Documentation ¶
Index ¶
Constants ¶
View Source
const ( DefaultPrivateKeyType = "ecdsa" DefaultPrivateKeyBits = 256 )
View Source
const ( UserTypeServiceAccount = "service_account" UserTypeNormal = "user" )
Variables ¶
View Source
var ( CodeExpiration = 1 * time.Minute TokenExpiration = 24 * time.Hour )
View Source
var ( ErrUserNotFound = xerrors.New("database: user not found") ErrClosed = xerrors.New("database: closed") ErrAccessTokenNotFound = xerrors.New("database: access token not found") )
View Source
var (
ErrRelayNotFound = xerrors.New("database: relay not found")
)
View Source
var (
ErrTokenNotFound = xerrors.New("database: token not found")
)
View Source
var SystemUser = &User{ Id: "system@f110.dev", Roles: []string{"system:proxy"}, Type: UserTypeServiceAccount, }
Functions ¶
func MarshalUser ¶
Types ¶
type AccessToken ¶
type CertificateAuthority ¶
type CertificateAuthority interface { // GetSignedCertificates returns a list of SignedCertificate. // You want to get a specify SignedCertificate then also passed the serial number. // You want to get all SignedCertificate then passed the nil to serialNumber. GetSignedCertificate(ctx context.Context, serialNumber *big.Int) ([]*SignedCertificate, error) // GetRevoedCertificate returns a list of RevokedCertificate. // An interface of this method is the same as GetSignedCertificate. GetRevokedCertificate(ctx context.Context, serialNumber *big.Int) ([]*RevokedCertificate, error) SetSignedCertificate(ctx context.Context, certificate *SignedCertificate) error SetRevokedCertificate(ctx context.Context, certificate *RevokedCertificate) error WatchRevokeCertificate() chan *RevokedCertificate NewSerialNumber(ctx context.Context) (*big.Int, error) }
type ClusterDatabase ¶
type Code ¶
type RelayLocator ¶
type RevokedCertificate ¶
type SignedCertificate ¶
type TokenDatabase ¶
type TokenDatabase interface { FindToken(ctx context.Context, token string) (*Token, error) NewCode(ctx context.Context, userId, challenge, challengeMethod string) (*Code, error) IssueToken(ctx context.Context, code, codeVerifier string) (*Token, error) AllCodes(ctx context.Context) ([]*Code, error) DeleteCode(ctx context.Context, code string) error AllTokens(ctx context.Context) ([]*Token, error) DeleteToken(ctx context.Context, token string) error }
type User ¶
type User struct { Id string `json:"id"` Roles []string `json:"roles"` MaintainRoles map[string]bool `json:"maintain_roles,omitempty"` Admin bool `json:"admin"` Type string `json:"type"` Comment string `json:"comment"` Version int64 `json:"-"` RootUser bool `json:"-"` }
func (*User) ServiceAccount ¶
type UserDatabase ¶
type UserDatabase interface { Get(id string) (*User, error) GetAll() ([]*User, error) GetAllServiceAccount() ([]*User, error) GetAccessToken(value string) (*AccessToken, error) GetAccessTokens(id string) ([]*AccessToken, error) Set(ctx context.Context, user *User) error SetAccessToken(ctx context.Context, token *AccessToken) error Delete(ctx context.Context, id string) error SetState(ctx context.Context, unique string) (string, error) GetState(ctx context.Context, state string) (string, error) DeleteState(ctx context.Context, state string) error }
Click to show internal directories.
Click to hide internal directories.