Documentation
¶
Overview ¶
Package alts implements the ALTS credential support by gRPC library, which encapsulates all the state needed by a client to authenticate with a server using ALTS and make various assertions, e.g., about the client's identity, role, or whether it is authorized to make a particular call. This package is experimental.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrUntrustedPlatform is returned from ClientHandshake and // ServerHandshake is running on a platform where the trustworthiness of // the handshaker service is not guaranteed. ErrUntrustedPlatform = errors.New("untrusted platform") )
Functions ¶
func NewClientCreds ¶
func NewClientCreds(opts *ClientOptions) credentials.TransportCredentials
NewClientCreds constructs a client-side ALTS TransportCredentials object.
func NewServerCreds ¶
func NewServerCreds() credentials.TransportCredentials
NewServerCreds constructs a server-side ALTS TransportCredentials object.
Types ¶
type AuthInfo ¶
type AuthInfo interface {
// ApplicationProtocol returns application protocol negotiated for the
// ALTS connection.
ApplicationProtocol() string
// RecordProtocol returns the record protocol negotiated for the ALTS
// connection.
RecordProtocol() string
// SecurityLevel returns the security level of the created ALTS secure
// channel.
SecurityLevel() altspb.SecurityLevel
// PeerServiceAccount returns the peer service account.
PeerServiceAccount() string
// LocalServiceAccount returns the local service account.
LocalServiceAccount() string
// PeerRPCVersions returns the RPC version supported by the peer.
PeerRPCVersions() *altspb.RpcProtocolVersions
}
AuthInfo exposes security information from the ALTS handshake to the application. This interface is to be implemented by ALTS. Users should not need a brand new implementation of this interface. For situations like testing, any new implementation should embed this interface. This allows ALTS to add new methods to this interface.
type ClientOptions ¶
type ClientOptions struct {
// TargetServiceAccounts contains a list of expected target service
// accounts.
TargetServiceAccounts []string
}
ClientOptions contains the client-side options of an ALTS channel. These options will be passed to the underlying ALTS handshaker.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package core contains common core functionality for ALTS.
|
Package core contains common core functionality for ALTS. |
|
authinfo
Package authinfo provide authentication information returned by handshakers.
|
Package authinfo provide authentication information returned by handshakers. |
|
conn
Package conn contains an implementation of a secure channel created by gRPC handshakers.
|
Package conn contains an implementation of a secure channel created by gRPC handshakers. |
|
handshaker
Package handshaker provides ALTS handshaking functionality for GCP.
|
Package handshaker provides ALTS handshaking functionality for GCP. |
|
handshaker/service
Package service manages connections between the VM application and the ALTS handshaker service.
|
Package service manages connections between the VM application and the ALTS handshaker service. |
|
proto/grpc_gcp
Package grpc_gcp is a generated protocol buffer package.
|
Package grpc_gcp is a generated protocol buffer package. |
|
testutil
Package testutil include useful test utilities for the handshaker.
|
Package testutil include useful test utilities for the handshaker. |