access

package

v0.4.0 Latest Latest Go to latest Published: Jan 15, 2024 License: AGPL-3.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/practable/jump

Links

Open Source Insights

Documentation ¶

Overview ¶

Package access provides an API for accessing jump. Jump is aware of the roles of hosts and clients in establishing ssh connections, and will allocate unique connections to new clients. It requires crossbar to trigger the SSH host to connect AFTER the client has connected, because SSH is a server-speaks-first protocol. Hence access does not need to transmit the URI of the unique connection to the host because shellbar will do this when the client makes its websocket connection. There is no guarantee a host is connected at any given time, and if it drops its management channel which is connected to the base session_id, then it cannot be reached. As crossbar puts a websocket wrapper around the already-encrypted TCP/IP, the communication remains encrypted end-to-end. For more details on SSH security properties, see https://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_01.htm

Index ¶

func API(ctx context.Context, config Config)
func Token(audience, ct, topic, secret string, scopes []string, iat, nbf, exp int64) (string, error)
type Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func API ¶

func API(ctx context.Context, config Config)

API starts the API Inputs @closed - channel will be closed when server shutsdown @wg - waitgroup, we must wg.Done() when we are shutdown @port - where to listen locally @host - external FQDN of the host (for checking against tokens) e.g. https://relay-access.practable.io @target - FQDN of the relay instance e.g. wss://relay.practable.io @secret- HMAC shared secret which incoming tokens will be signed with @cs - pointer to the CodeStore this API shares with the shellbar websocket relay @options - for future backwards compatibility (no options currently available)

func Token ¶ added in v0.3.0

func Token(audience, ct, topic, secret string, scopes []string, iat, nbf, exp int64) (string, error)

Token returns a signed token

Types ¶

type Config ¶ added in v0.3.0

type Config struct {

	// Audience must match the host in token
	Audience string

	// ExchangeCode swaps a code for the associated Token
	CodeStore *ttlcode.CodeStore

	// Listen is the port this service listens on
	Listen int

	// Secret is used to validate tokens
	Secret string

	//Target is the FQDN of the relay instance
	Target string
}

Config represents configuration of the relay & lets configuration be passed as argument to permit testing

Source Files ¶

View all Source files

access.go

Directories ¶

Path	Synopsis
models
restapi Package restapi access	Package restapi access
operations

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL