api

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 23, 2019 License: Apache-2.0 Imports: 27 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BadRequest 

func BadRequest(err error) error

BadRequest returns an 400 error with the given error.

func Forbidden 

func Forbidden(err error) error

Forbidden returns an 403 error with the given error.

func InternalServerError 

func InternalServerError(err error) error

InternalServerError returns a 500 error with the given error.

func JSON 

func JSON(w http.ResponseWriter, v interface{})

JSON writes the passed value into the http.ResponseWriter.

func JSONStatus added in v0.13.0 

func JSONStatus(w http.ResponseWriter, v interface{}, status int)

JSONStatus writes the given value into the http.ResponseWriter and the given status is written as the status code of the response.

func LogEnabledResponse added in v0.13.0 

func LogEnabledResponse(rw http.ResponseWriter, v interface{})

LogEnabledResponse log the response object if it implements the EnableLogger interface.

func LogError 

func LogError(rw http.ResponseWriter, err error)

LogError adds to the response writer the given error if it implements logging.ResponseLogger. If it does not implement it, then writes the error using the log package.

func NewError 

func NewError(status int, err error) error

NewError returns a new Error. If the given error implements the StatusCoder interface we will ignore the given status.

func NotFound 

func NotFound(err error) error

NotFound returns an 404 error with the given error.

func NotImplemented added in v0.10.0 

func NotImplemented(err error) error

NotImplemented returns a 500 error with the given error.

func ReadJSON 

func ReadJSON(r io.Reader, v interface{}) error

ReadJSON reads JSON from the request body and stores it in the value pointed by v.

func Unauthorized 

func Unauthorized(err error) error

Unauthorized returns an 401 error with the given error.

func WriteError 

func WriteError(w http.ResponseWriter, err error)

WriteError writes to w a JSON representation of the given error.

Types

type Authority 

type Authority interface {
	SSHAuthority
	// context specifies the Authorize[Sign|Revoke|etc.] method.
	Authorize(ctx context.Context, ott string) ([]provisioner.SignOption, error)
	AuthorizeSign(ott string) ([]provisioner.SignOption, error)
	GetTLSOptions() *tlsutil.TLSOptions
	Root(shasum string) (*x509.Certificate, error)
	Sign(cr *x509.CertificateRequest, opts provisioner.Options, signOpts ...provisioner.SignOption) ([]*x509.Certificate, error)
	Renew(peer *x509.Certificate) ([]*x509.Certificate, error)
	LoadProvisionerByCertificate(*x509.Certificate) (provisioner.Interface, error)
	LoadProvisionerByID(string) (provisioner.Interface, error)
	GetProvisioners(cursor string, limit int) (provisioner.List, string, error)
	Revoke(*authority.RevokeOptions) error
	GetEncryptedKey(kid string) (string, error)
	GetRoots() (federation []*x509.Certificate, err error)
	GetFederation() ([]*x509.Certificate, error)
}

Authority is the interface implemented by a CA authority.

type Certificate 

type Certificate struct {
	*x509.Certificate
}

Certificate wraps a *x509.Certificate and adds the json.Marshaler interface.

func NewCertificate 

func NewCertificate(cr *x509.Certificate) Certificate

NewCertificate is a helper method that returns a Certificate from a *x509.Certificate.

func (Certificate) MarshalJSON 

func (c Certificate) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface. The certificate is quoted string using the PEM encoding.

func (*Certificate) UnmarshalJSON 

func (c *Certificate) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface. The certificate is expected to be a quoted string using the PEM encoding.

type CertificateRequest 

type CertificateRequest struct {
	*x509.CertificateRequest
}

CertificateRequest wraps a *x509.CertificateRequest and adds the json.Unmarshaler interface.

func NewCertificateRequest 

func NewCertificateRequest(cr *x509.CertificateRequest) CertificateRequest

NewCertificateRequest is a helper method that returns a CertificateRequest from a *x509.CertificateRequest.

func (CertificateRequest) MarshalJSON 

func (c CertificateRequest) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface. The certificate request is a quoted string using the PEM encoding.

func (*CertificateRequest) UnmarshalJSON 

func (c *CertificateRequest) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface. The certificate request is expected to be a quoted string using the PEM encoding.

type EnableLogger added in v0.13.0 

type EnableLogger interface {
	ToLog() (interface{}, error)
}

EnableLogger is an interface that enables response logging for an object.

type Error 

type Error struct {
	Status int
	Err    error
}

Error represents the CA API errors.

func (*Error) Cause 

func (e *Error) Cause() error

Cause implements the errors.Causer interface and returns the original error.

func (*Error) Error 

func (e *Error) Error() string

Error implements the error interface and returns the error string.

func (*Error) MarshalJSON 

func (e *Error) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaller interface for the Error struct.

func (*Error) StatusCode 

func (e *Error) StatusCode() int

StatusCode implements the StatusCoder interface and returns the HTTP response code.

func (*Error) UnmarshalJSON 

func (e *Error) UnmarshalJSON(data []byte) error

UnmarshalJSON implements json.Unmarshaler interface for the Error struct.

type ErrorResponse 

type ErrorResponse struct {
	Status  int    `json:"status"`
	Message string `json:"message"`
}

ErrorResponse represents an error in JSON format.

type FederationResponse added in v0.8.3 

type FederationResponse struct {
	Certificates []Certificate `json:"crts"`
}

FederationResponse is the response object of the federation request.

type HealthResponse 

type HealthResponse struct {
	Status string `json:"status"`
}

HealthResponse is the response object that returns the health of the server.

type ProvisionerKeyResponse 

type ProvisionerKeyResponse struct {
	Key string `json:"key"`
}

ProvisionerKeyResponse is the response object that returns the encrypted key of a provisioner.

type ProvisionersResponse 

type ProvisionersResponse struct {
	Provisioners provisioner.List `json:"provisioners"`
	NextCursor   string           `json:"nextCursor"`
}

ProvisionersResponse is the response object that returns the list of provisioners.

type RevokeRequest added in v0.10.0 

type RevokeRequest struct {
	Serial     string `json:"serial"`
	OTT        string `json:"ott"`
	ReasonCode int    `json:"reasonCode"`
	Reason     string `json:"reason"`
	Passive    bool   `json:"passive"`
}

RevokeRequest is the request body for a revocation request.

func (*RevokeRequest) Validate added in v0.10.0 

func (r *RevokeRequest) Validate() (err error)

Validate checks the fields of the RevokeRequest and returns nil if they are ok or an error if something is wrong.

type RevokeResponse added in v0.10.0 

type RevokeResponse struct {
	Status string `json:"status"`
}

RevokeResponse is the response object that returns the health of the server.

type RootResponse 

type RootResponse struct {
	RootPEM Certificate `json:"ca"`
}

RootResponse is the response object that returns the PEM of a root certificate.

type RootsResponse added in v0.8.3 

type RootsResponse struct {
	Certificates []Certificate `json:"crts"`
}

RootsResponse is the response object of the roots request.

type Router 

type Router interface {
	// MethodFunc adds routes for `pattern` that matches
	// the `method` HTTP method.
	MethodFunc(method, pattern string, h http.HandlerFunc)
}

Router defines a common router interface.

type RouterHandler 

type RouterHandler interface {
	Route(r Router)
}

RouterHandler is the interface that a HTTP handler that manages multiple endpoints will implement.

func New 

func New(authority Authority) RouterHandler

New creates a new RouterHandler with the CA endpoints.

type SSHAuthority added in v0.12.0 

type SSHAuthority interface {
	SignSSH(key ssh.PublicKey, opts provisioner.SSHOptions, signOpts ...provisioner.SignOption) (*ssh.Certificate, error)
	SignSSHAddUser(key ssh.PublicKey, cert *ssh.Certificate) (*ssh.Certificate, error)
}

SSHAuthority is the interface implemented by a SSH CA authority.

type SSHCertificate added in v0.12.0 

type SSHCertificate struct {
	*ssh.Certificate `json:"omitempty"`
}

SSHCertificate represents the response SSH certificate.

func (SSHCertificate) MarshalJSON added in v0.12.0 

func (c SSHCertificate) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface. Returns a quoted, base64 encoded, openssh wire format version of the certificate.

func (*SSHCertificate) UnmarshalJSON added in v0.12.0 

func (c *SSHCertificate) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface. The certificate is expected to be a quoted, base64 encoded, openssh wire formatted block of bytes.

type SignRequest 

type SignRequest struct {
	CsrPEM    CertificateRequest `json:"csr"`
	OTT       string             `json:"ott"`
	NotAfter  TimeDuration       `json:"notAfter"`
	NotBefore TimeDuration       `json:"notBefore"`
}

SignRequest is the request body for a certificate signature request.

func (*SignRequest) Validate 

func (s *SignRequest) Validate() error

Validate checks the fields of the SignRequest and returns nil if they are ok or an error if something is wrong.

type SignResponse 

type SignResponse struct {
	ServerPEM    Certificate          `json:"crt"`
	CaPEM        Certificate          `json:"ca"`
	CertChainPEM []Certificate        `json:"certChain"`
	TLSOptions   *tlsutil.TLSOptions  `json:"tlsOptions,omitempty"`
	TLS          *tls.ConnectionState `json:"-"`
}

SignResponse is the response object of the certificate signature request.

type SignSSHRequest added in v0.12.0 

type SignSSHRequest struct {
	PublicKey        []byte       `json:"publicKey"` //base64 encoded
	OTT              string       `json:"ott"`
	CertType         string       `json:"certType,omitempty"`
	Principals       []string     `json:"principals,omitempty"`
	ValidAfter       TimeDuration `json:"validAfter,omitempty"`
	ValidBefore      TimeDuration `json:"validBefore,omitempty"`
	AddUserPublicKey []byte       `json:"addUserPublicKey,omitempty"`
}

SignSSHRequest is the request body of an SSH certificate request.

func (*SignSSHRequest) Validate added in v0.12.0 

func (s *SignSSHRequest) Validate() error

Validate validates the SignSSHRequest.

type SignSSHResponse added in v0.12.0 

type SignSSHResponse struct {
	Certificate        SSHCertificate  `json:"crt"`
	AddUserCertificate *SSHCertificate `json:"addUserCrt,omitempty"`
}

SignSSHResponse is the response object that returns the SSH certificate.

type StackTracer 

type StackTracer interface {
	StackTrace() errors.StackTrace
}

StackTracer must be by those errors that return an stack trace.

type StatusCoder 

type StatusCoder interface {
	StatusCode() int
}

StatusCoder interface is used by errors that returns the HTTP response code.

type TimeDuration added in v0.9.0 

type TimeDuration = provisioner.TimeDuration

TimeDuration is an alias of provisioner.TimeDuration

func NewTimeDuration added in v0.9.0 

func NewTimeDuration(t time.Time) TimeDuration

NewTimeDuration returns a TimeDuration with the defined time.

func ParseTimeDuration added in v0.9.0 

func ParseTimeDuration(s string) (TimeDuration, error)

ParseTimeDuration returns a new TimeDuration parsing the RFC 3339 time or time.Duration string.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.