Documentation ¶
Index ¶
- Constants
- Variables
- type Credential
- type CredentialRepository
- type Filter
- type RelationService
- type Repository
- type Secret
- type Service
- func (s Service) Create(ctx context.Context, serviceUser ServiceUser) (ServiceUser, error)
- func (s Service) CreateKey(ctx context.Context, credential Credential) (Credential, error)
- func (s Service) CreateSecret(ctx context.Context, credential Credential) (Secret, error)
- func (s Service) Delete(ctx context.Context, id string) error
- func (s Service) DeleteKey(ctx context.Context, credID string) error
- func (s Service) DeleteSecret(ctx context.Context, credID string) error
- func (s Service) Get(ctx context.Context, id string) (ServiceUser, error)
- func (s Service) GetByIDs(ctx context.Context, ids []string) ([]ServiceUser, error)
- func (s Service) GetBySecret(ctx context.Context, credID string, credSecret string) (ServiceUser, error)
- func (s Service) GetByToken(ctx context.Context, token string) (ServiceUser, error)
- func (s Service) GetKey(ctx context.Context, credID string) (Credential, error)
- func (s Service) IsSudo(ctx context.Context, id string, permissionName string) (bool, error)
- func (s Service) List(ctx context.Context, flt Filter) ([]ServiceUser, error)
- func (s Service) ListByOrg(ctx context.Context, orgID string) ([]ServiceUser, error)
- func (s Service) ListKeys(ctx context.Context, serviceUserID string) ([]Credential, error)
- func (s Service) ListSecret(ctx context.Context, serviceUserID string) ([]Credential, error)
- func (s Service) Sudo(ctx context.Context, id string, relationName string) error
- type ServiceUser
- type State
Constants ¶
View Source
const (
DefaultKeyType = "sv_rsa"
)
Variables ¶
View Source
var ( ErrNotExist = errors.New("service user doesn't exist") ErrCredNotExist = errors.New("service user credential doesn't exist") ErrInvalidCred = errors.New("service user credential is invalid") ErrInvalidID = errors.New("service user id is invalid") ErrInvalidKeyID = errors.New("service user key is invalid") ErrConflict = errors.New("service user already exist") ErrEmptyKey = errors.New("empty key") ErrDisabled = errors.New("service user is disabled") )
Functions ¶
This section is empty.
Types ¶
type Credential ¶
type Credential struct { // ID is the unique identifier of the credential. // This is also used as kid in JWT, the spec doesn't // state how the kid should be generated as anyway this token // is owned by frontier, and we are in control of key generation // any arbitrary string can be used as kid as long as its unique ID string ServiceUserID string // SecretHash used for basic auth SecretHash []byte // PublicKey used for JWT verification using RSA PublicKey jwk.Set // PrivateKey used for JWT signing using RSA, this is not stored and // only generated and returned when creating a new credential PrivateKey []byte Title string Metadata metadata.Metadata CreatedAt time.Time UpdatedAt time.Time }
type CredentialRepository ¶
type CredentialRepository interface { List(ctx context.Context, flt Filter) ([]Credential, error) Create(ctx context.Context, credential Credential) (Credential, error) Get(ctx context.Context, id string) (Credential, error) Delete(ctx context.Context, id string) error }
type RelationService ¶
type RelationService interface { Create(ctx context.Context, rel relation.Relation) (relation.Relation, error) Delete(ctx context.Context, rel relation.Relation) error LookupSubjects(ctx context.Context, rel relation.Relation) ([]string, error) CheckPermission(ctx context.Context, rel relation.Relation) (bool, error) }
type Repository ¶
type Repository interface { List(ctx context.Context, flt Filter) ([]ServiceUser, error) Create(ctx context.Context, serviceUser ServiceUser) (ServiceUser, error) GetByID(ctx context.Context, id string) (ServiceUser, error) GetByIDs(ctx context.Context, id []string) ([]ServiceUser, error) Delete(ctx context.Context, id string) error }
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewService ¶
func NewService(repo Repository, credRepo CredentialRepository, relService RelationService) *Service
func (Service) Create ¶
func (s Service) Create(ctx context.Context, serviceUser ServiceUser) (ServiceUser, error)
func (Service) CreateKey ¶
func (s Service) CreateKey(ctx context.Context, credential Credential) (Credential, error)
CreateKey creates a key pair for the service user
func (Service) CreateSecret ¶
CreateSecret creates a secret for the service user
func (Service) DeleteSecret ¶
func (Service) GetBySecret ¶
func (s Service) GetBySecret(ctx context.Context, credID string, credSecret string) (ServiceUser, error)
GetBySecret matches the secret with the secret hash stored in the database of the service user and if the secret matches, returns the service user
func (Service) GetByToken ¶
GetByToken returns the service user by verifying the token
func (Service) IsSudo ¶ added in v0.8.0
IsSudo checks platform permissions. Platform permissions are: - superuser - check
func (Service) ListSecret ¶
type ServiceUser ¶
Click to show internal directories.
Click to hide internal directories.