database

package

v0.15.0 Latest Latest Go to latest Published: Feb 21, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/f110/heimdallr

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func MarshalUser(user *User) ([]byte, error)
func WithoutCache(opt *UserDatabaseOpt)
type AccessToken
type CertificateAuthority
type ClusterDatabase
type Code
- func (c *Code) Verify(verifier string) bool
type Member
type Relay
type RelayLocator
type RevokedCertificate
type SSHKeys
type SignedCertificate
- func ParseSignedCertificate(b []byte) (*SignedCertificate, error)
- func (s *SignedCertificate) Marshal() ([]byte, error)
type Token
type TokenDatabase
type User
- func UnmarshalUser(kv *mvccpb.KeyValue) (*User, error)
- func (u *User) ServiceAccount() bool
- func (u *User) Setup()
type UserDatabase
type UserDatabaseOpt
type UserDatabaseOption

Constants ¶

View Source

const (
	DefaultPrivateKeyType = "ecdsa"
	DefaultPrivateKeyBits = 256
)

View Source

const (
	UserTypeServiceAccount = "service_account"
	UserTypeNormal         = "user"
)

Variables ¶

View Source

var (
	CodeExpiration  = 1 * time.Minute
	TokenExpiration = 24 * time.Hour
)

View Source

var (
	ErrUserNotFound        = xerrors.New("database: user not found")
	ErrClosed              = xerrors.New("database: closed")
	ErrAccessTokenNotFound = xerrors.New("database: access token not found")
)

View Source

var (
	ErrRelayNotFound = xerrors.New("database: relay not found")
)

View Source

var (
	ErrTokenNotFound = xerrors.New("database: token not found")
)

View Source

var SystemUser = &User{
	Id:    "system@f110.dev",
	Roles: []string{"system:proxy"},
	Type:  UserTypeServiceAccount,
}

Functions ¶

func MarshalUser ¶

func MarshalUser(user *User) ([]byte, error)

func WithoutCache ¶ added in v0.10.0

func WithoutCache(opt *UserDatabaseOpt)

Types ¶

type AccessToken ¶

type AccessToken struct {
	Name      string    `json:"name"`
	Value     string    `json:"value"`
	UserId    string    `json:"user_id"`
	Issuer    string    `json:"issuer"`
	CreatedAt time.Time `json:"created_at"`
}

type CertificateAuthority ¶

type CertificateAuthority interface {
	// GetSignedCertificate returns a list of SignedCertificate.
	// You want to get a specify SignedCertificate then also passed the serial number.
	// You want to get all SignedCertificate then passed the nil to serialNumber.
	GetSignedCertificate(ctx context.Context, serialNumber *big.Int) ([]*SignedCertificate, error)
	// GetRevokedCertificate returns a list of RevokedCertificate.
	// An interface of this method is the same as GetSignedCertificate.
	GetRevokedCertificate(ctx context.Context, serialNumber *big.Int) ([]*RevokedCertificate, error)
	SetSignedCertificate(ctx context.Context, certificate *SignedCertificate) error
	SetRevokedCertificate(ctx context.Context, certificate *RevokedCertificate) error
	WatchRevokeCertificate() chan struct{}
	NewSerialNumber(ctx context.Context) (*big.Int, error)
}

type ClusterDatabase ¶

type ClusterDatabase interface {
	Id() string
	Join(ctx context.Context) error
	Leave(ctx context.Context) error
	MemberList(ctx context.Context) ([]*Member, error)
	Alive() bool
}

type Code ¶

type Code struct {
	Code            string    `json:"code"`
	Challenge       string    `json:"challenge"`
	ChallengeMethod string    `json:"challenge_method"`
	UserId          string    `json:"user_id"`
	IssuedAt        time.Time `json:"issued_at"`
}

func (*Code) Verify ¶

func (c *Code) Verify(verifier string) bool

type Member ¶

type Member struct {
	Id string `json:"id"`
}

type Relay ¶

type Relay struct {
	Name        string    `json:"name"`
	Addr        string    `json:"addr"`
	FromAddr    string    `json:"from_addr"`
	ConnectedAt time.Time `json:"connected_at"`
	UpdatedAt   time.Time `json:"updated_at"`
	Version     int64     `json:"-"`
}

type RelayLocator ¶

type RelayLocator interface {
	Get(name string) (*Relay, bool)
	Set(ctx context.Context, relay *Relay) error
	// TODO: Is this method used?
	Update(ctx context.Context, relay *Relay) error
	Delete(ctx context.Context, name, addr string) error
	Gone() chan *Relay
	GetListenedAddrs() []string
	ListAllConnectedAgents() []*Relay
}

type RevokedCertificate ¶

type RevokedCertificate struct {
	CommonName   string
	SerialNumber *big.Int
	IssuedAt     time.Time
	RevokedAt    time.Time
	Agent        bool
	Device       bool
	Comment      string
}

type SSHKeys ¶ added in v0.8.0

type SSHKeys struct {
	UserId string `json:"user_id"`
	Keys   string `json:"keys"`
}

type SignedCertificate ¶

type SignedCertificate struct {
	Certificate *x509.Certificate
	P12         []byte
	IssuedAt    time.Time
	Agent       bool
	Device      bool
	Comment     string
}

func ParseSignedCertificate ¶ added in v0.15.0

func ParseSignedCertificate(b []byte) (*SignedCertificate, error)

func (*SignedCertificate) Marshal ¶ added in v0.15.0

func (s *SignedCertificate) Marshal() ([]byte, error)

type Token ¶

type Token struct {
	Token    string    `json:"token"`
	UserId   string    `json:"user_id"`
	IssuedAt time.Time `json:"issued_at"`
}

type TokenDatabase ¶

type TokenDatabase interface {
	FindToken(ctx context.Context, token string) (*Token, error)
	NewCode(ctx context.Context, userId, challenge, challengeMethod string) (*Code, error)
	IssueToken(ctx context.Context, code, codeVerifier string) (*Token, error)
	AllCodes(ctx context.Context) ([]*Code, error)
	DeleteCode(ctx context.Context, code string) error
	AllTokens(ctx context.Context) ([]*Token, error)
	DeleteToken(ctx context.Context, token string) error
}

type User ¶

type User struct {
	Id            string          `json:"id"`
	LoginName     string          `json:"login_name"`
	Roles         []string        `json:"roles"`
	MaintainRoles map[string]bool `json:"maintain_roles,omitempty"`
	Admin         bool            `json:"admin"`
	Type          string          `json:"type"`
	Comment       string          `json:"comment"`
	LastLogin     time.Time       `json:"last_login"`

	Version  int64 `json:"-"`
	RootUser bool  `json:"-"`
}

func UnmarshalUser ¶

func UnmarshalUser(kv *mvccpb.KeyValue) (*User, error)

func (*User) ServiceAccount ¶

func (u *User) ServiceAccount() bool

func (*User) Setup ¶

func (u *User) Setup()

type UserDatabase ¶

type UserDatabase interface {
	Get(id string, opts ...UserDatabaseOption) (*User, error)
	GetAll() ([]*User, error)
	GetAllServiceAccount() ([]*User, error)
	GetAccessToken(value string) (*AccessToken, error)
	GetAccessTokens(id string) ([]*AccessToken, error)
	GetIdentityByLoginName(ctx context.Context, loginName string) (string, error)
	Set(ctx context.Context, user *User) error
	SetAccessToken(ctx context.Context, token *AccessToken) error
	Delete(ctx context.Context, id string) error
	SetState(ctx context.Context, unique string) (string, error)
	GetState(ctx context.Context, state string) (string, error)
	DeleteState(ctx context.Context, state string) error
}

type UserDatabaseOpt ¶ added in v0.10.0

type UserDatabaseOpt struct {
	WithoutCache bool
}

type UserDatabaseOption ¶ added in v0.10.0

type UserDatabaseOption func(*UserDatabaseOpt)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
etcd
memory
mysql
dao Package dao contains the data access object.	Package dao contains the data access object.
entity Generated by protoc-ddl.	Generated by protoc-ddl.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL