http

package
v0.13.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 18, 2026 License: MPL-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Handler 

func Handler(props *HandlerProperties) http.Handler

Handler creates and returns the main HTTP handler for Warden.

Types

type ErrorResponse 

type ErrorResponse struct {
	Errors []string `json:"errors"`
}

ErrorResponse represents a JSON error response

type HandlerProperties 

type HandlerProperties struct {
	Core   *core.Core
	Logger *logger.GatedLogger

	// ClusterTLSConfigFunc returns the current cluster mTLS config for
	// forwarding requests from standby to active. When nil, forwarding
	// uses plain HTTP (backward compatible).
	ClusterTLSConfigFunc func() *tls.Config

	// ForwardingTimeout overrides the default forwarding timeout.
	// Zero means use the default (60s).
	ForwardingTimeout time.Duration
}

HandlerProperties contains configuration for the HTTP handler

type HealthResponse added in v0.2.0 

type HealthResponse struct {
	Initialized   bool  `json:"initialized"`
	Sealed        bool  `json:"sealed"`
	Standby       bool  `json:"standby"`
	ServerTimeUTC int64 `json:"server_time_utc"`
}

HealthResponse represents the response from the health endpoint.

type InitRequest 

type InitRequest struct {
	// SecretShares specifies the number of shares to split the root key into.
	SecretShares int `json:"secret_shares"`

	// SecretThreshold specifies the number of shares required to reconstruct the root key.
	// This must be less than or equal to SecretShares.
	SecretThreshold int `json:"secret_threshold"`

	// PGPKeys specifies an array of PGP public keys used to encrypt the output unseal keys.
	// The keys must be base64-encoded from their original binary representation.
	// The size of this array must be the same as SecretShares.
	PGPKeys []string `json:"pgp_keys,omitempty"`

	// RootTokenPGPKey specifies a PGP public key used to encrypt the initial root token.
	// The key must be base64-encoded from its original binary representation.
	RootTokenPGPKey string `json:"root_token_pgp_key,omitempty"`

	// StoredShares specifies the number of shares that should be encrypted by the HSM
	// and stored for auto-unsealing. Currently must be the same as SecretShares.
	// Only supported when using Auto Unseal.
	StoredShares int `json:"stored_shares,omitempty"`

	// RecoveryShares specifies the number of shares to split the recovery key into.
	// Only available when using Auto Unseal.
	RecoveryShares int `json:"recovery_shares,omitempty"`

	// RecoveryThreshold specifies the number of shares required to reconstruct the recovery key.
	// This must be less than or equal to RecoveryShares.
	// Only available when using Auto Unseal.
	RecoveryThreshold int `json:"recovery_threshold,omitempty"`

	// RecoveryPGPKeys specifies an array of PGP public keys used to encrypt the output recovery keys.
	// The keys must be base64-encoded from their original binary representation.
	// The size of this array must be the same as RecoveryShares.
	// Only available when using Auto Unseal.
	RecoveryPGPKeys []string `json:"recovery_pgp_keys,omitempty"`
}

InitRequest represents the request body for the init operation

type InitResponse 

type InitResponse struct {
	// Keys contains the unseal keys (hex-encoded)
	Keys []string `json:"keys,omitempty"`

	// KeysBase64 contains the base64-encoded unseal keys
	KeysBase64 []string `json:"keys_base64,omitempty"`

	// RecoveryKeys contains the recovery keys (for auto-unseal, hex-encoded)
	RecoveryKeys []string `json:"recovery_keys,omitempty"`

	// RecoveryKeysBase64 contains the base64-encoded recovery keys
	RecoveryKeysBase64 []string `json:"recovery_keys_base64,omitempty"`

	// RootToken is the generated root token for system administration
	RootToken string `json:"root_token"`
}

InitResponse represents the response from the init operation

type InitStatusResponse 

type InitStatusResponse struct {
	Initialized bool `json:"initialized"`
}

InitStatusResponse represents the response from the init status check

type LeaderResponse added in v0.2.0 

type LeaderResponse struct {
	HAEnabled     bool   `json:"ha_enabled"`
	IsSelf        bool   `json:"is_self"`
	LeaderAddress string `json:"leader_address"`
	ActiveTime    string `json:"active_time,omitempty"`
}

LeaderResponse represents the response from the leader endpoint.

type ReadyResponse added in v0.2.0 

type ReadyResponse struct {
	Ready         bool  `json:"ready"`
	Initialized   bool  `json:"initialized"`
	Sealed        bool  `json:"sealed"`
	Standby       bool  `json:"standby"`
	ServerTimeUTC int64 `json:"server_time_utc"`
}

ReadyResponse represents the response from the readiness endpoint.

type SealStatusResponse added in v0.2.0 

type SealStatusResponse struct {
	Sealed      bool `json:"sealed"`
	Initialized bool `json:"initialized"`
	HAEnabled   bool `json:"ha_enabled"`
}

SealStatusResponse represents the response from the seal-status endpoint.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.