Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type RoleToken ¶
type RoleToken struct {
Version string // the token version e.g. S1, U1
Domain string // domain for which token is valid
RoleNames []string // list of comma separated roles
DomainCompleteRoleSet bool // the list of roles is complete in domain
Principal string // principal that got the token was generated
GenerationTime int64 // time token was generated, nano second
ExpiryTime int64 // time token expires, nano second
KeyId string // identifier - either version or zone name
Salt string // a random 8 byte salt inner[1] hex encoded
HostName string // host that issued this role token
IPAddress string // ip address that issued this role token
Signature string // signature generated over the roleToken string using Service's private Key and y64 encoded
SignedToken string // roleToken in string format
UnsignedToken string // roleToken with out signature to be validate
AthenzTokenNoExpiry bool // roleToken can be expired for false or can live for ever for true
AthenzTokenMaxExpiry int64 // maximum lifetime of the roleToken
}
func NewRoleToken ¶
create new roleToken by a roleToken string that created by zpe
func (*RoleToken) Validate ¶
func (roleToken *RoleToken) Validate(publicKey string, allowedOffset int64, allowNoExpiry bool) (bool, error)
validate roleToken by checking field like public key, signature and unsignedToken this fields must not be empty. checking generated time and expiry time and then verify the roleToken by checking public key and hashing of data and signature.
Source Files
Click to show internal directories.
Click to hide internal directories.