store

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 9, 2022 License: MPL-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_controller_storage_auth_oidc_store_v1_oidc_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Account 

type Account struct {

	// @inject_tag: `gorm:"primary_key"`
	PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// The update_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
	// name is optional. If set, it must be unique within scope_id.
	// @inject_tag: `gorm:"default:null"`
	Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
	// description is optional.
	// @inject_tag: `gorm:"default:null"`
	Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
	// @inject_tag: `gorm:"default:null"`
	Version uint32 `protobuf:"varint,60,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
	// auth_method_id is the fk to the account's auth method.
	// @inject_tag: `gorm:"not_null"`
	AuthMethodId string `protobuf:"bytes,70,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"`
	// issuer is a case sensitive URL that maps to the OIDC iss claim
	// @inject_tag: `gorm:"not_null"`
	Issuer string `protobuf:"bytes,80,opt,name=issuer,proto3" json:"issuer,omitempty" gorm:"not_null"`
	// subject is a case sensitive string that maps to the OIDC sub claim.
	// @inject_tag: `gorm:"not_null"`
	Subject string `protobuf:"bytes,90,opt,name=subject,proto3" json:"subject,omitempty" gorm:"not_null"`
	// full_name is a string that maps to the OIDC name claim
	// @inject_tag: `gorm:"default:null"`
	FullName string `protobuf:"bytes,100,opt,name=full_name,json=fullName,proto3" json:"full_name,omitempty" gorm:"default:null"`
	// email is a string that maps to the OIDC email claim.
	// @inject_tag: `gorm:"default:null"`
	Email string `protobuf:"bytes,110,opt,name=email,proto3" json:"email,omitempty" gorm:"default:null"`
	// token_claims are the marshaled claims from the token.
	// @inject_tag: `gorm:"default:null"`
	TokenClaims string `protobuf:"bytes,120,opt,name=token_claims,json=tokenClaims,proto3" json:"token_claims,omitempty" gorm:"default:null"`
	// userinfo_claims are the marshaled claims from userinfo.
	// @inject_tag: `gorm:"default:null"`
	UserinfoClaims string `protobuf:"bytes,130,opt,name=userinfo_claims,json=userinfoClaims,proto3" json:"userinfo_claims,omitempty" gorm:"default:null"`
	// contains filtered or unexported fields
}

Account represents an OIDC account the scope_id column is not included here as it is used only to ensure data integrity in the database between iam users and auth methods.

func (*Account) Descriptor deprecated 

func (*Account) Descriptor() ([]byte, []int)

Deprecated: Use Account.ProtoReflect.Descriptor instead.

func (*Account) GetAuthMethodId 

func (x *Account) GetAuthMethodId() string

func (*Account) GetCreateTime 

func (x *Account) GetCreateTime() *timestamp.Timestamp

func (*Account) GetDescription 

func (x *Account) GetDescription() string

func (*Account) GetEmail 

func (x *Account) GetEmail() string

func (*Account) GetFullName 

func (x *Account) GetFullName() string

func (*Account) GetIssuer 

func (x *Account) GetIssuer() string

func (*Account) GetName 

func (x *Account) GetName() string

func (*Account) GetPublicId 

func (x *Account) GetPublicId() string

func (*Account) GetSubject 

func (x *Account) GetSubject() string

func (*Account) GetTokenClaims added in v0.5.0 

func (x *Account) GetTokenClaims() string

func (*Account) GetUpdateTime 

func (x *Account) GetUpdateTime() *timestamp.Timestamp

func (*Account) GetUserinfoClaims added in v0.5.0 

func (x *Account) GetUserinfoClaims() string

func (*Account) GetVersion 

func (x *Account) GetVersion() uint32

func (*Account) ProtoMessage 

func (*Account) ProtoMessage()

func (*Account) ProtoReflect 

func (x *Account) ProtoReflect() protoreflect.Message

func (*Account) Reset 

func (x *Account) Reset()

func (*Account) String 

func (x *Account) String() string

type AccountClaimMap added in v0.2.1 

type AccountClaimMap struct {

	// @inject_tag: `gorm:"primary_key"`
	OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
	// from_claim is the claim from the id_token that you need to map to a
	// standard account claim.
	// @inject_tag: `gorm:"not_null"`
	FromClaim string `protobuf:"bytes,20,opt,name=from_claim,json=fromClaim,proto3" json:"from_claim,omitempty" gorm:"not_null"`
	// to_claim is the standard account claim to map the from_claim to.  Valid
	// values are: sub, name, email
	// @inject_tag: `gorm:"column:to_claim;primary_key"`
	ToClaim string `protobuf:"bytes,30,opt,name=to_claim,json=toClaim,proto3" json:"to_claim,omitempty" gorm:"column:to_claim;primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,40,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// contains filtered or unexported fields
}

AccountClaimMap entries are optional from/to account claim maps.

func (*AccountClaimMap) Descriptor deprecated added in v0.2.1 

func (*AccountClaimMap) Descriptor() ([]byte, []int)

Deprecated: Use AccountClaimMap.ProtoReflect.Descriptor instead.

func (*AccountClaimMap) GetCreateTime added in v0.2.1 

func (x *AccountClaimMap) GetCreateTime() *timestamp.Timestamp

func (*AccountClaimMap) GetFromClaim added in v0.2.1 

func (x *AccountClaimMap) GetFromClaim() string

func (*AccountClaimMap) GetOidcMethodId added in v0.2.1 

func (x *AccountClaimMap) GetOidcMethodId() string

func (*AccountClaimMap) GetToClaim added in v0.2.1 

func (x *AccountClaimMap) GetToClaim() string

func (*AccountClaimMap) ProtoMessage added in v0.2.1 

func (*AccountClaimMap) ProtoMessage()

func (*AccountClaimMap) ProtoReflect added in v0.2.1 

func (x *AccountClaimMap) ProtoReflect() protoreflect.Message

func (*AccountClaimMap) Reset added in v0.2.1 

func (x *AccountClaimMap) Reset()

func (*AccountClaimMap) String added in v0.2.1 

func (x *AccountClaimMap) String() string

type AudClaim 

type AudClaim struct {

	// @inject_tag: `gorm:"primary_key"`
	OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
	// aud is an allowed audience claim for id_tokens
	// @inject_tag: `gorm:"primary_key;column:aud_claim""`
	Aud string `protobuf:"bytes,20,opt,name=aud,proto3" json:"aud,omitempty" gorm:"primary_key;column:aud_claim"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// contains filtered or unexported fields
}

AudClaim entries are the audience claims for a specific oidc auth method.

func (*AudClaim) Descriptor deprecated 

func (*AudClaim) Descriptor() ([]byte, []int)

Deprecated: Use AudClaim.ProtoReflect.Descriptor instead.

func (*AudClaim) GetAud 

func (x *AudClaim) GetAud() string

func (*AudClaim) GetCreateTime 

func (x *AudClaim) GetCreateTime() *timestamp.Timestamp

func (*AudClaim) GetOidcMethodId 

func (x *AudClaim) GetOidcMethodId() string

func (*AudClaim) ProtoMessage 

func (*AudClaim) ProtoMessage()

func (*AudClaim) ProtoReflect 

func (x *AudClaim) ProtoReflect() protoreflect.Message

func (*AudClaim) Reset 

func (x *AudClaim) Reset()

func (*AudClaim) String 

func (x *AudClaim) String() string

type AuthMethod 

type AuthMethod struct {

	// @inject_tag: `gorm:"primary_key"`
	PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// The update_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
	// name is optional. If set, it must be unique within scope_id.
	// @inject_tag: `gorm:"default:null"`
	Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
	// description is optional.
	// @inject_tag: `gorm:"default:null"`
	Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
	// The scope_id of the owning scope. Must be set.
	// @inject_tag: `gorm:"not_null"`
	ScopeId string `protobuf:"bytes,60,opt,name=scope_id,json=scopeId,proto3" json:"scope_id,omitempty" gorm:"not_null"`
	// @inject_tag: `gorm:"default:null"`
	Version uint32 `protobuf:"varint,70,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
	// is_primary_auth_method is a read-only output field which indicates if the
	// auth method is set as the scope's primary auth method.
	// @inject_tag: `gorm:"-"`
	IsPrimaryAuthMethod bool `` /* 133-byte string literal not displayed */
	// operational_state is the current state of the auth_oidc_method (inactive,
	// active-private, or active-public).
	// @inject_tag: `gorm:"column:state;not_null"`
	OperationalState string `` /* 139-byte string literal not displayed */
	// disable_discovered_config_validation is a flag that when set to true
	// indicates the AuthMethod config was not validated against the IdP's
	// discovery info document when it was updated or its operational_state was
	// changed.
	// @inject_tag: `gorm:"not_null"`
	DisableDiscoveredConfigValidation bool `` /* 182-byte string literal not displayed */
	// issuer is the OIDC Discovery URL without any .well-known component
	// @inject_tag: `gorm:"default:null"`
	Issuer string `protobuf:"bytes,90,opt,name=issuer,proto3" json:"issuer,omitempty" gorm:"default:null"`
	// client_id is the OIDC client identifier
	// @inject_tag: `gorm:"not_null"`
	ClientId string `protobuf:"bytes,100,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty" gorm:"not_null"`
	// ct_client_secret is the encrypted OIDC client secret which is stored in the db.
	// @inject_tag: `gorm:"column:client_secret;not_null" wrapping:"ct,client_secret"`
	CtClientSecret []byte `` /* 172-byte string literal not displayed */
	// client_secret is the unencrypted OIDC client secret which is not stored in the database.
	// @inject_tag: `gorm:"-" wrapping:"pt,client_secret"`
	ClientSecret string `` /* 136-byte string literal not displayed */
	// client_secret_hmac is a sha256-hmac of the unencrypted client_secret that
	// is returned from the API for read.  It is recalculated everytime the raw
	// client_secret is updated.
	// @inject_tag: `gorm:"not_null"`
	ClientSecretHmac string `` /* 129-byte string literal not displayed */
	// key_id is the key ID that was used for the encryption operation. It can be
	// used to identify a specific version of the key needed to decrypt the value,
	// which is useful for caching purposes.
	// @inject_tag: `gorm:"not_null"`
	KeyId string `protobuf:"bytes,140,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"`
	// max_age is the allowed elapsed time in seconds since the last time the user
	// was actively authenticated by the OIDC provider. -1 indicates the user
	// should be re-authenticated immediately and would represent the zero value
	// for max age based on the oidc spec.
	// @inject_tag: `gorm:"default:null"`
	MaxAge int32 `protobuf:"varint,150,opt,name=max_age,json=maxAge,proto3" json:"max_age,omitempty" gorm:"default:null"`
	// api_url is the URLs prefix at which the boundary api is reachable. This value
	// is used by the auth method in the different steps of the auth flow.
	// @inject_tag: `gorm:"default:null"`
	ApiUrl string `protobuf:"bytes,160,opt,name=api_url,json=apiUrl,proto3" json:"api_url,omitempty" gorm:"default:null"`
	// signing_algs are the signing algorithms allowed for an oidc auth method.
	// These are Value Objects that will be stored as SigningAlg messages, and are
	// operated on as a complete set.
	// @inject_tag: `gorm:"-"`
	SigningAlgs []string `protobuf:"bytes,170,rep,name=signing_algs,json=signingAlgs,proto3" json:"signing_algs,omitempty" gorm:"-"`
	// aud_claims are the audience claims for a specific oidc auth method. These
	// are Value Objects that will be stored as AudClaim messages, and are
	// operatated on as a complete set.
	// @inject_tag: `gorm:"-"`
	AudClaims []string `protobuf:"bytes,180,rep,name=aud_claims,json=audClaims,proto3" json:"aud_claims,omitempty" gorm:"-"`
	// certificates are optional PEM encoded x509 certificates that can be
	// used as trust anchors when connecting to an OIDC provider. These are Value
	// Objects that will be stored as Certificate messages, and are operatated on
	// as a complete set.
	// @inject_tag: `gorm:"-"`
	Certificates []string `protobuf:"bytes,190,rep,name=certificates,proto3" json:"certificates,omitempty" gorm:"-"`
	// claims_scopes are the optional claims scopes a specific oidc auth method.
	// These are Value Objects that will be stored as ClaimsScope messages, and
	// are operatated on as a complete set.
	// @inject_tag: `gorm:"-"`
	ClaimsScopes []string `protobuf:"bytes,200,rep,name=claims_scopes,json=claimsScopes,proto3" json:"claims_scopes,omitempty" gorm:"-"`
	// account_claim_maps are optional claim maps from custom claims to the
	// standard claims of sub, name and email.  These maps are represented as
	// key=value where the key equals the from_claim and the value equals the
	// to_claim.  For example "oid=sub".
	// @inject_tag: `gorm:"-"`
	AccountClaimMaps []string `protobuf:"bytes,210,rep,name=account_claim_maps,json=accountClaimMaps,proto3" json:"account_claim_maps,omitempty" gorm:"-"`
	// contains filtered or unexported fields
}

AuthMethod represents an OIDC auth method.

func (*AuthMethod) Descriptor deprecated 

func (*AuthMethod) Descriptor() ([]byte, []int)

Deprecated: Use AuthMethod.ProtoReflect.Descriptor instead.

func (*AuthMethod) GetAccountClaimMaps added in v0.2.1 

func (x *AuthMethod) GetAccountClaimMaps() []string

func (*AuthMethod) GetApiUrl 

func (x *AuthMethod) GetApiUrl() string

func (*AuthMethod) GetAudClaims 

func (x *AuthMethod) GetAudClaims() []string

func (*AuthMethod) GetCertificates 

func (x *AuthMethod) GetCertificates() []string

func (*AuthMethod) GetClaimsScopes added in v0.2.1 

func (x *AuthMethod) GetClaimsScopes() []string

func (*AuthMethod) GetClientId 

func (x *AuthMethod) GetClientId() string

func (*AuthMethod) GetClientSecret 

func (x *AuthMethod) GetClientSecret() string

func (*AuthMethod) GetClientSecretHmac 

func (x *AuthMethod) GetClientSecretHmac() string

func (*AuthMethod) GetCreateTime 

func (x *AuthMethod) GetCreateTime() *timestamp.Timestamp

func (*AuthMethod) GetCtClientSecret 

func (x *AuthMethod) GetCtClientSecret() []byte

func (*AuthMethod) GetDescription 

func (x *AuthMethod) GetDescription() string

func (*AuthMethod) GetDisableDiscoveredConfigValidation 

func (x *AuthMethod) GetDisableDiscoveredConfigValidation() bool

func (*AuthMethod) GetIsPrimaryAuthMethod 

func (x *AuthMethod) GetIsPrimaryAuthMethod() bool

func (*AuthMethod) GetIssuer 

func (x *AuthMethod) GetIssuer() string

func (*AuthMethod) GetKeyId 

func (x *AuthMethod) GetKeyId() string

func (*AuthMethod) GetMaxAge 

func (x *AuthMethod) GetMaxAge() int32

func (*AuthMethod) GetName 

func (x *AuthMethod) GetName() string

func (*AuthMethod) GetOperationalState 

func (x *AuthMethod) GetOperationalState() string

func (*AuthMethod) GetPublicId 

func (x *AuthMethod) GetPublicId() string

func (*AuthMethod) GetScopeId 

func (x *AuthMethod) GetScopeId() string

func (*AuthMethod) GetSigningAlgs 

func (x *AuthMethod) GetSigningAlgs() []string

func (*AuthMethod) GetUpdateTime 

func (x *AuthMethod) GetUpdateTime() *timestamp.Timestamp

func (*AuthMethod) GetVersion 

func (x *AuthMethod) GetVersion() uint32

func (*AuthMethod) ProtoMessage 

func (*AuthMethod) ProtoMessage()

func (*AuthMethod) ProtoReflect 

func (x *AuthMethod) ProtoReflect() protoreflect.Message

func (*AuthMethod) Reset 

func (x *AuthMethod) Reset()

func (*AuthMethod) String 

func (x *AuthMethod) String() string

type Certificate 

type Certificate struct {

	// @inject_tag: `gorm:"primary_key"`
	OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
	// certificate is a PEM encoded x509
	// @inject_tag: `gorm:"column:certificate;primary_key"`
	Cert string `protobuf:"bytes,20,opt,name=cert,proto3" json:"cert,omitempty" gorm:"column:certificate;primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// contains filtered or unexported fields
}

Certificate entries are optional PEM encoded x509 certificates that can be used as trust anchors when connecting to an OIDC provider.

func (*Certificate) Descriptor deprecated 

func (*Certificate) Descriptor() ([]byte, []int)

Deprecated: Use Certificate.ProtoReflect.Descriptor instead.

func (*Certificate) GetCert 

func (x *Certificate) GetCert() string

func (*Certificate) GetCreateTime 

func (x *Certificate) GetCreateTime() *timestamp.Timestamp

func (*Certificate) GetOidcMethodId 

func (x *Certificate) GetOidcMethodId() string

func (*Certificate) ProtoMessage 

func (*Certificate) ProtoMessage()

func (*Certificate) ProtoReflect 

func (x *Certificate) ProtoReflect() protoreflect.Message

func (*Certificate) Reset 

func (x *Certificate) Reset()

func (*Certificate) String 

func (x *Certificate) String() string

type ClaimsScope added in v0.2.1 

type ClaimsScope struct {

	// @inject_tag: `gorm:"primary_key"`
	OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
	// scope is an OIDC scope
	// @inject_tag: `gorm:"column:scope;primary_key"`
	Scope string `protobuf:"bytes,20,opt,name=scope,proto3" json:"scope,omitempty" gorm:"column:scope;primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// contains filtered or unexported fields
}

ClaimsScope entries are optional OIDC scope values that are used to request claims, in addition to the default scope of "openid".

see: https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims

func (*ClaimsScope) Descriptor deprecated added in v0.2.1 

func (*ClaimsScope) Descriptor() ([]byte, []int)

Deprecated: Use ClaimsScope.ProtoReflect.Descriptor instead.

func (*ClaimsScope) GetCreateTime added in v0.2.1 

func (x *ClaimsScope) GetCreateTime() *timestamp.Timestamp

func (*ClaimsScope) GetOidcMethodId added in v0.2.1 

func (x *ClaimsScope) GetOidcMethodId() string

func (*ClaimsScope) GetScope added in v0.2.1 

func (x *ClaimsScope) GetScope() string

func (*ClaimsScope) ProtoMessage added in v0.2.1 

func (*ClaimsScope) ProtoMessage()

func (*ClaimsScope) ProtoReflect added in v0.2.1 

func (x *ClaimsScope) ProtoReflect() protoreflect.Message

func (*ClaimsScope) Reset added in v0.2.1 

func (x *ClaimsScope) Reset()

func (*ClaimsScope) String added in v0.2.1 

func (x *ClaimsScope) String() string

type ManagedGroup added in v0.3.0 

type ManagedGroup struct {

	// @inject_tag: `gorm:"primary_key"`
	PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// The update_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
	// name is optional. If set, it must be unique within auth_method_id.
	// @inject_tag: `gorm:"default:null"`
	Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
	// description is optional.
	// @inject_tag: `gorm:"default:null"`
	Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
	// @inject_tag: `gorm:"default:null"`
	Version uint32 `protobuf:"varint,60,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
	// auth_method_id is the fk to the account's auth method.
	// @inject_tag: `gorm:"not_null"`
	AuthMethodId string `protobuf:"bytes,70,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"`
	// filter is a go-bexpr filter
	// @inject_tag: `gorm:"not_null"`
	Filter string `protobuf:"bytes,80,opt,name=filter,proto3" json:"filter,omitempty" gorm:"not_null"`
	// contains filtered or unexported fields
}

ManagedGroup entries provide an OIDC auth method implementation of managed groups.

func (*ManagedGroup) Descriptor deprecated added in v0.3.0 

func (*ManagedGroup) Descriptor() ([]byte, []int)

Deprecated: Use ManagedGroup.ProtoReflect.Descriptor instead.

func (*ManagedGroup) GetAuthMethodId added in v0.3.0 

func (x *ManagedGroup) GetAuthMethodId() string

func (*ManagedGroup) GetCreateTime added in v0.3.0 

func (x *ManagedGroup) GetCreateTime() *timestamp.Timestamp

func (*ManagedGroup) GetDescription added in v0.3.0 

func (x *ManagedGroup) GetDescription() string

func (*ManagedGroup) GetFilter added in v0.3.0 

func (x *ManagedGroup) GetFilter() string

func (*ManagedGroup) GetName added in v0.3.0 

func (x *ManagedGroup) GetName() string

func (*ManagedGroup) GetPublicId added in v0.3.0 

func (x *ManagedGroup) GetPublicId() string

func (*ManagedGroup) GetUpdateTime added in v0.3.0 

func (x *ManagedGroup) GetUpdateTime() *timestamp.Timestamp

func (*ManagedGroup) GetVersion added in v0.3.0 

func (x *ManagedGroup) GetVersion() uint32

func (*ManagedGroup) ProtoMessage added in v0.3.0 

func (*ManagedGroup) ProtoMessage()

func (*ManagedGroup) ProtoReflect added in v0.3.0 

func (x *ManagedGroup) ProtoReflect() protoreflect.Message

func (*ManagedGroup) Reset added in v0.3.0 

func (x *ManagedGroup) Reset()

func (*ManagedGroup) String added in v0.3.0 

func (x *ManagedGroup) String() string

type ManagedGroupMemberAccount added in v0.3.0 

type ManagedGroupMemberAccount struct {

	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,10,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// managed_group_id is the fk to the oidc managed group public id
	// @inject_tag: `gorm:"primary_key"`
	ManagedGroupId string `protobuf:"bytes,20,opt,name=managed_group_id,json=managedGroupId,proto3" json:"managed_group_id,omitempty" gorm:"primary_key"`
	// member_id is the fk to the oidc account public id
	// @inject_tag: `gorm:"primary_key"`
	MemberId string `protobuf:"bytes,30,opt,name=member_id,json=memberId,proto3" json:"member_id,omitempty" gorm:"primary_key"`
	// contains filtered or unexported fields
}

ManagedGroupMemberAccount contains a mapping between a managed group and a member account.

func (*ManagedGroupMemberAccount) Descriptor deprecated added in v0.3.0 

func (*ManagedGroupMemberAccount) Descriptor() ([]byte, []int)

Deprecated: Use ManagedGroupMemberAccount.ProtoReflect.Descriptor instead.

func (*ManagedGroupMemberAccount) GetCreateTime added in v0.3.0 

func (x *ManagedGroupMemberAccount) GetCreateTime() *timestamp.Timestamp

func (*ManagedGroupMemberAccount) GetManagedGroupId added in v0.3.0 

func (x *ManagedGroupMemberAccount) GetManagedGroupId() string

func (*ManagedGroupMemberAccount) GetMemberId added in v0.3.0 

func (x *ManagedGroupMemberAccount) GetMemberId() string

func (*ManagedGroupMemberAccount) ProtoMessage added in v0.3.0 

func (*ManagedGroupMemberAccount) ProtoMessage()

func (*ManagedGroupMemberAccount) ProtoReflect added in v0.3.0 

func (x *ManagedGroupMemberAccount) ProtoReflect() protoreflect.Message

func (*ManagedGroupMemberAccount) Reset added in v0.3.0 

func (x *ManagedGroupMemberAccount) Reset()

func (*ManagedGroupMemberAccount) String added in v0.3.0 

func (x *ManagedGroupMemberAccount) String() string

type SigningAlg 

type SigningAlg struct {

	// @inject_tag: `gorm:"primary_key"`
	OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
	// alg is an enum from the auth_oidc_signing_alg_enm table
	// @inject_tag: `gorm:"primary_key;column:signing_alg_name"`
	Alg string `protobuf:"bytes,20,opt,name=alg,proto3" json:"alg,omitempty" gorm:"primary_key;column:signing_alg_name"`
	// The create_time is set by the database.
	// @inject_tag: `gorm:"default:current_timestamp"`
	CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
	// contains filtered or unexported fields
}

SigningAlg entries are the signing algorithms allowed for an oidc auth method.

func (*SigningAlg) Descriptor deprecated 

func (*SigningAlg) Descriptor() ([]byte, []int)

Deprecated: Use SigningAlg.ProtoReflect.Descriptor instead.

func (*SigningAlg) GetAlg 

func (x *SigningAlg) GetAlg() string

func (*SigningAlg) GetCreateTime 

func (x *SigningAlg) GetCreateTime() *timestamp.Timestamp

func (*SigningAlg) GetOidcMethodId 

func (x *SigningAlg) GetOidcMethodId() string

func (*SigningAlg) ProtoMessage 

func (*SigningAlg) ProtoMessage()

func (*SigningAlg) ProtoReflect 

func (x *SigningAlg) ProtoReflect() protoreflect.Message

func (*SigningAlg) Reset 

func (x *SigningAlg) Reset()

func (*SigningAlg) String 

func (x *SigningAlg) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.