authentication

package

v0.0.1-beta Latest Latest Go to latest Published: Jun 12, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/coinbase/baseca

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CheckPassword(password string, hashedPassword string) error
func GenerateClientToken(n int) (string, error)
func HashPassword(password string) (string, error)
type Auth
- func NewAuthSigningMetadata(c *Client) (Auth, error)
type ClaimProps
type Claims
- func (c *Claims) Valid() error
type Client
- func BuildSigningClient(config *config.Config) (*Client, error)
type EnrollmentPayload
type Header
type KmsClientIface
type ServicePayload

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrExpiredToken = errors.New("token has expired")
	ErrInvalidToken = errors.New("token is invalid")
)

Functions ¶

func CheckPassword ¶

func CheckPassword(password string, hashedPassword string) error

func GenerateClientToken ¶

func GenerateClientToken(n int) (string, error)

func HashPassword ¶

func HashPassword(password string) (string, error)

Types ¶

type Auth ¶

type Auth interface {
	Issue(context.Context, ClaimProps) (*string, error)
	Verify(context.Context, string) (*Claims, error)
}

func NewAuthSigningMetadata ¶

func NewAuthSigningMetadata(c *Client) (Auth, error)

type ClaimProps ¶

type ClaimProps struct {
	Subject         uuid.UUID
	Permission      string
	ValidForMinutes int64
}

type Claims ¶

type Claims struct {
	Permission string    `json:"permission"`
	Subject    uuid.UUID `json:"sub"`
	IssuedAt   time.Time `json:"iss"`
	ExpiresAt  time.Time `json:"exp"`
	NotBefore  time.Time `json:"not_before"`
}

func (*Claims) Valid ¶

func (c *Claims) Valid() error

type Client ¶

type Client struct {
	KmsClient        KmsClientIface
	KeyId            string
	SigningAlgorithm string
}

func BuildSigningClient ¶

func BuildSigningClient(config *config.Config) (*Client, error)

type EnrollmentPayload ¶

type EnrollmentPayload struct {
	SerialNumber string `json:"serial_number"`
}

type Header ¶

type Header struct {
	Algorithm string
	Type      string
	KeyId     string
}

type KmsClientIface ¶

type KmsClientIface interface {
	Sign(ctx context.Context, params *kms.SignInput, optFns ...func(*kms.Options)) (*kms.SignOutput, error)
	Verify(ctx context.Context, params *kms.VerifyInput, optFns ...func(*kms.Options)) (*kms.VerifyOutput, error)
}

type ServicePayload ¶

type ServicePayload struct {
	ServiceID                   uuid.UUID `json:"service_id"`
	ServiceAccount              string    `json:"service_account"`
	Environment                 string    `json:"environment"`
	ValidSubjectAlternateName   []string  `json:"subject_alternate_name"`
	ValidCertificateAuthorities []string  `json:"certificate_authorities"`
	CertificateValidity         int16     `json:"certificate_validity"`
	SubordinateCa               string    `json:"subordinate_ca"`
	ExtendedKey                 string    `json:"certificate_request_extension"`
	SANRegularExpression        string    `json:"regular_expression"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL