authorizer

package
v1.35.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 23, 2024 License: Apache-2.0 Imports: 3 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APICertificate 

type APICertificate struct {
	ID               string `json:"id,omitempty"`
	Type             string `json:"type,omitempty"`
	OwnerID          string `json:"owner_id,omitempty"`
	Revoked          string `json:"revoked,omitempty"`
	RevocationReason string `json:"revocation_reason,omitempty"`
	Cert             string `json:"cert,omitempty"`
	Chain            string `json:"chain,omitempty"`
}

APICertificate api certificate definition

type APICertificateSearch 

type APICertificateSearch struct {
	ID             string `json:"id,omitempty"`
	Type           string `json:"type,omitempty"`
	KeyID          string `json:"key_id,omitempty"`
	OwnerID        string `json:"owner_id,omitempty"`
	Subject        string `json:"subject,omitempty"`
	Issuer         string `json:"issuer,omitempty"`
	NotBefore      string `json:"not_before,omitempty"`
	NotAfter       string `json:"not_after,omitempty"`
	IncludeRevoked bool   `json:"include_revoked,omitempty"`
	IncludeExpired bool   `json:"include_expired,omitempty"`
}

APICertificateSearch api certificate search definition

type AccessGroup 

type AccessGroup struct {
	ID        string `json:"id,omitempty"`
	Name      string `json:"name,omitempty"`
	Comment   string `json:"comment,omitempty"`
	CAID      string `json:"ca_id,omitempty"`
	Author    string `json:"author,omitempty"`
	Created   string `json:"created,omitempty"`
	Updated   string `json:"updated,omitempty"`
	UpdatedBy string `json:"updated_by,omitempty"`
	Default   bool   `json:"default,omitempty"`
}

AccessGroup access group definition

type AccountSecrets added in v1.35.0 

type AccountSecrets struct {
	Path         string             `json:"path"`
	Type         string             `json:"type"`
	Username     string             `json:"username"`
	Email        string             `json:"email,omitempty"`
	FullName     string             `json:"full_name,omitempty"`
	TargetDomain TargetDomainHandle `json:"target_domain,omitempty"`
	Host         HostPrincipals     `json:"host,omitempty"`
	Created      string             `json:"created,omitempty"`
	Updated      string             `json:"updated,omitempty"`
}

type AccountSecretsResult added in v1.35.0 

type AccountSecretsResult struct {
	Count int              `json:"count"`
	Items []AccountSecrets `json:"items"`
}

type AccountSecretsSearchRequest added in v1.35.0 

type AccountSecretsSearchRequest struct {
	Keywords string `json:"keywords"`
	HostID   string `json:"host_id,omitempty"`
	Username string `json:"username,omitempty"`
}

type ApiCertificateObject added in v1.25.0 

type ApiCertificateObject struct {
	Type              string `json:"type"`
	ID                string `json:"id"`
	Serial            string `json:"serial"`
	OwnerID           string `json:"owner_id,omitempty"`
	Revoked           string `json:"revoked,omitempty"`
	RevocationReason  string `json:"revocation_reason,omitempty"`
	Cert              string `json:"cert"`
	Chain             string `json:"chain"`
	Issuer            string `json:"issuer,omitempty"`
	Subject           string `json:"subject,omitempty"`
	NotBefore         string `json:"not_before,omitempty"`
	NotAfter          string `json:"not_after,omitempty"`
	KeyUsage          string `json:"key_usage,omitempty"`
	BasicConstraints  string `json:"basic_constraints,omitempty"`
	Extensions        string `json:"extensions,omitempty"`
	FingerPrintSHA1   string `json:"fingerprint_sha1,omitempty"`
	FingerPrintSHA256 string `json:"fingerprint_sha256,omitempty"`
	SubjectKeyID      string `json:"subject_key_id,omitempty"`
	AuthorityKeyID    string `json:"authority_key_id,omitempty"`
	ExpiryStatus      string `json:"expiry_status,omitempty"`
}

type ApiCertificateSearchResponse added in v1.25.0 

type ApiCertificateSearchResponse struct {
	Count int                    `json:"count"`
	Items []ApiCertificateObject `json:"items"`
}

type ApiIdentitiesResponse added in v0.21.0 

type ApiIdentitiesResponse struct {
	Certificates  []ApiSshCertificate `json:"certificates"`
	PrincipalKeys []Principal         `json:"principal_keys"`
	Passphrase    string              `json:"passphrase,omitempty"`
	ResponseCode  int                 `json:"response_code"`
	Message       string              `json:"message"`
}

type ApiSshCertificate added in v0.21.0 

type ApiSshCertificate struct {
	Type       string   `json:"type"`
	Data       string   `json:"data"`
	DataString string   `json:"data_string"`
	Chain      []string `json:"chain"`
}

type AuthorizationRequest 

type AuthorizationRequest struct {
	PublicKey string `json:"public_key,omitempty"`
	HostID    string `json:"host_id,omitempty"`
	Hostname  string `json:"hostname,omitempty"`
	Username  string `json:"username,omitempty"`
	Service   string `json:"service,omitempty"`
	RoleID    string `json:"role_id,omitempty"`
}

AuthorizationRequest end user authorization request definition

type CA 

type CA struct {
	ID        string `json:"id"`
	GroupID   string `json:"group_id"`
	Type      string `json:"type"`
	Size      int    `json:"size"`
	PublicKey string `json:"public_key"`
	X509      string `json:"x509_certificate"`
}

CA is root certificate representation

type CertTemplate 

type CertTemplate struct {
	Name              string   `json:"name"`
	Description       string   `json:"description"`
	Service           string   `json:"service"`
	Type              string   `json:"type"`
	KeyID             string   `json:"key_id,omitempty"`
	RsaSignatureTypes []string `json:"rsa_signature_types,omitempty"`
	Principals        []string `json:"principals,omitempty"`
	Extensions        []string `json:"extensions,omitempty"`
}

CertTemplate certification template definition

type Checkout added in v1.35.0 

type Checkout struct {
	ID               string         `json:"id"`
	Path             string         `json:"path"`
	Type             string         `json:"type"`
	Expires          string         `json:"expires"`
	Created          string         `json:"created"`
	ExplicitCheckout bool           `json:"explicit_checkout"`
	Secrets          []Secrets      `json:"secrets"`
	Username         string         `json:"username"`
	Email            string         `json:"email,omitempty"`
	FullName         string         `json:"full_name,omitempty"`
	Host             HostPrincipals `json:"host,omitempty"`
	TargetDomain     TargetDomain   `json:"target_domain,omitempty"`
	ManagedAccountID string         `json:"managed_account_id,omitempty"`
	UserID           string         `json:"user_id"`
}

type CheckoutRequest added in v1.35.0 

type CheckoutRequest struct {
	Path string `json:"path"`
}

type CheckoutResult added in v1.35.0 

type CheckoutResult struct {
	Count int        `json:"count"`
	Items []Checkout `json:"items"`
}

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a authorizer client instance.

func New 

func New(api restapi.Connector) *Client

New creates a new authorizer client instance

func (*Client) AccessGroup 

func (auth *Client) AccessGroup(accessGroupID string) (*AccessGroup, error)

AccessGroup get access group

func (*Client) AccessGroups 

func (auth *Client) AccessGroups(offset, limit int, sortkey, sortdir string) ([]AccessGroup, error)

MARK: Access Groups AccessGroups lists all access group

func (*Client) AccountSecrets added in v1.35.0 

func (auth *Client) AccountSecrets(limit int, sortdir string) (AccountSecretsResult, error)

MARK: Secrets AccountSecrets lists all account secrets

func (*Client) CACertificate 

func (auth *Client) CACertificate(caID, filename string) error

CACertificate gets authorizer's root certificate

func (*Client) CACertificates 

func (auth *Client) CACertificates(accessGroupID string) ([]CA, error)

CACertificates gets authorizer's root certificates

func (*Client) CarrierConfigDownloadHandle 

func (auth *Client) CarrierConfigDownloadHandle(trustedClientID string) (*DownloadHandle, error)

CarrierConfigDownloadHandle get a session id for a carrier config

func (*Client) CertTemplates 

func (auth *Client) CertTemplates(service string) ([]CertTemplate, error)

CertTemplates returns the certificate authentication templates for the service

func (*Client) CertificateRevocationList 

func (auth *Client) CertificateRevocationList(caID, filename string) error

CertificateRevocationList gets authorizer CA's certificate revocation list.

func (*Client) Checkout added in v1.35.0 

func (auth *Client) Checkout(checkoutId string) (*Checkout, error)

Checkout get checkout by id

func (*Client) CheckoutAccountSecret added in v1.35.0 

func (auth *Client) CheckoutAccountSecret(path string) (CheckoutResult, error)

CheckoutAccountSecret checkout account secret

func (*Client) Checkouts added in v1.35.0 

func (auth *Client) Checkouts(limit int, sortdir string) (CheckoutResult, error)

Checkouts lists secret checkouts

func (*Client) CreateAccessGroup 

func (auth *Client) CreateAccessGroup(accessGroup *AccessGroup) (string, error)

CreateAccessGroup create a access group

func (*Client) CreateAccessGroupsIdCas added in v1.31.0 

func (auth *Client) CreateAccessGroupsIdCas(accessGroupID string) (string, error)

CreateAccessGroupsIdCas create CA Key to an access group

func (*Client) CreatePrincipalKey 

func (auth *Client) CreatePrincipalKey(groupID string) (*Principal, error)

CreatePrincipalKey create a principal key pair

func (*Client) DeleteAccessGroup 

func (auth *Client) DeleteAccessGroup(accessGroupID string) error

DeleteAccessGroup delete a access group

func (*Client) DeleteAccessGroupsIdCas added in v1.31.0 

func (auth *Client) DeleteAccessGroupsIdCas(accessGroupID string, caID string) error

DeleteAccessGroup delete a CA Key to an access group

func (*Client) DeletePrincipalKey 

func (auth *Client) DeletePrincipalKey(groupID, keyID string) error

DeletePrincipalKey delete the principal key by its group ID

func (*Client) DeployScriptDownloadHandle 

func (auth *Client) DeployScriptDownloadHandle(trustedClientID string) (*DownloadHandle, error)

DeployScriptDownloadHandle get a session id for a deployment script

func (*Client) DownloadCarrierConfig 

func (auth *Client) DownloadCarrierConfig(trustedClientID, sessionID, filename string) error

DownloadCarrierConfig gets a pre-configured carrier config

func (*Client) DownloadDeployScript 

func (auth *Client) DownloadDeployScript(trustedClientID, sessionID, filename string) error

DownloadDeployScript gets a pre-configured deployment script

func (*Client) DownloadExtenderCertificateCRL 

func (auth *Client) DownloadExtenderCertificateCRL(filename, id string) error

DownloadExtenderCertificateCRL gets authorizer CA's certificate revocation list

func (*Client) DownloadExtenderConfig 

func (auth *Client) DownloadExtenderConfig(trustedClientID, sessionID, filename string) error

DownloadExtenderConfig gets a pre-configured extender config

func (*Client) DownloadPrincipalCommandScript 

func (auth *Client) DownloadPrincipalCommandScript(filename string) error

DownloadPrincipalCommandScript gets the principals_command.sh script

func (*Client) DownloadWebProxyCertificateCRL 

func (auth *Client) DownloadWebProxyCertificateCRL(filename, trustedClientID string) error

DownloadWebProxyCertificateCRL gets authorizer CA's certificate revocation list

func (*Client) DownloadWebProxyConfig 

func (auth *Client) DownloadWebProxyConfig(trustedClientID, sessionID, filename string) error

DownloadWebProxyConfig gets a pre-configured web proxy config

func (*Client) ExtenderCACertificate 

func (auth *Client) ExtenderCACertificate(id string) (*CA, error)

ExtenderCACertificate gets authorizer's extender CA certificate

func (*Client) ExtenderCACertificates 

func (auth *Client) ExtenderCACertificates(accessGroupID string) ([]CA, error)

ExtenderCACertificates gets authorizer's extender CA certificates

func (*Client) ExtenderConfigDownloadHandle 

func (auth *Client) ExtenderConfigDownloadHandle(trustedClientID string) (*DownloadHandle, error)

ExtenderConfigDownloadHandle get a session id

func (*Client) ExtenderTrustAnchor 

func (auth *Client) ExtenderTrustAnchor() (*TrustAnchor, error)

ExtenderTrustAnchor returns the extender trust anchor (PrivX TLS CA certificate)

func (*Client) GetAllCertificates added in v1.25.0 

func (auth *Client) GetAllCertificates() (apiCertificateResult, error)

Get all Certificates

func (*Client) GetCertByID added in v1.25.0 

func (auth *Client) GetCertByID(ID string) (ApiCertificateObject, error)

Get Certificate by ID

func (*Client) ImportPrincipalKey 

func (auth *Client) ImportPrincipalKey(groupID string, key *PrincipalKeyImportRequest) (*Principal, error)

ImportPrincipalKey mport a principal key pair

func (*Client) Principal 

func (auth *Client) Principal(groupID, keyID, filter string) (*Principal, error)

Principal gets the principal key by its group ID

func (*Client) Principals 

func (auth *Client) Principals() ([]Principal, error)

Principals gets defined principals from the authorizer

func (*Client) ReleaseCheckout added in v1.35.0 

func (auth *Client) ReleaseCheckout(checkoutId string) error

ReleaseCheckout release secret checkout

func (*Client) SSLTrustAnchor 

func (auth *Client) SSLTrustAnchor() (*TrustAnchor, error)

SSLTrustAnchor returns the SSL trust anchor (PrivX TLS CA certificate)

func (*Client) SearchAccessGroup 

func (auth *Client) SearchAccessGroup(offset, limit int, sortkey, sortdir string, search *SearchParams) ([]AccessGroup, error)

SearchAccessGroup search for access groups

func (*Client) SearchAccountSecrets added in v1.35.0 

func (auth *Client) SearchAccountSecrets(limit int, sortdir string, search *AccountSecretsSearchRequest) (AccountSecretsResult, error)

SearchAccountSecrets search for account secrets

func (*Client) SearchCert 

func (auth *Client) SearchCert(offset, limit int, sortkey, sortdir string, cert *APICertificateSearch) ([]APICertificate, error)

MARK: Certs SearchCert search for certificates

func (*Client) SignPrincipalKey 

func (auth *Client) SignPrincipalKey(groupID, keyID string, credential *Credential) (*Signature, error)

SignPrincipalKey sign a principal key and get a signature

func (*Client) TargetHostCredentials 

func (auth *Client) TargetHostCredentials(authorizer *AuthorizationRequest) (*ApiIdentitiesResponse, error)

TargetHostCredentials get target host credentials for the user

func (*Client) UpdateAccessGroup 

func (auth *Client) UpdateAccessGroup(accessGroupID string, accessGroup *AccessGroup) error

UpdateAccessGroup update access group

func (*Client) WebProxyCACertificate 

func (auth *Client) WebProxyCACertificate(trustedClientID string) (*CA, error)

WebProxyCACertificate gets authorizer's web proxy CA certificate

func (*Client) WebProxyCACertificates 

func (auth *Client) WebProxyCACertificates(accessGroupID string) ([]CA, error)

WebProxyCACertificates gets authorizer's web proxy CA certificates

func (*Client) WebProxySessionDownloadHandle 

func (auth *Client) WebProxySessionDownloadHandle(trustedClientID string) (*DownloadHandle, error)

WebProxySessionDownloadHandle get a session id for a web proxy config

type Credential 

type Credential struct {
	Type string `json:"type"`
	Data string `json:"data"`
}

Credential end user authentication credentials definition

type DownloadHandle 

type DownloadHandle struct {
	SessionID string `json:"session_id"`
}

DownloadHandle download handle definition

type HostPrincipals added in v1.35.0 

type HostPrincipals struct {
	ID         string   `json:"id"`
	Addresses  []string `json:"addresses"`
	CommonName string   `json:"common_name,omitempty"`
	ExternalID string   `json:"external_id,omitempty"`
	InstanceID string   `json:"instance_id,omitempty"`
}

type Params 

type Params struct {
	ResponseType  string `json:"response_type,omitempty"`
	ClientID      string `json:"client_id,omitempty"`
	State         string `json:"state,omitempty"`
	RedirectURI   string `json:"redirect_uri,omitempty"`
	UserAgent     string `json:"user_agent,omitempty"`
	OidcID        string `json:"oidc_id,omitempty"`
	AccessGroupID string `json:"access_group_id,omitempty"`
	KeyID         string `json:"key_id,omitempty"`
	Filter        string `json:"filter,omitempty"`
	Service       string `json:"service,omitempty"`
	Sortkey       string `json:"sortkey,omitempty"`
	Sortdir       string `json:"sortdir,omitempty"`
	Offset        int    `json:"offset,omitempty"`
	Limit         int    `json:"limit,omitempty"`
}

Params query params definition

type Principal 

type Principal struct {
	ID              string `json:"id"`
	GroupID         string `json:"group_id,omitempty"`
	Type            string `json:"type,omitempty"`
	Comment         string `json:"comment,omitempty"`
	PublicKey       string `json:"public_key,omitempty"`
	PublicKeyString string `json:"public_key_string,omitempty"`
	Size            int    `json:"size,omitempty"`
}

Principal principal definition

type PrincipalKeyImportRequest 

type PrincipalKeyImportRequest struct {
	Algorithm string `json:"algorithm"`
	Data      string `json:"data"`
}

PrincipalKeyImportRequest principal key import definition

type SearchParams 

type SearchParams struct {
	Keywords string `json:"keywords,omitempty"`
}

SearchParams search params definition

type Secrets added in v1.35.0 

type Secrets struct {
	Version int       `json:"version"`
	Secret  string    `json:"secret"`
	Created time.Time `json:"created"`
}

type Signature 

type Signature struct {
	Signature string `json:"signature"`
}

Signature signature definition

type TargetDomain added in v1.35.0 

type TargetDomain struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type TargetDomainHandle added in v1.35.0 

type TargetDomainHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type TrustAnchor 

type TrustAnchor struct {
	TrustAnchor       string `json:"trust_anchor"`
	TrustAnchorSHA1   string `json:"trust_anchor_sha1,omitempty"`
	TrustAnchorSHA256 string `json:"trust_anchor_sha256,omitempty"`
}

TrustAnchor trust anchor definition

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.