Documentation ¶
Index ¶
- Variables
- type SignedToken
- func (*SignedToken) Descriptor() ([]byte, []int)deprecated
- func (x *SignedToken) GetKeyId() string
- func (x *SignedToken) GetSignature() []byte
- func (x *SignedToken) GetToken() []byte
- func (*SignedToken) ProtoMessage()
- func (x *SignedToken) ProtoReflect() protoreflect.Message
- func (x *SignedToken) Reset()
- func (x *SignedToken) String() string
- type SigningKey
- type Token
- func (*Token) Descriptor() ([]byte, []int)deprecated
- func (x *Token) GetNonce() []byte
- func (x *Token) GetNotAfter() *timestamppb.Timestamp
- func (x *Token) GetNotBefore() *timestamppb.Timestamp
- func (x *Token) GetResource() string
- func (*Token) ProtoMessage()
- func (x *Token) ProtoReflect() protoreflect.Message
- func (x *Token) Reset()
- func (x *Token) String() string
- type VerificationKey
- func (*VerificationKey) Descriptor() ([]byte, []int)deprecated
- func (x *VerificationKey) GetId() string
- func (x *VerificationKey) GetPublicKey() []byte
- func (x *VerificationKey) GetSubject() string
- func (*VerificationKey) ProtoMessage()
- func (x *VerificationKey) ProtoReflect() protoreflect.Message
- func (x *VerificationKey) Reset()
- func (x *VerificationKey) String() string
- type VerificationKeyset
- func (*VerificationKeyset) Descriptor() ([]byte, []int)deprecated
- func (x *VerificationKeyset) GetKeys() map[string]*VerificationKey
- func (*VerificationKeyset) ProtoMessage()
- func (x *VerificationKeyset) ProtoReflect() protoreflect.Message
- func (x *VerificationKeyset) Reset()
- func (x *VerificationKeyset) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var File_proto_token_token_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type SignedToken ¶
type SignedToken struct { // Required. The key identifier. The verifier will attempt to find this key in its keyset // and use it to verify the token's signature. This is unauthenticated, but if // an attacker substitutes a different key ID, the signature will fail to verify. KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"` // Required. Ed25519 signarue: sign(priv, header||token) Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"` // Required. A serialized Token proto. Token []byte `protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty"` // contains filtered or unexported fields }
func (*SignedToken) Descriptor
deprecated
func (*SignedToken) Descriptor() ([]byte, []int)
Deprecated: Use SignedToken.ProtoReflect.Descriptor instead.
func (*SignedToken) GetKeyId ¶
func (x *SignedToken) GetKeyId() string
func (*SignedToken) GetSignature ¶
func (x *SignedToken) GetSignature() []byte
func (*SignedToken) GetToken ¶
func (x *SignedToken) GetToken() []byte
func (*SignedToken) ProtoMessage ¶
func (*SignedToken) ProtoMessage()
func (*SignedToken) ProtoReflect ¶
func (x *SignedToken) ProtoReflect() protoreflect.Message
func (*SignedToken) Reset ¶
func (x *SignedToken) Reset()
func (*SignedToken) String ¶
func (x *SignedToken) String() string
type SigningKey ¶
type SigningKey struct { // Optional. The ID of this signing key. Unused in the protocol, but good for humans. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Required. Ed25519 signing key. PrivateKey []byte `protobuf:"bytes,3,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"` // contains filtered or unexported fields }
func (*SigningKey) Descriptor
deprecated
func (*SigningKey) Descriptor() ([]byte, []int)
Deprecated: Use SigningKey.ProtoReflect.Descriptor instead.
func (*SigningKey) GetId ¶
func (x *SigningKey) GetId() string
func (*SigningKey) GetPrivateKey ¶
func (x *SigningKey) GetPrivateKey() []byte
func (*SigningKey) ProtoMessage ¶
func (*SigningKey) ProtoMessage()
func (*SigningKey) ProtoReflect ¶
func (x *SigningKey) ProtoReflect() protoreflect.Message
func (*SigningKey) Reset ¶
func (x *SigningKey) Reset()
func (*SigningKey) String ¶
func (x *SigningKey) String() string
type Token ¶
type Token struct { // Required. The resource that this token is authenticating to. Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` // Required. The token lifetime. NotBefore *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=not_before,json=notBefore,proto3" json:"not_before,omitempty"` NotAfter *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=not_after,json=notAfter,proto3" json:"not_after,omitempty"` // Required. 16 random bytes that uniquely identify this token. Nonce []byte `protobuf:"bytes,4,opt,name=nonce,proto3" json:"nonce,omitempty"` // contains filtered or unexported fields }
func (*Token) Descriptor
deprecated
func (*Token) GetNotAfter ¶
func (x *Token) GetNotAfter() *timestamppb.Timestamp
func (*Token) GetNotBefore ¶
func (x *Token) GetNotBefore() *timestamppb.Timestamp
func (*Token) GetResource ¶
func (*Token) ProtoMessage ¶
func (*Token) ProtoMessage()
func (*Token) ProtoReflect ¶
func (x *Token) ProtoReflect() protoreflect.Message
type VerificationKey ¶
type VerificationKey struct { // Required. The ID of this verification key. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Required. The subject of this key. The token library does not care what the // format of the subject string is. It can be an email, hostname, SPIFFE ID, etc. Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` // Required. Ed25519 public key bytes. PublicKey []byte `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // contains filtered or unexported fields }
func (*VerificationKey) Descriptor
deprecated
func (*VerificationKey) Descriptor() ([]byte, []int)
Deprecated: Use VerificationKey.ProtoReflect.Descriptor instead.
func (*VerificationKey) GetId ¶
func (x *VerificationKey) GetId() string
func (*VerificationKey) GetPublicKey ¶
func (x *VerificationKey) GetPublicKey() []byte
func (*VerificationKey) GetSubject ¶
func (x *VerificationKey) GetSubject() string
func (*VerificationKey) ProtoMessage ¶
func (*VerificationKey) ProtoMessage()
func (*VerificationKey) ProtoReflect ¶
func (x *VerificationKey) ProtoReflect() protoreflect.Message
func (*VerificationKey) Reset ¶
func (x *VerificationKey) Reset()
func (*VerificationKey) String ¶
func (x *VerificationKey) String() string
type VerificationKeyset ¶
type VerificationKeyset struct { // Map of Key ID to verification key. Keys map[string]*VerificationKey `` /* 149-byte string literal not displayed */ // contains filtered or unexported fields }
func (*VerificationKeyset) Descriptor
deprecated
func (*VerificationKeyset) Descriptor() ([]byte, []int)
Deprecated: Use VerificationKeyset.ProtoReflect.Descriptor instead.
func (*VerificationKeyset) GetKeys ¶
func (x *VerificationKeyset) GetKeys() map[string]*VerificationKey
func (*VerificationKeyset) ProtoMessage ¶
func (*VerificationKeyset) ProtoMessage()
func (*VerificationKeyset) ProtoReflect ¶
func (x *VerificationKeyset) ProtoReflect() protoreflect.Message
func (*VerificationKeyset) Reset ¶
func (x *VerificationKeyset) Reset()
func (*VerificationKeyset) String ¶
func (x *VerificationKeyset) String() string
Click to show internal directories.
Click to hide internal directories.