rotationutil

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2024 License: Apache-2.0 Imports: 4 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func JWTSVIDExpired 

func JWTSVIDExpired(svid *client.JWTSVID, now time.Time) bool

JWTSVIDExpired returns true if the given SVID is expired.

func X509Expired added in v0.10.1 

func X509Expired(now time.Time, cert *x509.Certificate) bool

X509Expired returns true if the given X509 cert has expired

Types

type RotationStrategy added in v1.8.7 

type RotationStrategy struct {
	// contains filtered or unexported fields
}

func NewRotationStrategy added in v1.8.7 

func NewRotationStrategy(x509AvailabilityTarget time.Duration) *RotationStrategy

func (*RotationStrategy) JWTSVIDExpiresSoon added in v1.8.7 

func (rs *RotationStrategy) JWTSVIDExpiresSoon(svid *client.JWTSVID, now time.Time) bool

JWTSVIDExpiresSoon determines if the given JWT SVID should be rotated based on presented current time, the JWT's expiration. Also returns true if the JWT is already expired.

func (*RotationStrategy) ShouldFallbackX509DefaultRotation added in v1.8.7 

func (rs *RotationStrategy) ShouldFallbackX509DefaultRotation(lifetime time.Duration) bool

ShouldFallbackX509DefaultRotation returns true if the availability target is configured but the value is not enough against the SVID lifetime.

func (*RotationStrategy) ShouldRotateX509 added in v1.8.7 

func (rs *RotationStrategy) ShouldRotateX509(now time.Time, cert *x509.Certificate) bool

ShouldRotateX509 determines if a given SVID should be rotated, based on presented current time, and the certificate's expiration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.