Versions in this module Expand all Collapse all v0 v0.2.3 May 29, 2026 v0.2.2 May 29, 2026 Changes in this version type Store + func (st *Store) GetIdentityWebhookSecret() string + func (st *Store) SetIdentityWebhookSecret(secret string) v0.2.1 May 29, 2026 v0.2.1-beta.1 May 29, 2026 v0.2.0 May 28, 2026 Changes in this version + const JwksCacheTTL + var ErrKeyRotatedConcurrently = fmt.Errorf("rotate_key: key rotated concurrently, retry") + var LoadBlueprint = wire.LoadBlueprint + var ValidateBlueprint = wire.ValidateBlueprint + func DecodeJWT(token string) (*JwtHeader, *JwtClaims, string, error) + func HashOwner(owner string) string + func ValidateJWTClaims(claims *JwtClaims, expectedIssuer, expectedAudience string) error + func VerifyJWTSignatureHS256(signingInput string, signatureB64 string, secret []byte) error + func VerifyJWTSignatureRS256(signingInput, signatureB64 string, key *JwksKey) error + type BlueprintAuditExport = wire.BlueprintAuditExport + type BlueprintIdentityProvider = wire.BlueprintIdentityProvider + type BlueprintPolicy = wire.BlueprintPolicy + type BlueprintRole = wire.BlueprintRole + type BlueprintWebhooks = wire.BlueprintWebhooks + type Callbacks struct + Audit func(action string, attrs ...any) + Bus events.Bus + IncIDPVerifications func() + IncKeyRotations func() + OnKeyRotated KeyRotationCallback + RecordWAL WALRecorder + Save func() + type JWKSCache struct + FetchedAt time.Time + Keys []JwksKey + TTL time.Duration + URL string + func NewJWKSCache() *JWKSCache + func (c *JWKSCache) GetKey(jwksURL, kid string) (*JwksKey, error) + type JwksKey struct + Alg string + E string + K string + Kid string + Kty string + N string + func FetchJWKSKeys(jwksURL string) ([]JwksKey, error) + type JwtAud []string + func (a *JwtAud) UnmarshalJSON(data []byte) error + type JwtClaims struct + Audience JwtAud + Expiry int64 + IssuedAt int64 + Issuer string + NotBefore int64 + Subject string + type JwtHeader struct + Alg string + Kid string + Typ string + type KeyInfo struct + CreatedAt time.Time + ExpiresAt time.Time + RotateCount int + RotatedAt time.Time + type KeyRotationCallback func(nodeID uint32, oldPubKey, newPubKey string) + type NetworkBlueprint = wire.NetworkBlueprint + type NodeView interface + AdminToken func() string + CheckAdminToken func(msg map[string]interface{}) error + LookupNodeFull func(id uint32) (pubKey []byte, keyMeta KeyInfo, networks []uint16, externalID, owner string, ...) + LookupNodeKey func(id uint32) (pubKey []byte, ok bool) + NodeIsEnterprise func(id uint32) bool + Now func() time.Time + UpdateNodeExternalID func(id uint32, externalID string) (oldID string, ok bool) + UpdateNodeKey func(id uint32, expectedPubKey, newPubKey []byte, rotatedAt time.Time) (oldPubKeyB64 string, err error) + UpdateNodeKeyExpiry func(id uint32, expiresAt time.Time) (oldExpiry time.Time, ok bool) + VerifyHeartbeatSignature func(pubKey []byte, adminToken string, msg map[string]interface{}, challenge string) error + type ProvisionCallbacks struct + ApplyExprPolicy func(netID uint16, data json.RawMessage) error + ApplyNetworkPolicy func(netID uint16, pol *BlueprintPolicy) error + ConfigureAuditExport func(cfg *BlueprintAuditExport) + EnableEnterprise func(netID uint16) + FindOrCreateNetwork func(name string, enterprise bool, ...) (uint16, bool, error) + IncProvisionsTotal func() + SetAuditWebhookURL func(url string) + StoreRBACPreAssignments func(netID uint16, roles []BlueprintRole) + type ProvisionResult struct + Actions []string + Created bool + Name string + NetworkID uint16 + type RBACPreAssignCallbacks struct + CommitRole func(netID uint16, nodeID uint32, role string) + GetRoles func(netID uint16, nodeID uint32) (roles []BlueprintRole, externalID string, found bool) + IncCounter func() + type Store struct + func NewStore(nodes NodeView, cb Callbacks) *Store + func (st *Store) ApplyBlueprint(bp *NetworkBlueprint, adminToken string, pcb ProvisionCallbacks) (*ProvisionResult, error) + func (st *Store) ApplyRBACPreAssignment(netID uint16, nodeID uint32, rcb RBACPreAssignCallbacks) + func (st *Store) ClearIDPConfig() + func (st *Store) GetIDPConfig() *BlueprintIdentityProvider + func (st *Store) GetWebhookURL() string + func (st *Store) HandleGetIDPConfig(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleGetIdentity(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleGetKeyInfo(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleGetProvisionStatus(msg map[string]interface{}, networkSummary func() []map[string]interface{}, ...) (map[string]interface{}, error) + func (st *Store) HandleProvisionNetwork(msg map[string]interface{}, adminToken string, pcb ProvisionCallbacks) (map[string]interface{}, error) + func (st *Store) HandleRotateKey(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleSetExternalID(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleSetIDPConfig(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleSetIdentityWebhook(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleSetKeyExpiry(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) HandleValidateToken(msg map[string]interface{}) (map[string]interface{}, error) + func (st *Store) SetIDPConfig(cfg *BlueprintIdentityProvider) + func (st *Store) SetWebhookURL(url string) + func (st *Store) VerifyToken(token string) (string, error) + type WALRecorder func(nodeID uint32, newPubKeyB64, rotatedAt string) v0.1.0 May 22, 2026
Go to main page