Documentation ¶
Index ¶
- type CredRawData
- type CredentialData
- type CredentialDecoded
- type Signable
- type Vault
- func (v *Vault) AddKeyToUser(userid string, privKey *jwk.JWK) (*ent.PrivateKey, error)
- func (v *Vault) CreateAccessToken(credData string, issuerDID string) (json.RawMessage, error)
- func (v *Vault) CreateCredentialJWTFromMap(credmap map[string]any) (credID string, rawJSONCred json.RawMessage, err error)
- func (v *Vault) CreateLegalPersonWithKey(issuerDID string, name string, password string) (usr *ent.User, err error)
- func (v *Vault) CreateNaturalPersonWithKey(id string, name string, password string) (usr *ent.User, err error)
- func (v *Vault) CreateOrGetCredential(credData *CredentialData) (rawJsonCred json.RawMessage, err error)
- func (v *Vault) CreateUser(userid string, name string, usertype string, password string) (usr *ent.User, err error)
- func (v *Vault) CreateUserWithKey(userid string, name string, usertype string, password string) (usr *ent.User, err error)
- func (v *Vault) CreateUserWithKeyX(userid string, name string, usertype string, password string) (usr *ent.User, err error)
- func (v *Vault) CredentialFromJWT(credSerialized string) (rawJsonCred json.RawMessage, err error)
- func (v *Vault) GetAllCredentials() (creds []*CredRawData)
- func (v *Vault) GetDIDForUser(userid string) (string, error)
- func (v *Vault) NewKeyForUser(userid string) (*ent.PrivateKey, error)
- func (v *Vault) PrivateKeyByID(id string) (jwkKey *jwk.JWK, err error)
- func (v *Vault) PrivateKeysForUser(userid string) (keys []*jwk.JWK, err error)
- func (v *Vault) PublicKeysForUser(userid string) (keys []*jwk.JWK, err error)
- func (v *Vault) SetDIDForUser(userid string, did string) error
- func (v *Vault) Sign(object Signable) (signedString string, err error)
- func (v *Vault) SignString(toBeSigned string, kid string) (signedString string, err error)
- func (v *Vault) SignWithJWK(k *jwk.JWK, claims any) (signedString string, err error)
- func (v *Vault) TestCred(credData *CredentialData) (rawJsonCred json.RawMessage, err error)
- func (v *Vault) UserByID(id string) (usr *ent.User, err error)
- func (v *Vault) VerifySignature(signedString string, signature string, alg string, kid string) (err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CredRawData ¶
type CredentialData ¶
type CredentialData struct { Jti string `json:"jti" yaml:"jti"` CredName string `json:"cred_name"` IssuerDID string `json:"iss"` SubjectDID string `json:"did"` Name string `json:"name"` Given_name string `json:"given_name"` Family_name string `json:"family_name"` Preferred_username string `json:"preferred_username"` Email string `json:"email"` }
type CredentialDecoded ¶
type CredentialDecoded struct { jwt.RegisteredClaims Other map[string]any }
type Vault ¶
func Must ¶
Must is a helper that wraps a call to a function returning (*Vault, error) and panics if the error is non-nil. It is intended for use in program initialization where the starting process has to be aborted in case of error. Usage is like this:
var issuerVault = vault.Must(vault.New(cfg))
func NewFromDBClient ¶
NewFromDBClient uses an existing client connection for creating the storage object
func (*Vault) AddKeyToUser ¶
func (*Vault) CreateAccessToken ¶
CreateAccessToken creates a JWT access token from the credential in serialized form, signed with the first private key associated to the issuer DID
func (*Vault) CreateCredentialJWTFromMap ¶
func (v *Vault) CreateCredentialJWTFromMap(credmap map[string]any) (credID string, rawJSONCred json.RawMessage, err error)
CreateCredentialJWTFromMap receives a map with the hierarchical data of the credential and returns the id of a new credential and the raw JWT string representing the credential
func (*Vault) CreateLegalPersonWithKey ¶
func (v *Vault) CreateLegalPersonWithKey(issuerDID string, name string, password string) (usr *ent.User, err error)
CreateLegalPersonWithKey creates a user of type "issuer" and an associated private key for signing. For a single tenant issuer installation, it should be enough with a single Issuer. The function expects the IssuerDID (a unique identifier) and the name of the entity.
func (*Vault) CreateNaturalPersonWithKey ¶
func (*Vault) CreateOrGetCredential ¶
func (v *Vault) CreateOrGetCredential(credData *CredentialData) (rawJsonCred json.RawMessage, err error)
func (*Vault) CreateUser ¶
func (*Vault) CreateUserWithKey ¶
func (*Vault) CreateUserWithKeyX ¶
func (v *Vault) CreateUserWithKeyX(userid string, name string, usertype string, password string) (usr *ent.User, err error)
CreateUserWithKeyX is like CreateUserWithKey but panics if there is an error
func (*Vault) CredentialFromJWT ¶
func (v *Vault) CredentialFromJWT(credSerialized string) (rawJsonCred json.RawMessage, err error)
func (*Vault) GetAllCredentials ¶
func (v *Vault) GetAllCredentials() (creds []*CredRawData)
func (*Vault) NewKeyForUser ¶
func (v *Vault) NewKeyForUser(userid string) (*ent.PrivateKey, error)
func (*Vault) PrivateKeyByID ¶
func (*Vault) PrivateKeysForUser ¶
PrivateKeysForUser returns all the private keys belonging to the userid
func (*Vault) PublicKeysForUser ¶
PublicKeysForUser returns all the public keys belonging to the userid
func (*Vault) SignString ¶
SignString signs the string using the key with given ID and using algorithm alg
func (*Vault) SignWithJWK ¶
SignWithJWK signs the JWT using the algorithm and key ID in its header
func (*Vault) TestCred ¶
func (v *Vault) TestCred(credData *CredentialData) (rawJsonCred json.RawMessage, err error)