server

package
v0.5.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2022 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source 
const AssetDebug = false

AssetDebug is true if the assets were built with the debug flag enabled.

Variables

View Source 
var (
	CookieAuthorizationName = "auth"
	CookieLoginName         = "login"
	CookieDomain            = ""
	CookiePath              = "/"
	// while these vars look goofy, they avoid "magic number" arguments to SetCookie
	CookieHTTPOnlyNotJavascriptAccessible = true    // setting HttpOnly to true means JS can't access it.
	CookieSecureHTTPSOnly                 = true    // setting Secure to true means the cookie is only sent over https connections
	CookieMaxAgeDeleteImmediately         = int(-1) // <0: delete immediately
	CookieMaxAgeNoExpiry                  = int(0)  // zero has special meaning of "no expiry"
)

Functions

func Asset 

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDigest added in v0.5.8 

func AssetDigest(name string) ([sha256.Size]byte, error)

AssetDigest returns the digest of the file with the given name. It returns an error if the asset could not be found or the digest could not be loaded.

func AssetDir 

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy: 

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"}, AssetDir("data/img") would return []string{"a.png", "b.png"}, AssetDir("foo.txt") and AssetDir("notexist") would return an error, and AssetDir("") will return []string{"data"}.

func AssetInfo 

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames 

func AssetNames() []string

AssetNames returns the names of the assets.

func AssetString added in v0.5.8 

func AssetString(name string) (string, error)

AssetString returns the asset contents as a string (instead of a []byte).

func AuthenticationMiddleware added in v0.5.4 

func AuthenticationMiddleware() gin.HandlerFunc

AuthenticationMiddleware validates the incoming token

func DatabaseMiddleware added in v0.5.4 

func DatabaseMiddleware(db *gorm.DB) gin.HandlerFunc

DatabaseMiddleware injects a `db` object into the Gin context.

func Digests added in v0.5.8 

func Digests() (map[string][sha256.Size]byte, error)

Digests returns a map of all known files and their checksums.

func MustAsset 

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func MustAssetString added in v0.5.8 

func MustAssetString(name string) string

MustAssetString is like AssetString but panics when Asset would return an error. It simplifies safe initialization of global variables.

func NewAPIMux added in v0.5.4 

func NewAPIMux(server *Server, router *gin.RouterGroup)

func RequestTimeoutMiddleware added in v0.5.4 

func RequestTimeoutMiddleware() gin.HandlerFunc

RequestTimeoutMiddleware adds a timeout to the request context within the Gin context. To correctly abort long-running requests, this depends on the users of the context to stop working when the context cancels. Note: The goroutine for the request is never halted; if the context is not passed down to lower packages and long-running tasks, then the app will not magically stop working on the request. No effort should be made to write an early http response here; it's up to the users of the context to watch for c.Request.Context().Err() or <-c.Request.Context().Done()

func RequireAccessKey added in v0.5.4 

func RequireAccessKey(c *gin.Context) error

RequireAccessKey checks the bearer token is present and valid

func RestoreAsset 

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory.

func RestoreAssets 

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively.

func Run 

func Run(options Options) (err error)

func SetupMetrics added in v0.5.4 

func SetupMetrics(db *gorm.DB) error

Types

type API added in v0.5.4 

type API struct {
	// contains filtered or unexported fields
}

func (*API) CreateAccessKey added in v0.5.4 

func (a *API) CreateAccessKey(c *gin.Context, r *api.CreateAccessKeyRequest) (*api.CreateAccessKeyResponse, error)

func (*API) CreateDestination added in v0.5.4 

func (a *API) CreateDestination(c *gin.Context, r *api.CreateDestinationRequest) (*api.Destination, error)

func (*API) CreateGrant added in v0.5.4 

func (a *API) CreateGrant(c *gin.Context, r *api.CreateGrantRequest) (*api.Grant, error)

func (*API) CreateGroup added in v0.5.4 

func (a *API) CreateGroup(c *gin.Context, r *api.CreateGroupRequest) (*api.Group, error)

func (*API) CreateMachine added in v0.5.4 

func (a *API) CreateMachine(c *gin.Context, r *api.CreateMachineRequest) (*api.Machine, error)

func (*API) CreateProvider added in v0.5.4 

func (a *API) CreateProvider(c *gin.Context, r *api.CreateProviderRequest) (*api.Provider, error)

func (*API) CreateToken added in v0.5.4 

func (a *API) CreateToken(c *gin.Context, r *api.CreateTokenRequest) (*api.CreateTokenResponse, error)

func (*API) CreateUser added in v0.5.4 

func (a *API) CreateUser(c *gin.Context, r *api.CreateUserRequest) (*api.User, error)

func (*API) DeleteAccessKey added in v0.5.4 

func (a *API) DeleteAccessKey(c *gin.Context, r *api.Resource) error

func (*API) DeleteDestination added in v0.5.4 

func (a *API) DeleteDestination(c *gin.Context, r *api.Resource) error

func (*API) DeleteGrant added in v0.5.4 

func (a *API) DeleteGrant(c *gin.Context, r *api.Resource) error

func (*API) DeleteMachine added in v0.5.4 

func (a *API) DeleteMachine(c *gin.Context, r *api.Resource) error

func (*API) DeleteProvider added in v0.5.4 

func (a *API) DeleteProvider(c *gin.Context, r *api.Resource) error

func (*API) GetDestination added in v0.5.4 

func (a *API) GetDestination(c *gin.Context, r *api.Resource) (*api.Destination, error)

func (*API) GetGrant added in v0.5.4 

func (a *API) GetGrant(c *gin.Context, r *api.Resource) (*api.Grant, error)

func (*API) GetGroup added in v0.5.4 

func (a *API) GetGroup(c *gin.Context, r *api.Resource) (*api.Group, error)

func (*API) GetMachine added in v0.5.8 

func (a *API) GetMachine(c *gin.Context, r *api.Resource) (*api.Machine, error)

func (*API) GetProvider added in v0.5.4 

func (a *API) GetProvider(c *gin.Context, r *api.Resource) (*api.Provider, error)

caution: this endpoint is unauthenticated, do not return sensitive info

func (*API) GetUser added in v0.5.4 

func (a *API) GetUser(c *gin.Context, r *api.Resource) (*api.User, error)

func (*API) Introspect added in v0.5.8 

func (a *API) Introspect(c *gin.Context, r *api.EmptyRequest) (*api.Introspect, error)

Introspect is used by clients to get info about the token they are using

func (*API) ListAccessKeys added in v0.5.4 

func (a *API) ListAccessKeys(c *gin.Context, r *api.ListAccessKeysRequest) ([]api.AccessKey, error)

func (*API) ListDestinations added in v0.5.4 

func (a *API) ListDestinations(c *gin.Context, r *api.ListDestinationsRequest) ([]api.Destination, error)

func (*API) ListGrants added in v0.5.4 

func (a *API) ListGrants(c *gin.Context, r *api.ListGrantsRequest) ([]api.Grant, error)

func (*API) ListGroupGrants added in v0.5.4 

func (a *API) ListGroupGrants(c *gin.Context, r *api.Resource) ([]api.Grant, error)

func (*API) ListGroups added in v0.5.4 

func (a *API) ListGroups(c *gin.Context, r *api.ListGroupsRequest) ([]api.Group, error)

func (*API) ListMachineGrants added in v0.5.8 

func (a *API) ListMachineGrants(c *gin.Context, r *api.Resource) ([]api.Grant, error)

func (*API) ListMachines added in v0.5.4 

func (a *API) ListMachines(c *gin.Context, r *api.ListMachinesRequest) ([]api.Machine, error)

func (*API) ListProviders added in v0.5.4 

func (a *API) ListProviders(c *gin.Context, r *api.ListProvidersRequest) ([]api.Provider, error)

caution: this endpoint is unauthenticated, do not return sensitive info

func (*API) ListUserGrants added in v0.5.4 

func (a *API) ListUserGrants(c *gin.Context, r *api.Resource) ([]api.Grant, error)

func (*API) ListUserGroups added in v0.5.4 

func (a *API) ListUserGroups(c *gin.Context, r *api.Resource) ([]api.Group, error)

func (*API) ListUsers added in v0.5.4 

func (a *API) ListUsers(c *gin.Context, r *api.ListUsersRequest) ([]api.User, error)

func (*API) Login added in v0.5.4 

func (a *API) Login(c *gin.Context, r *api.LoginRequest) (*api.LoginResponse, error)

func (*API) Logout added in v0.5.4 

func (a *API) Logout(c *gin.Context, r *api.EmptyRequest) (*api.EmptyResponse, error)

func (*API) Setup added in v0.5.9 

func (a *API) Setup(c *gin.Context, _ *api.EmptyRequest) (*api.CreateAccessKeyResponse, error)

func (*API) SetupRequired added in v0.5.9 

func (a *API) SetupRequired(c *gin.Context, _ *api.EmptyRequest) (*api.SetupRequiredResponse, error)

func (*API) UpdateDestination added in v0.5.4 

func (a *API) UpdateDestination(c *gin.Context, r *api.UpdateDestinationRequest) (*api.Destination, error)

func (*API) UpdateProvider added in v0.5.4 

func (a *API) UpdateProvider(c *gin.Context, r *api.UpdateProviderRequest) (*api.Provider, error)

func (*API) Version added in v0.5.4 

func (a *API) Version(c *gin.Context, r *api.EmptyRequest) (*api.Version, error)

type Config 

type Config struct {
	Providers []Provider `mapstructure:"providers" validate:"dive"`
	Grants    []Grant    `mapstructure:"grants" validate:"dive"`
}

