vault: github.com/hashicorp/vault/http Index | Files

package http

import "github.com/hashicorp/vault/http"

Index

Package Files

cors.go handler.go help.go logical.go stub_assets.go sys_generate_root.go sys_health.go sys_init.go sys_leader.go sys_raft.go sys_rekey.go sys_seal.go testing.go util.go

Constants

const (
    // WrapTTLHeaderName is the name of the header containing a directive to
    // wrap the response
    WrapTTLHeaderName = "X-Vault-Wrap-TTL"

    // WrapFormatHeaderName is the name of the header containing the format to
    // wrap in; has no effect if the wrap TTL is not set
    WrapFormatHeaderName = "X-Vault-Wrap-Format"

    // NoRequestForwardingHeaderName is the name of the header telling Vault
    // not to use request forwarding
    NoRequestForwardingHeaderName = "X-Vault-No-Request-Forwarding"

    // MFAHeaderName represents the HTTP header which carries the credentials
    // required to perform MFA on any path.
    MFAHeaderName = "X-Vault-MFA"

    // PolicyOverrideHeaderName is the header set to request overriding
    // soft-mandatory Sentinel policies.
    PolicyOverrideHeaderName = "X-Vault-Policy-Override"

    // DefaultMaxRequestSize is the default maximum accepted request size. This
    // is to prevent a denial of service attack where no Content-Length is
    // provided and the server is fed ever more data until it exhausts memory.
    // Can be overridden per listener.
    DefaultMaxRequestSize = 32 * 1024 * 1024
)

func Handler Uses

func Handler(props *vault.HandlerProperties) http.Handler

Handler returns an http.Handler for the API. This can be used on its own to mount the Vault API within another web server.

func TestListener Uses

func TestListener(tb testing.TB) (net.Listener, string)

func TestServer Uses

func TestServer(tb testing.TB, core *vault.Core) (net.Listener, string)

func TestServerAuth Uses

func TestServerAuth(tb testing.TB, addr string, token string)

func TestServerWithListener Uses

func TestServerWithListener(tb testing.TB, ln net.Listener, addr string, core *vault.Core)

func TestServerWithListenerAndProperties Uses

func TestServerWithListenerAndProperties(tb testing.TB, ln net.Listener, addr string, core *vault.Core, props *vault.HandlerProperties)

func WrapForwardedForHandler Uses

func WrapForwardedForHandler(h http.Handler, authorizedAddrs []*sockaddr.SockAddrMarshaler, rejectNotPresent, rejectNonAuthz bool, hopSkips int) http.Handler

type GenerateRootInitRequest Uses

type GenerateRootInitRequest struct {
    OTP    string `json:"otp"`
    PGPKey string `json:"pgp_key"`
}

type GenerateRootStatusResponse Uses

type GenerateRootStatusResponse struct {
    Nonce            string `json:"nonce"`
    Started          bool   `json:"started"`
    Progress         int    `json:"progress"`
    Required         int    `json:"required"`
    Complete         bool   `json:"complete"`
    EncodedToken     string `json:"encoded_token"`
    EncodedRootToken string `json:"encoded_root_token"`
    PGPFingerprint   string `json:"pgp_fingerprint"`
    OTP              string `json:"otp"`
    OTPLength        int    `json:"otp_length"`
}

type GenerateRootUpdateRequest Uses

type GenerateRootUpdateRequest struct {
    Nonce string
    Key   string
}

type HealthResponse Uses

type HealthResponse struct {
    Initialized                bool   `json:"initialized"`
    Sealed                     bool   `json:"sealed"`
    Standby                    bool   `json:"standby"`
    PerformanceStandby         bool   `json:"performance_standby"`
    ReplicationPerformanceMode string `json:"replication_performance_mode"`
    ReplicationDRMode          string `json:"replication_dr_mode"`
    ServerTimeUTC              int64  `json:"server_time_utc"`
    Version                    string `json:"version"`
    ClusterName                string `json:"cluster_name,omitempty"`
    ClusterID                  string `json:"cluster_id,omitempty"`
    LastWAL                    uint64 `json:"last_wal,omitempty"`
}

type InitRequest Uses

type InitRequest struct {
    SecretShares      int      `json:"secret_shares"`
    SecretThreshold   int      `json:"secret_threshold"`
    StoredShares      int      `json:"stored_shares"`
    PGPKeys           []string `json:"pgp_keys"`
    RecoveryShares    int      `json:"recovery_shares"`
    RecoveryThreshold int      `json:"recovery_threshold"`
    RecoveryPGPKeys   []string `json:"recovery_pgp_keys"`
    RootTokenPGPKey   string   `json:"root_token_pgp_key"`
}

type InitResponse Uses

type InitResponse struct {
    Keys            []string `json:"keys"`
    KeysB64         []string `json:"keys_base64"`
    RecoveryKeys    []string `json:"recovery_keys,omitempty"`
    RecoveryKeysB64 []string `json:"recovery_keys_base64,omitempty"`
    RootToken       string   `json:"root_token"`
}

type InitStatusResponse Uses

type InitStatusResponse struct {
    Initialized bool `json:"initialized"`
}

type JoinRequest Uses

type JoinRequest struct {
    LeaderAPIAddr    string `json:"leader_api_addr"`
    LeaderCACert     string `json:"leader_ca_cert":`
    LeaderClientCert string `json:"leader_client_cert"`
    LeaderClientKey  string `json:"leader_client_key"`
    Retry            bool   `json:"retry"`
}

type JoinResponse Uses

type JoinResponse struct {
    Joined bool `json:"joined"`
}

type LeaderResponse Uses

type LeaderResponse struct {
    HAEnabled                bool   `json:"ha_enabled"`
    IsSelf                   bool   `json:"is_self"`
    LeaderAddress            string `json:"leader_address"`
    LeaderClusterAddress     string `json:"leader_cluster_address"`
    PerfStandby              bool   `json:"performance_standby"`
    PerfStandbyLastRemoteWAL uint64 `json:"performance_standby_last_remote_wal"`
    LastWAL                  uint64 `json:"last_wal,omitempty"`
}

type RekeyRequest Uses

type RekeyRequest struct {
    SecretShares        int      `json:"secret_shares"`
    SecretThreshold     int      `json:"secret_threshold"`
    StoredShares        int      `json:"stored_shares"`
    PGPKeys             []string `json:"pgp_keys"`
    Backup              bool     `json:"backup"`
    RequireVerification bool     `json:"require_verification"`
}

type RekeyStatusResponse Uses

type RekeyStatusResponse struct {
    Nonce                string   `json:"nonce"`
    Started              bool     `json:"started"`
    T                    int      `json:"t"`
    N                    int      `json:"n"`
    Progress             int      `json:"progress"`
    Required             int      `json:"required"`
    PGPFingerprints      []string `json:"pgp_fingerprints"`
    Backup               bool     `json:"backup"`
    VerificationRequired bool     `json:"verification_required"`
    VerificationNonce    string   `json:"verification_nonce,omitempty"`
}

type RekeyUpdateRequest Uses

type RekeyUpdateRequest struct {
    Nonce string
    Key   string
}

type RekeyUpdateResponse Uses

type RekeyUpdateResponse struct {
    Nonce                string   `json:"nonce"`
    Complete             bool     `json:"complete"`
    Keys                 []string `json:"keys"`
    KeysB64              []string `json:"keys_base64"`
    PGPFingerprints      []string `json:"pgp_fingerprints"`
    Backup               bool     `json:"backup"`
    VerificationRequired bool     `json:"verification_required"`
    VerificationNonce    string   `json:"verification_nonce,omitempty"`
}

type RekeyVerificationStatusResponse Uses

type RekeyVerificationStatusResponse struct {
    Nonce    string `json:"nonce"`
    Started  bool   `json:"started"`
    T        int    `json:"t"`
    N        int    `json:"n"`
    Progress int    `json:"progress"`
}

type RekeyVerificationUpdateRequest Uses

type RekeyVerificationUpdateRequest struct {
    Nonce string `json:"nonce"`
    Key   string `json:"key"`
}

type RekeyVerificationUpdateResponse Uses

type RekeyVerificationUpdateResponse struct {
    Nonce    string `json:"nonce"`
    Complete bool   `json:"complete"`
}

type SealStatusResponse Uses

type SealStatusResponse struct {
    Type         string `json:"type"`
    Initialized  bool   `json:"initialized"`
    Sealed       bool   `json:"sealed"`
    T            int    `json:"t"`
    N            int    `json:"n"`
    Progress     int    `json:"progress"`
    Nonce        string `json:"nonce"`
    Version      string `json:"version"`
    Migration    bool   `json:"migration"`
    ClusterName  string `json:"cluster_name,omitempty"`
    ClusterID    string `json:"cluster_id,omitempty"`
    RecoverySeal bool   `json:"recovery_seal"`
}

type UIAssetWrapper Uses

type UIAssetWrapper struct {
    FileSystem *assetfs.AssetFS
}

func (*UIAssetWrapper) Open Uses

func (fs *UIAssetWrapper) Open(name string) (http.File, error)

type UnsealRequest Uses

type UnsealRequest struct {
    Key     string
    Reset   bool
    Migrate bool
}

Note: because we didn't provide explicit tagging in the past we can't do it now because if it then no longer accepts capitalized versions it could break clients

Package http imports 37 packages (graph) and is imported by 46 packages. Updated 2019-07-19. Refresh now. Tools for package owners.