storage

package
v0.20.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 28, 2026 License: MIT Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultEntityConfigurationLifetime = 24 * time.Hour

DefaultEntityConfigurationLifetime is the default lifetime for entity configurations (24 hours)

View Source 
const DefaultSubordinateStatementLifetime = 600000 * time.Second

DefaultSubordinateStatementLifetime is the default lifetime for subordinate statements (600000 seconds)

Variables

View Source 
var DefaultSigningAlg = jwa.ES512()
View Source 
var SupportedDrivers = []DriverType{
	DriverSQLite,
	DriverMySQL,
	DriverPostgres,
}

Functions

func Connect added in v0.20.0 

func Connect(cfg Config) (*gorm.DB, error)

Connect establishes a connection to the database based on the configuration

func DSN added in v0.20.0 

func DSN(driver DriverType, conf DSNConf) (string, error)

DSN creates and returns a dsn connection string for the passed DriverType and DSNConf

func GetAuthorityHints added in v0.20.0 

func GetAuthorityHints(store model.AuthorityHintsStore) ([]string, error)

GetAuthorityHints returns the list of authority hints

func GetConstraints added in v0.20.0 

func GetConstraints(kvStorage model.KeyValueStore) (*oidfed.ConstraintSpecification, error)

GetConstraints returns the global subordinate statement constraints

func GetEntityConfigurationAdditionalClaims added in v0.20.0 

func GetEntityConfigurationAdditionalClaims(store model.AdditionalClaimsStore) (map[string]any, []string, error)

GetEntityConfigurationAdditionalClaims returns the entity configuration additional claims

func GetEntityConfigurationLifetime added in v0.20.0 

func GetEntityConfigurationLifetime(kvStorage model.KeyValueStore) (time.Duration, error)

GetEntityConfigurationLifetime returns the entity configuration lifetime

func GetKeyRotation added in v0.20.0 

func GetKeyRotation(kvStorage model.KeyValueStore) (c kms.KeyRotationConfig, err error)

GetKeyRotation returns the kms.KeyRotationConfig

func GetMetadata added in v0.20.0 

func GetMetadata(kvStorage model.KeyValueStore) (*oidfed.Metadata, error)

GetMetadata returns the entity configurtion metadata

func GetMetadataPolicyCrit added in v0.20.0 

func GetMetadataPolicyCrit(kvStorage model.KeyValueStore) ([]oidfed.PolicyOperatorName, error)

GetMetadataPolicyCrit returns the metadata policy crit operators

func GetRSAKeyLen added in v0.20.0 

func GetRSAKeyLen(kvStorage model.KeyValueStore) (int, error)

GetRSAKeyLen returns the RSA key length

func GetSigningAlg added in v0.20.0 

func GetSigningAlg(kvStorage model.KeyValueStore) (jwa.SignatureAlgorithm, error)

GetSigningAlg returns the signing algorithm

func GetSubordinateStatementLifetime added in v0.20.0 

func GetSubordinateStatementLifetime(kvStorage model.KeyValueStore) (time.Duration, error)

GetSubordinateStatementLifetime returns the subordinate statement lifetime

func LoadStorageBackends added in v0.20.0 

func LoadStorageBackends(cfg Config) (model.Backends, error)

LoadStorageBackends initializes a warehouse and returns grouped backends.

func MigrateStats added in v0.20.0 

func MigrateStats(db *gorm.DB) error

MigrateStats migrates the stats-related tables. This is called separately when stats collection is enabled.

func MigrateStatsFromBackends added in v0.20.0 

func MigrateStatsFromBackends(backends model.Backends) error

MigrateStatsFromBackends migrates stats tables using a StatsStorage backend. This is a convenience function for when you only have access to Backends.

func SetConstraints added in v0.20.0 

func SetConstraints(kvStorage model.KeyValueStore, cs *oidfed.ConstraintSpecification) error

SetConstraints sets the global subordinate statement constraints

func SetEntityConfigurationLifetime added in v0.20.0 

func SetEntityConfigurationLifetime(kvStorage model.KeyValueStore, d time.Duration) error

SetEntityConfigurationLifetime sets the entity configuration lifetime in seconds

func SetKeyRotation added in v0.20.0 

func SetKeyRotation(kvStorage model.KeyValueStore, keyRotation kms.KeyRotationConfig) error

SetKeyRotation sets the kms.KeyRotationConfig

func SetMetadata added in v0.20.0 

func SetMetadata(kvStorage model.KeyValueStore, m *oidfed.Metadata) error

SetMetadata sets the entity configuration metadata

func SetMetadataPolicyCrit added in v0.20.0 

func SetMetadataPolicyCrit(kvStorage model.KeyValueStore, ops []oidfed.PolicyOperatorName) error

SetMetadataPolicyCrit sets the metadata policy crit operators

func SetRSAKeyLen added in v0.20.0 

func SetRSAKeyLen(kvStorage model.KeyValueStore, rsaKeyLen int) error

SetRSAKeyLen sets the RSA key length

func SetSigningAlg added in v0.20.0 

func SetSigningAlg(kvStorage model.KeyValueStore, alg SigningAlgWithNbf) error

SetSigningAlg sets the signing algorithm

Types

type AdditionalClaimsStorage added in v0.20.0 

type AdditionalClaimsStorage struct {
	// contains filtered or unexported fields
}

AdditionalClaimsStorage is the GORM implementation for model.AdditionalClaimsStore.

func (*AdditionalClaimsStorage) Create added in v0.20.0 

func (s *AdditionalClaimsStorage) Create(item model.AddAdditionalClaim) (
	*model.EntityConfigurationAdditionalClaim, error,
)

func (*AdditionalClaimsStorage) Delete added in v0.20.0 

func (s *AdditionalClaimsStorage) Delete(ident string) error

func (*AdditionalClaimsStorage) Get added in v0.20.0 

func (s *AdditionalClaimsStorage) Get(ident string) (*model.EntityConfigurationAdditionalClaim, error)

func (*AdditionalClaimsStorage) List added in v0.20.0 

func (s *AdditionalClaimsStorage) List() ([]model.EntityConfigurationAdditionalClaim, error)

func (*AdditionalClaimsStorage) Set added in v0.20.0 

func (s *AdditionalClaimsStorage) Set(items []model.AddAdditionalClaim) (
	[]model.EntityConfigurationAdditionalClaim, error,
)

func (*AdditionalClaimsStorage) Update added in v0.20.0 

func (s *AdditionalClaimsStorage) Update(
	ident string, item model.AddAdditionalClaim,
) (*model.EntityConfigurationAdditionalClaim, error)

type Argon2idParams added in v0.20.0 

type Argon2idParams struct {
	// Time is the Argon2id time parameter.
	// Env: LH_API_ADMIN_PASSWORD_HASHING_TIME
	Time uint32 `envconfig:"TIME"`
	// MemoryKiB is the Argon2id memory in KiB.
	// Env: LH_API_ADMIN_PASSWORD_HASHING_MEMORY_KIB
	MemoryKiB uint32 `envconfig:"MEMORY_KIB"`
	// Parallelism is the Argon2id parallelism.
	// Env: LH_API_ADMIN_PASSWORD_HASHING_PARALLELISM
	Parallelism uint8 `envconfig:"PARALLELISM"`
	// KeyLen is the Argon2id key length.
	// Env: LH_API_ADMIN_PASSWORD_HASHING_KEY_LEN
	KeyLen uint32 `envconfig:"KEY_LEN"`
	// SaltLen is the Argon2id salt length.
	// Env: LH_API_ADMIN_PASSWORD_HASHING_SALT_LEN
	SaltLen uint32 `envconfig:"SALT_LEN"`
}

Argon2idParams configures Argon2id hashing parameters.

Environment variables (with prefix LH_API_ADMIN_PASSWORD_HASHING_):

  • LH_API_ADMIN_PASSWORD_HASHING_TIME: Argon2id time parameter
  • LH_API_ADMIN_PASSWORD_HASHING_MEMORY_KIB: Argon2id memory in KiB
  • LH_API_ADMIN_PASSWORD_HASHING_PARALLELISM: Argon2id parallelism
  • LH_API_ADMIN_PASSWORD_HASHING_KEY_LEN: Argon2id key length
  • LH_API_ADMIN_PASSWORD_HASHING_SALT_LEN: Argon2id salt length

type AuthorityHintsStorage added in v0.20.0 

type AuthorityHintsStorage struct {
	// contains filtered or unexported fields
}

AuthorityHintsStorage provides CRUD access to AuthorityHint records implementing model.AuthorityHintStore.

func (*AuthorityHintsStorage) Create added in v0.20.0 

func (s *AuthorityHintsStorage) Create(hint model.AddAuthorityHint) (*model.AuthorityHint, error)

func (*AuthorityHintsStorage) Delete added in v0.20.0 

func (s *AuthorityHintsStorage) Delete(ident string) error

func (*AuthorityHintsStorage) Get added in v0.20.0 

func (s *AuthorityHintsStorage) Get(ident string) (*model.AuthorityHint, error)

func (*AuthorityHintsStorage) List added in v0.20.0 

func (s *AuthorityHintsStorage) List() ([]model.AuthorityHint, error)

func (*AuthorityHintsStorage) Update added in v0.20.0 

func (s *AuthorityHintsStorage) Update(ident string, update model.AddAuthorityHint) (*model.AuthorityHint, error)

type Config added in v0.20.0 

type Config struct {
	// Driver is the database driver type
	Driver DriverType `yaml:"driver"`
	// DSN is the data source name (connection string)
	// For SQLite, this is the database file path
	// For MySQL, this is the connection string: user:pass@tcp(127.0.0.1:3306)/dbname?charset=utf8mb4&parseTime=True&loc=Local
	// For PostgreSQL, this is the connection string: host=localhost user=gorm password=gorm dbname=gorm port=9920 sslmode=disable TimeZone=Asia/Shanghai
	DSN string `yaml:"dsn"`
	// DataDir is the directory where database files are stored (for SQLite)
	DataDir string `yaml:"data_dir"`
	// Debug enables debug logging
	Debug bool `yaml:"debug"`
	// UsersHash defines parameters for hashing admin user passwords
	UsersHash Argon2idParams
}

Config represents the database configuration

type DBPublicKeyStorage added in v0.20.0 

type DBPublicKeyStorage struct {
	// contains filtered or unexported fields
}

DBPublicKeyStorage implements public.PublicKeyStorage backed by the database.

func NewDBPublicKeyStorage added in v0.20.0 

func NewDBPublicKeyStorage(db *gorm.DB, typeID string) *DBPublicKeyStorage

NewDBPublicKeyStorage creates a DB-backed PublicKeyStorage.

func NewDBPublicKeyStorageFromStorage added in v0.20.0 

func NewDBPublicKeyStorageFromStorage(
	db *gorm.DB, typeID string,
	src public.PublicKeyStorage,
) (
	*DBPublicKeyStorage, error,
)

NewDBPublicKeyStorageFromStorage creates a new DBPublicKeyStorage and populates it from the passed PublicKeyStorage implementation.

func (*DBPublicKeyStorage) Add added in v0.20.0 

func (D *DBPublicKeyStorage) Add(entry public.PublicKeyEntry) error

Add inserts a new key if the KID is unused.

func (*DBPublicKeyStorage) AddAll added in v0.20.0 

func (D *DBPublicKeyStorage) AddAll(list []public.PublicKeyEntry) error

AddAll adds multiple keys.

func (*DBPublicKeyStorage) Delete added in v0.20.0 

func (D *DBPublicKeyStorage) Delete(kid string) error

Delete removes a key by kid (from both current and historical stores).

func (*DBPublicKeyStorage) Get added in v0.20.0 

func (D *DBPublicKeyStorage) Get(kid string) (*public.PublicKeyEntry, error)

Get returns a single entry by kid from current or historical store.

func (*DBPublicKeyStorage) GetActive added in v0.20.0 

func (D *DBPublicKeyStorage) GetActive() (out public.PublicKeyEntryList, err error)

GetActive returns keys that are currently usable.

func (*DBPublicKeyStorage) GetAll added in v0.20.0 

func (D *DBPublicKeyStorage) GetAll() (out public.PublicKeyEntryList, err error)

GetAll returns all keys, including revoked and expired ones.

func (*DBPublicKeyStorage) GetExpired added in v0.20.0 

func (D *DBPublicKeyStorage) GetExpired() (out public.PublicKeyEntryList, err error)

GetExpired returns keys whose exp is in the past.

func (*DBPublicKeyStorage) GetHistorical added in v0.20.0 

func (D *DBPublicKeyStorage) GetHistorical() (out public.PublicKeyEntryList, err error)

GetHistorical returns revoked and expired keys.

func (*DBPublicKeyStorage) GetRevoked added in v0.20.0 

func (D *DBPublicKeyStorage) GetRevoked() (out public.PublicKeyEntryList, err error)

GetRevoked returns all revoked keys.

func (*DBPublicKeyStorage) GetValid added in v0.20.0 

func (D *DBPublicKeyStorage) GetValid() (out public.PublicKeyEntryList, err error)

GetValid returns keys that are valid now or in the future.

func (*DBPublicKeyStorage) Load added in v0.20.0 

func (D *DBPublicKeyStorage) Load() error

Load is a no-op for DB storage.

func (*DBPublicKeyStorage) Revoke added in v0.20.0 

func (D *DBPublicKeyStorage) Revoke(kid, reason string) error

Revoke marks a key as revoked and moves it to historical storage.

func (*DBPublicKeyStorage) Update added in v0.20.0 

func (D *DBPublicKeyStorage) Update(kid string, data public.UpdateablePublicKeyMetadata) error

Update updates editable metadata for a key.

type DSNConf added in v0.20.0 

type DSNConf struct {
	// User is the database username.
	// Env: LH_STORAGE_USER
	User string `yaml:"user" envconfig:"USER"`
	// Password is the database password.
	// Env: LH_STORAGE_PASSWORD
	Password string `yaml:"password" envconfig:"PASSWORD"`
	// Host is the database host.
	// Env: LH_STORAGE_HOST
	Host string `yaml:"host" envconfig:"HOST"`
	// Port is the database port.
	// Env: LH_STORAGE_PORT
	Port int `yaml:"port" envconfig:"PORT"`
	// DB is the database name.
	// Env: LH_STORAGE_DB
	DB string `yaml:"db" envconfig:"DB"`
}

DSNConf provides configuration options for database connection strings. It contains common connection parameters used across different database drivers including MySQL and PostgreSQL. When used with the DSN function, this struct helps generate proper connection strings based on the selected driver type.

Environment variables (with prefix LH_STORAGE_):

  • LH_STORAGE_USER: Database username
  • LH_STORAGE_PASSWORD: Database password
  • LH_STORAGE_HOST: Database host
  • LH_STORAGE_PORT: Database port
  • LH_STORAGE_DB: Database name

type DriverType added in v0.20.0 

type DriverType string

DriverType represents the type of database driver 

const (
	// DriverSQLite is the SQLite driver
	DriverSQLite DriverType = "sqlite"
	// DriverMySQL is the MySQL driver
	DriverMySQL DriverType = "mysql"
	// DriverPostgres is the PostgreSQL driver
	DriverPostgres DriverType = "postgres"
)

func ParseDriverType added in v0.20.0 

func ParseDriverType(s string) (DriverType, error)

ParseDriverType parses a string to a DriverType. Returns an error if the string doesn't match a supported driver.

type IssuedTrustMarkInstanceStorage added in v0.20.0 

type IssuedTrustMarkInstanceStorage struct {
	// contains filtered or unexported fields
}

IssuedTrustMarkInstanceStorage provides GORM-based storage for issued trust mark instances.

func NewIssuedTrustMarkInstanceStorage added in v0.20.0 

func NewIssuedTrustMarkInstanceStorage(db *gorm.DB) *IssuedTrustMarkInstanceStorage

NewIssuedTrustMarkInstanceStorage creates a new IssuedTrustMarkInstanceStorage.

func (*IssuedTrustMarkInstanceStorage) Create added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) Create(instance *model.IssuedTrustMarkInstance) error

Create records a new issued trust mark instance.

func (*IssuedTrustMarkInstanceStorage) DeleteExpired added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) DeleteExpired(retentionDays int) (int64, error)

DeleteExpired removes expired instances older than the given retention period. Returns the number of deleted records.

func (*IssuedTrustMarkInstanceStorage) FindSubjectID added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) FindSubjectID(trustMarkType, entityID string) (uint, error)

FindSubjectID looks up the TrustMarkSubjectID for a given trust mark type and entity. This is used to link issued instances to their subject records.

func (*IssuedTrustMarkInstanceStorage) GetByJTI added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) GetByJTI(jti string) (*model.IssuedTrustMarkInstance, error)

GetByJTI retrieves an instance by its JTI (JWT ID).

func (*IssuedTrustMarkInstanceStorage) GetStatus added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) GetStatus(jti string) (model.TrustMarkInstanceStatus, error)

GetStatus returns the status of a trust mark instance. Status is determined by: revoked flag, expiration time, and existence.

func (*IssuedTrustMarkInstanceStorage) HasActiveInstance added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) HasActiveInstance(trustMarkType, entityID string) (bool, error)

HasActiveInstance checks if an entity has a valid (non-revoked, non-expired) trust mark instance for the given trust mark type.

func (*IssuedTrustMarkInstanceStorage) ListActiveSubjects added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) ListActiveSubjects(trustMarkType string) ([]string, error)

ListActiveSubjects returns distinct entity IDs that have valid (non-revoked, non-expired) trust marks for the given trust mark type. Used by the trust marked entities listing endpoint.

func (*IssuedTrustMarkInstanceStorage) ListBySubject added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) ListBySubject(trustMarkType, entityID string) ([]model.IssuedTrustMarkInstance, error)

ListBySubject returns all instances for a given trust mark type and subject.

func (*IssuedTrustMarkInstanceStorage) Revoke added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) Revoke(jti string) error

Revoke marks a trust mark instance as revoked.

func (*IssuedTrustMarkInstanceStorage) RevokeBySubjectID added in v0.20.0 

func (s *IssuedTrustMarkInstanceStorage) RevokeBySubjectID(subjectID uint) (int64, error)

RevokeBySubjectID revokes all instances for a given TrustMarkSubjectID. Returns the number of revoked instances.

type KeyValueStorage added in v0.20.0 

type KeyValueStorage struct {
	// contains filtered or unexported fields
}

KeyValueStorage implements model.KeyValueStore using GORM.

func (*KeyValueStorage) Delete added in v0.20.0 

func (s *KeyValueStorage) Delete(scope, key string) error

Delete removes a (scope, key) pair. No error if it's missing.

func (*KeyValueStorage) Get added in v0.20.0 

func (s *KeyValueStorage) Get(scope, key string) (datatypes.JSON, error)

Get returns the JSON value for a (scope, key). If not found, returns nil, nil.

func (*KeyValueStorage) GetAs added in v0.20.0 

func (s *KeyValueStorage) GetAs(scope, key string, out any) (bool, error)

GetAs retrieves and unmarshals the value for (scope, key) into out. out must be a pointer to the target type. Returns (false, nil) if not found.

func (*KeyValueStorage) Set added in v0.20.0 

func (s *KeyValueStorage) Set(scope, key string, value datatypes.JSON) error

Set upserts the JSON value for a (scope, key).

func (*KeyValueStorage) SetAny added in v0.20.0 

func (s *KeyValueStorage) SetAny(scope, key string, v any) error

SetAny marshals v to JSON and stores it at (scope, key).

type PublishedTrustMarksStorage added in v0.20.0 

type PublishedTrustMarksStorage struct {
	// contains filtered or unexported fields
}

PublishedTrustMarksStorage provides CRUD access to PublishedTrustMark records implementing model.PublishedTrustMarksStore.

func (*PublishedTrustMarksStorage) Create added in v0.20.0 

func (s *PublishedTrustMarksStorage) Create(add model.AddTrustMark) (*model.PublishedTrustMark, error)

Create creates a new trust mark entry after validating the input.

func (*PublishedTrustMarksStorage) Delete added in v0.20.0 

func (s *PublishedTrustMarksStorage) Delete(ident string) error

Delete removes a trust mark entry.

func (*PublishedTrustMarksStorage) Get added in v0.20.0 

func (s *PublishedTrustMarksStorage) Get(ident string) (*model.PublishedTrustMark, error)

Get retrieves a trust mark by ID or trust_mark_type.

func (*PublishedTrustMarksStorage) List added in v0.20.0 

func (s *PublishedTrustMarksStorage) List() ([]model.PublishedTrustMark, error)

List returns all published trust marks.

func (*PublishedTrustMarksStorage) Patch added in v0.20.0 

func (s *PublishedTrustMarksStorage) Patch(ident string, patch model.UpdateTrustMark) (*model.PublishedTrustMark, error)

Patch partially updates a trust mark entry (only non-nil fields).

func (*PublishedTrustMarksStorage) Update added in v0.20.0 

func (s *PublishedTrustMarksStorage) Update(ident string, update model.AddTrustMark) (*model.PublishedTrustMark, error)

Update replaces a trust mark entry entirely.

type SigningAlgWithNbf added in v0.20.0 

type SigningAlgWithNbf struct {
	SigningAlg string
	Nbf        *unixtime.Unixtime
}

SigningAlgWithNbf is a signing algorithm with a not-before time used for database storage

type StatsStorage added in v0.20.0 

type StatsStorage struct {
	// contains filtered or unexported fields
}

StatsStorage implements the StatsStorageBackend interface using GORM.

func NewStatsStorage added in v0.20.0 

func NewStatsStorage(db *gorm.DB) *StatsStorage

NewStatsStorage creates a new stats storage instance.

func (*StatsStorage) AggregateDailyStats added in v0.20.0 

func (s *StatsStorage) AggregateDailyStats(date time.Time) error

AggregateDailyStats aggregates detailed logs into daily statistics.

func (*StatsStorage) ExportCSV added in v0.20.0 

func (s *StatsStorage) ExportCSV(from, to time.Time, w io.Writer) error

ExportCSV exports request logs to CSV format.

func (*StatsStorage) ExportJSON added in v0.20.0 

func (s *StatsStorage) ExportJSON(from, to time.Time, w io.Writer) error

ExportJSON exports request logs to JSON format (newline-delimited JSON).

func (*StatsStorage) GetDailyStats added in v0.20.0 

func (s *StatsStorage) GetDailyStats(from, to time.Time) ([]stats.DailyStats, error)

GetDailyStats returns aggregated daily statistics for the given time range.

func (*StatsStorage) GetLatencyPercentiles added in v0.20.0 

func (s *StatsStorage) GetLatencyPercentiles(from, to time.Time, endpoint string) (*stats.LatencyStats, error)

GetLatencyPercentiles calculates latency percentiles for the given time range.

func (*StatsStorage) GetSummary added in v0.20.0 

func (s *StatsStorage) GetSummary(from, to time.Time) (*stats.Summary, error)

GetSummary returns overall statistics for the given time range.

func (*StatsStorage) GetTimeSeries added in v0.20.0 

func (s *StatsStorage) GetTimeSeries(from, to time.Time, endpoint string, interval stats.Interval) ([]stats.TimeSeriesPoint, error)

GetTimeSeries returns time series data for the given time range.

func (*StatsStorage) GetTopClients added in v0.20.0 

func (s *StatsStorage) GetTopClients(from, to time.Time, limit int) ([]stats.TopEntry, error)

GetTopClients returns the top client IPs by request count.

func (*StatsStorage) GetTopCountries added in v0.20.0 

func (s *StatsStorage) GetTopCountries(from, to time.Time, limit int) ([]stats.TopEntry, error)

GetTopCountries returns the top countries by request count.

func (*StatsStorage) GetTopEndpoints added in v0.20.0 

func (s *StatsStorage) GetTopEndpoints(from, to time.Time, limit int) ([]stats.TopEntry, error)

GetTopEndpoints returns the top endpoints by request count.

func (*StatsStorage) GetTopQueryParams added in v0.20.0 

func (s *StatsStorage) GetTopQueryParams(from, to time.Time, endpoint string, limit int) ([]stats.TopEntry, error)

GetTopQueryParams returns the top query parameter values for an endpoint.

func (*StatsStorage) GetTopUserAgents added in v0.20.0 

func (s *StatsStorage) GetTopUserAgents(from, to time.Time, limit int) ([]stats.TopEntry, error)

GetTopUserAgents returns the top user agents by request count.

func (*StatsStorage) InsertBatch added in v0.20.0 

func (s *StatsStorage) InsertBatch(entries []*stats.RequestLog) error

InsertBatch inserts multiple request logs in a single batch operation.

func (*StatsStorage) PurgeAggregatedStats added in v0.20.0 

func (s *StatsStorage) PurgeAggregatedStats(before time.Time) (int64, error)

PurgeAggregatedStats deletes daily stats older than the given time.

func (*StatsStorage) PurgeDetailedLogs added in v0.20.0 

func (s *StatsStorage) PurgeDetailedLogs(before time.Time) (int64, error)

PurgeDetailedLogs deletes request logs older than the given time.

type Storage added in v0.20.0 

type Storage struct {
	// contains filtered or unexported fields
}

Storage is a GORM-based storage implementation

func NewStorage added in v0.20.0 

func NewStorage(config Config) (*Storage, error)

NewStorage creates a new GORM-based storage

func (*Storage) AdditionalClaimsStorage added in v0.20.0 

func (s *Storage) AdditionalClaimsStorage() *AdditionalClaimsStorage

func (*Storage) AuthorityHintsStorage added in v0.20.0 

func (s *Storage) AuthorityHintsStorage() *AuthorityHintsStorage

AuthorityHintsStorage returns a AuthorityHintsStorage

func (*Storage) Backends added in v0.20.0 

func (s *Storage) Backends() model.Backends

Backends returns all storage backends with transaction support.

func (*Storage) DBPublicKeyStorage added in v0.20.0 

func (s *Storage) DBPublicKeyStorage(typeID string) *DBPublicKeyStorage

DBPublicKeyStorage returns a DBPublicKeyStorage

func (*Storage) KeyValue added in v0.20.0 

func (s *Storage) KeyValue() *KeyValueStorage

KeyValue provides an accessor for scoped key-value storage.

func (*Storage) SubordinateEventsStorage added in v0.20.0 

func (s *Storage) SubordinateEventsStorage() *SubordinateEventsStorage

SubordinateEventsStorage returns a SubordinateEventsStorage

func (*Storage) SubordinateStorage added in v0.20.0 

func (s *Storage) SubordinateStorage() *SubordinateStorage

SubordinateStorage returns a SubordinateStorageBackend

func (*Storage) TrustMarkIssuersStorage added in v0.20.0 

func (s *Storage) TrustMarkIssuersStorage() *TrustMarkIssuersStorage

TrustMarkIssuersStorage returns a TrustMarkIssuersStorage

func (*Storage) TrustMarkOwnersStorage added in v0.20.0 

func (s *Storage) TrustMarkOwnersStorage() *TrustMarkOwnersStorage

TrustMarkOwnersStorage returns a TrustMarkOwnersStorage

func (*Storage) TrustMarkSpecStorage added in v0.20.0 

func (s *Storage) TrustMarkSpecStorage() *TrustMarkSpecStorage

TrustMarkSpecStorage returns a TrustMarkSpecStorage

func (*Storage) TrustMarkTypesStorage added in v0.20.0 

func (s *Storage) TrustMarkTypesStorage() *TrustMarkTypesStorage

TrustMarkTypesStorage returns a TrustMarkTypesStorage

func (*Storage) TrustMarkedEntitiesStorage added in v0.20.0 

func (s *Storage) TrustMarkedEntitiesStorage() *TrustMarkedEntitiesStorage

TrustMarkedEntitiesStorage returns a TrustMarkedEntitiesStorage

func (*Storage) UsersStorage added in v0.20.0 

func (s *Storage) UsersStorage() *UsersStorage

UsersStorage returns a UsersStorage

type SubordinateEventsStorage added in v0.20.0 

type SubordinateEventsStorage struct {
	// contains filtered or unexported fields
}

SubordinateEventsStorage implements the SubordinateEventStore interface using GORM.

func NewSubordinateEventsStorage added in v0.20.0 

func NewSubordinateEventsStorage(db *gorm.DB) *SubordinateEventsStorage

NewSubordinateEventsStorage creates a new SubordinateEventsStorage.

func (*SubordinateEventsStorage) Add added in v0.20.0 

func (s *SubordinateEventsStorage) Add(event model.SubordinateEvent) error

Add creates a new event record.

func (*SubordinateEventsStorage) DeleteBySubordinateID added in v0.20.0 

func (s *SubordinateEventsStorage) DeleteBySubordinateID(subordinateID uint) error

DeleteBySubordinateID removes all events for a subordinate.

func (*SubordinateEventsStorage) GetBySubordinateID added in v0.20.0 

func (s *SubordinateEventsStorage) GetBySubordinateID(
	subordinateID uint, opts model.EventQueryOpts,
) ([]model.SubordinateEvent, int64, error)

GetBySubordinateID returns events for a subordinate with optional filtering and pagination. Returns the events, total count (for pagination), and any error.

type SubordinateStorage added in v0.20.0 

type SubordinateStorage struct {
	// contains filtered or unexported fields
}

SubordinateStorage implements the SubordinateStorageBackend interface

func (*SubordinateStorage) Add added in v0.20.0 

func (s *SubordinateStorage) Add(info model.ExtendedSubordinateInfo) error

Add stores a model.ExtendedSubordinateInfo

func (*SubordinateStorage) CreateAdditionalClaim added in v0.20.0 

func (s *SubordinateStorage) CreateAdditionalClaim(
	subordinateDBID string, claim model.AddAdditionalClaim,
) (*model.SubordinateAdditionalClaim, error)

CreateAdditionalClaim creates a single additional claim for a subordinate.

func (*SubordinateStorage) Delete added in v0.20.0 

func (s *SubordinateStorage) Delete(entityID string) error

Delete removes a subordinate

func (*SubordinateStorage) DeleteAdditionalClaim added in v0.20.0 

func (s *SubordinateStorage) DeleteAdditionalClaim(subordinateDBID string, claimID string) error

DeleteAdditionalClaim deletes an additional claim for a subordinate.

func (*SubordinateStorage) DeleteByDBID added in v0.20.0 

func (s *SubordinateStorage) DeleteByDBID(id string) error

DeleteByDBID removes a subordinate by primary key ID

func (*SubordinateStorage) Get added in v0.20.0 

func (s *SubordinateStorage) Get(entityID string) (*model.ExtendedSubordinateInfo, error)

Get retrieves a subordinate by entity ID

func (*SubordinateStorage) GetAdditionalClaim added in v0.20.0 

func (s *SubordinateStorage) GetAdditionalClaim(
	subordinateDBID string, claimID string,
) (*model.SubordinateAdditionalClaim, error)

GetAdditionalClaim retrieves a single additional claim by ID for a subordinate.

func (*SubordinateStorage) GetAll added in v0.20.0 

func (s *SubordinateStorage) GetAll() ([]model.BasicSubordinateInfo, error)

GetAll returns all subordinates

func (*SubordinateStorage) GetByAnyEntityType added in v0.20.0 

func (s *SubordinateStorage) GetByAnyEntityType(entityTypes []string) ([]model.BasicSubordinateInfo, error)

func (*SubordinateStorage) GetByDBID added in v0.20.0 

func (s *SubordinateStorage) GetByDBID(id string) (*model.ExtendedSubordinateInfo, error)

GetByDBID retrieves a subordinate by DB primary key

func (*SubordinateStorage) GetByEntityTypes added in v0.20.0 

func (s *SubordinateStorage) GetByEntityTypes(entityTypes []string) ([]model.BasicSubordinateInfo, error)

func (*SubordinateStorage) GetByStatus added in v0.20.0 

func (s *SubordinateStorage) GetByStatus(status model.Status) ([]model.BasicSubordinateInfo, error)

GetByStatus returns all subordinates with a specific status

func (*SubordinateStorage) GetByStatusAndAnyEntityType added in v0.20.0 

func (s *SubordinateStorage) GetByStatusAndAnyEntityType(
	status model.Status, entityTypes []string,
) ([]model.BasicSubordinateInfo, error)

GetByStatusOrEntityTypes returns subordinates matching status and any of the entity types

func (*SubordinateStorage) GetByStatusAndEntityTypes added in v0.20.0 

func (s *SubordinateStorage) GetByStatusAndEntityTypes(
	status model.Status, entityTypes []string,
) ([]model.BasicSubordinateInfo, error)

GetByStatusAndEntityTypes returns subordinates matching both the specified status and all entity types

func (*SubordinateStorage) ListAdditionalClaims added in v0.20.0 

func (s *SubordinateStorage) ListAdditionalClaims(subordinateDBID string) ([]model.SubordinateAdditionalClaim, error)

ListAdditionalClaims returns all additional claims for a subordinate.

func (*SubordinateStorage) Load added in v0.20.0 

func (*SubordinateStorage) Load() error

Load is a no-op for GORM storage

func (*SubordinateStorage) SetAdditionalClaims added in v0.20.0 

func (s *SubordinateStorage) SetAdditionalClaims(
	subordinateDBID string, claims []model.AddAdditionalClaim,
) ([]model.SubordinateAdditionalClaim, error)

SetAdditionalClaims replaces all additional claims for a subordinate.

func (*SubordinateStorage) Update added in v0.20.0 

func (s *SubordinateStorage) Update(entityID string, info model.ExtendedSubordinateInfo) error

Update updates the subordinate info by entityID

func (*SubordinateStorage) UpdateAdditionalClaim added in v0.20.0 

func (s *SubordinateStorage) UpdateAdditionalClaim(
	subordinateDBID string, claimID string, claim model.AddAdditionalClaim,
) (*model.SubordinateAdditionalClaim, error)

UpdateAdditionalClaim updates an existing additional claim for a subordinate.

func (*SubordinateStorage) UpdateJWKSByDBID added in v0.20.0 

func (s *SubordinateStorage) UpdateJWKSByDBID(id string, jwks model.JWKS) (*model.JWKS, error)

UpdateJWKSByDBID updates the JWKS for a subordinate by DB primary key. If the subordinate has no JWKS yet, one is created and linked. Returns the updated JWKS with correct ID.

func (*SubordinateStorage) UpdateStatus added in v0.20.0 

func (s *SubordinateStorage) UpdateStatus(entityID string, status model.Status) error

UpdateStatus updates the status of a subordinate by entityID

func (*SubordinateStorage) UpdateStatusByDBID added in v0.20.0 

func (s *SubordinateStorage) UpdateStatusByDBID(id string, status model.Status) error

UpdateStatusByDBID updates status by DB primary key

type TrustMarkConfigProvider added in v0.20.0 

type TrustMarkConfigProvider struct {
	// contains filtered or unexported fields
}

TrustMarkConfigProvider manages EntityConfigurationTrustMarkConfig instances for the entity configuration. It loads from the PublishedTrustMarksStore, converts to library types, and caches the configs for reuse. The configs maintain refresh state (backoff, last tried time) so they need to persist between entity configuration requests.

func NewTrustMarkConfigProvider added in v0.20.0 

func NewTrustMarkConfigProvider(
	store model.PublishedTrustMarksStore,
	entityID string,
	trustMarkEndpoint string,
	trustMarkSigner func() *jwx.TrustMarkSigner,
) *TrustMarkConfigProvider

NewTrustMarkConfigProvider creates a new TrustMarkConfigProvider. Parameters:

  • store: The storage backend for published trust marks
  • entityID: The entity ID of this lighthouse instance
  • trustMarkEndpoint: The trust mark endpoint URL (used for self-referential refresh)
  • trustMarkSigner: A function that returns the current TrustMarkSigner (to support key rotation)

func (*TrustMarkConfigProvider) GetConfigs added in v0.20.0 

func (p *TrustMarkConfigProvider) GetConfigs() ([]*oidfed.EntityConfigurationTrustMarkConfig, error)

GetConfigs returns the trust mark configurations for inclusion in the entity configuration. Configs are cached and reused to maintain refresh state. Returns nil (not an error) if the store is nil or no trust marks are configured.

func (*TrustMarkConfigProvider) Invalidate added in v0.20.0 

func (p *TrustMarkConfigProvider) Invalidate()

Invalidate clears the cached configs, forcing a reload on the next GetConfigs call. This should be called when trust marks are added, updated, or deleted via the admin API.

func (*TrustMarkConfigProvider) SetTrustMarkEndpoint added in v0.20.0 

func (p *TrustMarkConfigProvider) SetTrustMarkEndpoint(endpoint string)

SetTrustMarkEndpoint updates the trust mark endpoint URL. This is called when the trust mark endpoint is configured after provider creation.

type TrustMarkIssuersStorage added in v0.20.0 

type TrustMarkIssuersStorage struct {
	// contains filtered or unexported fields
}

TrustMarkIssuersStorage provides CRUD and relation management for global issuers

func (*TrustMarkIssuersStorage) AddType added in v0.20.0 

func (s *TrustMarkIssuersStorage) AddType(ident string, typeID uint) ([]uint, error)

func (*TrustMarkIssuersStorage) Create added in v0.20.0 

func (s *TrustMarkIssuersStorage) Create(req model.AddTrustMarkIssuer) (*model.TrustMarkIssuer, error)

func (*TrustMarkIssuersStorage) Delete added in v0.20.0 

func (s *TrustMarkIssuersStorage) Delete(ident string) error

func (*TrustMarkIssuersStorage) DeleteType added in v0.20.0 

func (s *TrustMarkIssuersStorage) DeleteType(ident string, typeID uint) ([]uint, error)

func (*TrustMarkIssuersStorage) Get added in v0.20.0 

func (s *TrustMarkIssuersStorage) Get(ident string) (*model.TrustMarkIssuer, error)

func (*TrustMarkIssuersStorage) List added in v0.20.0 

func (s *TrustMarkIssuersStorage) List() ([]model.TrustMarkIssuer, error)

func (*TrustMarkIssuersStorage) SetTypes added in v0.20.0 

func (s *TrustMarkIssuersStorage) SetTypes(ident string, typeIdents []string) ([]uint, error)

func (*TrustMarkIssuersStorage) Types added in v0.20.0 

func (s *TrustMarkIssuersStorage) Types(ident string) ([]uint, error)

func (*TrustMarkIssuersStorage) Update added in v0.20.0 

func (s *TrustMarkIssuersStorage) Update(ident string, req model.AddTrustMarkIssuer) (*model.TrustMarkIssuer, error)

type TrustMarkOwnersStorage added in v0.20.0 

type TrustMarkOwnersStorage struct {
	// contains filtered or unexported fields
}

TrustMarkOwnersStorage provides CRUD and relation management for global owners

func (*TrustMarkOwnersStorage) AddType added in v0.20.0 

func (s *TrustMarkOwnersStorage) AddType(ident string, typeID uint) ([]uint, error)

func (*TrustMarkOwnersStorage) Create added in v0.20.0 

func (s *TrustMarkOwnersStorage) Create(req model.AddTrustMarkOwner) (*model.TrustMarkOwner, error)

func (*TrustMarkOwnersStorage) Delete added in v0.20.0 

func (s *TrustMarkOwnersStorage) Delete(ident string) error

func (*TrustMarkOwnersStorage) DeleteType added in v0.20.0 

func (s *TrustMarkOwnersStorage) DeleteType(ident string, typeID uint) ([]uint, error)

func (*TrustMarkOwnersStorage) Get added in v0.20.0 

func (s *TrustMarkOwnersStorage) Get(ident string) (*model.TrustMarkOwner, error)

func (*TrustMarkOwnersStorage) List added in v0.20.0 

func (s *TrustMarkOwnersStorage) List() ([]model.TrustMarkOwner, error)

func (*TrustMarkOwnersStorage) SetTypes added in v0.20.0 

func (s *TrustMarkOwnersStorage) SetTypes(ident string, typeIdents []string) ([]uint, error)

func (*TrustMarkOwnersStorage) Types added in v0.20.0 

func (s *TrustMarkOwnersStorage) Types(ident string) ([]uint, error)

func (*TrustMarkOwnersStorage) Update added in v0.20.0 

func (s *TrustMarkOwnersStorage) Update(ident string, req model.AddTrustMarkOwner) (*model.TrustMarkOwner, error)

type TrustMarkSpecStorage added in v0.20.0 

type TrustMarkSpecStorage struct {
	// contains filtered or unexported fields
}

TrustMarkSpecStorage provides CRUD for TrustMarkSpec entities

func (*TrustMarkSpecStorage) ChangeSubjectStatus added in v0.20.0 

func (s *TrustMarkSpecStorage) ChangeSubjectStatus(specIdent, subjectIdent string, status model.Status) (*model.TrustMarkSubject, error)

ChangeSubjectStatus changes the status of a TrustMarkSubject. If the new status is blocked or inactive, all associated trust mark instances are revoked.

func (*TrustMarkSpecStorage) Create added in v0.20.0 

func (s *TrustMarkSpecStorage) Create(spec *model.AddTrustMarkSpec) (*model.TrustMarkSpec, error)

Create creates a new TrustMarkSpec

func (*TrustMarkSpecStorage) CreateSubject added in v0.20.0 

func (s *TrustMarkSpecStorage) CreateSubject(specIdent string, subject *model.AddTrustMarkSubject) (*model.TrustMarkSubject, error)

CreateSubject creates a new TrustMarkSubject for a TrustMarkSpec. If a soft-deleted subject with the same entity_id exists, it will be restored.

func (*TrustMarkSpecStorage) Delete added in v0.20.0 

func (s *TrustMarkSpecStorage) Delete(ident string) error

Delete deletes a TrustMarkSpec

func (*TrustMarkSpecStorage) DeleteSubject added in v0.20.0 

func (s *TrustMarkSpecStorage) DeleteSubject(specIdent, subjectIdent string) error

DeleteSubject deletes a TrustMarkSubject and revokes all associated trust mark instances.

func (*TrustMarkSpecStorage) Get added in v0.20.0 

func (s *TrustMarkSpecStorage) Get(ident string) (*model.TrustMarkSpec, error)

Get returns a TrustMarkSpec by ID or trust_mark_type

func (*TrustMarkSpecStorage) GetByType added in v0.20.0 

func (s *TrustMarkSpecStorage) GetByType(trustMarkType string) (*model.TrustMarkSpec, error)

GetByType returns a TrustMarkSpec by trust_mark_type

func (*TrustMarkSpecStorage) GetSubject added in v0.20.0 

func (s *TrustMarkSpecStorage) GetSubject(specIdent, subjectIdent string) (*model.TrustMarkSubject, error)

GetSubject returns a TrustMarkSubject by ID or entity_id

func (*TrustMarkSpecStorage) List added in v0.20.0 

func (s *TrustMarkSpecStorage) List() ([]model.TrustMarkSpec, error)

List returns all TrustMarkSpecs

func (*TrustMarkSpecStorage) ListSubjects added in v0.20.0 

func (s *TrustMarkSpecStorage) ListSubjects(specIdent string, status *model.Status) ([]model.TrustMarkSubject, error)

ListSubjects returns all TrustMarkSubjects for a TrustMarkSpec

func (*TrustMarkSpecStorage) Patch added in v0.20.0 

func (s *TrustMarkSpecStorage) Patch(ident string, updates map[string]any) (*model.TrustMarkSpec, error)

Patch partially updates a TrustMarkSpec

func (*TrustMarkSpecStorage) Update added in v0.20.0 

func (s *TrustMarkSpecStorage) Update(ident string, spec *model.AddTrustMarkSpec) (*model.TrustMarkSpec, error)

Update updates an existing TrustMarkSpec (full replacement)

func (*TrustMarkSpecStorage) UpdateSubject added in v0.20.0 

func (s *TrustMarkSpecStorage) UpdateSubject(specIdent, subjectIdent string, subject *model.AddTrustMarkSubject) (*model.TrustMarkSubject, error)

UpdateSubject updates an existing TrustMarkSubject

type TrustMarkTypesStorage added in v0.20.0 

type TrustMarkTypesStorage struct {
	// contains filtered or unexported fields
}

TrustMarkTypesStorage provides CRUD and relations for TrustMarkType, owner and issuers.

