Documentation
¶
Index ¶
- Constants
- Variables
- func Handler(props *vault.HandlerProperties) http.Handler
- func TestListener(tb testing.TB) (net.Listener, string)
- func TestServer(tb testing.TB, core *vault.Core) (net.Listener, string)
- func TestServerAuth(tb testing.TB, addr string, token string)
- func TestServerWithListener(tb testing.TB, ln net.Listener, addr string, core *vault.Core)
- func TestServerWithListenerAndProperties(tb testing.TB, ln net.Listener, addr string, core *vault.Core, ...)
- func WrapForwardedForHandler(h http.Handler, authorizedAddrs []*sockaddr.SockAddrMarshaler, ...) http.Handler
- type ErrorResponse
- type GenerateRootInitRequest
- type GenerateRootStatusResponse
- type GenerateRootUpdateRequest
- type HealthResponse
- type InitRequest
- type InitResponse
- type InitStatusResponse
- type LeaderResponse
- type PrepareRequestFunc
- type RekeyRequest
- type RekeyStatusResponse
- type RekeyUpdateRequest
- type RekeyUpdateResponse
- type RekeyVerificationStatusResponse
- type RekeyVerificationUpdateRequest
- type RekeyVerificationUpdateResponse
- type SealStatusResponse
- type UIAssetWrapper
- type UnsealRequest
Constants ¶
View Source
const ( // AuthHeaderName is the name of the header containing the token. AuthHeaderName = "X-Vault-Token" // WrapTTLHeaderName is the name of the header containing a directive to // wrap the response WrapTTLHeaderName = "X-Vault-Wrap-TTL" // WrapFormatHeaderName is the name of the header containing the format to // wrap in; has no effect if the wrap TTL is not set WrapFormatHeaderName = "X-Vault-Wrap-Format" // NoRequestForwardingHeaderName is the name of the header telling Vault // not to use request forwarding NoRequestForwardingHeaderName = "X-Vault-No-Request-Forwarding" // MFAHeaderName represents the HTTP header which carries the credentials // required to perform MFA on any path. MFAHeaderName = "X-Vault-MFA" // PolicyOverrideHeaderName is the header set to request overriding // soft-mandatory Sentinel policies. PolicyOverrideHeaderName = "X-Vault-Policy-Override" // DefaultMaxRequestSize is the default maximum accepted request size. This // is to prevent a denial of service attack where no Content-Length is // provided and the server is fed ever more data until it exhausts memory. // Can be overridden per listener. DefaultMaxRequestSize = 32 * 1024 * 1024 )
Variables ¶
View Source
var (
ReplicationStaleReadTimeout = 2 * time.Second
)
Functions ¶
func Handler ¶
func Handler(props *vault.HandlerProperties) http.Handler
Handler returns an http.Handler for the API. This can be used on its own to mount the Vault API within another web server.
func TestServerWithListener ¶
func TestServerWithListenerAndProperties ¶ added in v0.10.4
func WrapForwardedForHandler ¶ added in v0.10.1
Types ¶
type ErrorResponse ¶
type ErrorResponse struct {
Errors []string `json:"errors"`
}
type GenerateRootInitRequest ¶ added in v0.5.0
type GenerateRootStatusResponse ¶ added in v0.5.0
type GenerateRootStatusResponse struct {
Nonce string `json:"nonce"`
Started bool `json:"started"`
Progress int `json:"progress"`
Required int `json:"required"`
Complete bool `json:"complete"`
EncodedToken string `json:"encoded_token"`
EncodedRootToken string `json:"encoded_root_token"`
PGPFingerprint string `json:"pgp_fingerprint"`
}
type GenerateRootUpdateRequest ¶ added in v0.5.0
type HealthResponse ¶
type HealthResponse struct {
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"`
Standby bool `json:"standby"`
ReplicationPerformanceMode string `json:"replication_performance_mode"`
ReplicationDRMode string `json:"replication_dr_mode"`
ServerTimeUTC int64 `json:"server_time_utc"`
Version string `json:"version"`
ClusterName string `json:"cluster_name,omitempty"`
ClusterID string `json:"cluster_id,omitempty"`
}
type InitRequest ¶
type InitResponse ¶
type InitStatusResponse ¶
type InitStatusResponse struct {
Initialized bool `json:"initialized"`
}
type LeaderResponse ¶
type PrepareRequestFunc ¶ added in v0.6.0
type RekeyRequest ¶ added in v0.2.0
type RekeyStatusResponse ¶ added in v0.2.0
type RekeyStatusResponse struct {
Nonce string `json:"nonce"`
Started bool `json:"started"`
T int `json:"t"`
N int `json:"n"`
Progress int `json:"progress"`
Required int `json:"required"`
PGPFingerprints []string `json:"pgp_fingerprints"`
Backup bool `json:"backup"`
VerificationRequired bool `json:"verification_required"`
VerificationNonce string `json:"verification_nonce,omitempty"`
}
type RekeyUpdateRequest ¶ added in v0.2.0
type RekeyUpdateResponse ¶ added in v0.2.0
type RekeyUpdateResponse struct {
Nonce string `json:"nonce"`
Complete bool `json:"complete"`
Keys []string `json:"keys"`
KeysB64 []string `json:"keys_base64"`
PGPFingerprints []string `json:"pgp_fingerprints"`
Backup bool `json:"backup"`
VerificationRequired bool `json:"verification_required"`
VerificationNonce string `json:"verification_nonce,omitempty"`
}
type RekeyVerificationStatusResponse ¶ added in v0.10.2
type RekeyVerificationUpdateRequest ¶ added in v0.10.2
type RekeyVerificationUpdateResponse ¶ added in v0.10.2
type SealStatusResponse ¶
type SealStatusResponse struct {
Type string `json:"type"`
Sealed bool `json:"sealed"`
T int `json:"t"`
N int `json:"n"`
Progress int `json:"progress"`
Nonce string `json:"nonce"`
Version string `json:"version"`
ClusterName string `json:"cluster_name,omitempty"`
ClusterID string `json:"cluster_id,omitempty"`
}
type UIAssetWrapper ¶ added in v0.10.0
type UIAssetWrapper struct {
FileSystem *assetfs.AssetFS
}
type UnsealRequest ¶
Source Files
Click to show internal directories.
Click to hide internal directories.