Documentation ¶
Overview ¶
Package primitive contains definitions of the primitive types used in ag.
Index ¶
Constants ¶
const ( SignatureClaimType = "signature" RevocationClaimType = "revocation" )
Types of claims that can be made against public keys.
const ( OrgInvitePendingState = "pending" OrgInviteAssociatedState = "associated" OrgInviteAcceptedState = "accepted" OrgInviteApprovedState = "approved" )
Org Invitations exist in four states: pending, associated, accepted, and approved.
const ( SystemTeam = "system" UserTeam = "user" )
There are two types of teams: system and user. System teams are managed by the Arigato registry.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Claim ¶
type Claim struct { Created time.Time `json:"created_at"` OrgID *identity.ID `json:"org_id"` OwnerID *identity.ID `json:"owner_id"` Previous *identity.ID `json:"previous"` PublicKeyID *identity.ID `json:"public_key_id"` KeyType string `json:"type"` // contains filtered or unexported fields }
Claim is a signature or revocation claim against a public key.
type Credential ¶
type Credential struct { Credential *CredentialValue `json:"credential"` KeyringID *identity.ID `json:"keyring_id"` Name string `json:"name"` Nonce *base64.Value `json:"nonce"` OrgID *identity.ID `json:"org_id"` PathExp string `json:"pathexp"` Previous *identity.ID `json:"previous"` ProjectID *identity.ID `json:"project_id"` CredentialVersion int `json:"version"` // contains filtered or unexported fields }
Credential is a secret value shared between a group of services based on users identity, operating environment, project, and organization
func (*Credential) Type ¶
func (c *Credential) Type() byte
Type returns the enumerated byte representation of Credential
type CredentialValue ¶
type CredentialValue struct { Algorithm string `json:"alg"` Nonce *base64.Value `json:"nonce"` Value *base64.Value `json:"value"` }
CredentialValue is the secretbox encrypted value of the containing Credential.
type Keyring ¶
type Keyring struct { Created time.Time `json:"created_at"` OrgID *identity.ID `json:"org_id"` PathExp string `json:"pathexp"` Previous *identity.ID `json:"previous"` ProjectID *identity.ID `json:"project_id"` KeyringVersion int `json:"version"` // contains filtered or unexported fields }
Keyring is a mechanism for sharing a shared secret between many different users and machines at a position in the credential path.
Credentials belong to Keyrings
type KeyringMember ¶
type KeyringMember struct { Created time.Time `json:"created_at"` EncryptingKeyID *identity.ID `json:"encrypting_key_id"` Key *KeyringMemberKey `json:"key"` KeyringID *identity.ID `json:"keyring_id"` OrgID *identity.ID `json:"org_id"` OwnerID *identity.ID `json:"owner_id"` ProjectID *identity.ID `json:"project_id"` PublicKeyID *identity.ID `json:"public_key_id"` // contains filtered or unexported fields }
KeyringMember is a record of sharing a master secret key with a user or machine.
KeyringMember belongs to a Keyring
func (*KeyringMember) Type ¶
func (km *KeyringMember) Type() byte
Type returns the enumerated byte representation of KeyringMember
type KeyringMemberKey ¶
type KeyringMemberKey struct { Algorithm string `json:"alg"` Nonce *base64.Value `json:"nonce"` Value *base64.Value `json:"value"` }
KeyringMemberKey is the keyring master encryption key, encrypted for the owner of a KeyringMember
type Membership ¶
type Membership struct { OrgID *identity.ID `json:"org_id"` OwnerID *identity.ID `json:"owner_id"` TeamID *identity.ID `json:"team_id"` // contains filtered or unexported fields }
Membership is an entity that represents whether a user or machine is a part of a team in an organization.
func (*Membership) Type ¶
func (m *Membership) Type() byte
Type returns the enumerated byte representation of Membership
type Org ¶
type Org struct { Name string `json:"name"` // contains filtered or unexported fields }
Org is a grouping of users that collaborate with each other
type OrgInvite ¶
type OrgInvite struct { OrgID *identity.ID `json:"org_id"` Email string `json:"email"` InviterID *identity.ID `json:"inviter_id"` InviteeID *identity.ID `json:"invitee_id"` ApproverID *identity.ID `json:"approver_id"` State string `json:"state"` Code *struct { Alg string `json:"alg"` Salt *base64.Value `json:"salt"` Value *base64.Value `json:"value"` } `json:"code"` PendingTeams []identity.ID `json:"pending_teams"` Created *time.Time `json:"created_at"` Accepted *time.Time `json:"accepted_at"` Approved *time.Time `json:"approved_at"` // contains filtered or unexported fields }
OrgInvite is an invitation for an individual to join an organization
type PrivateKey ¶
type PrivateKey struct { Key PrivateKeyValue `json:"key"` OrgID *identity.ID `json:"org_id"` OwnerID *identity.ID `json:"owner_id"` PNonce *base64.Value `json:"pnonce"` PublicKeyID *identity.ID `json:"public_key_id"` // contains filtered or unexported fields }
PrivateKey is the private portion of an asymetric key.
func (*PrivateKey) Type ¶
func (pk *PrivateKey) Type() byte
Type returns the enumerated byte representation of PrivateKey.
type PrivateKeyValue ¶
PrivateKeyValue holds the encrypted value of the PrivateKey.
type PublicKey ¶
type PublicKey struct { Algorithm string `json:"alg"` Created time.Time `json:"created_at"` Expires time.Time `json:"expires_at"` Key PublicKeyValue `json:"key"` OrgID *identity.ID `json:"org_id"` OwnerID *identity.ID `json:"owner_id"` KeyType string `json:"type"` // contains filtered or unexported fields }
PublicKey is the public portion of an asymetric key.
type PublicKeyValue ¶
PublicKeyValue is the actual value of a PublicKey.
type Signature ¶
type Signature struct { Algorithm string `json:"alg"` PublicKeyID *identity.ID `json:"public_key_id"` Value *base64.Value `json:"value"` }
Signature is an immutable object, but not technically a payload. Its fields must be ordered properly so that ID generation is correct.
If PublicKeyID is nil, the signature is self-signed.
type Team ¶
type Team struct { Name string `json:"name"` OrgID *identity.ID `json:"org_id"` TeamType string `json:"type"` // contains filtered or unexported fields }
Team is an entity that represents a group of users
type User ¶
type User struct { Master *struct { Alg string `json:"alg"` Value *base64.Value `json:"value"` } `json:"master"` // contains filtered or unexported fields }
User holds the details of a user, including their encrypted master key.