Documentation
¶
Index ¶
- Constants
- Variables
- func RegisterIdentityServer(s grpc.ServiceRegistrar, srv IdentityServer)
- type CertifyRequest
- func (*CertifyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *CertifyRequest) GetCertificateSigningRequest() []byte
- func (x *CertifyRequest) GetIdentity() string
- func (x *CertifyRequest) GetToken() []byte
- func (*CertifyRequest) ProtoMessage()
- func (x *CertifyRequest) ProtoReflect() protoreflect.Message
- func (x *CertifyRequest) Reset()
- func (x *CertifyRequest) String() string
- type CertifyResponse
- func (*CertifyResponse) Descriptor() ([]byte, []int)deprecated
- func (x *CertifyResponse) GetIntermediateCertificates() [][]byte
- func (x *CertifyResponse) GetLeafCertificate() []byte
- func (x *CertifyResponse) GetValidUntil() *timestamp.Timestamp
- func (*CertifyResponse) ProtoMessage()
- func (x *CertifyResponse) ProtoReflect() protoreflect.Message
- func (x *CertifyResponse) Reset()
- func (x *CertifyResponse) String() string
- type IdentityClient
- type IdentityServer
- type UnimplementedIdentityServer
- type UnsafeIdentityServer
Constants ¶
View Source
const (
Identity_Certify_FullMethodName = "/io.linkerd.proxy.identity.Identity/Certify"
)
Variables ¶
View Source
var File_identity_proto protoreflect.FileDescriptor
View Source
var Identity_ServiceDesc = grpc.ServiceDesc{ ServiceName: "io.linkerd.proxy.identity.Identity", HandlerType: (*IdentityServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "Certify", Handler: _Identity_Certify_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "identity.proto", }
Identity_ServiceDesc is the grpc.ServiceDesc for Identity service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func RegisterIdentityServer ¶
func RegisterIdentityServer(s grpc.ServiceRegistrar, srv IdentityServer)
Types ¶
type CertifyRequest ¶
type CertifyRequest struct {
Identity string `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
// Proof of the requester's identity.
//
// In Kubernetes, for instance, this is the contents of a service account
// token.
Token []byte `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"`
// A PEM-encoded x509 Certificate Signing Request.
CertificateSigningRequest []byte `` /* 138-byte string literal not displayed */
// contains filtered or unexported fields
}
func (*CertifyRequest) Descriptor
deprecated
func (*CertifyRequest) Descriptor() ([]byte, []int)
Deprecated: Use CertifyRequest.ProtoReflect.Descriptor instead.
func (*CertifyRequest) GetCertificateSigningRequest ¶
func (x *CertifyRequest) GetCertificateSigningRequest() []byte
func (*CertifyRequest) GetIdentity ¶
func (x *CertifyRequest) GetIdentity() string
func (*CertifyRequest) GetToken ¶
func (x *CertifyRequest) GetToken() []byte
func (*CertifyRequest) ProtoMessage ¶
func (*CertifyRequest) ProtoMessage()
func (*CertifyRequest) ProtoReflect ¶ added in v0.1.13
func (x *CertifyRequest) ProtoReflect() protoreflect.Message
func (*CertifyRequest) Reset ¶
func (x *CertifyRequest) Reset()
func (*CertifyRequest) String ¶
func (x *CertifyRequest) String() string
type CertifyResponse ¶
type CertifyResponse struct {
// A PEM-encoded x509 Certificate.
LeafCertificate []byte `protobuf:"bytes,1,opt,name=leaf_certificate,json=leafCertificate,proto3" json:"leaf_certificate,omitempty"`
// A list of PEM-encoded x509 Certificates that establish the trust chain
// between the leaf_certificate and the well-known trust anchors.
IntermediateCertificates [][]byte `` /* 133-byte string literal not displayed */
ValidUntil *timestamp.Timestamp `protobuf:"bytes,3,opt,name=valid_until,json=validUntil,proto3" json:"valid_until,omitempty"`
// contains filtered or unexported fields
}
func (*CertifyResponse) Descriptor
deprecated
func (*CertifyResponse) Descriptor() ([]byte, []int)
Deprecated: Use CertifyResponse.ProtoReflect.Descriptor instead.
func (*CertifyResponse) GetIntermediateCertificates ¶
func (x *CertifyResponse) GetIntermediateCertificates() [][]byte
func (*CertifyResponse) GetLeafCertificate ¶
func (x *CertifyResponse) GetLeafCertificate() []byte
func (*CertifyResponse) GetValidUntil ¶
func (x *CertifyResponse) GetValidUntil() *timestamp.Timestamp
func (*CertifyResponse) ProtoMessage ¶
func (*CertifyResponse) ProtoMessage()
func (*CertifyResponse) ProtoReflect ¶ added in v0.1.13
func (x *CertifyResponse) ProtoReflect() protoreflect.Message
func (*CertifyResponse) Reset ¶
func (x *CertifyResponse) Reset()
func (*CertifyResponse) String ¶
func (x *CertifyResponse) String() string
type IdentityClient ¶
type IdentityClient interface {
// Requests that a time-bounded certificate be signed.
//
// The requester must provide a token that verifies the client's identity and
// a Certificate Signing Request that adheres to the service naming rules.
//
// Errors are returned when the provided request is invalid or when
// authentication cannot be performed.
Certify(ctx context.Context, in *CertifyRequest, opts ...grpc.CallOption) (*CertifyResponse, error)
}
IdentityClient is the client API for Identity service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewIdentityClient ¶
func NewIdentityClient(cc grpc.ClientConnInterface) IdentityClient
type IdentityServer ¶
type IdentityServer interface {
// Requests that a time-bounded certificate be signed.
//
// The requester must provide a token that verifies the client's identity and
// a Certificate Signing Request that adheres to the service naming rules.
//
// Errors are returned when the provided request is invalid or when
// authentication cannot be performed.
Certify(context.Context, *CertifyRequest) (*CertifyResponse, error)
// contains filtered or unexported methods
}
IdentityServer is the server API for Identity service. All implementations must embed UnimplementedIdentityServer for forward compatibility.
type UnimplementedIdentityServer ¶ added in v0.1.13
type UnimplementedIdentityServer struct{}
UnimplementedIdentityServer must be embedded to have forward compatible implementations.
NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.
func (UnimplementedIdentityServer) Certify ¶ added in v0.1.13
func (UnimplementedIdentityServer) Certify(context.Context, *CertifyRequest) (*CertifyResponse, error)
type UnsafeIdentityServer ¶ added in v0.2.0
type UnsafeIdentityServer interface {
// contains filtered or unexported methods
}
UnsafeIdentityServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to IdentityServer will result in compilation errors.
Source Files
Click to show internal directories.
Click to hide internal directories.