plugin

package
v0.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2020 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Factory 

func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

func NewPathConfig 

func NewPathConfig(b *OpenStackAuthBackend) []*framework.Path

func NewPathLogin 

func NewPathLogin(b *OpenStackAuthBackend) []*framework.Path

func NewPathRole 

func NewPathRole(b *OpenStackAuthBackend) []*framework.Path

Types

type Attestor 

type Attestor struct {
	// contains filtered or unexported fields
}

func NewAttestor 

func NewAttestor(s logical.Storage) *Attestor

NewAttestor returns new attestor.

func (*Attestor) Attest 

func (at *Attestor) Attest(instance *servers.Server, role *Role, addr string) error

Attest is used to attest a OpenStack instance based on binded role and IP address.

func (*Attestor) AttestAddr 

func (at *Attestor) AttestAddr(instance *servers.Server, addr string) error

AttestAddr is used to attest the IP address of OpenStack instance with source IP address. This method support IPv4 only.

func (*Attestor) AttestMetadata 

func (at *Attestor) AttestMetadata(instance *servers.Server, metadataKey string, roleName string) error

AttestMetadata is used to attest a OpenStack instance metadata.

func (*Attestor) AttestStatus 

func (at *Attestor) AttestStatus(instance *servers.Server) error

AttestStatus is used to attest the status of OpenStack instance.

func (*Attestor) AttestTenantID 

func (at *Attestor) AttestTenantID(instance *servers.Server, tenantID string) error

AttestTenantID is used to attest the tenant ID of OpenStack instance.

func (*Attestor) AttestUserID added in v0.3.0 

func (at *Attestor) AttestUserID(instance *servers.Server, userID string) error

AttestUserID is used to attest the user ID of OpenStack instance.

func (*Attestor) VerifyAuthLimit 

func (at *Attestor) VerifyAuthLimit(instance *servers.Server, limit int, deadline time.Time) (int, error)

VerifyAuthLimit is used to verify the number of attempts of authentication. The limit of authentication is specified by a binded role.

func (*Attestor) VerifyAuthPeriod 

func (at *Attestor) VerifyAuthPeriod(instance *servers.Server, period time.Duration) (time.Time, error)

VerifyAuthPeriod is used to verify the deadline of authentication. The deadline is calculated by the create date of OpenStack instance and the authentication period specified by a binded role.

type AuthAttempt 

type AuthAttempt struct {
	Name     string    `json:"name" structs:"name" mapstructure:"name"`
	Deadline time.Time `json:"deadline" structs:"deadline" mapstructure:"deadline"`
	Count    int       `json:"count" structs:"count" mapstructure:"count"`
}

type Config 

type Config struct {
	AuthURL           string `json:"auth_url" structs:"auth_url" mapstructure:"auth_url"`
	Token             string `json:"token" structs:"token" mapstructure:"token"`
	UserID            string `json:"user_id" structs:"user_id" mapstructure:"user_id"`
	Username          string `json:"username" structs:"username" mapstructure:"username"`
	Password          string `json:"password" structs:"password" mapstructure:"password"`
	ProjectID         string `json:"project_id" structs:"project_id" mapstructure:"project_id"`
	ProjectName       string `json:"project_name" structs:"project_name" mapstructure:"project_name"`
	TenantID          string `json:"tenant_id" structs:"tenant_id" mapstructure:"tenant_id"`
	TenantName        string `json:"tenant_name" structs:"tenant_name" mapstructure:"tenant_name"`
	UserDomainID      string `json:"user_domain_id" structs:"user_domain_id" mapstructure:"user_domain_id"`
	UserDomainName    string `json:"user_domain_name" structs:"user_domain_name" mapstructure:"user_domain_name"`
	ProjectDomainID   string `json:"project_domain_id" structs:"project_domain_id" mapstructure:"project_domain_id"`
	ProjectDomainName string `json:"project_domain_name" structs:"project_domain_name" mapstructure:"project_domain_name"`
	DomainID          string `json:"domain_id" structs:"domain_id" mapstructure:"domain_id"`
	DomainName        string `json:"domain_name" structs:"domain_name" mapstructure:"domain_name"`
}

type OpenStackAuthBackend 

type OpenStackAuthBackend struct {
	*framework.Backend
	// contains filtered or unexported fields
}

func NewBackend 

func NewBackend() *OpenStackAuthBackend

func (*OpenStackAuthBackend) Close 

func (b *OpenStackAuthBackend) Close()

type Role 

type Role struct {
	Name        string        `json:"name" structs:"name" mapstructure:"name"`
	Policies    []string      `json:"policies" structs:"policies" mapstructure:"policies"`
	TTL         time.Duration `json:"ttl" structs:"ttl" mapstructure:"ttl"`
	MaxTTL      time.Duration `json:"max_ttl" structs:"max_ttl" mapstructure:"max_ttl"`
	Period      time.Duration `json:"period" structs:"period" mapstructure:"period"`
	MetadataKey string        `json:"metadata_key" structs:"metadata_key" mapstructure:"metadata_key"`
	TenantID    string        `json:"tenant_id" structs:"tenant_id" mapstructure:"tenant_id"`
	UserID      string        `json:"user_id" structs:"user_id" mapstructure:"user_id"`
	AuthPeriod  time.Duration `json:"auth_period" structs:"auth_period" mapstructure:"auth_period"`
	AuthLimit   int           `json:"auth_limit" structs:"auth_limit" mapstructure:"auth_limit"`
}

func (*Role) Validate 

func (r *Role) Validate(sys logical.SystemView) (warnings []string, err error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.