iamserver

package
v0.0.0-...-b2cdabd Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 29, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertHandler 

type CertHandler interface {
	GetCertTypes() []string
	GetCertificate(certType string, issuer []byte, serial string) (certURL, keyURL string, err error)
	SetOwner(certType, password string) error
	Clear(certType string) error
	CreateKey(certType, subject, password string) (csr []byte, err error)
	ApplyCertificate(certType string, cert []byte) (certURL, serial string, err error)
	CreateSelfSignedCert(certType, password string) (err error)
}

CertHandler interface.

type IdentHandler 

type IdentHandler interface {
	GetSystemID() (systemdID string, err error)
	GetUnitModel() (unitModel string, err error)
	GetSubjects() (Subjects []string, err error)
	SubjectsChangedChannel() (channel <-chan []string)
}

IdentHandler interface.

type PermissionHandler 

type PermissionHandler interface {
	RegisterInstance(
		instance aostypes.InstanceIdent, permissions map[string]map[string]string) (secret string, err error)
	UnregisterInstance(instance aostypes.InstanceIdent)
	GetPermissions(secret, funcServerID string) (
		instance aostypes.InstanceIdent, permissions map[string]string, err error)
}

PermissionHandler interface.

type RemoteIAMsHandler 

type RemoteIAMsHandler interface {
	GetRemoteNodes() []string
	GetCertTypes(nodeID string) ([]string, error)
	SetOwner(nodeID, certType, password string) error
	Clear(nodeID, certType string) error
	CreateKey(nodeID, certType, subject, password string) (csr []byte, err error)
	ApplyCertificate(nodeID, certType string, cert []byte) (certURL, serial string, err error)
	EncryptDisk(nodeID, password string) error
	FinishProvisioning(nodeID string) error
}

RemoteIAMsHandler remote IAM's handler.

type Server 

type Server struct {
	sync.Mutex
	pb.UnimplementedIAMPublicServiceServer
	pb.UnimplementedIAMPublicIdentityServiceServer
	pb.UnimplementedIAMPublicPermissionsServiceServer
	pb.UnimplementedIAMProvisioningServiceServer
	pb.UnimplementedIAMCertificateServiceServer
	pb.UnimplementedIAMPermissionsServiceServer
	// contains filtered or unexported fields
}

Server IAM server instance.

func New 

func New(
	cfg *config.Config, cryptoContext *cryptutils.CryptoContext, certHandler CertHandler, identHandler IdentHandler,
	permissionHandler PermissionHandler, remoteIAMsHandler RemoteIAMsHandler, provisioningMode bool,
) (server *Server, err error)

New creates new IAM server instance.

func (*Server) ApplyCert 

func (server *Server) ApplyCert(
	context context.Context, req *pb.ApplyCertRequest,
) (rsp *pb.ApplyCertResponse, err error)

ApplyCert applies certificate.

func (*Server) Clear 

func (server *Server) Clear(context context.Context, req *pb.ClearRequest) (rsp *empty.Empty, err error)

Clear clears certificates and keys storages.

func (*Server) Close 

func (server *Server) Close() (err error)

Close closes IAM server instance.

func (*Server) CreateKey 

func (server *Server) CreateKey(context context.Context, req *pb.CreateKeyRequest) (
	rsp *pb.CreateKeyResponse, err error,
)

CreateKey creates private key.

func (*Server) EncryptDisk 

func (server *Server) EncryptDisk(ctx context.Context, req *pb.EncryptDiskRequest) (rsp *empty.Empty, err error)

EncryptDisk perform disk encryption.

func (*Server) FinishProvisioning 

func (server *Server) FinishProvisioning(context context.Context, req *empty.Empty) (rsp *empty.Empty, err error)

FinishProvisioning notifies IAM that provisioning is finished.

func (*Server) GetAPIVersion 

func (server *Server) GetAPIVersion(ctx context.Context, req *empty.Empty) (*pb.APIVersion, error)

GetAPIVersion returns current iam api version.

func (*Server) GetAllNodeIDs 

func (server *Server) GetAllNodeIDs(context context.Context,
	req *empty.Empty,
) (rsp *pb.NodesID, err error)

GetAllNodeIDs returns all known node IDs.

func (*Server) GetCert 

func (server *Server) GetCert(context context.Context, req *pb.GetCertRequest) (rsp *pb.GetCertResponse, err error)

GetCert returns certificate URI by issuer.

func (*Server) GetCertTypes 

func (server *Server) GetCertTypes(context context.Context,
	req *pb.GetCertTypesRequest,
) (rsp *pb.CertTypes, err error)

GetCertTypes returns all IAM cert types.

func (*Server) GetNodeInfo 

func (server *Server) GetNodeInfo(ctx context.Context, req *empty.Empty) (*pb.NodeInfo, error)

GetNodeInfo returns node information.

func (*Server) GetPermissions 

func (server *Server) GetPermissions(
	ctx context.Context, req *pb.PermissionsRequest,
) (rsp *pb.PermissionsResponse, err error)

GetPermissions returns permissions by secret and functional server ID.

func (*Server) GetSubjects 

func (server *Server) GetSubjects(context context.Context, req *empty.Empty) (rsp *pb.Subjects, err error)

GetSubjects returns subjects.

func (*Server) GetSystemInfo 

func (server *Server) GetSystemInfo(context context.Context, req *empty.Empty) (rsp *pb.SystemInfo, err error)

GetSystemInfo returns system information.

func (*Server) RegisterInstance 

func (server *Server) RegisterInstance(
	ctx context.Context, req *pb.RegisterInstanceRequest,
) (*pb.RegisterInstanceResponse, error)

RegisterInstance registers new service and creates secret.

func (*Server) SetOwner 

func (server *Server) SetOwner(context context.Context, req *pb.SetOwnerRequest) (rsp *empty.Empty, err error)

SetOwner makes IAM owner of secure storage.

func (*Server) SubscribeSubjectsChanged 

func (server *Server) SubscribeSubjectsChanged(message *empty.Empty,
	stream pb.IAMPublicIdentityService_SubscribeSubjectsChangedServer,
) (err error)

SubscribeSubjectsChanged creates stream for subjects changed notifications.

func (*Server) UnregisterInstance 

func (server *Server) UnregisterInstance(ctx context.Context, req *pb.UnregisterInstanceRequest) (*empty.Empty, error)

UnregisterInstance unregisters service.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.