func (*TrustMarkTypesStorage) AddIssuer added in v0.20.0 

func (s *TrustMarkTypesStorage) AddIssuer(ident string, issuer model.AddTrustMarkIssuer) (
	[]model.TrustMarkIssuer, error,
)

func (*TrustMarkTypesStorage) Create added in v0.20.0 

func (s *TrustMarkTypesStorage) Create(req model.AddTrustMarkType) (*model.TrustMarkType, error)

func (*TrustMarkTypesStorage) CreateOwner added in v0.20.0 

func (s *TrustMarkTypesStorage) CreateOwner(ident string, req model.AddTrustMarkOwner) (*model.TrustMarkOwner, error)

func (*TrustMarkTypesStorage) Delete added in v0.20.0 

func (s *TrustMarkTypesStorage) Delete(ident string) error

func (*TrustMarkTypesStorage) DeleteIssuerByID added in v0.20.0 

func (s *TrustMarkTypesStorage) DeleteIssuerByID(ident string, issuerID uint) ([]model.TrustMarkIssuer, error)

func (*TrustMarkTypesStorage) DeleteOwner added in v0.20.0 

func (s *TrustMarkTypesStorage) DeleteOwner(ident string) error

func (*TrustMarkTypesStorage) Get added in v0.20.0 

func (s *TrustMarkTypesStorage) Get(ident string) (*model.TrustMarkType, error)

func (*TrustMarkTypesStorage) GetOwner added in v0.20.0 

func (s *TrustMarkTypesStorage) GetOwner(ident string) (*model.TrustMarkOwner, error)

Owner management

func (*TrustMarkTypesStorage) IssuersByType added in v0.20.0 

func (s *TrustMarkTypesStorage) IssuersByType() (oidfed.AllowedTrustMarkIssuers, error)

IssuersByType returns a map of trust_mark_type -> []issuer (entity IDs) for all types.

func (*TrustMarkTypesStorage) List added in v0.20.0 

func (s *TrustMarkTypesStorage) List() ([]model.TrustMarkType, error)

func (*TrustMarkTypesStorage) ListIssuers added in v0.20.0 

func (s *TrustMarkTypesStorage) ListIssuers(ident string) ([]model.TrustMarkIssuer, error)

Issuers management

func (*TrustMarkTypesStorage) OwnersByType added in v0.20.0 

func (s *TrustMarkTypesStorage) OwnersByType() (oidfed.TrustMarkOwners, error)

OwnersByType returns a map of trust_mark_type -> TrustMarkOwner for all types that have an owner.

func (*TrustMarkTypesStorage) SetIssuers added in v0.20.0 

func (s *TrustMarkTypesStorage) SetIssuers(ident string, in []model.AddTrustMarkIssuer) (
	[]model.TrustMarkIssuer, error,
)

func (*TrustMarkTypesStorage) Update added in v0.20.0 

func (s *TrustMarkTypesStorage) Update(ident string, req model.AddTrustMarkType) (*model.TrustMarkType, error)

func (*TrustMarkTypesStorage) UpdateOwner added in v0.20.0 

func (s *TrustMarkTypesStorage) UpdateOwner(ident string, req model.AddTrustMarkOwner) (*model.TrustMarkOwner, error)

type TrustMarkedEntitiesStorage added in v0.20.0 

type TrustMarkedEntitiesStorage struct {
	// contains filtered or unexported fields
}

TrustMarkedEntitiesStorage implements the TrustMarkedEntitiesStorageBackend interface

func (*TrustMarkedEntitiesStorage) Active added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Active(trustMarkType string) ([]string, error)

Active returns all active entities for a trust mark type

func (*TrustMarkedEntitiesStorage) Approve added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Approve(trustMarkType, entityID string) error

Approve marks a trust mark as active for an entity

func (*TrustMarkedEntitiesStorage) Block added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Block(trustMarkType, entityID string) error

Block marks a trust mark as blocked for an entity

func (*TrustMarkedEntitiesStorage) Blocked added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Blocked(trustMarkType string) ([]string, error)

Blocked returns all blocked entities for a trust mark type

func (*TrustMarkedEntitiesStorage) Delete added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Delete(trustMarkType, entityID string) error

Delete removes a trust mark for an entity

func (*TrustMarkedEntitiesStorage) HasTrustMark added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) HasTrustMark(trustMarkType, entityID string) (bool, error)

HasTrustMark checks if an entity has an active trust mark

func (*TrustMarkedEntitiesStorage) Load added in v0.20.0 

func (*TrustMarkedEntitiesStorage) Load() error

Load is a no-op for GORM storage

func (*TrustMarkedEntitiesStorage) Pending added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Pending(trustMarkType string) ([]string, error)

Pending returns all pending entities for a trust mark type

func (*TrustMarkedEntitiesStorage) Request added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) Request(trustMarkType, entityID string) error

Request marks a trust mark as pending for an entity

func (*TrustMarkedEntitiesStorage) TrustMarkedStatus added in v0.20.0 

func (s *TrustMarkedEntitiesStorage) TrustMarkedStatus(trustMarkType, entityID string) (model.Status, error)

TrustMarkedStatus returns the status of a trust mark for an entity

type UsersStorage added in v0.20.0 

type UsersStorage struct {
	// contains filtered or unexported fields
}

UsersStorage implements UsersStore using GORM

func (*UsersStorage) Authenticate added in v0.20.0 

func (s *UsersStorage) Authenticate(username, password string) (*model.User, error)

Authenticate validates username/password and auto-upgrades hash if params changed

func (*UsersStorage) Count added in v0.20.0 

func (s *UsersStorage) Count() (int64, error)

Count returns the number of users present in the store

func (*UsersStorage) Create added in v0.20.0 

func (s *UsersStorage) Create(username, password, displayName string) (*model.User, error)

Create creates a user with an Argon2id-hashed password

func (*UsersStorage) Delete added in v0.20.0 

func (s *UsersStorage) Delete(username string) error

Delete deletes a user by username

func (*UsersStorage) Get added in v0.20.0 

func (s *UsersStorage) Get(username string) (*model.User, error)

Get returns a user by username

func (*UsersStorage) List added in v0.20.0 

func (s *UsersStorage) List() ([]model.User, error)

List returns all users (without password hashes)

func (*UsersStorage) Update added in v0.20.0 

func (s *UsersStorage) Update(username string, displayName *string, newPassword *string, disabled *bool) (*model.User, error)

Update updates display name / password / disabled

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.