type Grant added in v0.5.9 

type Grant struct {
	User     string `mapstructure:"user" validate:"excluded_with=Group,excluded_with=Machine"`
	Group    string `mapstructure:"group" validate:"excluded_with=User,excluded_with=Machine"`
	Machine  string `mapstructure:"machine" validate:"excluded_with=User,excluded_with=Group"`
	Provider string `mapstructure:"provider"`
	Role     string `mapstructure:"role" validate:"required"`
	Resource string `mapstructure:"resource" validate:"required"`
}

type KeyProvider added in v0.5.4 

type KeyProvider struct {
	Kind   string      `yaml:"kind" validate:"required"`
	Config interface{} // contains secret-provider-specific config
}

func (*KeyProvider) UnmarshalYAML added in v0.5.4 

func (sp *KeyProvider) UnmarshalYAML(unmarshal func(interface{}) error) error

type Options added in v0.5.4 

type Options struct {
	TLSCache             string        `mapstructure:"tlsCache"`
	AdminAccessKey       string        `mapstructure:"adminAccessKey"`
	AccessKey            string        `mapstructure:"accessKey"`
	EnableTelemetry      bool          `mapstructure:"enableTelemetry"`
	EnableCrashReporting bool          `mapstructure:"enableCrashReporting"`
	EnableUI             bool          `mapstructure:"enableUI"`
	UIProxyURL           string        `mapstructure:"uiProxyURL"`
	EnableSetup          bool          `mapstructure:"enableSetup"`
	SessionDuration      time.Duration `mapstructure:"sessionDuration"`

	DBFile                  string `mapstructure:"dbFile" `
	DBEncryptionKey         string `mapstructure:"dbEncryptionKey"`
	DBEncryptionKeyProvider string `mapstructure:"dbEncryptionKeyProvider"`
	DBHost                  string `mapstructure:"dbHost" `
	DBPort                  int    `mapstructure:"dbPort"`
	DBName                  string `mapstructure:"dbName"`
	DBUser                  string `mapstructure:"dbUser"`
	DBPassword              string `mapstructure:"dbPassword"`
	DBParameters            string `mapstructure:"dbParameters"`

	Keys    []KeyProvider    `mapstructure:"keys"`
	Secrets []SecretProvider `mapstructure:"secrets"`

	Config `mapstructure:",squash"`

	NetworkEncryption           string `mapstructure:"networkEncryption"` // mtls (default), e2ee, none.
	TrustInitialClientPublicKey string `mapstructure:"trustInitialClientPublicKey"`
	InitialRootCACert           string `mapstructure:"initialRootCACert"`
	InitialRootCAPublicKey      string `mapstructure:"initialRootCAPublicKey"`
	FullKeyRotationInDays       int    `mapstructure:"fullKeyRotationInDays"` // 365 default
}

type Provider 

type Provider struct {
	Name         string `mapstructure:"name" validate:"required"`
	URL          string `mapstructure:"url" validate:"required"`
	ClientID     string `mapstructure:"clientID" validate:"required"`
	ClientSecret string `mapstructure:"clientSecret" validate:"required"`
}

type ReqHandlerFunc added in v0.5.4 

type ReqHandlerFunc[Req any] func(c *gin.Context, req *Req) error

type ReqResHandlerFunc added in v0.5.4 

type ReqResHandlerFunc[Req, Res any] func(c *gin.Context, req *Req) (Res, error)

type ResHandlerFunc added in v0.5.4 

type ResHandlerFunc[Res any] func(c *gin.Context) (Res, error)

type SecretProvider added in v0.5.4 

type SecretProvider struct {
	Kind   string      `yaml:"kind" validate:"required"`
	Name   string      `yaml:"name"` // optional
	Config interface{} // contains secret-provider-specific config
}

func (*SecretProvider) UnmarshalYAML added in v0.5.4 

func (sp *SecretProvider) UnmarshalYAML(unmarshal func(interface{}) error) error

type Server added in v0.5.4 

type Server struct {
	// contains filtered or unexported fields
}

type StaticFileSystem 

type StaticFileSystem struct {
	// contains filtered or unexported fields
}

func (StaticFileSystem) Exists added in v0.5.8 

func (sfs StaticFileSystem) Exists(prefix string, filepath string) bool

func (StaticFileSystem) Open 

func (sfs StaticFileSystem) Open(name string) (http.File, error)

type Telemetry added in v0.5.4 

type Telemetry struct {
	// contains filtered or unexported fields
}

func NewTelemetry added in v0.5.4 

func NewTelemetry(db *gorm.DB) (*Telemetry, error)

func (*Telemetry) Close added in v0.5.4 

func (t *Telemetry) Close()

func (*Telemetry) Enqueue added in v0.5.4 

func (t *Telemetry) Enqueue(track analytics.Track) error

func (*Telemetry) EnqueueHeartbeat added in v0.5.4 

func (t *Telemetry) EnqueueHeartbeat() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.