tpp

package
v5.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2024 License: Apache-2.0 Imports: 25 Imported by: 3

Documentation

Index

Constants

View Source 
const (
	SSHCaRootPath = util.PathSeparator + "VED" + util.PathSeparator + "Certificate Authority" + util.PathSeparator + "SSH" + util.PathSeparator + "Templates"
)

Variables

View Source 
var RevocationReasonsMap = map[string]RevocationReason{
	"":                       0,
	"none":                   0,
	"key-compromise":         1,
	"ca-compromise":          2,
	"affiliation-changed":    3,
	"superseded":             4,
	"cessation-of-operation": 5,
}

RevocationReasonsMap maps *certificate.RevocationRequest.Reason to TPP-specific webSDK codes

Functions

func GetAvailableSshTemplates 

func GetAvailableSshTemplates(c *Connector) ([]certificate.SshAvaliableTemplate, error)

func IsCertNotFound 

func IsCertNotFound(err error) bool

func NewAuthenticationError 

func NewAuthenticationError(b []byte) error

func NewResponseError 

func NewResponseError(b []byte) error

func ParseCertificateSearchResponse 

func ParseCertificateSearchResponse(httpStatusCode int, body []byte) (searchResult *certificate.CertSearchResponse, err error)

func PolicyExist 

func PolicyExist(policyName string, c *Connector) (bool, error)

func RequestSshCertificate 

func RequestSshCertificate(c *Connector, req *certificate.SshCertRequest) (*certificate.SshCertificateObject, error)

func RetrieveSshCaPrincipals 

func RetrieveSshCaPrincipals(c *Connector, ca *certificate.SshCaTemplateRequest) ([]string, error)

func RetrieveSshCertificate 

func RetrieveSshCertificate(c *Connector, req *certificate.SshCertRequest) (*certificate.SshCertificateObject, error)

func RetrieveSshConfig 

func RetrieveSshConfig(c *Connector, ca *certificate.SshCaTemplateRequest) (*certificate.SshConfig, error)

Types

type BrowseIdentitiesRequest added in v5.4.0 

type BrowseIdentitiesRequest struct {
	Filter       string
	Limit        int
	IdentityType int
}

type BrowseIdentitiesResponse added in v5.4.0 

type BrowseIdentitiesResponse struct {
	Identities []IdentityEntry
}

type CertificateDetailsResponse 

type CertificateDetailsResponse struct {
	CustomFields []struct {
		Name  string
		Value []string
	}
	Consumers []string
	Disabled  bool `json:",omitempty"`
}

type CertificateSearchInfo 

type CertificateSearchInfo struct {
	CreatedOn   string
	DN          string
	Guid        string
	Name        string
	ParentDn    string
	SchemaClass string
	X509        certificate.CertificateInfo
}

type CertificateSearchResponse 

type CertificateSearchResponse struct {
	Certificates []CertificateSearchInfo `json:"Certificates"`
	Count        int                     `json:"TotalCount"`
}

type ConfigReadDNRequest 

type ConfigReadDNRequest struct {
	ObjectDN      string `json:",omitempty"`
	AttributeName string `json:",omitempty"`
}

type ConfigReadDNResponse 

type ConfigReadDNResponse struct {
	Result int      `json:",omitempty"`
	Values []string `json:",omitempty"`
}

type Connector 

type Connector struct {
	Identity identity
	// contains filtered or unexported fields
}

Connector contains the base data needed to communicate with a TPP Server

func NewConnector 

func NewConnector(url string, zone string, verbose bool, trust *x509.CertPool) (*Connector, error)

NewConnector creates a new TPP Connector object used to communicate with TPP

func (*Connector) Authenticate 

func (c *Connector) Authenticate(auth *endpoint.Authentication) (err error)

Authenticate authenticates the user to the TPP

func (*Connector) GenerateRequest 

func (c *Connector) GenerateRequest(config *endpoint.ZoneConfiguration, req *certificate.Request) (err error)

GenerateRequest creates a new certificate request, based on the zone/policy configuration and the user data

func (*Connector) GetPolicy 

func (c *Connector) GetPolicy(name string) (*policy.PolicySpecification, error)

func (*Connector) GetRefreshToken 

func (c *Connector) GetRefreshToken(auth *endpoint.Authentication) (resp OauthGetRefreshTokenResponse, err error)

