Documentation ¶
Index ¶
- func BuiltIn() catalog.BuiltIn
- type Config
- type Plugin
- func (p *Plugin) Configure(_ context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)
- func (p *Plugin) MintX509CAAndSubscribe(req *upstreamauthorityv1.MintX509CARequest, ...) error
- func (p *Plugin) PublishJWTKeyAndSubscribe(_ *upstreamauthorityv1.PublishJWTKeyRequest, ...) error
- func (p *Plugin) SetLogger(logger hclog.Logger)
- func (p *Plugin) Validate(_ context.Context, req *configv1.ValidateRequest) (*configv1.ValidateResponse, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config struct { Hostname string `hcl:"hostname" json:"hostname"` CaCertPath string `hcl:"ca_cert_path" json:"ca_cert_path"` ClientCertPath string `hcl:"client_cert_path" json:"client_cert_path"` ClientCertKeyPath string `hcl:"client_cert_key_path" json:"client_cert_key_path"` CAName string `hcl:"ca_name" json:"ca_name"` EndEntityProfileName string `hcl:"end_entity_profile_name" json:"end_entity_profile_name"` CertificateProfileName string `hcl:"certificate_profile_name" json:"certificate_profile_name"` DefaultEndEntityName string `hcl:"end_entity_name" json:"end_entity_name"` AccountBindingID string `hcl:"account_binding_id" json:"account_binding_id"` }
Config defines the configuration for the plugin.
type Plugin ¶
type Plugin struct { // UnimplementedUpstreamAuthorityServer is embedded to satisfy gRPC upstreamauthorityv1.UnimplementedUpstreamAuthorityServer // UnimplementedConfigServer is embedded to satisfy gRPC configv1.UnimplementedConfigServer // contains filtered or unexported fields }
Plugin implements the UpstreamAuthority plugin
func (*Plugin) Configure ¶
func (p *Plugin) Configure(_ context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)
Configure configures the EJBCA UpstreamAuthority plugin. This is invoked by SPIRE when the plugin is first loaded. After the first invocation, it may be used to reconfigure the plugin.
func (*Plugin) MintX509CAAndSubscribe ¶
func (p *Plugin) MintX509CAAndSubscribe(req *upstreamauthorityv1.MintX509CARequest, stream upstreamauthorityv1.UpstreamAuthority_MintX509CAAndSubscribeServer) error
MintX509CAAndSubscribe implements the UpstreamAuthority MintX509CAAndSubscribe RPC. Mints an X.509 CA and responds with the signed X.509 CA certificate chain and upstream X.509 roots. The stream is kept open but new roots will not be published unless the CA is rotated and a new X.509 CA is minted.
Implementation note:
- It's important that the EJBCA Certificate Profile and End Entity Profile are properly configured before using this plugin. The plugin does not attempt to configure these profiles.
func (*Plugin) PublishJWTKeyAndSubscribe ¶
func (p *Plugin) PublishJWTKeyAndSubscribe(_ *upstreamauthorityv1.PublishJWTKeyRequest, _ upstreamauthorityv1.UpstreamAuthority_PublishJWTKeyAndSubscribeServer) error
The EJBCA UpstreamAuthority plugin does not support publishing JWT keys.
func (*Plugin) SetLogger ¶
func (p *Plugin) SetLogger(logger hclog.Logger)
SetLogger is called by the framework when the plugin is loaded and provides the plugin with a logger wired up to SPIRE's logging facilities.
func (*Plugin) Validate ¶
func (p *Plugin) Validate(_ context.Context, req *configv1.ValidateRequest) (*configv1.ValidateResponse, error)