azure

package

v0.1.1 Latest Latest Go to latest Published: Nov 2, 2022 License: BSD-2-Clause Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/thalesgroup/sshizzle

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetServicePrincipalTokenFromMSI(ctx context.Context, endpoint string) (*adal.ServicePrincipalToken, error)
func InvokeSignFunction(publicKey *ssh.PublicKey, funcHost string, oauthConfig *oauth2.Config, ...) (*ssh.Certificate, error)
type FunctionPayload
type FunctionResponse
type KeyVaultSigner
- func NewKeyVaultSigner(client *keyvault.BaseClient, keyVaultName string, key string) *KeyVaultSigner
- func (s *KeyVaultSigner) Public() crypto.PublicKey
- func (s *KeyVaultSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
type MSIResourceToken

Constants ¶

View Source

const KeyVaultRequestTimeout = 20 * time.Second

Timeout for all calls to Azure Key Vault

Variables ¶

This section is empty.

Functions ¶

func GetServicePrincipalTokenFromMSI ¶

func GetServicePrincipalTokenFromMSI(ctx context.Context, endpoint string) (*adal.ServicePrincipalToken, error)

GetServicePrincipalTokenFromMSI gets a standard Service Principal Token from a Managed Service Identity that's assigned to an Azure Function.

func InvokeSignFunction ¶

func InvokeSignFunction(publicKey *ssh.PublicKey, funcHost string, oauthConfig *oauth2.Config, token *oauth2.Token) (*ssh.Certificate, error)

InvokeSignFunction invokes the sshizzle-ca on Azure Functions with a given OAuth config and token

Types ¶

type FunctionPayload ¶

type FunctionPayload struct {
	PublicKey string `json:"public_key"`
}

FunctionPayload is the payload structure for the Azure Function

type FunctionResponse ¶

type FunctionResponse struct {
	Response string `json:"response"`
}

FunctionResponse is the structure for a response from the Azure Function

type KeyVaultSigner ¶

type KeyVaultSigner struct {
	crypto.Signer
	// contains filtered or unexported fields
}

KeyVaultSigner an Azure Key Vault signer

func NewKeyVaultSigner ¶

func NewKeyVaultSigner(client *keyvault.BaseClient, keyVaultName string, key string) *KeyVaultSigner

NewKeyVaultSigner returns a new instance of a KeyVaultSigner

func (*KeyVaultSigner) Public ¶

func (s *KeyVaultSigner) Public() crypto.PublicKey

Public returns the PublicKey from an Azure Key Vault Key

func (*KeyVaultSigner) Sign ¶

func (s *KeyVaultSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign a digest with the private key in Azure Key Vault

type MSIResourceToken ¶

type MSIResourceToken struct {
	AccessToken string      `json:"access_token"`
	ExpiresOn   json.Number `json:"expires_on"`
	Resource    string      `json:"resource"`
	TokenType   string      `json:"token_type"`
	ClientID    string      `json:"client_id"`
}

MSIResourceToken represents an Identity Token provided by an Azure Managed Service Identity

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL