sdk

package
v5.2.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2020 License: BSD-3-Clause Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	IdentityPrefix = "identity-"
	IssuerPrefix   = "virgil-"
)
View Source 
const (
	VirgilContentType = "virgil-jwt;v=1"
	JwtType           = "JWT"
)
View Source 
const (
	SelfSigner   = "self"
	VirgilSigner = "virgil"
)
View Source 
const (
	CardVersion = "5.0"
)
View Source 
const (
	VirgilPublicKey = "MCowBQYDK2VwAyEAljOYGANYiVq1WbvVvoYIKtvZi2ji9bAhxyu6iV/LF8M="
)

Variables

View Source 
var (
	CSRIdentityEmptyErr        = errors.New("Identity field in CSR is mandatory")
	CSRSignParamIncorrectErr   = errors.New("CSR signature params incorrect")
	CSRPublicKeyEmptyErr       = errors.New("Public key field in CSR is mandatory")
	CSRSelfSignAlreadyExistErr = errors.New("The CSR already has a self signature")
	CSRAppSignAlreadyExistErr  = errors.New("The CSR already has an application signature")

	CardValidationSignerTypeIncorrectErr       = NewCardVerifierError("Card validation: signer type incorrect")
	CardValidationExpectedSignerWasNotFoundErr = NewCardVerifierError("Card validation: expected signer was not found")
	CardValidationSignatureValidationFailedErr = NewCardVerifierError("Card validation: signature validation failed")
)
View Source 
var (
	ErrorKeyAlreadyExists = errors.New("Key already exists")
	ErrorKeyNotFound      = errors.New("Key not found")
)

Functions

func GenerateCardId 

func GenerateCardId(crypto cryptoapi.CardCrypto, data []byte) (string, error)

func NewCardVerifierError 

func NewCardVerifierError(msg string) error

func NewVirgilPrivateKeyStorage 

func NewVirgilPrivateKeyStorage(privateKeyExporter cryptoapi.PrivateKeyExporter, path string) cryptoapi.PrivateKeyStorage

func ParseSnapshot 

func ParseSnapshot(data []byte, obj interface{}) error

func SpaceMap 

func SpaceMap(str string) string

func TakeSnapshot 

func TakeSnapshot(obj interface{}) ([]byte, error)

func ValidateJwtBodyParams 

func ValidateJwtBodyParams(appId string, identity string, issuedAt time.Time, expiresAt time.Time) error

Types

type AccessToken 

type AccessToken interface {
	String() string
	Identity() (string, error)
}

type AccessTokenProvider 

type AccessTokenProvider interface {
	GetToken(context *TokenContext) (AccessToken, error)
}

func NewCallbackJwtProvider 

func NewCallbackJwtProvider(callback func(context *TokenContext) (*Jwt, error)) AccessTokenProvider

type CachingJwtProvider 

type CachingJwtProvider struct {
	RenewTokenCallback func(context *TokenContext) (*Jwt, error)
	Jwt                *Jwt
	// contains filtered or unexported fields
}

func NewCachingJwtProvider 

func NewCachingJwtProvider(renewTokenCallback func(context *TokenContext) (*Jwt, error)) *CachingJwtProvider

func NewCachingStringJwtProvider 

func NewCachingStringJwtProvider(renewTokenCallback func(context *TokenContext) (string, error)) *CachingJwtProvider

func (*CachingJwtProvider) GetToken 

func (c *CachingJwtProvider) GetToken(context *TokenContext) (AccessToken, error)

type CallbackJwtProvider 

type CallbackJwtProvider struct {
	GetTokenCallback func(context *TokenContext) (*Jwt, error)
}

func NewCallbackStringJwtProvider 

func NewCallbackStringJwtProvider(renewTokenCallback func(context *TokenContext) (string, error)) *CallbackJwtProvider

func (*CallbackJwtProvider) GetToken 

func (c *CallbackJwtProvider) GetToken(context *TokenContext) (AccessToken, error)

type Card 

type Card struct {
	Id             string
	Identity       string
	PublicKey      cryptoapi.PublicKey
	Version        string
	CreatedAt      time.Time
	PreviousCardId string
	PreviousCard   *Card
	IsOutdated     bool

	Signatures      []*CardSignature
	ContentSnapshot []byte
}

func LinkCards 

func LinkCards(cards ...*Card) []*Card

func ParseRawCard 

func ParseRawCard(crypto cryptoapi.CardCrypto, model *RawSignedModel, isOutdated bool) (*Card, error)

func ParseRawCards 

func ParseRawCards(crypto cryptoapi.CardCrypto, models ...*RawSignedModel) ([]*Card, error)

type CardClient 

type CardClient struct {
	ServiceURL       string
	VirgilHttpClient *common.VirgilHttpClient
	HttpClient       common.HttpClient
	// contains filtered or unexported fields
}

func NewCardsClient 

func NewCardsClient(serviceURL string) *CardClient

func (*CardClient) GetCard 

func (c *CardClient) GetCard(cardId string, token string) (*RawSignedModel, bool, error)

func (*CardClient) PublishCard 

func (c *CardClient) PublishCard(rawCard *RawSignedModel, token string) (*RawSignedModel, error)

func (*CardClient) RevokeCard 

func (c *CardClient) RevokeCard(cardId string, token string) error

func (*CardClient) SearchCards 

func (c *CardClient) SearchCards(identity string, token string) ([]*RawSignedModel, error)

type CardManager 

type CardManager struct {
	ModelSigner         *ModelSigner
	Crypto              cryptoapi.CardCrypto
	AccessTokenProvider AccessTokenProvider
	CardVerifier        CardVerifier
	CardClient          *CardClient
	SignCallback        func(model *RawSignedModel) (signedCard *RawSignedModel, err error)
	// contains filtered or unexported fields
}

func NewCardManager 

func NewCardManager(params *CardManagerParams) (*CardManager, error)

func (*CardManager) ExportCardAsJson 

func (c *CardManager) ExportCardAsJson(card *Card) (string, error)

func (*CardManager) ExportCardAsRawCard 

func (c *CardManager) ExportCardAsRawCard(card *Card) (*RawSignedModel, error)

func (*CardManager) ExportCardAsString 

func (c *CardManager) ExportCardAsString(card *Card) (string, error)

func (*CardManager) GenerateRawCard 

func (c *CardManager) GenerateRawCard(cardParams *CardParams) (*RawSignedModel, error)

func (*CardManager) GetCard 

func (c *CardManager) GetCard(cardId string) (*Card, error)

func (*CardManager) ImportCard 

func (c *CardManager) ImportCard(model *RawSignedModel) (*Card, error)

func (*CardManager) ImportCardFromJson 

func (c *CardManager) ImportCardFromJson(json string) (*Card, error)

func (*CardManager) ImportCardFromString 

func (c *CardManager) ImportCardFromString(str string) (*Card, error)

func (*CardManager) PublishCard 

func (c *CardManager) PublishCard(cardParams *CardParams) (*Card, error)

func (*CardManager) PublishRawCard 

func (c *CardManager) PublishRawCard(rawSignedModel *RawSignedModel) (card *Card, err error)

func (*CardManager) PublishRawSignedModel 

func (c *CardManager) PublishRawSignedModel(rawSignedModel *RawSignedModel, tokenContext *TokenContext, token AccessToken) (card *Card, err error)

PublishRawSignedModel left for backwards compatibility

func (*CardManager) RevokeCard 

func (c *CardManager) RevokeCard(cardId string) error

func (*CardManager) SearchCards 

func (c *CardManager) SearchCards(identity string) (Cards, error)

type CardManagerParams 

type CardManagerParams struct {
	ModelSigner         *ModelSigner
	Crypto              cryptoapi.CardCrypto
	AccessTokenProvider AccessTokenProvider
	CardVerifier        CardVerifier
	CardClient          *CardClient
	SignCallback        func(model *RawSignedModel) (signedCard *RawSignedModel, err error)
	ApiUrl              string
}

type CardParams 

type CardParams struct {
	Identity       string
	PublicKey      cryptoapi.PublicKey
	PrivateKey     cryptoapi.PrivateKey
	PreviousCardId string
	ExtraFields    map[string]string
}

func (*CardParams) Validate 

func (c *CardParams) Validate(validateIdentity bool) error

type CardSignature 

type CardSignature struct {
	Signer      string
	Signature   []byte
	ExtraFields map[string]string
	Snapshot    []byte
}

type CardVerifier 

type CardVerifier interface {
	VerifyCard(card *Card) error
}

type CardVerifierError 

type CardVerifierError struct {
	errors.SDKError
}

func ToCardVerifierError 

func ToCardVerifierError(err error) (CardVerifierError, bool)

type Cards 

type Cards []*Card

func (Cards) ExtractPublicKeys 

func (c Cards) ExtractPublicKeys() []interface {
	IsPublic() bool
	Identifier() []byte
}

type CardsAPIError 

type CardsAPIError common.VirgilAPIError

func (CardsAPIError) Error 

func (err CardsAPIError) Error() string

type ConstAccessTokenProvider 

type ConstAccessTokenProvider struct {
	AccessToken AccessToken
}

func (*ConstAccessTokenProvider) GetToken 

func (a *ConstAccessTokenProvider) GetToken(context *TokenContext) (AccessToken, error)

type FileKeyStorage 

type FileKeyStorage struct {
	RootDir string
}

func (*FileKeyStorage) Delete 

func (s *FileKeyStorage) Delete(name string) error

func (*FileKeyStorage) Exists 

func (s *FileKeyStorage) Exists(name string) bool

func (*FileKeyStorage) Load 

func (s *FileKeyStorage) Load(name string) (*StorageItem, error)

func (*FileKeyStorage) Store 

func (s *FileKeyStorage) Store(key *StorageItem) error

type GeneratorJwtProvider 

type GeneratorJwtProvider struct {
	JwtGenerator    *JwtGenerator
	AdditionalData  map[string]interface{}
	DefaultIdentity string
}

func NewGeneratorJwtProvider 

func NewGeneratorJwtProvider(generator *JwtGenerator, additionalData map[string]interface{}, defaultIdentity string) *GeneratorJwtProvider

func (*GeneratorJwtProvider) GetToken 

func (g *GeneratorJwtProvider) GetToken(context *TokenContext) (AccessToken, error)

type Jwt 

type Jwt struct {
	BodyContent *JwtBodyContent

	HeaderContent *JwtHeaderContent

	SignatureContent []byte
	StringContents   string
	// contains filtered or unexported fields
}

func JwtFromString 

func JwtFromString(token string) (*Jwt, error)

func NewJwt 

func NewJwt(header *JwtHeaderContent, body *JwtBodyContent, signature []byte) (*Jwt, error)

func (*Jwt) BodyBase64 

func (j *Jwt) BodyBase64() (string, error)

func (*Jwt) HeaderBase64 

func (j *Jwt) HeaderBase64() (string, error)

func (*Jwt) Identity 

func (j *Jwt) Identity() (string, error)

func (*Jwt) IsExpired 

func (j *Jwt) IsExpired() error

func (*Jwt) IsExpiredDelta 

func (j *Jwt) IsExpiredDelta(delta time.Duration) error

IsExpiredDelta returns error if token expires delta time before it's expiry date

func (*Jwt) SignatureBase64 

func (j *Jwt) SignatureBase64() string

func (*Jwt) String 

func (j *Jwt) String() string

func (*Jwt) Unsigned 

func (j *Jwt) Unsigned() []byte

type JwtBodyContent 

type JwtBodyContent struct {
	AppID          string                 `json:"-"`
	Identity       string                 `json:"-"`
	Issuer         string                 `json:"iss"`
	Subject        string                 `json:"sub"`
	IssuedAt       int64                  `json:"iat"`
	ExpiresAt      int64                  `json:"exp"`
	AdditionalData map[string]interface{} `json:"ada,omitempty"`
}

func NewJwtBodyContent 

func NewJwtBodyContent(appId string, identity string, issuedAt time.Time, expiresAt time.Time, data map[string]interface{}) (*JwtBodyContent, error)

type JwtGenerator 

type JwtGenerator struct {
	ApiKey                 cryptoapi.PrivateKey
	ApiPublicKeyIdentifier string
	AccessTokenSigner      cryptoapi.AccessTokenSigner
	AppId                  string
	TTL                    time.Duration
}

func NewJwtGenerator 

func NewJwtGenerator(apiKey cryptoapi.PrivateKey, apiPublicKeyIdentifier string, signer cryptoapi.AccessTokenSigner, appId string, ttl time.Duration) *JwtGenerator

func (*JwtGenerator) GenerateToken 

func (j *JwtGenerator) GenerateToken(identity string, additionalData map[string]interface{}) (*Jwt, error)

type JwtHeaderContent 

type JwtHeaderContent struct {
	Algorithm   string `json:"alg"`
	Type        string `json:"typ"`
	ContentType string `json:"cty"`
	ApiKeyId    string `json:"kid"`
}

func NewJwtHeaderContent 

func NewJwtHeaderContent(algorithm string, apiKeyId string) (*JwtHeaderContent, error)

type JwtVerifier 

type JwtVerifier struct {
	ApiPublicKey      cryptoapi.PublicKey
	ApiPublicKeyId    string
	AccessTokenSigner cryptoapi.AccessTokenSigner
}

func NewJwtVerifier 

func NewJwtVerifier(apiPublicKey cryptoapi.PublicKey, apiPublicKeyId string, accessTokenSigner cryptoapi.AccessTokenSigner) *JwtVerifier

func (*JwtVerifier) VerifyToken 

func (j *JwtVerifier) VerifyToken(jwtToken *Jwt) error

type KeyStorage 

type KeyStorage interface {
	Store(key *StorageItem) error
	Load(name string) (*StorageItem, error)
	Exists(name string) bool
	Delete(name string) error
}

type ModelSigner 

type ModelSigner struct {
	Crypto cryptoapi.CardCrypto
}

func NewModelSigner 

func NewModelSigner(crypto cryptoapi.CardCrypto) *ModelSigner

func (*ModelSigner) CheckSignatureExists 

func (m *ModelSigner) CheckSignatureExists(model *RawSignedModel, params *SignParams) error

func (*ModelSigner) SelfSign 

func (m *ModelSigner) SelfSign(model *RawSignedModel, privateKey cryptoapi.PrivateKey, extraFields map[string]string) (err error)

func (*ModelSigner) SelfSignRaw 

func (m *ModelSigner) SelfSignRaw(model *RawSignedModel, privateKey cryptoapi.PrivateKey, extraFieldsSnapshot []byte) (err error)

func (*ModelSigner) Sign 

func (m *ModelSigner) Sign(model *RawSignedModel, signer string, privateKey cryptoapi.PrivateKey, extraFields map[string]string) (err error)

func (*ModelSigner) SignRaw 

func (m *ModelSigner) SignRaw(model *RawSignedModel, signer string, privateKey cryptoapi.PrivateKey, extraFieldsSnapshot []byte) (err error)

type RawCardContent 

type RawCardContent struct {
	Identity       string `json:"identity"`
	PublicKey      []byte `json:"public_key"`
	Version        string `json:"version"`
	CreatedAt      int64  `json:"created_at"`
	PreviousCardId string `json:"previous_card_id,omitempty"`
}

type RawCardSignature 

type RawCardSignature struct {
	Signer    string `json:"signer,omitempty"`
	Signature []byte `json:"signature,omitempty"`
	Snapshot  []byte `json:"snapshot,omitempty"`
}

type RawSignedModel 

type RawSignedModel struct {
	ContentSnapshot []byte              `json:"content_snapshot"`
	Signatures      []*RawCardSignature `json:"signatures,omitempty"`
}

func GenerateRawCard 

func GenerateRawCard(crypto cryptoapi.CardCrypto, cardParams *CardParams, createdAt time.Time) (*RawSignedModel, error)

func GenerateRawSignedModelFromJson 

func GenerateRawSignedModelFromJson(json string) (*RawSignedModel, error)

func GenerateRawSignedModelFromString 

func GenerateRawSignedModelFromString(str string) (*RawSignedModel, error)

func ParseCard 

func ParseCard(crypto cryptoapi.CardCrypto, card *Card) (*RawSignedModel, error)

func (*RawSignedModel) ExportAsBase64EncodedString 

func (r *RawSignedModel) ExportAsBase64EncodedString() (string, error)

func (*RawSignedModel) ExportAsJson 

func (r *RawSignedModel) ExportAsJson() (string, error)

type SignParams 

type SignParams struct {
	SignerPrivateKey cryptoapi.PrivateKey
	Signer           string
}

func (*SignParams) Validate 

func (s *SignParams) Validate() error

type StorageItem 

type StorageItem struct {
	Name string
	Data []byte
	Meta map[string]string
}

type TokenContext 

type TokenContext struct {
	Identity    string
	Operation   string
	Service     string
	ForceReload bool
}

type VerifierCredentials 

type VerifierCredentials struct {
	Signer    string
	PublicKey cryptoapi.PublicKey
}

type VirgilCardVerifier 

type VirgilCardVerifier struct {
	Crypto                cryptoapi.CardCrypto
	VerifySelfSignature   bool
	VerifyVirgilSignature bool
	Whitelists            []*Whitelist
	// contains filtered or unexported fields
}

func NewVirgilCardVerifier 

func NewVirgilCardVerifier(crypto cryptoapi.CardCrypto, verifySelfSignature, verifyVirgilSignature bool, whitelists ...*Whitelist) (*VirgilCardVerifier, error)

func (*VirgilCardVerifier) GetPublicKeyFromBase64 

func (v *VirgilCardVerifier) GetPublicKeyFromBase64(str string) (cryptoapi.PublicKey, error)

func (*VirgilCardVerifier) ReplaceVirgilPublicKey 

func (v *VirgilCardVerifier) ReplaceVirgilPublicKey(newKey string) error

func (*VirgilCardVerifier) SelfCheck 

func (v *VirgilCardVerifier) SelfCheck() error

func (*VirgilCardVerifier) SetWhitelists 

func (v *VirgilCardVerifier) SetWhitelists(whitelists []*Whitelist)

func (*VirgilCardVerifier) ValidateSignerSignature 

func (v *VirgilCardVerifier) ValidateSignerSignature(card *Card, signer string, publicKey cryptoapi.PublicKey) error

func (*VirgilCardVerifier) VerifyCard 

func (v *VirgilCardVerifier) VerifyCard(card *Card) error

type VirgilPrivateKeyStorage 

type VirgilPrivateKeyStorage struct {
	PrivateKeyExporter cryptoapi.PrivateKeyExporter
	KeyStorage         KeyStorage
}

func (*VirgilPrivateKeyStorage) Delete 

func (v *VirgilPrivateKeyStorage) Delete(name string) error

func (*VirgilPrivateKeyStorage) Load 

func (v *VirgilPrivateKeyStorage) Load(name string) (key interface {
	IsPrivate() bool
	Identifier() []byte
}, meta map[string]string, err error)

func (*VirgilPrivateKeyStorage) Store 

func (v *VirgilPrivateKeyStorage) Store(key interface {
	IsPrivate() bool
	Identifier() []byte
}, name string, meta map[string]string) error

type Whitelist 

type Whitelist struct {
	VerifierCredentials []*VerifierCredentials
}

func NewWhitelist 

func NewWhitelist(credentials ...*VerifierCredentials) *Whitelist

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.