vault

package
v0.0.0-...-ef5c1ef Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2024 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrDIDMethodNotSupported = errors.New("DID method not supported")
	ErrDIDInvalid            = errors.New("invalid string for DID key")
	ErrInvalidCodec          = errors.New("invalid codec")
)

Functions

func DIDKeyIdentifier 

func DIDKeyIdentifier(did string) (string, error)

func DIDKeyToPubKey 

func DIDKeyToPubKey(did string) (publicKey jwk.Key, err error)

func DIDelsiIdentifier 

func DIDelsiIdentifier(did string) (string, error)

func DIDelsiToPubKey 

func DIDelsiToPubKey(did string) (publicKey jwk.Key, err error)

func Delete 

func Delete(cfg *yaml.YAML) error

func GenDIDKey 

func GenDIDKey() (did string, privateKey jwk.Key, err error)

GenDIDKey generates a new 'did:key' DID by creating an EC key pair

func GenDIDelsi 

func GenDIDelsi(subject x509util.ELSIName, keyparams x509util.KeyParams) (did string, privateKey jwk.Key, cert x509util.PEMCert, err error)

GenDIDelsi generates a new 'did:elsi' DID by creating an EC key pair

func JSONRemarshal 

func JSONRemarshal(bytes []byte) ([]byte, error)

func MakeDBDirectory 

func MakeDBDirectory(cfg *yaml.YAML) error

func PubKeyToDIDKey 

func PubKeyToDIDKey(pubKeyJWK jwk.Key) (did string, err error)

Types

type CredRawData 

type CredRawData struct {
	Id      string `json:"id,omitempty"`
	Type    string `json:"type,omitempty"`
	Encoded string `json:"encoded,omitempty"`
}

type CredentialData 

type CredentialData struct {
	Jti                string `json:"jti" yaml:"jti"`
	CredName           string `json:"cred_name"`
	IssuerDID          string `json:"iss"`
	SubjectDID         string `json:"did"`
	Name               string `json:"name"`
	Given_name         string `json:"given_name"`
	Family_name        string `json:"family_name"`
	Preferred_username string `json:"preferred_username"`
	Email              string `json:"email"`
}

type User 

type User struct {
	// contains filtered or unexported fields
}

User represents the user model It also implements the webauthn.User interface

func NewUser 

func NewUser(db *ent.Client, id string, name string) *User

func (*User) CredentialExcludeList 

func (u *User) CredentialExcludeList() []protocol.CredentialDescriptor

CredentialExcludeList returns a CredentialDescriptor array filled with all a user's credentials

func (*User) DID 

func (u *User) DID() string

func (*User) WebAuthnAddCredential 

func (u *User) WebAuthnAddCredential(cred webauthn.Credential)

WebAuthnAddCredential associates the credential to the user

func (*User) WebAuthnCredentials 

func (u *User) WebAuthnCredentials() []webauthn.Credential

WebAuthnCredentials returns credentials owned by the user

func (User) WebAuthnDisplayName 

func (u User) WebAuthnDisplayName() string

WebAuthnDisplayName returns the user's display name

func (User) WebAuthnID 

func (u User) WebAuthnID() []byte

WebAuthnID returns the user's ID

func (User) WebAuthnIcon 

func (u User) WebAuthnIcon() string

WebAuthnIcon is not (yet) implemented

func (User) WebAuthnName 

func (u User) WebAuthnName() string

WebAuthnName returns the user's username

type Vault 

type Vault struct {
	// contains filtered or unexported fields
}

func Must 

func Must(v *Vault, err error) *Vault

Must is a helper that wraps a call to a function returning (*Vault, error) and panics if the error is non-nil. It is intended for use in program initialization where the starting process has to be aborted in case of error. Usage is like this: 

var issuerVault = vault.Must(vault.New(cfg))

func New 

func New(cfg *yaml.YAML) (v *Vault, err error)

New opens or creates a repository storing users, keys and credentials

func NewFromDBClient 

func NewFromDBClient(entClient *ent.Client, cfg *yaml.YAML) (v *Vault)

NewFromDBClient uses an existing client connection for creating the storage object

func (*Vault) CreateCredentialJWTFromMap 

func (v *Vault) CreateCredentialJWTFromMap(credmap map[string]any) (credID string, rawJSONCred json.RawMessage, err error)

CreateCredentialJWTFromMap receives a map with the hierarchical data of the credential and returns the id of a new credential and the raw JWT string representing the credential

func (*Vault) CreateJWTtoken 

func (v *Vault) CreateJWTtoken(credData map[string]any, issuerID string) ([]byte, error)

CreateJWTtoken creates a JWT token from the given claims, signed with the first private key associated to the issuer DID

func (*Vault) CreateLEARCredentialJWTFromMap 

func (v *Vault) CreateLEARCredentialJWTFromMap(credmap map[string]any, elsiName x509util.ELSIName) (credID string, rawJSONCred json.RawMessage, err error)

CreateLEARCredentialJWTFromMap receives a map with the hierarchical data of the credential and returns the id of a new credential and the raw JWT string representing the credential

func (*Vault) CreateOrGetUserWithDIDKey 

func (v *Vault) CreateOrGetUserWithDIDKey(userid string, name string, usertype string, password string) (*User, error)

CreateOrGetUserWithDIDKey retrieves an existing User or creates a new one if it did not exist. The user created is associated to a did:key

func (*Vault) CreateOrGetUserWithDIDelsi 

func (v *Vault) CreateOrGetUserWithDIDelsi(userid string, name string, elsiName x509util.ELSIName, usertype string, password string) (*User, error)

CreateOrGetUserWithDIDKey retrieves an existing User or creates a new one if it did not exist. The user created is associated to a did:key

func (*Vault) DB 

func (v *Vault) DB() *ent.Client

func (*Vault) DIDKeyToPrivateKey 

func (v *Vault) DIDKeyToPrivateKey(did string) (privateKey jwk.Key, err error)

func (*Vault) DIDKeyToPublicKey 

func (v *Vault) DIDKeyToPublicKey(did string) (publicKey jwk.Key, err error)

func (*Vault) DIDelsiToKey 

func (v *Vault) DIDelsiToKey(did string) (privateKey jwk.Key, publicKey jwk.Key, err error)

func (*Vault) DIDelsiToPrivateKey 

func (v *Vault) DIDelsiToPrivateKey(did string) (privateKey jwk.Key, err error)

func (*Vault) DIDelsiToPublicKey 

func (v *Vault) DIDelsiToPublicKey(did string) (publicKey jwk.Key, err error)

func (*Vault) GetAllCredentials 

func (v *Vault) GetAllCredentials() (creds []*CredRawData)

func (*Vault) GetDIDForUser 

func (v *Vault) GetDIDForUser(userid string) (string, error)

func (*Vault) GetUserById 

func (v *Vault) GetUserById(userid string) (*User, error)

GetUser returns a *User by the user's username

func (*Vault) GetUserByName 

func (v *Vault) GetUserByName(name string) (*User, error)

GetUser returns a *User by the user's username

func (*Vault) InitCredentialTemplates 

func (v *Vault) InitCredentialTemplates(credentialTemplatesPath string)

func (*Vault) NewDidKey 

func (v *Vault) NewDidKey() (did string, privateKey jwk.Key, err error)

func (*Vault) NewDidKeyForUser 

func (v *Vault) NewDidKeyForUser(user *User) (did string, privateKey jwk.Key, err error)

func (*Vault) NewDidelsiForUser 

func (v *Vault) NewDidelsiForUser(user *User, sub x509util.ELSIName, kp x509util.KeyParams) (did string, privateKey jwk.Key, pemBytes []byte, err error)

func (*Vault) SignWithDIDKey 

func (v *Vault) SignWithDIDKey(did string, stringToSign string) (signedString string, err error)

func (*Vault) SignWithDIDelsi 

func (v *Vault) SignWithDIDelsi(did string, privateKey jwk.Key, cert x509util.PEMCert, stringToSign string) (signedString string, err error)

func (*Vault) VerifyJWTtoken 

func (v *Vault) VerifyJWTtoken(token []byte, issuerDID string) (jwt.Token, error)

Source Files

View all Source files

Directories

Path Synopsis
ent
credential
did
enttest
hook
migrate
predicate
runtime
schema
user
webauthncredential

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.