primitive

package
v0.11.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 12, 2016 License: AGPL-3.0 Imports: 6 Imported by: 0

Documentation

Overview

Package primitive contains definitions of the primitive types used in ag.

Index

Constants

View Source
const (
	SignatureClaimType  = "signature"
	RevocationClaimType = "revocation"
)

Types of claims that can be made against public keys.

View Source
const (
	OrgInvitePendingState    = "pending"
	OrgInviteAssociatedState = "associated"
	OrgInviteAcceptedState   = "accepted"
	OrgInviteApprovedState   = "approved"
)

Org Invitations exist in four states: pending, associated, accepted, and approved.

View Source
const (
	PolicyEffectAllow = true
	PolicyEffectDeny  = false
)

These are the two policy effect types

View Source
const (
	PolicyActionCreate = 1 << iota
	PolicyActionRead
	PolicyActionUpdate
	PolicyActionDelete
	PolicyActionList
)

These are all the possible PolicyActions

View Source
const (
	SystemTeam = "system"
	UserTeam   = "user"
)

There are two types of teams: system and user. System teams are managed by the Torus registry.

Variables

This section is empty.

Functions

This section is empty.

Types

type BaseCredential added in v0.11.0

type BaseCredential struct {
	Credential        *CredentialValue `json:"credential"`
	KeyringID         *identity.ID     `json:"keyring_id"`
	Name              string           `json:"name"`
	Nonce             *base64.Value    `json:"nonce"`
	OrgID             *identity.ID     `json:"org_id"`
	PathExp           *pathexp.PathExp `json:"pathexp"`
	Previous          *identity.ID     `json:"previous"`
	ProjectID         *identity.ID     `json:"project_id"`
	CredentialVersion int              `json:"version"`
}

BaseCredential is a secret value shared between a group of services based on users identity, operating environment, project, and organization

type Claim

type Claim struct {
	Created     time.Time    `json:"created_at"`
	OrgID       *identity.ID `json:"org_id"`
	OwnerID     *identity.ID `json:"owner_id"`
	Previous    *identity.ID `json:"previous"`
	PublicKeyID *identity.ID `json:"public_key_id"`
	KeyType     string       `json:"type"`
	// contains filtered or unexported fields
}

Claim is a signature or revocation claim against a public key.

func NewClaim

func NewClaim(orgID, ownerID, previous, pubKeyID *identity.ID,
	keyType string) *Claim

NewClaim returns a new Claim, with the created time set to now

func (Claim) Immutable added in v0.9.0

func (Claim) Immutable()

func (Claim) Version

func (Claim) Version() int

Version returns the schema version of structs that embed this type.

type Credential

type Credential struct {
	BaseCredential
	State *string `json:"state"`
	// contains filtered or unexported fields
}

Credential is a secret value shared between a group of services based on users identity, operating environment, project, and organization

func (Credential) Immutable added in v0.9.0

func (Credential) Immutable()

func (Credential) Version

func (Credential) Version() int

Version returns the schema version of structs that embed this type.

type CredentialV1 added in v0.11.0

type CredentialV1 struct {
	BaseCredential
	// contains filtered or unexported fields
}

CredentialV1 is a secret value shared between a group of services based on users identity, operating environment, project, and organization

func (CredentialV1) Immutable added in v0.11.0

func (CredentialV1) Immutable()

func (CredentialV1) Version added in v0.11.0

func (CredentialV1) Version() int

Version returns the schema version of structs that embed this type.

type CredentialValue

type CredentialValue struct {
	Algorithm string        `json:"alg"`
	Nonce     *base64.Value `json:"nonce"`
	Value     *base64.Value `json:"value"`
}

CredentialValue is the secretbox encrypted value of the containing Credential.

type Environment

type Environment struct {
	Name      string       `json:"name"`
	OrgID     *identity.ID `json:"org_id"`
	ProjectID *identity.ID `json:"project_id"`
	// contains filtered or unexported fields
}

Environment is an entity that represents a group of processes

func (Environment) Mutable added in v0.9.0

func (Environment) Mutable()

func (Environment) Version

func (Environment) Version() int

Version returns the schema version of structs that embed this type.

type Keyring

type Keyring struct {
	// contains filtered or unexported fields
}

Keyring is a mechanism for sharing a shared secret between many different users and machines at a position in the credential path.

