Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IdentityRegistry ¶
IdentityRegistry is a naive registry that maintains a mapping between identities (as strings): id1 -> id2, id3 -> id4, etc. The method call Check(id1, id2) will succeed only if there is a mapping id1 -> id2 stored in this registry.
CA can make authorization decisions based on this registry. By creating a mapping id1 -> id2, CA will approve CSRs sent only by services running as id1 for identity id2.
func (*IdentityRegistry) AddMapping ¶
func (reg *IdentityRegistry) AddMapping(id1, id2 string) error
AddMapping adds a mapping id1 -> id2. If id1 is already mapped to something else, add fails.
func (*IdentityRegistry) Check ¶
func (reg *IdentityRegistry) Check(id1, id2 string) bool
Check checks whether id1 is mapped to id2
func (*IdentityRegistry) DeleteMapping ¶
func (reg *IdentityRegistry) DeleteMapping(id1, id2 string) error
DeleteMapping attempts to delete mapping id1 -> id2. If id1 is already mapped to a different identity, deletion fails
type Registry ¶
type Registry interface {
Check(string, string) bool
AddMapping(string, string) error
DeleteMapping(string, string) error
}
Registry is the standard interface for identity registry implementation
func GetIdentityRegistry ¶
func GetIdentityRegistry() Registry
GetIdentityRegistry returns the identity registry object
Source Files
Directories