Documentation
¶
Index ¶
Constants ¶
View Source
const BearerPrefix = "Bearer "
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CSRMetadata ¶
type CSRMetadata struct {
CommonName string `json:"common_name"`
Organization []string `json:"organization"`
OrganizationalUnit []string `json:"organizational_unit"`
Country []string `json:"country"`
Province []string `json:"province"`
Locality []string `json:"locality"`
StreetAddress []string `json:"street_address"`
PostalCode []string `json:"postal_code"`
DNSNames []string `json:"dns_names"`
IPAddresses []string `json:"ip_addresses"`
EmailAddresses []string `json:"email_addresses"`
}
type CertStatus ¶
type CertStatus int
const ( Valid CertStatus = iota Revoked Unknown )
func (CertStatus) MarshalJSON ¶
func (c CertStatus) MarshalJSON() ([]byte, error)
func (CertStatus) String ¶
func (c CertStatus) String() string
type Certificate ¶
type Certificate struct {
SerialNumber string `json:"serial_number,omitempty"`
Certificate string `json:"certificate,omitempty"`
Key string `json:"key,omitempty"`
Revoked bool `json:"revoked,omitempty"`
ExpiryTime time.Time `json:"expiry_time,omitempty"`
EntityID string `json:"entity_id,omitempty"`
DownloadUrl string `json:"-"`
}
type CertificateBundle ¶
type CertificatePage ¶
type CertificatePage struct {
Total uint64 `json:"total"`
Offset uint64 `json:"offset"`
Limit uint64 `json:"limit"`
Certificates []Certificate `json:"certificates,omitempty"`
}
type Config ¶
type Config struct {
CertsURL string
HostURL string
MsgContentType ContentType
TLSVerification bool
CurlFlag bool
}
type ContentType ¶
type ContentType string
ContentType represents all possible content types.
const ( // CTJSON represents JSON content type. CTJSON ContentType = "application/json" // CTJSONSenML represents JSON SenML content type. CTJSONSenML ContentType = "application/senml+json" // CTBinary represents binary content type. CTBinary ContentType = "application/octet-stream" )
type OCSPResponse ¶
type OCSPResponse struct {
Status CertStatus `json:"status"`
SerialNumber string `json:"serial_number"`
RevokedAt *time.Time `json:"revoked_at,omitempty"`
ProducedAt *time.Time `json:"produced_at,omitempty"`
ThisUpdate *time.Time `json:"this_update,omitempty"`
NextUpdate *time.Time `json:"next_update,omitempty"`
Certificate []byte `json:"certificate,omitempty"`
IssuerHash string `json:"issuer_hash,omitempty"`
RevocationReason int `json:"revocation_reason,omitempty"`
}
type Options ¶
type Options struct {
CommonName string `json:"common_name"`
Organization []string `json:"organization"`
OrganizationalUnit []string `json:"organizational_unit"`
Country []string `json:"country"`
Province []string `json:"province"`
Locality []string `json:"locality"`
StreetAddress []string `json:"street_address"`
PostalCode []string `json:"postal_code"`
DnsNames []string `json:"dns_names"`
}
type PageMetadata ¶
type PageMetadata struct {
Total uint64 `json:"total"`
Offset uint64 `json:"offset,omitempty"`
Limit uint64 `json:"limit"`
EntityID string `json:"entity_id,omitempty"`
Token string `json:"token,omitempty"`
CommonName string `json:"common_name,omitempty"`
Organization []string `json:"organization,omitempty"`
OrganizationalUnit []string `json:"organizational_unit,omitempty"`
Country []string `json:"country,omitempty"`
Province []string `json:"province,omitempty"`
Locality []string `json:"locality,omitempty"`
StreetAddress []string `json:"street_address,omitempty"`
PostalCode []string `json:"postal_code,omitempty"`
DNSNames []string `json:"dns_names,omitempty"`
IPAddresses []string `json:"ip_addresses,omitempty"`
EmailAddresses []string `json:"email_addresses,omitempty"`
Status string `json:"status,omitempty"`
TTL string `json:"ttl,omitempty"`
}
type SDK ¶
type SDK interface {
// IssueCert issues a certificate for a thing required for mTLS.
