client

type Client interface {
	FetchUpdates(ctx context.Context, req *node.FetchX509SVIDRequest, forRotation bool) (*Update, error)
	FetchJWTSVID(ctx context.Context, jsr *node.JSR) (*JWTSVID, error)

	// Release releases any resources that were held by this Client, if any.
	Release()
}

type Config struct {
	Addr        string
	Log         logrus.FieldLogger
	TrustDomain url.URL
	// KeysAndBundle is a callback that must return the keys and bundle used by the client
	// to connect via mTLS to Addr.
	KeysAndBundle func() ([]*x509.Certificate, *ecdsa.PrivateKey, []*x509.Certificate)

	// RotMtx is used to prevent the creation of new connections during SVID rotations
	RotMtx *sync.RWMutex
}

type DialServerConfig struct {
	// Address is the SPIRE server address
	Address string

	// TrustDomain is the trust domain ID for the agent/server
	TrustDomain string

	// GetBundle is a required callback that returns the current trust bundle
	// for used to authenticate the server certificate.
	GetBundle func() []*x509.Certificate

	// GetAgentCertificate is an optional callback used to return the agent
	// certificate to present to the server during the TLS handshake.
	GetAgentCertificate func() *tls.Certificate
	// contains filtered or unexported fields
}

type JWTSVID struct {
	Token     string
	IssuedAt  time.Time
	ExpiresAt time.Time
}

type Update struct {
	Entries map[string]*common.RegistrationEntry
	SVIDs   map[string]*node.X509SVID
	Bundles map[string]*common.Bundle
}