Documentation ¶
Index ¶
- Constants
- Variables
- func Handler(props *vault.HandlerProperties) http.Handler
- func TestListener(tb testing.TB) (net.Listener, string)
- func TestServer(tb testing.TB, core *vault.Core) (net.Listener, string)
- func TestServerAuth(tb testing.TB, addr string, token string)
- func TestServerWithListener(tb testing.TB, ln net.Listener, addr string, core *vault.Core)
- func TestServerWithListenerAndProperties(tb testing.TB, ln net.Listener, addr string, core *vault.Core, ...)
- func WrapForwardedForHandler(h http.Handler, authorizedAddrs []*sockaddr.SockAddrMarshaler, ...) http.Handler
- type ErrorResponse
- type GenerateRootInitRequest
- type GenerateRootStatusResponse
- type GenerateRootUpdateRequest
- type HealthResponse
- type InitRequest
- type InitResponse
- type InitStatusResponse
- type LeaderResponse
- type PrepareRequestFunc
- type RekeyRequest
- type RekeyStatusResponse
- type RekeyUpdateRequest
- type RekeyUpdateResponse
- type RekeyVerificationStatusResponse
- type RekeyVerificationUpdateRequest
- type RekeyVerificationUpdateResponse
- type SealStatusResponse
- type UIAssetWrapper
- type UnsealRequest
Constants ¶
View Source
const ( // AuthHeaderName is the name of the header containing the token. AuthHeaderName = "X-Vault-Token" // WrapTTLHeaderName is the name of the header containing a directive to // wrap the response WrapTTLHeaderName = "X-Vault-Wrap-TTL" // WrapFormatHeaderName is the name of the header containing the format to // wrap in; has no effect if the wrap TTL is not set WrapFormatHeaderName = "X-Vault-Wrap-Format" // NoRequestForwardingHeaderName is the name of the header telling Vault // not to use request forwarding NoRequestForwardingHeaderName = "X-Vault-No-Request-Forwarding" // MFAHeaderName represents the HTTP header which carries the credentials // required to perform MFA on any path. MFAHeaderName = "X-Vault-MFA" // PolicyOverrideHeaderName is the header set to request overriding // soft-mandatory Sentinel policies. PolicyOverrideHeaderName = "X-Vault-Policy-Override" // DefaultMaxRequestSize is the default maximum accepted request size. This // is to prevent a denial of service attack where no Content-Length is // provided and the server is fed ever more data until it exhausts memory. // Can be overridden per listener. DefaultMaxRequestSize = 32 * 1024 * 1024 )
Variables ¶
View Source
var (
ReplicationStaleReadTimeout = 2 * time.Second
)
Functions ¶
func Handler ¶
func Handler(props *vault.HandlerProperties) http.Handler
Handler returns an http.Handler for the API. This can be used on its own to mount the Vault API within another web server.
func TestServerWithListener ¶
func TestServerWithListenerAndProperties ¶ added in v0.10.4
func WrapForwardedForHandler ¶ added in v0.10.1
Types ¶
type ErrorResponse ¶
type ErrorResponse struct {
Errors []string `json:"errors"`
}
type GenerateRootInitRequest ¶ added in v0.5.0
type GenerateRootStatusResponse ¶ added in v0.5.0
type GenerateRootStatusResponse struct { Nonce string `json:"nonce"` Started bool `json:"started"` Progress int `json:"progress"` Required int `json:"required"` Complete bool `json:"complete"` EncodedToken string `json:"encoded_token"` EncodedRootToken string `json:"encoded_root_token"` PGPFingerprint string `json:"pgp_fingerprint"` }
type GenerateRootUpdateRequest ¶ added in v0.5.0
type HealthResponse ¶
type HealthResponse struct { Initialized bool `json:"initialized"` Sealed bool `json:"sealed"` Standby bool `json:"standby"` ReplicationPerformanceMode string `json:"replication_performance_mode"` ReplicationDRMode string `json:"replication_dr_mode"` ServerTimeUTC int64 `json:"server_time_utc"` Version string `json:"version"` ClusterName string `json:"cluster_name,omitempty"` ClusterID string `json:"cluster_id,omitempty"` }
type InitRequest ¶
type InitResponse ¶
type InitStatusResponse ¶
type InitStatusResponse struct {
Initialized bool `json:"initialized"`
}
type LeaderResponse ¶
type PrepareRequestFunc ¶ added in v0.6.0
type RekeyRequest ¶ added in v0.2.0
type RekeyStatusResponse ¶ added in v0.2.0
type RekeyStatusResponse struct { Nonce string `json:"nonce"` Started bool `json:"started"` T int `json:"t"` N int `json:"n"` Progress int `json:"progress"` Required int `json:"required"` PGPFingerprints []string `json:"pgp_fingerprints"` Backup bool `json:"backup"` VerificationRequired bool `json:"verification_required"` VerificationNonce string `json:"verification_nonce,omitempty"` }
type RekeyUpdateRequest ¶ added in v0.2.0
type RekeyUpdateResponse ¶ added in v0.2.0
type RekeyUpdateResponse struct { Nonce string `json:"nonce"` Complete bool `json:"complete"` Keys []string `json:"keys"` KeysB64 []string `json:"keys_base64"` PGPFingerprints []string `json:"pgp_fingerprints"` Backup bool `json:"backup"` VerificationRequired bool `json:"verification_required"` VerificationNonce string `json:"verification_nonce,omitempty"` }
type RekeyVerificationStatusResponse ¶ added in v0.10.2
type RekeyVerificationUpdateRequest ¶ added in v0.10.2
type RekeyVerificationUpdateResponse ¶ added in v0.10.2
type SealStatusResponse ¶
type SealStatusResponse struct { Type string `json:"type"` Sealed bool `json:"sealed"` T int `json:"t"` N int `json:"n"` Progress int `json:"progress"` Nonce string `json:"nonce"` Version string `json:"version"` ClusterName string `json:"cluster_name,omitempty"` ClusterID string `json:"cluster_id,omitempty"` }
type UIAssetWrapper ¶ added in v0.10.0
type UIAssetWrapper struct {
FileSystem *assetfs.AssetFS
}
type UnsealRequest ¶
Click to show internal directories.
Click to hide internal directories.