//
// example:
// cert , _ := sdk.IssueCert(context.Background(), "entityID", "10h", []string{"ipAddr1", "ipAddr2"}, sdk.Options{CommonName: "commonName"}, "domainID", "token")
// fmt.Println(cert)
IssueCert(ctx context.Context, entityID, ttl string, ipAddrs []string, opts Options, domainID, token string) (Certificate, errors.SDKError)
// RevokeCert revokes certificate for thing with thingID
//
// example:
// err := sdk.RevokeCert(context.Background(), "serialNumber", "domainID", "token")
// fmt.Println(err) // nil if successful
RevokeCert(ctx context.Context, serialNumber, domainID, token string) errors.SDKError
// RenewCert renews certificate for entity with entityID and returns the new certificate
//
// example:
// newCert, err := sdk.RenewCert(context.Background(), "serialNumber", "domainID", "token")
// fmt.Println(newCert.SerialNumber)
RenewCert(ctx context.Context, serialNumber, domainID, token string) (Certificate, errors.SDKError)
// ListCerts lists all certificates for a client
//
// example:
// page, _ := sdk.ListCerts(context.Background(), PageMetadata{Limit: 10, Offset: 0}, "domainID", "token")
// fmt.Println(page)
ListCerts(ctx context.Context, pm PageMetadata, domainID, token string) (CertificatePage, errors.SDKError)
// DeleteCert deletes certificates for a given entityID.
//
// example:
// err := sdk.DeleteCert(context.Background(), "entityID", "domainID", "token")
// fmt.Println(err)
DeleteCert(ctx context.Context, entityID, domainID, token string) errors.SDKError
// ViewCert retrieves a certificate record from the database.
//
// example:
// cert, _ := sdk.ViewCert(context.Background(), "serialNumber", "domainID", "token")
// fmt.Println(cert)
ViewCert(ctx context.Context, serialNumber, domainID, token string) (Certificate, errors.SDKError)
// OCSP checks the revocation status of a certificate using OpenBao's OCSP endpoint.
// Returns a binary OCSP response (RFC 6960) with detailed status information.
//
// example:
// response, _ := sdk.OCSP(context.Background(), "serialNumber", "")
// fmt.Println(response)
OCSP(ctx context.Context, serialNumber, cert string) (OCSPResponse, errors.SDKError)
// CreateCSR creates a Certificate Signing Request from metadata and private key.
//
// example:
// csr, _ := sdk.CreateCSR(context.Background(), metadata, privateKey)
// fmt.Println(csr)
CreateCSR(ctx context.Context, metadata certs.CSRMetadata, privKey any) (certs.CSR, errors.SDKError)
// ViewCA views the signing certificate
//
// example:
// response, _ := sdk.ViewCA(context.Background(), )
// fmt.Println(response)
ViewCA(ctx context.Context) (Certificate, errors.SDKError)
// DownloadCA downloads the signing certificate (public endpoint)
//
// example:
// response, _ := sdk.DownloadCA(context.Background(), )
// fmt.Println(response)
DownloadCA(ctx context.Context) (CertificateBundle, errors.SDKError)
// IssueFromCSR issues certificate from provided CSR
//
// example:
// certs, err := sdk.IssueFromCSR(context.Background(), "entityID", "ttl", "csrFile", "domainID", "token")
// fmt.Println(err)
IssueFromCSR(ctx context.Context, entityID, ttl, csr, domainID, token string) (Certificate, errors.SDKError)
// IssueFromCSRInternal issues certificate from provided CSR using agent authentication
//
// example:
// certs, err := sdk.IssueFromCSRInternal("entityID", "ttl", "csrFile", "agentToken")
// fmt.Println(err)
IssueFromCSRInternal(ctx context.Context, entityID, ttl, csr, token string) (Certificate, errors.SDKError)
// GenerateCRL generates a Certificate Revocation List
//
// example:
// crlBytes, err := sdk.GenerateCRL(context.Background(), )
// fmt.Println(err)
GenerateCRL(ctx context.Context) ([]byte, errors.SDKError)
// RevokeAll revokes all certificates for an entity ID
//
// example:
// err := sdk.RevokeAll(context.Background(), "entityID", "domainID", "token")
// fmt.Println(err)
RevokeAll(ctx context.Context, entityID, domainID, token string) errors.SDKError
// EntityID gets the entity ID for a certificate by serial number
//
// example:
// entityID, err := sdk.EntityID(context.Background(), "serialNumber", "domainID", "token")
// fmt.Println(entityID)
EntityID(ctx context.Context, serialNumber, domainID, token string) (string, errors.SDKError)
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.