Documentation ¶
Overview ¶
Package registry provides access to the Arigato registry REST API.
Index ¶
- type ClaimTree
- type ClaimTreeClient
- type ClaimedKeyPair
- type Client
- func (c *Client) Do(ctx context.Context, r *http.Request, v interface{}) (*http.Response, error)
- func (c *Client) NewRequest(method, path string, query *url.Values, body interface{}) (*http.Request, error)
- func (c *Client) NewTokenRequest(token, method, path string, query *url.Values, body interface{}) (*http.Request, error)
- type CredentialTree
- type CredentialTreeClient
- type Credentials
- type Error
- type KeyPairs
- type KeyringClient
- type KeyringMemberClient
- type KeyringSection
- type MembershipsClient
- type OrgInviteClient
- type Orgs
- type PublicKeySegment
- type TeamsClient
- type Tokens
- type Users
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClaimTree ¶
type ClaimTree struct { Org *envelope.Signed `json:"org"` PublicKeys []PublicKeySegment `json:"public_keys"` }
ClaimTree represents an organizations claim tree which contains public signing and encryption keys for every member.
type ClaimTreeClient ¶
type ClaimTreeClient struct {
// contains filtered or unexported fields
}
ClaimTreeClient represents the `/claimtree` registry endpoint, used for retrieving the public keys and their associated claims for an organization.
type ClaimedKeyPair ¶
type ClaimedKeyPair struct { PublicKey *envelope.Signed `json:"public_key"` PrivateKey *envelope.Signed `json:"private_key"` Claims []envelope.Signed `json:"claims"` }
ClaimedKeyPair contains a public/private keypair, and all the Claims made against it (system and user signatures).
type Client ¶
type Client struct { KeyPairs *KeyPairs Tokens *Tokens Users *Users Teams *TeamsClient Memberships *MembershipsClient Credentials *Credentials Orgs *Orgs OrgInvite *OrgInviteClient Keyring *KeyringClient KeyringMember *KeyringMemberClient ClaimTree *ClaimTreeClient CredentialTree *CredentialTreeClient // contains filtered or unexported fields }
Client exposes the registry REST API.
func NewClient ¶
func NewClient(prefix string, apiVersion string, version string, sess session.Session, t *http.Transport) *Client
NewClient returns a new Client.
func (*Client) Do ¶
Do executes an http.Request, populating v with the JSON response on success.
If the request errors with a JSON formatted response body, it will be unmarshaled into the returned error.
func (*Client) NewRequest ¶
func (c *Client) NewRequest(method, path string, query *url.Values, body interface{}) (*http.Request, error)
NewRequest constructs a new http.Request, with a body containing the json representation of body, if provided.
func (*Client) NewTokenRequest ¶
func (c *Client) NewTokenRequest(token, method, path string, query *url.Values, body interface{}) (*http.Request, error)
NewTokenRequest constructs a new http.Request, with a body containing the json representation of body, if provided.
The request will be authorized with the provided token.
type CredentialTree ¶
type CredentialTree struct { Keyring *envelope.Signed `json:"keyring"` Members []envelope.Signed `json:"members"` Credentials []envelope.Signed `json:"credentials"` }
CredentialTree represents a Keyring, it's members, and associated Credentials.
type CredentialTreeClient ¶
type CredentialTreeClient struct {
// contains filtered or unexported fields
}
CredentialTreeClient represents the `/credentialtree` registry endpoint, user for retrieving keyrings, keyring members, and credentials associated with claims.
func (*CredentialTreeClient) List ¶
func (c *CredentialTreeClient) List(name, path, pathexp string, ownerID *identity.ID) ([]CredentialTree, error)
List returns back all segments of the CredentialGraph (Keyring, Keyring Members, and Credentials) that match the given name, path, or path expression.
func (*CredentialTreeClient) Post ¶
func (c *CredentialTreeClient) Post(t *CredentialTree) (*CredentialTree, error)
Post creates a new CredentialTree on the registry.
The CredentialTree includes the keyring, it's members, and credentials.
type Credentials ¶
type Credentials struct {
// contains filtered or unexported fields
}
Credentials represents the `/credentials` registry endpoint, used for accessing encrypted credentials/secrets.
type KeyPairs ¶
type KeyPairs struct {
// contains filtered or unexported fields
}
KeyPairs represents the `/keypairs` registry endpoint, used for accessing users' signing and encryption keypairs.
func (*KeyPairs) List ¶
func (k *KeyPairs) List(orgID *identity.ID) ([]ClaimedKeyPair, error)
List returns all KeyPairs for the logged in user in the given, or all orgs if orgID is nil.
func (*KeyPairs) Post ¶
func (k *KeyPairs) Post(pubKey, privKey, claim *envelope.Signed) ( *envelope.Signed, *envelope.Signed, []envelope.Signed, error)
Post creates a new keypair on the registry.
The keypair includes the user's public key, private key, and a self-signed claim on the public key.
keys may be either signing or encryption keys.
type KeyringClient ¶
type KeyringClient struct {
// contains filtered or unexported fields
}
KeyringClient represents the `/keyrings` registry end point for accessing keyrings the user or machine belong too.
func (*KeyringClient) List ¶
func (k *KeyringClient) List(orgID *identity.ID, ownerID *identity.ID) ([]KeyringSection, error)
List retrieves an array of KeyringSections from the registry.
type KeyringMemberClient ¶
type KeyringMemberClient struct {
// contains filtered or unexported fields
}
KeyringMemberClient represents the `/keyring-members` registry end point for accessand creating memberships related to a set of Keyrings.
type KeyringSection ¶
type KeyringSection struct { Keyring *envelope.Signed `json:"keyring"` Members []envelope.Signed `json:"members"` }
KeyringSection represents a section of the CredentialTree only pertaining to a keyring and it's membership.
type MembershipsClient ¶
type MembershipsClient struct {
// contains filtered or unexported fields
}
MembershipsClient represents the `/memberships` registry endpoint, used for accessing the relationship between users, organization, and teams.
type OrgInviteClient ¶
type OrgInviteClient struct {
// contains filtered or unexported fields
}
OrgInviteClient represents the `/org-invites` registry endpoint, used for sending, accepting, and approving invitations to organizations in Arigato.
type Orgs ¶
type Orgs struct {
// contains filtered or unexported fields
}
Orgs represents the `/orgs` registry endpoint, used for accessing organizations stored in Arigato.
type PublicKeySegment ¶
type PublicKeySegment struct { Key *envelope.Signed `json:"public_key"` Claims []envelope.Signed `json:"claims"` }
PublicKeySegment represents a sub section of a claimtree targeting a specific public key and it's claims.
type TeamsClient ¶
type TeamsClient struct {
// contains filtered or unexported fields
}
TeamsClient represents the `/teams` registry endpoint, used for accessing teams stored in Arigato.
type Tokens ¶
type Tokens struct {
// contains filtered or unexported fields
}
Tokens represents the registry '/tokens' endpoints, used for session management.
Logging in is a two step process. We must first request a login token. This token is then HMAC'd and returned to the server, exchanging it for an auth token, which is used for all other operations.
func (*Tokens) Delete ¶
Delete deletes the token with the provided value from the registry. This effectively logs a user out.