.0 

func NewDialerWithFallback(ctx context.Context, fallback Dialer) Dialer

Deprecated: NewDialerWithFallback will return a dialer from the DefaultCollection that will iterate over the Context instances inside the collection searching for the context that best matches the service.

It is suggested that implementations construct their own CtxCollection and use the NewDialer/NewDialerWithFallback present there.

If a matching service is not found, a dial is attempted with the fallback dialer. Matching is based on Match() logic in edge.InterceptV1Config.

type EnrollmentClaims added in v0.20.0 

type EnrollmentClaims struct {
	EnrollmentMethod string            `json:"em"`
	SignatureCert    *x509.Certificate `json:"-"`
	jwt.StandardClaims
}

func (*EnrollmentClaims) EnrolmentUrl added in v0.20.0 

func (t *EnrollmentClaims) EnrolmentUrl() string

func (*EnrollmentClaims) ToMapClaims added in v0.20.0 

func (t *EnrollmentClaims) ToMapClaims() (jwt.MapClaims, error)

func (*EnrollmentClaims) Valid added in v0.20.0 

func (t *EnrollmentClaims) Valid() error

type KeyAlgVar added in v0.20.0 

type KeyAlgVar string

func (*KeyAlgVar) EC added in v0.20.0 

func (f *KeyAlgVar) EC() bool

func (*KeyAlgVar) Get added in v0.20.0 

func (f *KeyAlgVar) Get() string

func (*KeyAlgVar) RSA added in v0.20.0 

func (f *KeyAlgVar) RSA() bool

func (*KeyAlgVar) Set added in v0.20.0 

func (f *KeyAlgVar) Set(value string) error

func (*KeyAlgVar) String added in v0.20.0 

func (f *KeyAlgVar) String() string

func (*KeyAlgVar) Type added in v0.20.0 

func (f *KeyAlgVar) Type() string

type ListenOptions added in v0.13.47 

type ListenOptions struct {
	Cost                  uint16
	Precedence            Precedence
	ConnectTimeout        time.Duration
	MaxConnections        int
	Identity              string
	BindUsingEdgeIdentity bool
	ManualStart           bool
}

func DefaultListenOptions added in v0.13.47 

func DefaultListenOptions() *ListenOptions

type Options added in v0.15.17 

type Options struct {
	RefreshInterval time.Duration
	OnContextReady  func(ctx Context)
	OnServiceUpdate serviceCB
}

type Precedence added in v0.13.47 

type Precedence byte

func GetPrecedenceForLabel added in v0.15.3 

func GetPrecedenceForLabel(p string) Precedence

func (Precedence) String added in v0.15.3 

func (p Precedence) String() string

type ServiceEventType added in v0.15.17 

type ServiceEventType string
const (
	ServiceAdded   ServiceEventType = "Added"
	ServiceRemoved ServiceEventType = "Removed"
	ServiceChanged ServiceEventType = "Changed"
)

type SessionType added in v0.19.0 

type SessionType rest_model.DialBind

type Versions added in v0.20.0 

type Versions struct {
	Api           string `json:"api"`
	EnrollmentApi string `json:"enrollmentApi"`
}

Source Files

View all Source files

Directories

Path Synopsis
network
posture

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.