Credentials belong to Keyrings

func NewKeyring added in v0.10.0

func NewKeyring(orgID, projectID *identity.ID, pathExp *pathexp.PathExp) *Keyring

NewKeyring returns a new v2 Keyring, with the created time set to now

func (Keyring) Version

func (Keyring) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMember

type KeyringMember struct {
	Created         time.Time    `json:"created_at"`
	EncryptingKeyID *identity.ID `json:"encrypting_key_id"`
	KeyringID       *identity.ID `json:"keyring_id"`
	OrgID           *identity.ID `json:"org_id"`
	OwnerID         *identity.ID `json:"owner_id"`
	PublicKeyID     *identity.ID `json:"public_key_id"`
	// contains filtered or unexported fields
}

KeyringMember is a record of sharing a master secret key with a user or machine.

This is the v2 schema version, which has a detached mekshare so it can be revoked.

KeyringMember belongs to a Keyring

func (KeyringMember) Immutable added in v0.9.0

func (KeyringMember) Immutable()

func (KeyringMember) Version

func (KeyringMember) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMemberClaim added in v0.10.0

type KeyringMemberClaim struct {
	OrgID           *identity.ID `json:"org_id"`
	KeyringID       *identity.ID `json:"keyring_id"`
	KeyringMemberID *identity.ID `json:"keyring_member_id"`
	OwnerID         *identity.ID `json:"owner_id"`
	Previous        *identity.ID `json:"previous"`
	ClaimType       string       `json:"type"`
	Created         time.Time    `json:"created_at"`
	// contains filtered or unexported fields
}

KeyringMemberClaim is a claim for a keyring member. Only revocation is supported as a claim type.

func (KeyringMemberClaim) Immutable added in v0.10.0

func (KeyringMemberClaim) Immutable()

func (KeyringMemberClaim) Version added in v0.10.0

func (KeyringMemberClaim) Version() int

Version returns the schema version of structs that embed this type.

type KeyringMemberKey

type KeyringMemberKey struct {
	Algorithm string        `json:"alg"`
	Nonce     *base64.Value `json:"nonce"`
	Value     *base64.Value `json:"value"`
}

KeyringMemberKey is the keyring master encryption key, encrypted for the owner of a KeyringMember/MEKShare

type KeyringMemberV1 added in v0.10.0

type KeyringMemberV1 struct {
	Created         time.Time         `json:"created_at"`
	EncryptingKeyID *identity.ID      `json:"encrypting_key_id"`
	Key             *KeyringMemberKey `json:"key"`
	KeyringID       *identity.ID      `json:"keyring_id"`
	OrgID           *identity.ID      `json:"org_id"`
	OwnerID         *identity.ID      `json:"owner_id"`
	ProjectID       *identity.ID      `json:"project_id"`
	PublicKeyID     *identity.ID      `json:"public_key_id"`
	// contains filtered or unexported fields
}

KeyringMemberV1 is a record of sharing a master secret key with a user or machine.

KeyringMember belongs to a Keyring

func (KeyringMemberV1) Immutable added in v0.10.0

func (KeyringMemberV1) Immutable()

func (KeyringMemberV1) Version added in v0.10.0

func (KeyringMemberV1) Version() int

Version returns the schema version of structs that embed this type.

type KeyringV1 added in v0.10.0

type KeyringV1 struct {
	// contains filtered or unexported fields
}

KeyringV1 is the old keyring format, without claims or mekshares.

func (KeyringV1) Version added in v0.10.0

func (KeyringV1) Version() int

Version returns the schema version of structs that embed this type.

type MEKShare added in v0.10.0

type MEKShare struct {
	Created         time.Time         `json:"created_at"`
	OrgID           *identity.ID      `json:"org_id"`
	OwnerID         *identity.ID      `json:"owner_id"`
	KeyringID       *identity.ID      `json:"keyring_id"`
	KeyringMemberID *identity.ID      `json:"keyring_member_id"`
	Key             *KeyringMemberKey `json:"key"`
	// contains filtered or unexported fields
}

MEKShare is a V2 KeyringMember's share of the keyring master encryption key.

func (MEKShare) Immutable added in v0.10.0

func (MEKShare) Immutable()

func (MEKShare) Version added in v0.10.0

func (MEKShare) Version() int

Version returns the schema version of structs that embed this type.

type Membership

type Membership struct {
	OrgID   *identity.ID `json:"org_id"`
	OwnerID *identity.ID `json:"owner_id"`
	TeamID  *identity.ID `json:"team_id"`
	// contains filtered or unexported fields
}

Membership is an entity that represents whether a user or machine is a part of a team in an organization.

func (Membership) Mutable added in v0.9.0

func (Membership) Mutable()

func (Membership) Version

func (Membership) Version() int

Version returns the schema version of structs that embed this type.

type Org

type Org struct {
	Name string `json:"name"`
	// contains filtered or unexported fields
}

Org is a grouping of users that collaborate with each other

func (Org) Mutable added in v0.9.0

func (Org) Mutable()

func (Org) Version

func (Org) Version() int

Version returns the schema version of structs that embed this type.

type OrgInvite

type OrgInvite struct {
	OrgID      *identity.ID `json:"org_id"`
	Email      string       `json:"email"`
	InviterID  *identity.ID `json:"inviter_id"`
	InviteeID  *identity.ID `json:"invitee_id"`
	ApproverID *identity.ID `json:"approver_id"`
	State      string       `json:"state"`
	Code       *struct {
		Alg   string        `json:"alg"`
		Salt  *base64.Value `json:"salt"`
		Value *base64.Value `json:"value"`
	} `json:"code"`
	PendingTeams []identity.ID `json:"pending_teams"`
	Created      *time.Time    `json:"created_at"`
	Accepted     *time.Time    `json:"accepted_at"`
	Approved     *time.Time    `json:"approved_at"`
	// contains filtered or unexported fields
}

OrgInvite is an invitation for an individual to join an organization

func (OrgInvite) Mutable added in v0.9.0

func (OrgInvite) Mutable()

func (OrgInvite) Version

func (OrgInvite) Version() int

Version returns the schema version of structs that embed this type.

type Policy

type Policy struct {
	PolicyType string       `json:"type"`
	Previous   *identity.ID `json:"previous"`
	OrgID      *identity.ID `json:"org_id"`
	Policy     struct {
		Name        string            `json:"name"`
		Description string            `json:"description"`
		Statements  []PolicyStatement `json:"statements"`
	} `json:"policy"`
	// contains filtered or unexported fields
}

Policy is an entity that represents a group of statements for acl

func (Policy) Mutable added in v0.9.0

func (Policy) Mutable()

func (Policy) Version

func (Policy) Version() int

Version returns the schema version of structs that embed this type.

type PolicyAction added in v0.8.0

type PolicyAction byte

PolicyAction represents the user actions that are covered by a statement.

func (*PolicyAction) MarshalJSON added in v0.8.0

func (pa *PolicyAction) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface. A PolicyAction is encoded in JSON either the string representations of its actions in a list, or a single string when there is only one action.

func (*PolicyAction) ShortString added in v0.9.0

func (pa *PolicyAction) ShortString() string

ShortString displays a single character representation of each of the policy's actions.

func (*PolicyAction) String added in v0.8.0

func (pa *PolicyAction) String() string

func (*PolicyAction) UnmarshalJSON added in v0.8.0

func (pa *PolicyAction) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

type PolicyAttachment

type PolicyAttachment struct {
	OwnerID  *identity.ID `json:"owner_id"`
	PolicyID *identity.ID `json:"policy_id"`
	OrgID    *identity.ID `json:"org_id"`
	// contains filtered or unexported fields
}

PolicyAttachment is an entity that represents the link between policies and teams

func (PolicyAttachment) Mutable added in v0.9.0

func (PolicyAttachment) Mutable()

func (PolicyAttachment) Version

func (PolicyAttachment) Version() int

Version returns the schema version of structs that embed this type.

type PolicyEffect added in v0.8.0

type PolicyEffect bool

PolicyEffect is the effect type of the statement (allow or deny)

func (*PolicyEffect) MarshalText added in v0.8.0

func (pe *PolicyEffect) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface, used for JSON marshaling.

func (*PolicyEffect) String added in v0.8.0

func (pe *PolicyEffect) String() string

String returns a string representation of the PolicyEffect (allow or deny)

func (*PolicyEffect) UnmarshalText added in v0.8.0

func (pe *PolicyEffect) UnmarshalText(b []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface, used for JSON unmarshaling.

type PolicyStatement

type PolicyStatement struct {
	Effect   PolicyEffect `json:"effect"`
	Action   PolicyAction `json:"action"`
	Resource string       `json:"resource"`
}

PolicyStatement is an acl statement on a policy object

type PrivateKey

type PrivateKey struct {
	Key         PrivateKeyValue `json:"key"`
	OrgID       *identity.ID    `json:"org_id"`
	OwnerID     *identity.ID    `json:"owner_id"`
	PNonce      *base64.Value   `json:"pnonce"`
	PublicKeyID *identity.ID    `json:"public_key_id"`
	// contains filtered or unexported fields
}

PrivateKey is the private portion of an asymetric key.

func (PrivateKey) Immutable added in v0.9.0

func (PrivateKey) Immutable()

func (PrivateKey) Version

func (PrivateKey) Version() int

Version returns the schema version of structs that embed this type.

type PrivateKeyValue

type PrivateKeyValue struct {
	Algorithm string        `json:"alg"`
	Value     *base64.Value `json:"value"`
}

PrivateKeyValue holds the encrypted value of the PrivateKey.

type Project

type Project struct {
	Name  string       `json:"name"`
	OrgID *identity.ID `json:"org_id"`
	// contains filtered or unexported fields
}

Project is an entity that represents a group of services

func (Project) Mutable added in v0.9.0

func (Project) Mutable()

func (Project) Version

func (Project) Version() int

Version returns the schema version of structs that embed this type.

type PublicKey

type PublicKey struct {
	Algorithm string         `json:"alg"`
	Created   time.Time      `json:"created_at"`
	Expires   time.Time      `json:"expires_at"`
	Key       PublicKeyValue `json:"key"`
	OrgID     *identity.ID   `json:"org_id"`
	OwnerID   *identity.ID   `json:"owner_id"`
	KeyType   string         `json:"type"`
	// contains filtered or unexported fields
}

PublicKey is the public portion of an asymetric key.

func (PublicKey) Immutable added in v0.9.0

func (PublicKey) Immutable()

func (PublicKey) Version

func (PublicKey) Version() int

Version returns the schema version of structs that embed this type.

type PublicKeyValue

type PublicKeyValue struct {
	Value *base64.Value `json:"value"`
}

PublicKeyValue is the actual value of a PublicKey.

type Service

type Service struct {
	Name      string       `json:"name"`
	OrgID     *identity.ID `json:"org_id"`
	ProjectID *identity.ID `json:"project_id"`
	// contains filtered or unexported fields
}

Service is an entity that represents a group of processes

func (Service) Mutable added in v0.9.0

func (Service) Mutable()

func (Service) Version

func (Service) Version() int

Version returns the schema version of structs that embed this type.

type Signature

type Signature struct {
	Algorithm   string        `json:"alg"`
	PublicKeyID *identity.ID  `json:"public_key_id"`
	Value       *base64.Value `json:"value"`
}

Signature is an immutable object, but not technically a payload. If PublicKeyID is nil, the signature is self-signed.

type Team

type Team struct {
	Name     string       `json:"name"`
	OrgID    *identity.ID `json:"org_id"`
	TeamType string       `json:"type"`
	// contains filtered or unexported fields
}

Team is an entity that represents a group of users

func (Team) Mutable added in v0.9.0

func (Team) Mutable()

func (Team) Version

func (Team) Version() int

Version returns the schema version of structs that embed this type.

type User

type User struct {
	Username string        `json:"username"`
	Name     string        `json:"name"`
	Email    string        `json:"email"`
	State    string        `json:"state"`
	Password *UserPassword `json:"password"`
	Master   *UserMaster   `json:"master"`
	// contains filtered or unexported fields
}

User is the body of a user object

func (User) Mutable added in v0.9.0

func (User) Mutable()

func (User) Version

func (User) Version() int

Version returns the schema version of structs that embed this type.

type UserMaster

type UserMaster struct {
	Value *base64.Value `json:"value"`
	Alg   string        `json:"alg"`
}

UserMaster is the body.master object for a user

type UserPassword

type UserPassword struct {
	Salt  string        `json:"salt"`
	Value *base64.Value `json:"value"`
	Alg   string        `json:"alg"`
}

UserPassword is the body.password object for a user

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL