rest_util

package
v0.0.0-...-31bffcd Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 23, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package rest_util provides helper functions to generate a client for the Ziti Edge REST APIs. It is a meat and potato API that is meant to be consumed by higher level implementations (e.g. CLIs).

The main entry functions are: - NewEdgeManagementClientWithToken() - NewEdgeManagementClientWithUpdb() - NewEdgeManagementClientWithCert() - NewEdgeManagementClientWithAuthenticator() - NewEdgeClientClientWithToken() - NewEdgeClientClientWithUpdb() - NewEdgeClientClientWithCert() - NewEdgeClientClientWithAuthenticator()

`updb` and `cert` are supported with specific helper functions. Any authentication method not supported explicitly can use the ***Authenticator helper functions to implement other authentication methods.

An example(s) is provided in the `examples` directory.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetControllerWellKnownCas 

func GetControllerWellKnownCas(controllerAddr string) ([]*x509.Certificate, error)

GetControllerWellKnownCas will attempt to connect to a controller and retrieve its PKCS11 well-known CA bundle.

func NewEdgeClientClientWithAuthenticator 

func NewEdgeClientClientWithAuthenticator(authenticator Authenticator, apiAddress string) (*rest_client_api_client.ZitiEdgeClient, error)

NewEdgeClientClientWithAuthenticator will generate a new rest_client_api_client.ZitiEdgeClient client based upon a provided http.Client, controller address, and will authenticate with the provided Authenticator to obtain an API Session token.

func NewEdgeClientClientWithCert 

func NewEdgeClientClientWithCert(cert *x509.Certificate, privateKey crypto.PrivateKey, apiAddress string, rootCas *x509.CertPool) (*rest_client_api_client.ZitiEdgeClient, error)

NewEdgeClientClientWithCert will generate a new rest_client_api_client.ZitiEdgeClient client based upon a provided http.Client, controller address, and will authenticate via client certificate to obtain an API Session token.

func NewEdgeClientClientWithToken 

func NewEdgeClientClientWithToken(httpClient *http.Client, apiAddress string, apiSessionToken string) (*rest_client_api_client.ZitiEdgeClient, error)

NewEdgeClientClientWithToken will generate a new rest_client_api_client.ZitiEdgeClient client based upon a provided http.Client, controller address, and an API Session token that has been previously obtained.

func NewEdgeClientClientWithUpdb 

func NewEdgeClientClientWithUpdb(username, password string, apiAddress string, rootCas *x509.CertPool) (*rest_client_api_client.ZitiEdgeClient, error)

NewEdgeClientClientWithUpdb will generate a new rest_client_api_client.ZitiEdgeClient client based upon a provided http.Client, controller address, and will authenticate via username/password database (updb) to obtain an API Session token.

func NewEdgeManagementClientWithAuthenticator 

func NewEdgeManagementClientWithAuthenticator(authenticator Authenticator, apiAddress string) (*rest_management_api_client.ZitiEdgeManagement, error)

NewEdgeManagementClientWithAuthenticator will generate a new rest_management_api_client.ZitiEdgeManagement client based upon a provided http.Client, controller address, and will authenticate with the provided Authenticator to obtain an API Session token.

func NewEdgeManagementClientWithCert 

func NewEdgeManagementClientWithCert(cert *x509.Certificate, privateKey crypto.PrivateKey, apiAddress string, rootCas *x509.CertPool) (*rest_management_api_client.ZitiEdgeManagement, error)

NewEdgeManagementClientWithCert will generate a new rest_management_api_client.ZitiEdgeManagement client based upon a provided http.Client, controller address, and will authenticate via client certificate to obtain an API Session token.

func NewEdgeManagementClientWithToken 

func NewEdgeManagementClientWithToken(httpClient *http.Client, apiAddress string, apiSessionToken string) (*rest_management_api_client.ZitiEdgeManagement, error)

NewEdgeManagementClientWithToken will generate a new rest_management_api_client.ZitiEdgeManagement client based upon a provided http.Client, controller address, and an API Session token that has been previously obtained.

func NewEdgeManagementClientWithUpdb 

func NewEdgeManagementClientWithUpdb(username, password string, apiAddress string, rootCas *x509.CertPool) (*rest_management_api_client.ZitiEdgeManagement, error)

NewEdgeManagementClientWithUpdb will generate a new rest_management_api_client.ZitiEdgeManagement client based upon a provided http.Client, controller address, and will authenticate via username/password database (updb) to obtain an API Session token.

func NewHttpClientWithTlsConfig 

func NewHttpClientWithTlsConfig(tlsClientConfig *tls.Config) (*http.Client, error)

NewHttpClientWithTlsConfig provides a default HTTP client with generous default timeouts.

func NewTlsConfig 

func NewTlsConfig() (*tls.Config, error)

NewTlsConfig creates a tls.Config with default min/max TSL versions.

func VerifyController 

func VerifyController(controllerAddr string, caPool *x509.CertPool) (bool, error)

VerifyController will attempt to use the provided x509.CertPool to connect to the provided controller. If successful true an no error will be returned.

Types

type Authenticator 

type Authenticator interface {
	//Authenticate issues an authentication HTTP requests to the designated controller. The method and operation
	// of this authentication request is determined by the implementor.
	Authenticate(controllerAddress *url.URL) (*rest_model.CurrentAPISessionDetail, error)

	//BuildHttpClient returns a http.Client to use for an API client. This specifically allows
	//client certificate authentication to be configured in the http.Client's transport/tls.Config
	BuildHttpClient() (*http.Client, error)
}

Authenticator is an interface that facilitates obtaining an API Session.

type AuthenticatorAuthHeader 

type AuthenticatorAuthHeader struct {
	AuthenticatorBase
	Token string
}

func NewAuthenticatorAuthHeader 

func NewAuthenticatorAuthHeader(token string) *AuthenticatorAuthHeader

func (*AuthenticatorAuthHeader) Authenticate 

func (a *AuthenticatorAuthHeader) Authenticate(controllerAddress *url.URL) (*rest_model.CurrentAPISessionDetail, error)

func (*AuthenticatorAuthHeader) Params 

func (a *AuthenticatorAuthHeader) Params() *authentication.AuthenticateParams

type AuthenticatorBase 

type AuthenticatorBase struct {
	ConfigTypes    rest_model.ConfigTypes
	EnvInfo        *rest_model.EnvInfo
	SdkInfo        *rest_model.SdkInfo
	HttpClientFunc HttpClientFunc
	TlsConfigFunc  TlsConfigFunc
	RootCas        *x509.CertPool
}

AuthenticatorBase provides embeddable shared capabilities for all authenticators.

func (*AuthenticatorBase) BuildHttpClientWithModifyTls 

func (a *AuthenticatorBase) BuildHttpClientWithModifyTls(modifyTls func(*tls.Config)) (*http.Client, error)

BuildHttpClientWithModifyTls builds a new http.Client with the provided HttpClientFunc and TlsConfigFunc. If not set, default NewHttpClientWithTlsConfig and NewTlsConfig will be used.

type AuthenticatorCert 

type AuthenticatorCert struct {
	AuthenticatorBase
	Certificate *x509.Certificate
	PrivateKey  crypto.PrivateKey
}

AuthenticatorCert is an implementation of Authenticator that can fulfill client certificate authentication requests.

func NewAuthenticatorCert 

func NewAuthenticatorCert(cert *x509.Certificate, privateKey crypto.PrivateKey) *AuthenticatorCert

func (*AuthenticatorCert) Authenticate 

func (a *AuthenticatorCert) Authenticate(controllerAddress *url.URL) (*rest_model.CurrentAPISessionDetail, error)

func (*AuthenticatorCert) BuildHttpClient 

func (a *AuthenticatorCert) BuildHttpClient() (*http.Client, error)

func (*AuthenticatorCert) Params 

func (a *AuthenticatorCert) Params() *authentication.AuthenticateParams

type AuthenticatorUpdb 

type AuthenticatorUpdb struct {
	AuthenticatorBase
	Username string
	Password string
}

AuthenticatorUpdb is an implementation of Authenticator that can fulfill username/password authentication requests.

func NewAuthenticatorUpdb 

func NewAuthenticatorUpdb(username, password string) *AuthenticatorUpdb

func (*AuthenticatorUpdb) Authenticate 

func (a *AuthenticatorUpdb) Authenticate(controllerAddress *url.URL) (*rest_model.CurrentAPISessionDetail, error)

func (*AuthenticatorUpdb) BuildHttpClient 

func (a *AuthenticatorUpdb) BuildHttpClient() (*http.Client, error)

func (*AuthenticatorUpdb) Params 

func (a *AuthenticatorUpdb) Params() *authentication.AuthenticateParams

type HeaderAuth 

type HeaderAuth struct {
	HeaderName  string
	HeaderValue string
}

func (*HeaderAuth) AuthenticateRequest 

func (e *HeaderAuth) AuthenticateRequest(request openApiRuntime.ClientRequest, _ strfmt.Registry) error

type HttpClientFunc 

type HttpClientFunc func(tlsClientConfig *tls.Config) (*http.Client, error)

HttpClientFunc allows an external HttpClient to be created and used.

type TlsConfigFunc 

type TlsConfigFunc func() (*tls.Config, error)

TlsConfigFunc allows the tls.Config to be modified before use.

type ZitiTokenAuth 

type ZitiTokenAuth struct {
	Token string
}

ZitiTokenAuth is an implementation of runtime.ClientAuthInfoWriter. It allows an API Session token to be injected into out going HTTP requests.

func (*ZitiTokenAuth) AuthenticateRequest 

func (e *ZitiTokenAuth) AuthenticateRequest(request openApiRuntime.ClientRequest, _ strfmt.Registry) error

AuthenticateRequest injects the API Session token into outgoing requests.

Source Files

View all Source files

Directories

Path Synopsis
examples
ziti-example-list-identities

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.