Documentation
¶
Index ¶
- func Hash(salter *salt.Salt, raw interface{}) error
- func HashString(salter *salt.Salt, data string) string
- func HashStructure(s interface{}, cb HashCallback) (interface{}, error)
- type Backend
- type BackendConfig
- type Factory
- type FormatJSON
- type Formatter
- type HashCallback
- type JSONAuth
- type JSONRequest
- type JSONRequestEntry
- type JSONResponse
- type JSONResponseEntry
- type JSONSecret
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Hash ¶
Hash will hash the given type. This has built-in support for auth, requests, and responses. If it is a type that isn't recognized, then it will be passed through.
The structure is modified in-place.
func HashString ¶ added in v0.4.0
HashString hashes the given opaque string and returns it
func HashStructure ¶
func HashStructure(s interface{}, cb HashCallback) (interface{}, error)
HashStructure takes an interface and hashes all the values within the structure. Only _values_ are hashed: keys of objects are not.
For the HashCallback, see the built-in HashCallbacks below.
Types ¶
type Backend ¶
type Backend interface {
// LogRequest is used to syncronously log a request. This is done after the
// request is authorized but before the request is executed. The arguments
// MUST not be modified in anyway. They should be deep copied if this is
// a possibility.
LogRequest(*logical.Auth, *logical.Request, error) error
// LogResponse is used to syncronously log a response. This is done after
// the request is processed but before the response is sent. The arguments
// MUST not be modified in anyway. They should be deep copied if this is
// a possibility.
LogResponse(*logical.Auth, *logical.Request, *logical.Response, error) error
// GetHash is used to return the given data with the backend's hash,
// so that a caller can determine if a value in the audit log matches
// an expected plaintext value
GetHash(string) string
}
Backend interface must be implemented for an audit mechanism to be made available. Audit backends can be enabled to sink information to different backends such as logs, file, databases, or other external services.
type BackendConfig ¶ added in v0.3.0
type Factory ¶
type Factory func(*BackendConfig) (Backend, error)
Factory is the factory function to create an audit backend.
type FormatJSON ¶
type FormatJSON struct{}
FormatJSON is a Formatter implementation that structures data into a JSON format.
func (*FormatJSON) FormatRequest ¶
type Formatter ¶
type Formatter interface {
FormatRequest(io.Writer, *logical.Auth, *logical.Request, error) error
FormatResponse(io.Writer, *logical.Auth, *logical.Request, *logical.Response, error) error
}
Formatter is an interface that is responsible for formating a request/response into some format. Formatters write their output to an io.Writer.
It is recommended that you pass data through Hash prior to formatting it.
type HashCallback ¶
HashCallback is the callback called for HashStructure to hash a value.
type JSONRequest ¶
type JSONRequestEntry ¶
type JSONRequestEntry struct {
Time string `json:"time"`
Type string `json:"type"`
Auth JSONAuth `json:"auth"`
Request JSONRequest `json:"request"`
Error string `json:"error"`
}
JSONRequest is the structure of a request audit log entry in JSON.
type JSONResponse ¶
type JSONResponse struct {
Auth *JSONAuth `json:"auth,omitempty"`
Secret *JSONSecret `json:"secret,emitempty"`
Data map[string]interface{} `json:"data"`
Redirect string `json:"redirect"`
}
type JSONResponseEntry ¶
type JSONResponseEntry struct {
Time string `json:"time"`
Type string `json:"type"`
Error string `json:"error"`
Auth JSONAuth `json:"auth"`
Request JSONRequest `json:"request"`
Response JSONResponse `json:"response"`
}
JSONResponseEntry is the structure of a response audit log entry in JSON.
type JSONSecret ¶
type JSONSecret struct {
LeaseID string `json:"lease_id"`
}
Source Files