Documentation ¶
Index ¶
- Constants
- Variables
- func MarshalUser(user *User) ([]byte, error)
- func WithoutCache(opt *UserDatabaseOpt)
- type AccessToken
- type CertificateAuthority
- type ClusterDatabase
- type Code
- type Member
- type Relay
- type RelayLocator
- type RevokedCertificate
- type SSHKeys
- type SignedCertificate
- type Token
- type TokenDatabase
- type User
- type UserDatabase
- type UserDatabaseOpt
- type UserDatabaseOption
Constants ¶
View Source
const ( DefaultPrivateKeyType = "ecdsa" DefaultPrivateKeyBits = 256 )
View Source
const ( UserTypeServiceAccount = "service_account" UserTypeNormal = "user" )
Variables ¶
View Source
var ( CodeExpiration = 1 * time.Minute TokenExpiration = 24 * time.Hour )
View Source
var ( ErrUserNotFound = xerrors.New("database: user not found") ErrClosed = xerrors.New("database: closed") ErrAccessTokenNotFound = xerrors.New("database: access token not found") )
View Source
var (
ErrRelayNotFound = xerrors.New("database: relay not found")
)
View Source
var (
ErrTokenNotFound = xerrors.New("database: token not found")
)
View Source
var SystemUser = &User{ Id: "system@f110.dev", Roles: []string{"system:proxy"}, Type: UserTypeServiceAccount, }
Functions ¶
func MarshalUser ¶
func WithoutCache ¶ added in v0.10.0
func WithoutCache(opt *UserDatabaseOpt)
Types ¶
type AccessToken ¶
type CertificateAuthority ¶
type CertificateAuthority interface { // GetSignedCertificate returns a list of SignedCertificate. // You want to get a specify SignedCertificate then also passed the serial number. // You want to get all SignedCertificate then passed the nil to serialNumber. GetSignedCertificate(ctx context.Context, serialNumber *big.Int) ([]*SignedCertificate, error) // GetRevokedCertificate returns a list of RevokedCertificate. // An interface of this method is the same as GetSignedCertificate. GetRevokedCertificate(ctx context.Context, serialNumber *big.Int) ([]*RevokedCertificate, error) SetSignedCertificate(ctx context.Context, certificate *SignedCertificate) error SetRevokedCertificate(ctx context.Context, certificate *RevokedCertificate) error WatchRevokeCertificate() chan struct{} NewSerialNumber(ctx context.Context) (*big.Int, error) }
type ClusterDatabase ¶
type Code ¶
type RelayLocator ¶
type RelayLocator interface { Get(name string) (*Relay, bool) Set(ctx context.Context, relay *Relay) error // TODO: Is this method used? Update(ctx context.Context, relay *Relay) error Delete(ctx context.Context, name, addr string) error Gone() chan *Relay GetListenedAddrs() []string ListAllConnectedAgents() []*Relay }
type RevokedCertificate ¶
type SignedCertificate ¶
type SignedCertificate struct { Certificate *x509.Certificate P12 []byte IssuedAt time.Time Agent bool Device bool Comment string }
func ParseSignedCertificate ¶ added in v0.15.0
func ParseSignedCertificate(b []byte) (*SignedCertificate, error)
func (*SignedCertificate) Marshal ¶ added in v0.15.0
func (s *SignedCertificate) Marshal() ([]byte, error)
type TokenDatabase ¶
type TokenDatabase interface { FindToken(ctx context.Context, token string) (*Token, error) NewCode(ctx context.Context, userId, challenge, challengeMethod string) (*Code, error) IssueToken(ctx context.Context, code, codeVerifier string) (*Token, error) AllCodes(ctx context.Context) ([]*Code, error) DeleteCode(ctx context.Context, code string) error AllTokens(ctx context.Context) ([]*Token, error) DeleteToken(ctx context.Context, token string) error }
type User ¶
type User struct { Id string `json:"id"` LoginName string `json:"login_name"` Roles []string `json:"roles"` MaintainRoles map[string]bool `json:"maintain_roles,omitempty"` Admin bool `json:"admin"` Type string `json:"type"` Comment string `json:"comment"` LastLogin time.Time `json:"last_login"` Version int64 `json:"-"` RootUser bool `json:"-"` }
func (*User) ServiceAccount ¶
type UserDatabase ¶
type UserDatabase interface { Get(id string, opts ...UserDatabaseOption) (*User, error) GetAll() ([]*User, error) GetAllServiceAccount() ([]*User, error) GetAccessToken(value string) (*AccessToken, error) GetAccessTokens(id string) ([]*AccessToken, error) GetIdentityByLoginName(ctx context.Context, loginName string) (string, error) Set(ctx context.Context, user *User) error SetAccessToken(ctx context.Context, token *AccessToken) error Delete(ctx context.Context, id string) error SetState(ctx context.Context, unique string) (string, error) GetState(ctx context.Context, state string) (string, error) DeleteState(ctx context.Context, state string) error }
type UserDatabaseOpt ¶ added in v0.10.0
type UserDatabaseOpt struct {
WithoutCache bool
}
type UserDatabaseOption ¶ added in v0.10.0
type UserDatabaseOption func(*UserDatabaseOpt)
Click to show internal directories.
Click to hide internal directories.