GetRefreshToken Get OAuth refresh and access token

func (*Connector) GetType 

func (c *Connector) GetType() endpoint.ConnectorType

func (*Connector) GetZonesByParent 

func (c *Connector) GetZonesByParent(parent string) ([]string, error)

GetZonesByParent returns a list of valid zones for a TPP parent folder specified by parent

func (*Connector) ImportCertificate 

func (c *Connector) ImportCertificate(req *certificate.ImportRequest) (*certificate.ImportResponse, error)

func (*Connector) IsCSRServiceGenerated 

func (c *Connector) IsCSRServiceGenerated(req *certificate.Request) (bool, error)

func (*Connector) ListCertificates 

func (c *Connector) ListCertificates(filter endpoint.Filter) ([]certificate.CertificateInfo, error)

func (*Connector) Ping 

func (c *Connector) Ping() (err error)

Ping attempts to connect to the TPP Server WebSDK API and returns an error if it cannot

func (*Connector) ReadPolicyConfiguration 

func (c *Connector) ReadPolicyConfiguration() (policy *endpoint.Policy, err error)

func (*Connector) ReadZoneConfiguration 

func (c *Connector) ReadZoneConfiguration() (config *endpoint.ZoneConfiguration, err error)

ReadZoneConfiguration reads the policy data from TPP to get locked and pre-configured values for certificate requests

func (*Connector) RefreshAccessToken 

func (c *Connector) RefreshAccessToken(auth *endpoint.Authentication) (resp OauthRefreshAccessTokenResponse, err error)

RefreshAccessToken Refresh OAuth access token

func (*Connector) RenewCertificate 

func (c *Connector) RenewCertificate(renewReq *certificate.RenewalRequest) (requestID string, err error)

RenewCertificate attempts to renew the certificate

func (*Connector) RequestCertificate 

func (c *Connector) RequestCertificate(req *certificate.Request) (requestID string, err error)

RequestCertificate submits the CSR to TPP returning the DN of the requested Certificate.

func (*Connector) RequestSSHCertificate 

func (c *Connector) RequestSSHCertificate(req *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)

func (*Connector) ResetCertificate 

func (c *Connector) ResetCertificate(req *certificate.Request, restart bool) (err error)

This function is idempotent, i.e., it won't fail if there is nothing to be reset. It returns an error of type *ErrCertNotFound if the certificate is not found.

func (*Connector) RetireCertificate 

func (c *Connector) RetireCertificate(req *certificate.RetireRequest) (err error)

func (*Connector) RetrieveAvailableSSHTemplates 

func (c *Connector) RetrieveAvailableSSHTemplates() (response []certificate.SshAvaliableTemplate, err error)

func (*Connector) RetrieveCertificate 

func (c *Connector) RetrieveCertificate(req *certificate.Request) (certificates *certificate.PEMCollection, err error)

RetrieveCertificate attempts to retrieve the requested certificate

func (*Connector) RetrieveCertificateMetaData 

func (c *Connector) RetrieveCertificateMetaData(dn string) (*certificate.CertificateMetaData, error)

func (*Connector) RetrieveSSHCertificate 

func (c *Connector) RetrieveSSHCertificate(req *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)

func (*Connector) RetrieveSshConfig 

func (c *Connector) RetrieveSshConfig(ca *certificate.SshCaTemplateRequest) (*certificate.SshConfig, error)

func (*Connector) RetrieveSystemVersion 

func (c *Connector) RetrieveSystemVersion() (string, error)

requestSystemVersion returns the TPP system version of the connector context

func (*Connector) RevokeAccessToken 

func (c *Connector) RevokeAccessToken(auth *endpoint.Authentication) (err error)

RevokeAccessToken - call to revoke token so that it can never be used again

func (*Connector) RevokeCertificate 

func (c *Connector) RevokeCertificate(revReq *certificate.RevocationRequest) (err error)

RevokeCertificate attempts to revoke the certificate

func (*Connector) SearchCertificate 

func (c *Connector) SearchCertificate(zone string, cn string, sans *certificate.Sans, certMinTimeLeft time.Duration) (certificateInfo *certificate.CertificateInfo, err error)

func (*Connector) SearchCertificates 

func (c *Connector) SearchCertificates(req *certificate.SearchRequest) (*certificate.CertSearchResponse, error)

func (*Connector) SetHTTPClient 

func (c *Connector) SetHTTPClient(client *http.Client)

func (*Connector) SetPolicy 

func (c *Connector) SetPolicy(name string, ps *policy.PolicySpecification) (string, error)

func (*Connector) SetUserAgent added in v5.6.1 

func (c *Connector) SetUserAgent(userAgent string)

func (*Connector) SetZone 

func (c *Connector) SetZone(z string)

func (*Connector) SupportSynchronousRequestCertificate added in v5.1.0 

func (c *Connector) SupportSynchronousRequestCertificate() bool

SupportSynchronousRequestCertificate returns if the connector support synchronous calls to request a certificate.

func (*Connector) SynchronousRequestCertificate added in v5.1.0 

func (c *Connector) SynchronousRequestCertificate(_ *certificate.Request) (certificates *certificate.PEMCollection, err error)

SynchronousRequestCertificate It's not supported yet in TPP

func (*Connector) VerifyAccessToken 

func (c *Connector) VerifyAccessToken(auth *endpoint.Authentication) (resp OauthVerifyTokenResponse, err error)

VerifyAccessToken - call to check whether token is valid and, if so, return its properties

func (*Connector) WriteLog 

func (c *Connector) WriteLog(logReq *endpoint.LogRequest) error

type DNToGUIDRequest 

type DNToGUIDRequest struct {
	ObjectDN string `json:"ObjectDN"`
}

type DNToGUIDResponse 

type DNToGUIDResponse struct {
	ClassName        string `json:"ClassName"`
	GUID             string `json:"GUID"`
	HierarchicalGUID string `json:"HierarchicalGUID"`
	Result           int    `json:"Result"`
	Revision         int    `json:"Revision"`
}

type ErrCertNotFound 

type ErrCertNotFound struct {
	// contains filtered or unexported fields
}

func (*ErrCertNotFound) Error 

func (e *ErrCertNotFound) Error() string

func (*ErrCertNotFound) Unwrap 

func (e *ErrCertNotFound) Unwrap() error

type IdentityEntry added in v5.4.0 

type IdentityEntry struct {
	FullName          string `json:",omitempty"`
	Name              string `json:",omitempty"`
	Prefix            string `json:",omitempty"`
	PrefixedName      string `json:",omitempty"`
	PrefixedUniversal string `json:",omitempty"`
	Type              int    `json:",omitempty"`
	Universal         string `json:",omitempty"`
}

type IdentityInformation added in v5.4.0 

type IdentityInformation struct {
	PrefixedUniversal string
}

type IdentitySelfResponse added in v5.4.0 

type IdentitySelfResponse struct {
	Identities []IdentityEntry
}

type LogPostResponse 

type LogPostResponse struct {
	LogResult int `json:"LogResult"`
}

type OauthGetRefreshTokenResponse 

type OauthGetRefreshTokenResponse struct {
	Access_token  string `json:"access_token,omitempty"`
	Expires       int    `json:"expires,omitempty"`
	ExpiresIn     int    `json:"expires_in,omitempty"` //Attribute added as it's used on vSSH
	Identity      string `json:"identity,omitempty"`
	Refresh_token string `json:"refresh_token,omitempty"`
	Refresh_until int    `json:"refresh_until,omitempty"`
	Scope         string `json:"scope,omitempty"`
	Token_type    string `json:"token_type,omitempty"`
}

type OauthRefreshAccessTokenResponse 

type OauthRefreshAccessTokenResponse struct {
	Access_token  string `json:"access_token,omitempty"`
	Expires       int    `json:"expires,omitempty"`
	Identity      string `json:"identity,omitempty"`
	Refresh_token string `json:"refresh_token,omitempty"`
	Refresh_until int    `json:"refresh_until,omitempty"`
	Token_type    string `json:"token_type,omitempty"`
}

type OauthVerifyTokenResponse 

type OauthVerifyTokenResponse struct {
	AccessIssuedOn string `json:"access_issued_on_ISO8601,omitempty"`
	ClientID       string `json:"application,omitempty"`
	Expires        string `json:"expires_ISO8601,omitempty"`
	GrantIssuedOn  string `json:"grant_issued_on_ISO8601,omitempty"`
	Identity       string `json:"identity,omitempty"`
	Scope          string `json:"scope,omitempty"`
	ValidFor       int    `json:"valid_for,omitempty"`
}

type RevocationReason 

type RevocationReason int

type SearchRequest 

type SearchRequest []string

type ValidateIdentityRequest added in v5.4.0 

type ValidateIdentityRequest struct {
	ID IdentityInformation
}

type ValidateIdentityResponse added in v5.4.0 

type ValidateIdentityResponse struct {
	ID IdentityEntry
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.