Documentation
¶
Index ¶
- type AttestationData
- type Error
- type RequestBody
- type RequestBodyOption
- func WithAttestationData(data *AttestationData) RequestBodyOption
- func WithAuthorizationPrincipal(p string) RequestBodyOption
- func WithSSHCertificate(cert *sshutil.Certificate, certTpl *ssh.Certificate) RequestBodyOption
- func WithSSHCertificateRequest(cr sshutil.CertificateRequest) RequestBodyOption
- func WithX509Certificate(cert *x509util.Certificate, leaf *x509.Certificate) RequestBodyOption
- func WithX509CertificateRequest(cr *x509.CertificateRequest) RequestBodyOption
- func WithX5CCertificate(leaf *x509.Certificate) RequestBodyOption
- type ResponseBody
- type SSHCertificate
- type SSHCertificateRequest
- type X509Certificate
- type X509CertificateRequest
- type X5CCertificate
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AttestationData ¶
type AttestationData struct {
PermanentIdentifier string `json:"permanentIdentifier"`
}
AttestationData is data validated by acme device-attest-01 challenge
type RequestBody ¶
type RequestBody struct {
Timestamp time.Time `json:"timestamp"`
ProvisionerName string `json:"provisionerName,omitempty"`
// Only set after successfully completing acme device-attest-01 challenge
AttestationData *AttestationData `json:"attestationData,omitempty"`
// Set for most provisioners, but not acme or scep
// Token any `json:"token,omitempty"`
// Exactly one of the remaining fields should be set
X509CertificateRequest *X509CertificateRequest `json:"x509CertificateRequest,omitempty"`
X509Certificate *X509Certificate `json:"x509Certificate,omitempty"`
SSHCertificateRequest *SSHCertificateRequest `json:"sshCertificateRequest,omitempty"`
SSHCertificate *SSHCertificate `json:"sshCertificate,omitempty"`
// Only set for SCEP webhook requests
SCEPChallenge string `json:"scepChallenge,omitempty"`
SCEPTransactionID string `json:"scepTransactionID,omitempty"`
SCEPErrorCode int `json:"scepErrorCode,omitempty"`
SCEPErrorDescription string `json:"scepErrorDescription,omitempty"`
// Only set for X5C provisioners
X5CCertificate *X5CCertificate `json:"x5cCertificate,omitempty"`
// Set for X5C, AWS, GCP, and Azure provisioners
AuthorizationPrincipal string `json:"authorizationPrincipal,omitempty"`
}
RequestBody is the body sent to webhook servers.
func NewRequestBody ¶
func NewRequestBody(options ...RequestBodyOption) (*RequestBody, error)
type RequestBodyOption ¶
type RequestBodyOption func(*RequestBody) error
func WithAttestationData ¶
func WithAttestationData(data *AttestationData) RequestBodyOption
func WithAuthorizationPrincipal ¶ added in v0.25.0
func WithAuthorizationPrincipal(p string) RequestBodyOption
func WithSSHCertificate ¶
func WithSSHCertificate(cert *sshutil.Certificate, certTpl *ssh.Certificate) RequestBodyOption
func WithSSHCertificateRequest ¶
func WithSSHCertificateRequest(cr sshutil.CertificateRequest) RequestBodyOption
func WithX509Certificate ¶
func WithX509Certificate(cert *x509util.Certificate, leaf *x509.Certificate) RequestBodyOption
func WithX509CertificateRequest ¶
func WithX509CertificateRequest(cr *x509.CertificateRequest) RequestBodyOption
func WithX5CCertificate ¶ added in v0.25.0
func WithX5CCertificate(leaf *x509.Certificate) RequestBodyOption
type ResponseBody ¶
type ResponseBody struct {
Data any `json:"data"`
Allow bool `json:"allow"`
Error *Error `json:"error,omitempty"`
}
ResponseBody is the body returned by webhook servers.
type SSHCertificate ¶
type SSHCertificate struct {
*sshutil.Certificate
PublicKey []byte `json:"publicKey"`
SignatureKey []byte `json:"signatureKey"`
ValidBefore uint64 `json:"validBefore"`
ValidAfter uint64 `json:"validAfter"`
}
SSHCertificate is the certificate sent to webhook servers for authorizing webhooks when signing SSH certificates
type SSHCertificateRequest ¶
type SSHCertificateRequest struct {
PublicKey []byte `json:"publicKey"`
Type string `json:"type"`
KeyID string `json:"keyID"`
Principals []string `json:"principals"`
}
SSHCertificateRequest is the certificate request sent to webhook servers for enriching webhooks when signing SSH certificates
type X509Certificate ¶
type X509Certificate struct {
*x509util.Certificate
PublicKey []byte `json:"publicKey"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
NotBefore time.Time `json:"notBefore"`
NotAfter time.Time `json:"notAfter"`
Raw []byte `json:"raw"`
}
X509Certificate is the certificate sent to webhook servers for authorizing webhooks when signing x509 certificates
type X509CertificateRequest ¶
type X509CertificateRequest struct {
*x509util.CertificateRequest
PublicKey []byte `json:"publicKey"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
Raw []byte `json:"raw"`
}
X509CertificateRequest is the certificate request sent to webhook servers for enriching webhooks when signing x509 certificates
type X5CCertificate ¶ added in v0.25.0
type X5CCertificate struct {
Raw []byte `json:"raw"`
PublicKey []byte `json:"publicKey"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
NotBefore time.Time `json:"notBefore"`
NotAfter time.Time `json:"notAfter"`
}
X5CCertificate is the authorization certificate sent to webhook servers for enriching or authorizing webhooks when signing X509 or SSH certificates using the X5C provisioner.
Source Files
Click to show internal directories.
Click to hide internal directories.