Documentation ¶
Overview ¶
Package local implements services interfaces using abstract key value backend provided by lib/backend, what makes it possible for teleport to run using boltdb or etcd
Index ¶
- type AccessService
- func (s *AccessService) CreateRole(role services.Role, ttl time.Duration) error
- func (s *AccessService) DeleteAllRoles() error
- func (s *AccessService) DeleteRole(role string) error
- func (s *AccessService) GetRole(name string) (services.Role, error)
- func (s *AccessService) GetRoles() ([]services.Role, error)
- func (s *AccessService) UpsertRole(role services.Role, ttl time.Duration) error
- type CA
- func (s *CA) ActivateCertAuthority(id services.CertAuthID) error
- func (s *CA) CreateCertAuthority(ca services.CertAuthority) error
- func (s *CA) DeactivateCertAuthority(id services.CertAuthID) error
- func (s *CA) DeleteAllCertAuthorities(caType services.CertAuthType) error
- func (s *CA) DeleteCertAuthority(id services.CertAuthID) error
- func (s *CA) GetCertAuthorities(caType services.CertAuthType, loadSigningKeys bool) ([]services.CertAuthority, error)
- func (s *CA) GetCertAuthority(id services.CertAuthID, loadSigningKeys bool) (services.CertAuthority, error)
- func (s *CA) UpsertCertAuthority(ca services.CertAuthority) error
- type ClusterConfigurationService
- func (s *ClusterConfigurationService) GetAuthPreference() (services.AuthPreference, error)
- func (s *ClusterConfigurationService) GetClusterConfig() (services.ClusterConfig, error)
- func (s *ClusterConfigurationService) GetClusterName() (services.ClusterName, error)
- func (s *ClusterConfigurationService) GetStaticTokens() (services.StaticTokens, error)
- func (s *ClusterConfigurationService) SetAuthPreference(preferences services.AuthPreference) error
- func (s *ClusterConfigurationService) SetClusterConfig(c services.ClusterConfig) error
- func (s *ClusterConfigurationService) SetClusterName(c services.ClusterName) error
- func (s *ClusterConfigurationService) SetStaticTokens(c services.StaticTokens) error
- type IdentityService
- func (s *IdentityService) AddUserLoginAttempt(user string, attempt services.LoginAttempt, ttl time.Duration) error
- func (s *IdentityService) CreateGithubAuthRequest(req services.GithubAuthRequest, ttl time.Duration) error
- func (s *IdentityService) CreateGithubConnector(connector services.GithubConnector) error
- func (s *IdentityService) CreateOIDCAuthRequest(req services.OIDCAuthRequest, ttl time.Duration) error
- func (s *IdentityService) CreateSAMLAuthRequest(req services.SAMLAuthRequest, ttl time.Duration) error
- func (s *IdentityService) CreateSAMLConnector(connector services.SAMLConnector) error
- func (s *IdentityService) CreateUser(user services.User) error
- func (s *IdentityService) DeleteAllUsers() error
- func (s *IdentityService) DeleteGithubConnector(id string) error
- func (s *IdentityService) DeleteOIDCConnector(connectorID string) error
- func (s *IdentityService) DeleteSAMLConnector(connectorID string) error
- func (s *IdentityService) DeleteSignupToken(token string) error
- func (s *IdentityService) DeleteUsedTOTPToken(user string) error
- func (s *IdentityService) DeleteUser(user string) error
- func (s *IdentityService) DeleteUserLoginAttempts(user string) error
- func (s *IdentityService) DeleteWebSession(user, sid string) error
- func (s *IdentityService) GetGithubAuthRequest(stateToken string) (*services.GithubAuthRequest, error)
- func (s *IdentityService) GetGithubConnector(id string, withSecrets bool) (services.GithubConnector, error)
- func (s *IdentityService) GetGithubConnectors(withSecrets bool) ([]services.GithubConnector, error)
- func (s *IdentityService) GetHOTP(user string) (*hotp.HOTP, error)
- func (s *IdentityService) GetOIDCAuthRequest(stateToken string) (*services.OIDCAuthRequest, error)
- func (s *IdentityService) GetOIDCConnector(id string, withSecrets bool) (services.OIDCConnector, error)
- func (s *IdentityService) GetOIDCConnectors(withSecrets bool) ([]services.OIDCConnector, error)
- func (s *IdentityService) GetPasswordHash(user string) ([]byte, error)
- func (s *IdentityService) GetSAMLAuthRequest(id string) (*services.SAMLAuthRequest, error)
- func (s *IdentityService) GetSAMLConnector(id string, withSecrets bool) (services.SAMLConnector, error)
- func (s *IdentityService) GetSAMLConnectors(withSecrets bool) ([]services.SAMLConnector, error)
- func (s *IdentityService) GetSignupToken(token string) (*services.SignupToken, error)
- func (s *IdentityService) GetSignupTokens() (tokens []services.SignupToken, err error)
- func (s *IdentityService) GetTOTP(user string) (string, error)
- func (s *IdentityService) GetU2FRegisterChallenge(token string) (*u2f.Challenge, error)
- func (s *IdentityService) GetU2FRegistration(user string) (*u2f.Registration, error)
- func (s *IdentityService) GetU2FRegistrationCounter(user string) (counter uint32, e error)
- func (s *IdentityService) GetU2FSignChallenge(user string) (*u2f.Challenge, error)
- func (s *IdentityService) GetUsedTOTPToken(user string) (string, error)
- func (s *IdentityService) GetUser(user string) (services.User, error)
- func (s *IdentityService) GetUserByGithubIdentity(id services.ExternalIdentity) (services.User, error)
- func (s *IdentityService) GetUserByOIDCIdentity(id services.ExternalIdentity) (services.User, error)
- func (s *IdentityService) GetUserBySAMLIdentity(id services.ExternalIdentity) (services.User, error)
- func (s *IdentityService) GetUserLoginAttempts(user string) ([]services.LoginAttempt, error)
- func (s *IdentityService) GetUsers() ([]services.User, error)
- func (s *IdentityService) GetWebSession(user, sid string) (services.WebSession, error)
- func (s *IdentityService) UpsertGithubConnector(connector services.GithubConnector) error
- func (s *IdentityService) UpsertHOTP(user string, otp *hotp.HOTP) error
- func (s *IdentityService) UpsertOIDCConnector(connector services.OIDCConnector) error
- func (s *IdentityService) UpsertPassword(user string, password []byte) error
- func (s *IdentityService) UpsertPasswordHash(username string, hash []byte) error
- func (s *IdentityService) UpsertSAMLConnector(connector services.SAMLConnector) error
- func (s *IdentityService) UpsertSignupToken(token string, tokenData services.SignupToken, ttl time.Duration) error
- func (s *IdentityService) UpsertTOTP(user string, secretKey string) error
- func (s *IdentityService) UpsertU2FRegisterChallenge(token string, u2fChallenge *u2f.Challenge) error
- func (s *IdentityService) UpsertU2FRegistration(user string, u2fReg *u2f.Registration) error
- func (s *IdentityService) UpsertU2FRegistrationCounter(user string, counter uint32) error
- func (s *IdentityService) UpsertU2FSignChallenge(user string, u2fChallenge *u2f.Challenge) error
- func (s *IdentityService) UpsertUsedTOTPToken(user string, otpToken string) error
- func (s *IdentityService) UpsertUser(user services.User) error
- func (s *IdentityService) UpsertWebSession(user, sid string, session services.WebSession) error
- type MarshallableU2FRegistration
- type PresenceService
- func (s *PresenceService) DeleteAllNamespaces() error
- func (s *PresenceService) DeleteAllNodes(namespace string) error
- func (s *PresenceService) DeleteAllProxies() error
- func (s *PresenceService) DeleteAllReverseTunnels() error
- func (s *PresenceService) DeleteAllTunnelConnections() error
- func (s *PresenceService) DeleteNamespace(namespace string) error
- func (s *PresenceService) DeleteReverseTunnel(domainName string) error
- func (s *PresenceService) DeleteTrustedCluster(name string) error
- func (s *PresenceService) DeleteTunnelConnection(clusterName, connectionName string) error
- func (s *PresenceService) DeleteTunnelConnections(clusterName string) error
- func (s *PresenceService) GetAllTunnelConnections() ([]services.TunnelConnection, error)
- func (s *PresenceService) GetAuthServers() ([]services.Server, error)
- func (s *PresenceService) GetLocalClusterName() (string, error)
- func (s *PresenceService) GetNamespace(name string) (*services.Namespace, error)
- func (s *PresenceService) GetNamespaces() ([]services.Namespace, error)
- func (s *PresenceService) GetNodes(namespace string) ([]services.Server, error)
- func (s *PresenceService) GetProxies() ([]services.Server, error)
- func (s *PresenceService) GetReverseTunnels() ([]services.ReverseTunnel, error)
- func (s *PresenceService) GetTrustedCluster(name string) (services.TrustedCluster, error)
- func (s *PresenceService) GetTrustedClusters() ([]services.TrustedCluster, error)
- func (s *PresenceService) GetTunnelConnection(clusterName, connectionName string) (services.TunnelConnection, error)
- func (s *PresenceService) GetTunnelConnections(clusterName string) ([]services.TunnelConnection, error)
- func (s *PresenceService) UpsertAuthServer(server services.Server) error
- func (s *PresenceService) UpsertLocalClusterName(name string) error
- func (s *PresenceService) UpsertNamespace(n services.Namespace) error
- func (s *PresenceService) UpsertNode(server services.Server) error
- func (s *PresenceService) UpsertProxy(server services.Server) error
- func (s *PresenceService) UpsertReverseTunnel(tunnel services.ReverseTunnel) error
- func (s *PresenceService) UpsertTrustedCluster(trustedCluster services.TrustedCluster) error
- func (s *PresenceService) UpsertTunnelConnection(conn services.TunnelConnection) error
- type ProvisioningService
- func (s *ProvisioningService) DeleteToken(token string) error
- func (s *ProvisioningService) GetToken(token string) (*services.ProvisionToken, error)
- func (s *ProvisioningService) GetTokens() (tokens []services.ProvisionToken, err error)
- func (s *ProvisioningService) UpsertToken(token string, roles teleport.Roles, ttl time.Duration) error
- type U2FRegistrationCounter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessService ¶
AccessService manages roles
func NewAccessService ¶
func NewAccessService(backend backend.Backend) *AccessService
NewAccessService returns new access service instance
func (*AccessService) CreateRole ¶
CreateRole creates a role on the backend.
func (*AccessService) DeleteAllRoles ¶
func (s *AccessService) DeleteAllRoles() error
DeleteAllRoles deletes all roles
func (*AccessService) DeleteRole ¶
func (s *AccessService) DeleteRole(role string) error
DeleteRole deletes a role with all the keys from the backend
func (*AccessService) GetRole ¶
func (s *AccessService) GetRole(name string) (services.Role, error)
GetRole returns a role by name
func (*AccessService) GetRoles ¶
func (s *AccessService) GetRoles() ([]services.Role, error)
GetRoles returns a list of roles registered with the local auth server
func (*AccessService) UpsertRole ¶
UpsertRole updates parameters about role
type CA ¶
CA is local implementation of Trust service that is using local backend
func NewCAService ¶
NewCAService returns new instance of CAService
func (*CA) ActivateCertAuthority ¶
func (s *CA) ActivateCertAuthority(id services.CertAuthID) error
ActivateCertAuthority moves a CertAuthority from the deactivated list to the normal list.
func (*CA) CreateCertAuthority ¶
func (s *CA) CreateCertAuthority(ca services.CertAuthority) error
CreateCertAuthority updates or inserts a new certificate authority
func (*CA) DeactivateCertAuthority ¶
func (s *CA) DeactivateCertAuthority(id services.CertAuthID) error
DeactivateCertAuthority moves a CertAuthority from the normal list to the deactivated list.
func (*CA) DeleteAllCertAuthorities ¶
func (s *CA) DeleteAllCertAuthorities(caType services.CertAuthType) error
DeleteAllCertAuthorities deletes all certificate authorities of a certain type
func (*CA) DeleteCertAuthority ¶
func (s *CA) DeleteCertAuthority(id services.CertAuthID) error
DeleteCertAuthority deletes particular certificate authority
func (*CA) GetCertAuthorities ¶
func (s *CA) GetCertAuthorities(caType services.CertAuthType, loadSigningKeys bool) ([]services.CertAuthority, error)
GetCertAuthorities returns a list of authorities of a given type loadSigningKeys controls whether signing keys should be loaded or not
func (*CA) GetCertAuthority ¶
func (s *CA) GetCertAuthority(id services.CertAuthID, loadSigningKeys bool) (services.CertAuthority, error)
GetCertAuthority returns certificate authority by given id. Parameter loadSigningKeys controls if signing keys are loaded
func (*CA) UpsertCertAuthority ¶
func (s *CA) UpsertCertAuthority(ca services.CertAuthority) error
UpsertCertAuthority updates or inserts a new certificate authority
type ClusterConfigurationService ¶
ClusterConfigurationService is responsible for managing cluster configuration.
func NewClusterConfigurationService ¶
func NewClusterConfigurationService(backend backend.Backend) *ClusterConfigurationService
NewClusterConfigurationService returns a new ClusterConfigurationService.
func (*ClusterConfigurationService) GetAuthPreference ¶
func (s *ClusterConfigurationService) GetAuthPreference() (services.AuthPreference, error)
GetAuthPreference fetches the cluster authentication preferences from the backend and return them.
func (*ClusterConfigurationService) GetClusterConfig ¶
func (s *ClusterConfigurationService) GetClusterConfig() (services.ClusterConfig, error)
GetClusterConfig gets services.ClusterConfig from the backend.
func (*ClusterConfigurationService) GetClusterName ¶
func (s *ClusterConfigurationService) GetClusterName() (services.ClusterName, error)
GetClusterName gets the name of the cluster from the backend.
func (*ClusterConfigurationService) GetStaticTokens ¶
func (s *ClusterConfigurationService) GetStaticTokens() (services.StaticTokens, error)
GetStaticTokens gets the list of static tokens used to provision nodes.
func (*ClusterConfigurationService) SetAuthPreference ¶
func (s *ClusterConfigurationService) SetAuthPreference(preferences services.AuthPreference) error
SetAuthPreference sets the cluster authentication preferences on the backend.
func (*ClusterConfigurationService) SetClusterConfig ¶
func (s *ClusterConfigurationService) SetClusterConfig(c services.ClusterConfig) error
SetClusterConfig sets services.ClusterConfig on the backend.
func (*ClusterConfigurationService) SetClusterName ¶
func (s *ClusterConfigurationService) SetClusterName(c services.ClusterName) error
SetClusterName sets the name of the cluster in the backend. SetClusterName can only be called once on a cluster after which it will return trace.AlreadyExists.
func (*ClusterConfigurationService) SetStaticTokens ¶
func (s *ClusterConfigurationService) SetStaticTokens(c services.StaticTokens) error
SetStaticTokens sets the list of static tokens used to provision nodes.
type IdentityService ¶
IdentityService is responsible for managing web users and currently user accounts as well
func NewIdentityService ¶
func NewIdentityService(backend backend.Backend) *IdentityService
NewIdentityService returns a new instance of IdentityService object
func (*IdentityService) AddUserLoginAttempt ¶
func (s *IdentityService) AddUserLoginAttempt(user string, attempt services.LoginAttempt, ttl time.Duration) error
AddUserLoginAttempt logs user login attempt
func (*IdentityService) CreateGithubAuthRequest ¶
func (s *IdentityService) CreateGithubAuthRequest(req services.GithubAuthRequest, ttl time.Duration) error
CreateGithubAuthRequest creates a new auth request for Github OAuth2 flow
func (*IdentityService) CreateGithubConnector ¶
func (s *IdentityService) CreateGithubConnector(connector services.GithubConnector) error
CreateGithubConnector creates a new Github connector
func (*IdentityService) CreateOIDCAuthRequest ¶
func (s *IdentityService) CreateOIDCAuthRequest(req services.OIDCAuthRequest, ttl time.Duration) error
CreateOIDCAuthRequest creates new auth request
func (*IdentityService) CreateSAMLAuthRequest ¶
func (s *IdentityService) CreateSAMLAuthRequest(req services.SAMLAuthRequest, ttl time.Duration) error
CreateSAMLAuthRequest creates new auth request
func (*IdentityService) CreateSAMLConnector ¶
func (s *IdentityService) CreateSAMLConnector(connector services.SAMLConnector) error
CreateSAMLConnector creates SAML Connector
func (*IdentityService) CreateUser ¶
func (s *IdentityService) CreateUser(user services.User) error
CreateUser creates user if it does not exist
func (*IdentityService) DeleteAllUsers ¶
func (s *IdentityService) DeleteAllUsers() error
DeleteAllUsers deletes all users
func (*IdentityService) DeleteGithubConnector ¶
func (s *IdentityService) DeleteGithubConnector(id string) error
DeleteGithubConnector deletes the specified connector
func (*IdentityService) DeleteOIDCConnector ¶
func (s *IdentityService) DeleteOIDCConnector(connectorID string) error
DeleteOIDCConnector deletes OIDC Connector
func (*IdentityService) DeleteSAMLConnector ¶
func (s *IdentityService) DeleteSAMLConnector(connectorID string) error
DeleteSAMLConnector deletes OIDC Connector
func (*IdentityService) DeleteSignupToken ¶
func (s *IdentityService) DeleteSignupToken(token string) error
DeleteSignupToken deletes signup token from the storage
func (*IdentityService) DeleteUsedTOTPToken ¶
func (s *IdentityService) DeleteUsedTOTPToken(user string) error
DeleteUsedTOTPToken removes the used token from the backend. This should only be used during tests.
func (*IdentityService) DeleteUser ¶
func (s *IdentityService) DeleteUser(user string) error
DeleteUser deletes a user with all the keys from the backend
func (*IdentityService) DeleteUserLoginAttempts ¶
func (s *IdentityService) DeleteUserLoginAttempts(user string) error
DeleteUserLoginAttempts removes all login attempts of a user. Should be called after successful login.
func (*IdentityService) DeleteWebSession ¶
func (s *IdentityService) DeleteWebSession(user, sid string) error
DeleteWebSession deletes web session from the storage
func (*IdentityService) GetGithubAuthRequest ¶
func (s *IdentityService) GetGithubAuthRequest(stateToken string) (*services.GithubAuthRequest, error)
GetGithubAuthRequest retrieves Github auth request by the token
func (*IdentityService) GetGithubConnector ¶
func (s *IdentityService) GetGithubConnector(id string, withSecrets bool) (services.GithubConnector, error)
GetGithubConnectot returns a particular Github connector
func (*IdentityService) GetGithubConnectors ¶
func (s *IdentityService) GetGithubConnectors(withSecrets bool) ([]services.GithubConnector, error)
GetGithubConnectors returns all configured Github connectors
func (*IdentityService) GetHOTP ¶
func (s *IdentityService) GetHOTP(user string) (*hotp.HOTP, error)
GetHOTP gets HOTP token state for a user Deprecated: HOTP use is deprecated, use GetTOTP instead.
func (*IdentityService) GetOIDCAuthRequest ¶
func (s *IdentityService) GetOIDCAuthRequest(stateToken string) (*services.OIDCAuthRequest, error)
GetOIDCAuthRequest returns OIDC auth request if found
func (*IdentityService) GetOIDCConnector ¶
func (s *IdentityService) GetOIDCConnector(id string, withSecrets bool) (services.OIDCConnector, error)
GetOIDCConnector returns OIDC connector data, , withSecrets adds or removes client secret from return results
func (*IdentityService) GetOIDCConnectors ¶
func (s *IdentityService) GetOIDCConnectors(withSecrets bool) ([]services.OIDCConnector, error)
GetOIDCConnectors returns registered connectors, withSecrets adds or removes client secret from return results
func (*IdentityService) GetPasswordHash ¶
func (s *IdentityService) GetPasswordHash(user string) ([]byte, error)
GetPasswordHash returns the password hash for a given user
func (*IdentityService) GetSAMLAuthRequest ¶
func (s *IdentityService) GetSAMLAuthRequest(id string) (*services.SAMLAuthRequest, error)
GetSAMLAuthRequest returns OSAML auth request if found
func (*IdentityService) GetSAMLConnector ¶
func (s *IdentityService) GetSAMLConnector(id string, withSecrets bool) (services.SAMLConnector, error)
GetSAMLConnector returns OIDC connector data, withSecrets adds or removes secrets from return results
func (*IdentityService) GetSAMLConnectors ¶
func (s *IdentityService) GetSAMLConnectors(withSecrets bool) ([]services.SAMLConnector, error)
GetSAMLConnectors returns registered connectors, withSecrets adds or removes secret from return results
func (*IdentityService) GetSignupToken ¶
func (s *IdentityService) GetSignupToken(token string) (*services.SignupToken, error)
GetSignupToken returns signup token data
func (*IdentityService) GetSignupTokens ¶
func (s *IdentityService) GetSignupTokens() (tokens []services.SignupToken, err error)
GetSignupTokens returns all non-expired user tokens
func (*IdentityService) GetTOTP ¶
func (s *IdentityService) GetTOTP(user string) (string, error)
GetTOTP returns the secret key used by the TOTP algorithm to validate tokens
func (*IdentityService) GetU2FRegisterChallenge ¶ added in v1.3.0
func (s *IdentityService) GetU2FRegisterChallenge(token string) (*u2f.Challenge, error)
func (*IdentityService) GetU2FRegistration ¶ added in v1.3.0
func (s *IdentityService) GetU2FRegistration(user string) (*u2f.Registration, error)
func (*IdentityService) GetU2FRegistrationCounter ¶ added in v1.3.0
func (s *IdentityService) GetU2FRegistrationCounter(user string) (counter uint32, e error)
func (*IdentityService) GetU2FSignChallenge ¶ added in v1.3.0
func (s *IdentityService) GetU2FSignChallenge(user string) (*u2f.Challenge, error)
func (*IdentityService) GetUsedTOTPToken ¶
func (s *IdentityService) GetUsedTOTPToken(user string) (string, error)
GetUsedTOTPToken returns the last successfully used TOTP token. If no token is found zero is returned.
func (*IdentityService) GetUser ¶
func (s *IdentityService) GetUser(user string) (services.User, error)
GetUser returns a user by name
func (*IdentityService) GetUserByGithubIdentity ¶
func (s *IdentityService) GetUserByGithubIdentity(id services.ExternalIdentity) (services.User, error)
GetUserByGithubIdentity returns the first found user with specified Github identity
func (*IdentityService) GetUserByOIDCIdentity ¶
func (s *IdentityService) GetUserByOIDCIdentity(id services.ExternalIdentity) (services.User, error)
GetUserByOIDCIdentity returns a user by it's specified OIDC Identity, returns first user specified with this identity
func (*IdentityService) GetUserBySAMLIdentity ¶
func (s *IdentityService) GetUserBySAMLIdentity(id services.ExternalIdentity) (services.User, error)
GetUserBySAMLCIdentity returns a user by it's specified OIDC Identity, returns first user specified with this identity
func (*IdentityService) GetUserLoginAttempts ¶
func (s *IdentityService) GetUserLoginAttempts(user string) ([]services.LoginAttempt, error)
GetUserLoginAttempts returns user login attempts
func (*IdentityService) GetUsers ¶
func (s *IdentityService) GetUsers() ([]services.User, error)
GetUsers returns a list of users registered with the local auth server
func (*IdentityService) GetWebSession ¶
func (s *IdentityService) GetWebSession(user, sid string) (services.WebSession, error)
GetWebSession returns a web session state for a given user and session id
func (*IdentityService) UpsertGithubConnector ¶
func (s *IdentityService) UpsertGithubConnector(connector services.GithubConnector) error
UpsertGithubConnector creates or updates a Github connector
func (*IdentityService) UpsertHOTP ¶
func (s *IdentityService) UpsertHOTP(user string, otp *hotp.HOTP) error
UpsertHOTP upserts HOTP state for user Deprecated: HOTP use is deprecated, use UpsertTOTP instead.
func (*IdentityService) UpsertOIDCConnector ¶
func (s *IdentityService) UpsertOIDCConnector(connector services.OIDCConnector) error
UpsertOIDCConnector upserts OIDC Connector
func (*IdentityService) UpsertPassword ¶
func (s *IdentityService) UpsertPassword(user string, password []byte) error
UpsertPassword upserts new password hash into a backend.
func (*IdentityService) UpsertPasswordHash ¶
func (s *IdentityService) UpsertPasswordHash(username string, hash []byte) error
UpsertPasswordHash upserts user password hash
func (*IdentityService) UpsertSAMLConnector ¶
func (s *IdentityService) UpsertSAMLConnector(connector services.SAMLConnector) error
UpsertSAMLConnector upserts SAML Connector
func (*IdentityService) UpsertSignupToken ¶
func (s *IdentityService) UpsertSignupToken(token string, tokenData services.SignupToken, ttl time.Duration) error
UpsertSignupToken upserts signup token - one time token that lets user to create a user account
func (*IdentityService) UpsertTOTP ¶
func (s *IdentityService) UpsertTOTP(user string, secretKey string) error
UpsertTOTP upserts TOTP secret key for a user that can be used to generate and validate tokens.
func (*IdentityService) UpsertU2FRegisterChallenge ¶ added in v1.3.0
func (s *IdentityService) UpsertU2FRegisterChallenge(token string, u2fChallenge *u2f.Challenge) error
func (*IdentityService) UpsertU2FRegistration ¶ added in v1.3.0
func (s *IdentityService) UpsertU2FRegistration(user string, u2fReg *u2f.Registration) error
func (*IdentityService) UpsertU2FRegistrationCounter ¶ added in v1.3.0
func (s *IdentityService) UpsertU2FRegistrationCounter(user string, counter uint32) error
func (*IdentityService) UpsertU2FSignChallenge ¶ added in v1.3.0
func (s *IdentityService) UpsertU2FSignChallenge(user string, u2fChallenge *u2f.Challenge) error
func (*IdentityService) UpsertUsedTOTPToken ¶
func (s *IdentityService) UpsertUsedTOTPToken(user string, otpToken string) error
UpsertUsedTOTPToken upserts a TOTP token to the backend so it can't be used again during the 30 second window it's valid.
func (*IdentityService) UpsertUser ¶
func (s *IdentityService) UpsertUser(user services.User) error
UpsertUser updates parameters about user
func (*IdentityService) UpsertWebSession ¶
func (s *IdentityService) UpsertWebSession(user, sid string, session services.WebSession) error
UpsertWebSession updates or inserts a web session for a user and session id the session will be created with bearer token expiry time TTL, because it is expected to be extended by the client before then
type MarshallableU2FRegistration ¶ added in v1.3.0
type MarshallableU2FRegistration struct { Raw []byte `json:"raw"` KeyHandle []byte `json:"keyhandle"` MarshalledPubKey []byte `json:"marshalled_pubkey"` }
u2f.Registration cannot be json marshalled due to the pointer in the public key so we have this marshallable version
type PresenceService ¶
type PresenceService struct { *log.Entry backend.Backend // contains filtered or unexported fields }
PresenceService records and reports the presence of all components of the cluster - Nodes, Proxies and SSH nodes
func NewPresenceService ¶
func NewPresenceService(b backend.Backend) *PresenceService
NewPresenceService returns new presence service instance
func (*PresenceService) DeleteAllNamespaces ¶
func (s *PresenceService) DeleteAllNamespaces() error
DeleteAllNamespaces deletes all namespaces
func (*PresenceService) DeleteAllNodes ¶
func (s *PresenceService) DeleteAllNodes(namespace string) error
DeleteAllNodes deletes all nodes in a namespace
func (*PresenceService) DeleteAllProxies ¶
func (s *PresenceService) DeleteAllProxies() error
DeleteAllProxies deletes all proxies
func (*PresenceService) DeleteAllReverseTunnels ¶
func (s *PresenceService) DeleteAllReverseTunnels() error
DeleteAllReverseTunnels deletes all reverse tunnels
func (*PresenceService) DeleteAllTunnelConnections ¶
func (s *PresenceService) DeleteAllTunnelConnections() error
DeleteAllTunnelConnections deletes all tunnel connections
func (*PresenceService) DeleteNamespace ¶
func (s *PresenceService) DeleteNamespace(namespace string) error
DeleteNamespace deletes a namespace with all the keys from the backend
func (*PresenceService) DeleteReverseTunnel ¶
func (s *PresenceService) DeleteReverseTunnel(domainName string) error
DeleteReverseTunnel deletes reverse tunnel by it's domain name
func (*PresenceService) DeleteTrustedCluster ¶
func (s *PresenceService) DeleteTrustedCluster(name string) error
DeleteTrustedCluster removes a TrustedCluster from the backend by name.
func (*PresenceService) DeleteTunnelConnection ¶
func (s *PresenceService) DeleteTunnelConnection(clusterName, connectionName string) error
DeleteTunnelConnection deletes tunnel connection by name
func (*PresenceService) DeleteTunnelConnections ¶
func (s *PresenceService) DeleteTunnelConnections(clusterName string) error
DeleteTunnelConnections deletes all tunnel connections for cluster
func (*PresenceService) GetAllTunnelConnections ¶
func (s *PresenceService) GetAllTunnelConnections() ([]services.TunnelConnection, error)
GetAllTunnelConnections returns all tunnel connections
func (*PresenceService) GetAuthServers ¶
func (s *PresenceService) GetAuthServers() ([]services.Server, error)
GetAuthServers returns a list of registered servers
func (*PresenceService) GetLocalClusterName ¶
func (s *PresenceService) GetLocalClusterName() (string, error)
GetLocalClusterName upserts local domain
func (*PresenceService) GetNamespace ¶
func (s *PresenceService) GetNamespace(name string) (*services.Namespace, error)
GetNamespace returns a namespace by name
func (*PresenceService) GetNamespaces ¶
func (s *PresenceService) GetNamespaces() ([]services.Namespace, error)
GetNamespaces returns a list of namespaces
func (*PresenceService) GetNodes ¶
func (s *PresenceService) GetNodes(namespace string) ([]services.Server, error)
GetNodes returns a list of registered servers
func (*PresenceService) GetProxies ¶
func (s *PresenceService) GetProxies() ([]services.Server, error)
GetProxies returns a list of registered proxies
func (*PresenceService) GetReverseTunnels ¶
func (s *PresenceService) GetReverseTunnels() ([]services.ReverseTunnel, error)
GetReverseTunnels returns a list of registered servers
func (*PresenceService) GetTrustedCluster ¶
func (s *PresenceService) GetTrustedCluster(name string) (services.TrustedCluster, error)
GetTrustedCluster returns a single TrustedCluster by name.
func (*PresenceService) GetTrustedClusters ¶
func (s *PresenceService) GetTrustedClusters() ([]services.TrustedCluster, error)
GetTrustedClusters returns all TrustedClusters in the backend.
func (*PresenceService) GetTunnelConnection ¶
func (s *PresenceService) GetTunnelConnection(clusterName, connectionName string) (services.TunnelConnection, error)
GetTunnelConnection returns connection by cluster name and connection name
func (*PresenceService) GetTunnelConnections ¶
func (s *PresenceService) GetTunnelConnections(clusterName string) ([]services.TunnelConnection, error)
GetTunnelConnections returns connections for a trusted cluster
func (*PresenceService) UpsertAuthServer ¶
func (s *PresenceService) UpsertAuthServer(server services.Server) error
UpsertAuthServer registers auth server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second
func (*PresenceService) UpsertLocalClusterName ¶
func (s *PresenceService) UpsertLocalClusterName(name string) error
UpsertLocalClusterName upserts local domain
func (*PresenceService) UpsertNamespace ¶
func (s *PresenceService) UpsertNamespace(n services.Namespace) error
UpsertNamespace upserts namespace
func (*PresenceService) UpsertNode ¶
func (s *PresenceService) UpsertNode(server services.Server) error
UpsertNode registers node presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second
func (*PresenceService) UpsertProxy ¶
func (s *PresenceService) UpsertProxy(server services.Server) error
UpsertProxy registers proxy server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second
func (*PresenceService) UpsertReverseTunnel ¶
func (s *PresenceService) UpsertReverseTunnel(tunnel services.ReverseTunnel) error
UpsertReverseTunnel upserts reverse tunnel entry temporarily or permanently
func (*PresenceService) UpsertTrustedCluster ¶
func (s *PresenceService) UpsertTrustedCluster(trustedCluster services.TrustedCluster) error
UpsertTrustedCluster creates or updates a TrustedCluster in the backend.
func (*PresenceService) UpsertTunnelConnection ¶
func (s *PresenceService) UpsertTunnelConnection(conn services.TunnelConnection) error
UpsertTunnelConnection updates or creates tunnel connection
type ProvisioningService ¶
type ProvisioningService struct {
// contains filtered or unexported fields
}
ProvisioningService governs adding new nodes to the cluster
func NewProvisioningService ¶
func NewProvisioningService(backend backend.Backend) *ProvisioningService
NewProvisioningService returns a new instance of provisioning service
func (*ProvisioningService) DeleteToken ¶
func (s *ProvisioningService) DeleteToken(token string) error
func (*ProvisioningService) GetToken ¶
func (s *ProvisioningService) GetToken(token string) (*services.ProvisionToken, error)
GetToken finds and returns token by id
func (*ProvisioningService) GetTokens ¶
func (s *ProvisioningService) GetTokens() (tokens []services.ProvisionToken, err error)
GetTokens returns all active (non-expired) provisioning tokens
func (*ProvisioningService) UpsertToken ¶
func (s *ProvisioningService) UpsertToken(token string, roles teleport.Roles, ttl time.Duration) error
UpsertToken adds provisioning tokens for the auth server
type U2FRegistrationCounter ¶ added in v1.3.0
type U2FRegistrationCounter struct {
Counter uint32 `json:"counter"`
}