upstreamauthorityv0

package
v1.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_spire_plugin_server_upstreamauthority_v0_upstreamauthority_proto protoreflect.FileDescriptor
View Source 
var UpstreamAuthority_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "spire.server.upstreamauthority.UpstreamAuthority",
	HandlerType: (*UpstreamAuthorityServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "Configure",
			Handler:    _UpstreamAuthority_Configure_Handler,
		},
		{
			MethodName: "GetPluginInfo",
			Handler:    _UpstreamAuthority_GetPluginInfo_Handler,
		},
	},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "MintX509CA",
			Handler:       _UpstreamAuthority_MintX509CA_Handler,
			ServerStreams: true,
		},
		{
			StreamName:    "PublishJWTKey",
			Handler:       _UpstreamAuthority_PublishJWTKey_Handler,
			ServerStreams: true,
		},
	},
	Metadata: "spire/plugin/server/upstreamauthority/v0/upstreamauthority.proto",
}

UpstreamAuthority_ServiceDesc is the grpc.ServiceDesc for UpstreamAuthority service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func RegisterUpstreamAuthorityServer 

func RegisterUpstreamAuthorityServer(s grpc.ServiceRegistrar, srv UpstreamAuthorityServer)

func UpstreamAuthorityPluginServer 

func UpstreamAuthorityPluginServer(server UpstreamAuthorityServer) pluginsdk.PluginServer

Types

type MintX509CARequest 

type MintX509CARequest struct {

	// Certificate signing request (PKCS#10)
	Csr []byte `protobuf:"bytes,1,opt,name=csr,proto3" json:"csr,omitempty"`
	// Preferred TTL is the TTL preferred by SPIRE server for signed CA. If
	// zero, the plugin should determine its own TTL value. Plugins are free to
	// ignore this and use their own policies around TTLs.
	PreferredTtl int32 `protobuf:"varint,2,opt,name=preferred_ttl,json=preferredTtl,proto3" json:"preferred_ttl,omitempty"`
	// contains filtered or unexported fields
}

func (*MintX509CARequest) Descriptor deprecated 

func (*MintX509CARequest) Descriptor() ([]byte, []int)

Deprecated: Use MintX509CARequest.ProtoReflect.Descriptor instead.

func (*MintX509CARequest) GetCsr 

func (x *MintX509CARequest) GetCsr() []byte

func (*MintX509CARequest) GetPreferredTtl 

func (x *MintX509CARequest) GetPreferredTtl() int32

func (*MintX509CARequest) ProtoMessage 

func (*MintX509CARequest) ProtoMessage()

func (*MintX509CARequest) ProtoReflect 

func (x *MintX509CARequest) ProtoReflect() protoreflect.Message

func (*MintX509CARequest) Reset 

func (x *MintX509CARequest) Reset()

func (*MintX509CARequest) String 

func (x *MintX509CARequest) String() string

type MintX509CAResponse 

type MintX509CAResponse struct {

	// Contains ASN.1 encoded certificates representing the X.509 CA along with
	// any intermediates necessary to chain back to a certificate present in
	// the upstream_x509_roots.
	X509CaChain [][]byte `protobuf:"bytes,1,rep,name=x509_ca_chain,json=x509CaChain,proto3" json:"x509_ca_chain,omitempty"`
	// The trusted X.509 root authorities for the upstream authority
	UpstreamX509Roots [][]byte `protobuf:"bytes,2,rep,name=upstream_x509_roots,json=upstreamX509Roots,proto3" json:"upstream_x509_roots,omitempty"`
	// contains filtered or unexported fields
}

func (*MintX509CAResponse) Descriptor deprecated 

func (*MintX509CAResponse) Descriptor() ([]byte, []int)

Deprecated: Use MintX509CAResponse.ProtoReflect.Descriptor instead.

func (*MintX509CAResponse) GetUpstreamX509Roots 

func (x *MintX509CAResponse) GetUpstreamX509Roots() [][]byte

func (*MintX509CAResponse) GetX509CaChain 

func (x *MintX509CAResponse) GetX509CaChain() [][]byte

func (*MintX509CAResponse) ProtoMessage 

func (*MintX509CAResponse) ProtoMessage()

func (*MintX509CAResponse) ProtoReflect 

func (x *MintX509CAResponse) ProtoReflect() protoreflect.Message

func (*MintX509CAResponse) Reset 

func (x *MintX509CAResponse) Reset()

func (*MintX509CAResponse) String 

func (x *MintX509CAResponse) String() string

type PublishJWTKeyRequest 

type PublishJWTKeyRequest struct {

	// The JWT signing key to publish upstream
	JwtKey *common.PublicKey `protobuf:"bytes,1,opt,name=jwt_key,json=jwtKey,proto3" json:"jwt_key,omitempty"`
	// contains filtered or unexported fields
}

func (*PublishJWTKeyRequest) Descriptor deprecated 

func (*PublishJWTKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use PublishJWTKeyRequest.ProtoReflect.Descriptor instead.

func (*PublishJWTKeyRequest) GetJwtKey 

func (x *PublishJWTKeyRequest) GetJwtKey() *common.PublicKey

func (*PublishJWTKeyRequest) ProtoMessage 

func (*PublishJWTKeyRequest) ProtoMessage()

func (*PublishJWTKeyRequest) ProtoReflect 

func (x *PublishJWTKeyRequest) ProtoReflect() protoreflect.Message

func (*PublishJWTKeyRequest) Reset 

func (x *PublishJWTKeyRequest) Reset()

func (*PublishJWTKeyRequest) String 

func (x *PublishJWTKeyRequest) String() string

type PublishJWTKeyResponse 

type PublishJWTKeyResponse struct {

	// The upstream JWT signing keys
	UpstreamJwtKeys []*common.PublicKey `protobuf:"bytes,1,rep,name=upstream_jwt_keys,json=upstreamJwtKeys,proto3" json:"upstream_jwt_keys,omitempty"`
	// contains filtered or unexported fields
}

func (*PublishJWTKeyResponse) Descriptor deprecated 

func (*PublishJWTKeyResponse) Descriptor() ([]byte, []int)

Deprecated: Use PublishJWTKeyResponse.ProtoReflect.Descriptor instead.

func (*PublishJWTKeyResponse) GetUpstreamJwtKeys 

func (x *PublishJWTKeyResponse) GetUpstreamJwtKeys() []*common.PublicKey

func (*PublishJWTKeyResponse) ProtoMessage 

func (*PublishJWTKeyResponse) ProtoMessage()

func (*PublishJWTKeyResponse) ProtoReflect 

func (x *PublishJWTKeyResponse) ProtoReflect() protoreflect.Message

func (*PublishJWTKeyResponse) Reset 

func (x *PublishJWTKeyResponse) Reset()

func (*PublishJWTKeyResponse) String 

func (x *PublishJWTKeyResponse) String() string

type UnimplementedUpstreamAuthorityServer 

type UnimplementedUpstreamAuthorityServer struct {
}

UnimplementedUpstreamAuthorityServer must be embedded to have forward compatible implementations.

func (UnimplementedUpstreamAuthorityServer) Configure 

func (UnimplementedUpstreamAuthorityServer) Configure(context.Context, *plugin.ConfigureRequest) (*plugin.ConfigureResponse, error)

func (UnimplementedUpstreamAuthorityServer) GetPluginInfo 

func (UnimplementedUpstreamAuthorityServer) GetPluginInfo(context.Context, *plugin.GetPluginInfoRequest) (*plugin.GetPluginInfoResponse, error)

func (UnimplementedUpstreamAuthorityServer) MintX509CA 

func (UnimplementedUpstreamAuthorityServer) MintX509CA(*MintX509CARequest, UpstreamAuthority_MintX509CAServer) error

func (UnimplementedUpstreamAuthorityServer) PublishJWTKey 

func (UnimplementedUpstreamAuthorityServer) PublishJWTKey(*PublishJWTKeyRequest, UpstreamAuthority_PublishJWTKeyServer) error

type UnsafeUpstreamAuthorityServer 

type UnsafeUpstreamAuthorityServer interface {
	// contains filtered or unexported methods
}

UnsafeUpstreamAuthorityServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to UpstreamAuthorityServer will result in compilation errors.

type UpstreamAuthorityClient 

type UpstreamAuthorityClient interface {
	// Mints an X.509 CA and responds with the signed X.509 CA certificate
	// chain and upstream X.509 roots. If supported by the implementation,
	// subsequent responses on the stream contain upstream X.509 root updates,
	// otherwise the RPC is completed after sending the initial response.
	//
	// Implementation note:
	// The stream should be kept open in the face of transient errors
	// encountered while tracking changes to the upstream X.509 roots as SPIRE
	// core will not reopen a closed stream until the next X.509 CA rotation.
	MintX509CA(ctx context.Context, in *MintX509CARequest, opts ...grpc.CallOption) (UpstreamAuthority_MintX509CAClient, error)
	// Publishes a JWT signing key upstream and responds with the upstream JWT
	// keys. If supported by the implementation, subsequent responses on the
	// stream contain upstream JWT key updates, otherwise the RPC is completed
	// after sending the initial response.
	//
	// This RPC is optional and will return NotImplemented if unsupported.
	//
	// Implementation note:
	// The stream should be kept open in the face of transient errors
	// encountered while tracking changes to the upstream JWT keys as SPIRE
	// core will not reopen a closed stream until the next JWT key rotation.
	PublishJWTKey(ctx context.Context, in *PublishJWTKeyRequest, opts ...grpc.CallOption) (UpstreamAuthority_PublishJWTKeyClient, error)
	// Standard SPIRE plugin RPCs
	Configure(ctx context.Context, in *plugin.ConfigureRequest, opts ...grpc.CallOption) (*plugin.ConfigureResponse, error)
	GetPluginInfo(ctx context.Context, in *plugin.GetPluginInfoRequest, opts ...grpc.CallOption) (*plugin.GetPluginInfoResponse, error)
}

UpstreamAuthorityClient is the client API for UpstreamAuthority service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewUpstreamAuthorityClient 

func NewUpstreamAuthorityClient(cc grpc.ClientConnInterface) UpstreamAuthorityClient

type UpstreamAuthorityPluginClient 

type UpstreamAuthorityPluginClient struct {
	UpstreamAuthorityClient
}

func (*UpstreamAuthorityPluginClient) GRPCServiceName 

func (c *UpstreamAuthorityPluginClient) GRPCServiceName() string

func (*UpstreamAuthorityPluginClient) InitClient 

func (c *UpstreamAuthorityPluginClient) InitClient(conn grpc.ClientConnInterface) interface{}

func (*UpstreamAuthorityPluginClient) IsInitialized 

func (c *UpstreamAuthorityPluginClient) IsInitialized() bool

func (UpstreamAuthorityPluginClient) Type 

func (s UpstreamAuthorityPluginClient) Type() string

type UpstreamAuthorityServer 

type UpstreamAuthorityServer interface {
	// Mints an X.509 CA and responds with the signed X.509 CA certificate
	// chain and upstream X.509 roots. If supported by the implementation,
	// subsequent responses on the stream contain upstream X.509 root updates,
	// otherwise the RPC is completed after sending the initial response.
	//
	// Implementation note:
	// The stream should be kept open in the face of transient errors
	// encountered while tracking changes to the upstream X.509 roots as SPIRE
	// core will not reopen a closed stream until the next X.509 CA rotation.
	MintX509CA(*MintX509CARequest, UpstreamAuthority_MintX509CAServer) error
	// Publishes a JWT signing key upstream and responds with the upstream JWT
	// keys. If supported by the implementation, subsequent responses on the
	// stream contain upstream JWT key updates, otherwise the RPC is completed
	// after sending the initial response.
	//
	// This RPC is optional and will return NotImplemented if unsupported.
	//
	// Implementation note:
	// The stream should be kept open in the face of transient errors
	// encountered while tracking changes to the upstream JWT keys as SPIRE
	// core will not reopen a closed stream until the next JWT key rotation.
	PublishJWTKey(*PublishJWTKeyRequest, UpstreamAuthority_PublishJWTKeyServer) error
	// Standard SPIRE plugin RPCs
	Configure(context.Context, *plugin.ConfigureRequest) (*plugin.ConfigureResponse, error)
	GetPluginInfo(context.Context, *plugin.GetPluginInfoRequest) (*plugin.GetPluginInfoResponse, error)
	// contains filtered or unexported methods
}

UpstreamAuthorityServer is the server API for UpstreamAuthority service. All implementations must embed UnimplementedUpstreamAuthorityServer for forward compatibility

type UpstreamAuthority_MintX509CAClient 

type UpstreamAuthority_MintX509CAClient interface {
	Recv() (*MintX509CAResponse, error)
	grpc.ClientStream
}

type UpstreamAuthority_MintX509CAServer 

type UpstreamAuthority_MintX509CAServer interface {
	Send(*MintX509CAResponse) error
	grpc.ServerStream
}

type UpstreamAuthority_PublishJWTKeyClient 

type UpstreamAuthority_PublishJWTKeyClient interface {
	Recv() (*PublishJWTKeyResponse, error)
	grpc.ClientStream
}

type UpstreamAuthority_PublishJWTKeyServer 

type UpstreamAuthority_PublishJWTKeyServer interface {
	Send(*PublishJWTKeyResponse) error
	grpc.ServerStream
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.