duros

package module

v0.5.6 Latest Latest Go to latest Published: Sep 18, 2025 License: MIT Imports: 25 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/metal-stack/duros-go

Links

Open Source Insights

README ¶

duros-go

A lightbits duros api go client library.

A usage example can be found here.

Documentation ¶

Index ¶

func Dial(config DialConfig) (durosv2.DurosAPIClient, error)
func NewJWTToken(subject, issuer string, kid string, roles []string, expires time.Duration, ...) (string, error)
func NewJWTTokenForCredential(subject, issuer string, credential *v2.Credential, roles []string, ...) (string, error)
type ByteCredentials
type Credentials
type DialConfig
type GRPCScheme
type MockClient
- func NewMock(c v2.DurosAPIClient) *MockClient

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewJWTToken ¶

func NewJWTToken(subject, issuer string, kid string, roles []string, expires time.Duration, keyPair *rsa.PrivateKey) (string, error)

NewJWTToken create a JWT Token to use to authenticate against a duros API endpoint

subject: 'sub' claim, who will be using this JWT, example a persons or tenants name kid: this is the "key ID", the name of the credential (pub key) as uploaded to LightOS. it is of the form "<scope>:<name>", e.g.:

  system:root - your root pub key, installed during system deployment
  tenant-foo:first-cred - pub key of tenant tenant-foo uploaded as credential named first-cred.
the JWTs are validated using the specific pub keys, so a corresponding
credential must already exist in LightOS.

roles: list of roles this token should contain, must be in the form of

foo:admin which gives this user  (subject) admin rights to the foo resource

expires: Duration after which this token will expire. keyPair: RSA public and private key which should be used to sign this token

func NewJWTTokenForCredential ¶

func NewJWTTokenForCredential(subject, issuer string, credential *v2.Credential, roles []string, expires time.Duration, keyPair *rsa.PrivateKey) (string, error)

NewJWTTokenForCredential create a new JWTToken where subject and kid is taken from the credential

Types ¶

type ByteCredentials ¶ added in v0.1.2

type ByteCredentials struct {
	ServerName string
	Cert       []byte
	Key        []byte
	CA         []byte
}

Credentials specify the TLS Certificate based authentication for the grpc connection without having to use certificate files. If you provide credentials, provide either these or file path credentials but not both.

type Credentials ¶

type Credentials struct {
	ServerName string
	Certfile   string
	Keyfile    string
	CAFile     string
}

Credentials specify the TLS Certificate based authentication for the grpc connection If you provide credentials, provide either these or byte credentials but not both.

type DialConfig ¶

type DialConfig struct {
	Endpoint        string
	Scheme          GRPCScheme
	Token           string
	Credentials     *Credentials
	ByteCredentials *ByteCredentials
	Log             *slog.Logger
	// UserAgent to use, if empty duros-go is used
	UserAgent string
}

DialConfig is the configuration to create a duros-api connection

type GRPCScheme ¶

type GRPCScheme string

GRPCScheme the scheme to talk to the duros api endpoint, can be plaintext or https

const (
	// GRPC defines a plaitext communication
	GRPC GRPCScheme = "grpc"
	// GRPCS defines https protocol for the communication
	GRPCS GRPCScheme = "grpcs"
)

type MockClient ¶

type MockClient struct {
	// contains filtered or unexported fields
}

func NewMock ¶

func NewMock(c v2.DurosAPIClient) *MockClient

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
api
duros/v2
duros/v2/mocks
github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger/options
cmd
cli command

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL