Documentation ¶
Overview ¶
Package dbkeystore provides the underlying basis for a bakery.RootKeyStore that uses a database as a persistent store and provides flexible policies for root key storage lifetime.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Backing ¶
type Backing interface { // GetKey gets the key with the given id from the // backing store. If the key is not found, it should // return an error with a bakery.ErrNotFound cause. GetKey(id []byte) (RootKey, error) // FindLatestKey returns the most recently created root key k // such that all of the following conditions hold: // // k.Created >= createdAfter // k.Expires >= expiresAfter // k.Expires <= expiresBefore // // If no such key was found, the zero root key should be returned // with a nil error. FindLatestKey(createdAfter, expiresAfter, expiresBefore time.Time) (RootKey, error) // InsertKey inserts the given root key into the backing store. // It may return an error if the id or key already exist. InsertKey(key RootKey) error }
Backing holds the interface used to store keys in the underlying database used as a backing store by RootKeyStore.
type Policy ¶
type Policy struct { // GenerateInterval holds the maximum length of time // for which a root key will be returned from RootKey. // If this is zero, it defaults to ExpiryDuration. GenerateInterval time.Duration // ExpiryDuration holds the minimum length of time that // root keys will be valid for after they are returned from // RootKey. The maximum length of time that they // will be valid for is ExpiryDuration + GenerateInterval. ExpiryDuration time.Duration }
Policy holds a store policy for root keys.
type RootKey ¶
type RootKey struct { // Id holds the id of the root key. Id []byte `bson:"_id"` // Created holds the time that the root key was created. Created time.Time // Expires holds the time that the root key expires. Expires time.Time // RootKey holds the root key secret itself. RootKey []byte }
RootKey is the type stored in the underlying database.
type RootKeys ¶
type RootKeys struct {
// contains filtered or unexported fields
}
RootKeys represents a cache of macaroon root keys.
func NewRootKeys ¶
NewRootKeys returns a root-keys cache that is limited in size to approximately the given size.
The NewStore method returns a store implementation that uses specific store policy and backing database implementation.
If clock is non-nil, it will be used to find the current time, otherwise time.Now will be used.
func (*RootKeys) NewStore ¶
func (s *RootKeys) NewStore(b Backing, policy Policy) bakery.RootKeyStore
NewStore returns a new RootKeyStore implementation that stores and obtains root keys from the given collection.
Root keys will be generated and stored following the given store policy.
It is expected that all Backing instances passed to a given Store's NewStore method should refer to the same underlying database.