token

package

v0.0.0-...-af321b4 Latest Latest Go to latest Published: Apr 13, 2023 License: MPL-2.0 Imports: 14 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/horizon

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func Armor(token []byte) string
func Metadata(stoken string) (map[string]string, error)
func RemoveArmor(token string) ([]byte, error)
func SetupVault(vc *api.Client, path string) (ed25519.PublicKey, error)
type TokenCreator
type ValidToken
- func CheckTokenED25519(stoken string, key ed25519.PublicKey) (*ValidToken, error)
- func CheckTokenHMAC(stoken string, key []byte) (*ValidToken, error)

Constants ¶

View Source

const (
	KeyAlgo             = 1
	KeyAccountId        = 100
	KeyAccountNamespace = 101
	KeyCapabilities     = 110
)

View Source

const (
	ValueHMAC    = 1
	ValueED25519 = 2
)

View Source

const (
	Magic = 0x47
)

Variables ¶

View Source

var (
	ErrBadToken      = errors.New("bad token")
	ErrNoLongerValid = errors.New("token no longer valid")
)

Functions ¶

func Armor ¶

func Armor(token []byte) string

func Metadata ¶

func Metadata(stoken string) (map[string]string, error)

func RemoveArmor ¶

func RemoveArmor(token string) ([]byte, error)

func SetupVault ¶

func SetupVault(vc *api.Client, path string) (ed25519.PublicKey, error)

Types ¶

type TokenCreator ¶

type TokenCreator struct {
	Role            pb.TokenRole
	Issuer          string
	AccountId       *pb.ULID
	AccuntNamespace string
	Capabilities    map[pb.Capability]string
	Metadata        map[string]string
	ValidDuration   time.Duration

	RawCapabilities []pb.TokenCapability
}

func (*TokenCreator) EncodeED25519 ¶

func (c *TokenCreator) EncodeED25519(key ed25519.PrivateKey, keyId string) (string, error)

func (*TokenCreator) EncodeED25519WithVault ¶

func (c *TokenCreator) EncodeED25519WithVault(vc *api.Client, path, keyId string) (string, error)

func (*TokenCreator) EncodeHMAC ¶

func (c *TokenCreator) EncodeHMAC(key []byte, keyId string) (string, error)

type ValidToken ¶

type ValidToken struct {
	Body  *pb.Token_Body
	Token *pb.Token
	Raw   []byte
	KeyId string
}

func CheckTokenED25519 ¶

func CheckTokenED25519(stoken string, key ed25519.PublicKey) (*ValidToken, error)

func CheckTokenHMAC ¶

func CheckTokenHMAC(stoken string, key []byte) (*ValidToken, error)

func (*ValidToken) Account ¶

func (t *ValidToken) Account() *pb.Account

func (*ValidToken) AllowAccount ¶

func (t *ValidToken) AllowAccount(ns string) bool

func (*ValidToken) HasCapability ¶

func (t *ValidToken) HasCapability(target pb.Capability) (bool, string)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL