Documentation
¶
Overview ¶
Network manifest schema types and validation. gopkg.in/yaml.v3 is imported here because ParseNetworkManifest is the canonical constructor for NetworkManifest.
Index ¶
- Constants
- type Ack
- type BadReqErr
- type ContextKey
- type Error
- type Keyset
- type ManifestDocument
- type ManifestMetadata
- type Message
- type NetworkManifest
- type NetworkManifestBundle
- type NetworkManifestFile
- type NetworkManifestGovernance
- type NetworkManifestPolicies
- type NetworkManifestPublisher
- type NotFoundErr
- type RegistryMetadata
- type Response
- type Role
- type Route
- type SchemaValidationErr
- type SignValidationErr
- type Status
- type StepContext
- type Subscriber
- type Subscription
Constants ¶
const ( // NetworkManifestType is the manifest_type value for network manifests. NetworkManifestType = "network-manifest" // PolicyTypeRego is the policies.type value for Rego policy manifests. PolicyTypeRego = "rego" // PolicySourceBundle is the policies.source value for OPA bundle policies. PolicySourceBundle = "bundle" // PolicySourceFile is the policies.source value for single Rego file policies. PolicySourceFile = "file" )
const ( AuthHeaderSubscriber string = "Authorization" AuthHeaderGateway string = "X-Gateway-Authorization" UnaAuthorizedHeaderSubscriber string = "WWW-Authenticate" UnaAuthorizedHeaderGateway string = "Proxy-Authenticate" )
Authorization-related constants for headers.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Ack ¶
type Ack struct {
// Status holds the acknowledgment status (ACK/NACK).
Status Status `json:"status"`
}
Ack represents an acknowledgment response.
type BadReqErr ¶
type BadReqErr struct {
// contains filtered or unexported fields
}
BadReqErr occurs when a bad request is encountered.
func NewBadReqErr ¶
NewBadReqErr creates a new instance of BadReqErr from an error.
func (*BadReqErr) BecknError ¶
BecknError converts the BadReqErr to an instance of Error.
type ContextKey ¶
type ContextKey string
ContextKey is a custom type used as a key for storing and retrieving values in a context.
const ( // ContextKeyTxnID is the context key used to store and retrieve the transaction ID in a request context. ContextKeyTxnID ContextKey = "transaction_id" // ContextKeyMsgID is the context key used to store and retrieve the message ID in a request context. ContextKeyMsgID ContextKey = "message_id" // ContextKeySubscriberID is the context key used to store and retrieve the subscriber ID in a request context. ContextKeySubscriberID ContextKey = "subscriber_id" // ContextKeyModuleID is the context key for storing and retrieving the model ID from a request context. ContextKeyModuleID ContextKey = "module_id" // ContextKeyParentID is the context key for storing and retrieving the parent ID from a request context ContextKeyParentID ContextKey = "parent_id" // ContextKeyRemoteID is the context key for the caller who is calling the bap/bpp ContextKeyRemoteID ContextKey = "remote_id" )
func ParseContextKey ¶
func ParseContextKey(v string) (ContextKey, error)
ParseContextKey converts a string into a valid ContextKey.
func (*ContextKey) UnmarshalYAML ¶
func (k *ContextKey) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML ensures that only known context keys are accepted during YAML unmarshalling.
type Error ¶
type Error struct {
Code string `json:"code"`
Paths string `json:"paths,omitempty"`
Message string `json:"message"`
}
Error represents a standard error response.
type Keyset ¶
type Keyset struct {
SubscriberID string
UniqueKeyID string // UniqueKeyID is the identifier for the key pair.
SigningPrivate string // SigningPrivate is the private key used for signing operations.
SigningPublic string // SigningPublic is the public key corresponding to the signing private key.
EncrPrivate string // EncrPrivate is the private key used for encryption operations.
EncrPublic string // EncrPublic is the public key corresponding to the encryption private key.
}
Keyset represents a collection of cryptographic keys used for signing and encryption.
type ManifestDocument ¶ added in v1.6.0
type ManifestDocument struct {
NetworkID string `json:"network_id,omitempty"`
ContentType string `json:"content_type,omitempty"`
Content []byte `json:"content"`
Digest string `json:"digest"`
SourceURL string `json:"source_url"`
SignatureURL string `json:"signature_url"`
Verified bool `json:"verified"`
FetchedAt time.Time `json:"fetched_at"`
}
ManifestDocument is the cached and returned verified manifest payload.
type ManifestMetadata ¶ added in v1.6.0
type ManifestMetadata struct {
ManifestURL string
ManifestSignatureURL string
SigningPublicKeyLookupURL string
}
ManifestMetadata describes the three inputs needed to fetch and verify a manifest.
type Message ¶
type Message struct {
// Ack contains the acknowledgment status.
Ack Ack `json:"ack"`
// Error holds error details, if any, in the response.
Error *Error `json:"error,omitempty"`
}
Message represents the structure of a response message.
type NetworkManifest ¶ added in v1.6.0
type NetworkManifest struct {
ManifestVersion string `yaml:"manifest_version"`
ManifestType string `yaml:"manifest_type"`
NetworkID string `yaml:"network_id"`
ReleaseID any `yaml:"release_id"`
Publisher NetworkManifestPublisher `yaml:"publisher"`
Policies *NetworkManifestPolicies `yaml:"policies"`
Governance NetworkManifestGovernance `yaml:"governance"`
}
NetworkManifest is the typed YAML schema for a network-manifest document.
func ParseNetworkManifest ¶ added in v1.6.0
func ParseNetworkManifest(content []byte) (*NetworkManifest, error)
ParseNetworkManifest parses YAML network manifest content.
type NetworkManifestBundle ¶ added in v1.6.0
type NetworkManifestBundle struct {
ID string `yaml:"id"`
URL string `yaml:"url"`
PolicyQueryPath string `yaml:"policy_query_path"`
Signed bool `yaml:"signed"`
SigningPublicKeyLookupURL string `yaml:"signing_public_key_lookup_url"`
}
NetworkManifestBundle describes an OPA bundle policy artifact.
type NetworkManifestFile ¶ added in v1.6.0
type NetworkManifestFile struct {
ID string `yaml:"id"`
URL string `yaml:"url"`
PolicyQueryPath string `yaml:"policy_query_path"`
Signed bool `yaml:"signed"`
SignatureURL string `yaml:"signature_url"`
SigningPublicKeyLookupURL string `yaml:"signing_public_key_lookup_url"`
}
NetworkManifestFile describes a single Rego policy artifact.
type NetworkManifestGovernance ¶ added in v1.6.0
type NetworkManifestGovernance struct {
EffectiveFrom string `yaml:"effective_from"`
EffectiveUntil string `yaml:"effective_until"`
Signed *bool `yaml:"signed"`
}
NetworkManifestGovernance describes validity and signature metadata.
type NetworkManifestPolicies ¶ added in v1.6.0
type NetworkManifestPolicies struct {
Type string `yaml:"type"`
Source string `yaml:"source"`
Bundle *NetworkManifestBundle `yaml:"bundle"`
File *NetworkManifestFile `yaml:"file"`
}
NetworkManifestPolicies describes the policy artifact referenced by a network manifest.
type NetworkManifestPublisher ¶ added in v1.6.0
NetworkManifestPublisher identifies the organization publishing the manifest.
type NotFoundErr ¶
type NotFoundErr struct {
// contains filtered or unexported fields
}
NotFoundErr occurs when a requested endpoint is not found.
func NewNotFoundErr ¶
func NewNotFoundErr(err error) *NotFoundErr
NewNotFoundErr creates a new instance of NotFoundErr from an error.
func (*NotFoundErr) BecknError ¶
func (e *NotFoundErr) BecknError() *Error
BecknError converts the NotFoundErr to an instance of Error.
type RegistryMetadata ¶ added in v1.6.0
type RegistryMetadata struct {
NamespaceIdentifier string
RegistryName string
RawMeta map[string]string
}
RegistryMetadata represents metadata configured on a registry itself rather than on a specific record.
type Response ¶
type Response struct {
Message Message `json:"message"`
}
Response represents the main response structure.
type Role ¶
type Role string
Role defines the type of participant in the network.
const ( // RoleBAP represents a Buyer App Participant (BAP) in the network. RoleBAP Role = "bap" // RoleBPP represents a Buyer Platform Participant (BPP) in the network. RoleBPP Role = "bpp" // RoleGateway represents a Gateway that facilitates communication in the network. RoleGateway Role = "gateway" // RoleRegistery represents the Registry that maintains network participant details. RoleRegistery Role = "registery" // RoleDiscovery represents the discovery for that network RoleDiscovery Role = "discovery" )
func (*Role) UnmarshalYAML ¶
UnmarshalYAML implements custom YAML unmarshalling for Role to ensure only valid values are accepted.
type Route ¶
type Route struct {
TargetType string // "url" or "publisher"
PublisherID string // For message queues
URL *url.URL // For API calls
}
Route represents a network route for message processing.
type SchemaValidationErr ¶
type SchemaValidationErr struct {
Errors []Error
}
SchemaValidationErr occurs when schema validation errors are encountered.
func (*SchemaValidationErr) BecknError ¶
func (e *SchemaValidationErr) BecknError() *Error
BecknError converts the SchemaValidationErr to an instance of Error.
func (*SchemaValidationErr) Error ¶
func (e *SchemaValidationErr) Error() string
This implements the error interface for SchemaValidationErr.
type SignValidationErr ¶
type SignValidationErr struct {
// contains filtered or unexported fields
}
SignValidationErr occurs when signature validation fails.
func NewSignValidationErr ¶
func NewSignValidationErr(e error) *SignValidationErr
NewSignValidationErr creates a new instance of SignValidationErr from an error.
func (*SignValidationErr) BecknError ¶
func (e *SignValidationErr) BecknError() *Error
BecknError converts the SignValidationErr to an instance of Error.
type StepContext ¶
type StepContext struct {
context.Context
Request *http.Request
Body []byte
Route *Route
SubID string
Role Role
RespHeader http.Header
}
StepContext holds context information for a request processing step.
func (*StepContext) WithContext ¶
func (ctx *StepContext) WithContext(newCtx context.Context)
WithContext updates the existing StepContext with a new context.
type Subscriber ¶
type Subscriber struct {
SubscriberID string `json:"subscriber_id,omitzero"`
URL string `json:"url,omitzero" format:"uri"`
Type string `json:"type,omitzero" enum:"BAP,BPP,BG"`
Domain string `json:"domain,omitzero"`
}
Subscriber represents a unique operational configuration of a trusted platform on a network.
type Subscription ¶
type Subscription struct {
Subscriber `json:",inline"`
KeyID string `json:"key_id,omitzero" format:"uuid"`
SigningPublicKey string `json:"signing_public_key,omitzero"`
EncrPublicKey string `json:"encr_public_key,omitzero"`
ValidFrom time.Time `json:"valid_from,omitzero" format:"date-time"`
ValidUntil time.Time `json:"valid_until,omitzero" format:"date-time"`
Status string `json:"status,omitzero" enum:"INITIATED,UNDER_SUBSCRIPTION,SUBSCRIBED,EXPIRED,UNSUBSCRIBED,INVALID_SSL"`
Created time.Time `json:"created,omitzero" format:"date-time"`
Updated time.Time `json:"updated,omitzero" format:"date-time"`
Nonce string `json:"nonce,omitzero"`
}
Subscription represents subscription details of a network participant.
Source Files