upstreamauthority

package
v1.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 17, 2023 License: Apache-2.0 Imports: 13 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Repository added in v1.0.0

type Repository struct {
	UpstreamAuthority UpstreamAuthority
}

func (*Repository) Clear added in v1.0.0

func (repo *Repository) Clear()

func (*Repository) ClearUpstreamAuthority added in v1.0.0

func (repo *Repository) ClearUpstreamAuthority()

func (*Repository) GetUpstreamAuthority added in v1.0.0

func (repo *Repository) GetUpstreamAuthority() (UpstreamAuthority, bool)

func (*Repository) SetUpstreamAuthority added in v1.0.0

func (repo *Repository) SetUpstreamAuthority(upstreamAuthority UpstreamAuthority)

type UpstreamAuthority

type UpstreamAuthority interface {
	catalog.PluginInfo

	// MintX509CA sends a CSR to the upstream authority for minting, using the
	// preferred TTL. The preferred TTL is advisory only. Upstream Authorities
	// may choose a different value.  The function returns the newly minted CA,
	// the most recent set of upstream X.509 authorities, and a stream for
	// streaming upstream X.509 authority updates. The returned stream MUST be
	// closed when the caller is no longer interested in updates. If the
	// upstream authority does not support streaming updates, the stream will
	// return io.EOF when called.
	MintX509CA(ctx context.Context, csr []byte, preferredTTL time.Duration) (x509CA, upstreamX509Authorities []*x509.Certificate, stream UpstreamX509AuthorityStream, err error)

	// PublishJWTKey publishes the given JWT key with the upstream authority.
	// Support for this method is optional. Implementations that do not support
	// publishing JWT keys upstream return NotImplemented.
	// The function returns the latest set of upstream JWT authorities and a
	// stream for streaming upstream JWT authority updates. The returned stream
	// MUST be closed when the caller is no longer interested in updates. If
	// the upstream authority does not support streaming updates, the stream
	// will return io.EOF when called.
	PublishJWTKey(ctx context.Context, jwtKey *common.PublicKey) (jwtAuthorities []*common.PublicKey, stream UpstreamJWTAuthorityStream, err error)
}

type UpstreamJWTAuthorityStream added in v1.0.0

type UpstreamJWTAuthorityStream interface {
	// RecvUpstreamJWTAuthorities returns the latest set of upstream X.509
	// authorities. The call blocks until the update is received, the Close()
	// method is called, or the context originally passed into MintX509CA is
	// canceled. If the function returns an error, no more updates will be
	// available over the stream.
	RecvUpstreamJWTAuthorities() ([]*common.PublicKey, error)

	// Close() closes the stream. It MUST be called by callers of PublishJWTKey
	// when they are done with the stream.
	Close()
}

type UpstreamX509AuthorityStream added in v1.0.0

type UpstreamX509AuthorityStream interface {
	// RecvUpstreamX509Authorities returns the latest set of upstream X.509
	// authorities. The call blocks until the update is received, the Close()
	// method is called, or the context originally passed into MintX509CA is
	// canceled. If the function returns an error, no more updates will be
	// available over the stream.
	RecvUpstreamX509Authorities() ([]*x509.Certificate, error)

	// Close() closes the stream. It MUST be called by callers of MintX509CA
	// when they are done with the stream.
	Close()
}

type V1 added in v1.0.0

func (*V1) MintX509CA added in v1.0.0

func (v1 *V1) MintX509CA(ctx context.Context, csr []byte, preferredTTL time.Duration) (_, _ []*x509.Certificate, _ UpstreamX509AuthorityStream, err error)

MintX509CA provides the V1 implementation of the UpstreamAuthority interface method of the same name.

func (*V1) PublishJWTKey added in v1.0.0

func (v1 *V1) PublishJWTKey(ctx context.Context, jwtKey *common.PublicKey) (_ []*common.PublicKey, _ UpstreamJWTAuthorityStream, err error)

PublishJWTKey provides the V1 implementation of the UpstreamAuthority interface method of the same name.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL