http

package
v0.0.0-...-a0f6db5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 14, 2022 License: MPL-2.0 Imports: 46 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// WrapTTLHeaderName is the name of the header containing a directive to
	// wrap the response
	WrapTTLHeaderName = "X-Vault-Wrap-TTL"

	// WrapFormatHeaderName is the name of the header containing the format to
	// wrap in; has no effect if the wrap TTL is not set
	WrapFormatHeaderName = "X-Vault-Wrap-Format"

	// NoRequestForwardingHeaderName is the name of the header telling Vault
	// not to use request forwarding
	NoRequestForwardingHeaderName = "X-Vault-No-Request-Forwarding"

	// MFAHeaderName represents the HTTP header which carries the credentials
	// required to perform MFA on any path.
	MFAHeaderName = "X-Vault-MFA"

	// PolicyOverrideHeaderName is the header set to request overriding
	// soft-mandatory Sentinel policies.
	PolicyOverrideHeaderName = "X-Vault-Policy-Override"

	VaultIndexHeaderName        = "X-Vault-Index"
	VaultInconsistentHeaderName = "X-Vault-Inconsistent"
	VaultForwardHeaderName      = "X-Vault-Forward"
	VaultInconsistentForward    = "forward-active-node"
	VaultInconsistentFail       = "fail"

	// DefaultMaxRequestSize is the default maximum accepted request size. This
	// is to prevent a denial of service attack where no Content-Length is
	// provided and the server is fed ever more data until it exhausts memory.
	// Can be overridden per listener.
	DefaultMaxRequestSize = 32 * 1024 * 1024
)
View Source
const MergePatchContentTypeHeader = "application/merge-patch+json"

Variables

View Source
var FeatureFlag_EnvVariables = [...]string{
	"VAULT_CLOUD_ADMIN_NAMESPACE",
}

Functions

func Handler

func Handler(props *vault.HandlerProperties) http.Handler

Handler returns an http.Handler for the API. This can be used on its own to mount the Vault API within another web server.

func TestListener

func TestListener(tb testing.TB) (net.Listener, string)

func TestServer

func TestServer(tb testing.TB, core *vault.Core) (net.Listener, string)

func TestServerAuth

func TestServerAuth(tb testing.TB, addr string, token string)

func TestServerWithListener

func TestServerWithListener(tb testing.TB, ln net.Listener, addr string, core *vault.Core)

func TestServerWithListenerAndProperties

func TestServerWithListenerAndProperties(tb testing.TB, ln net.Listener, addr string, core *vault.Core, props *vault.HandlerProperties)

func WrapForwardedForHandler

func WrapForwardedForHandler(h http.Handler, l *configutil.Listener) http.Handler

Types

type FeatureFlagsResponse

type FeatureFlagsResponse struct {
	FeatureFlags []string `json:"feature_flags"`
}

type GenerateRootInitRequest

type GenerateRootInitRequest struct {
	OTP    string `json:"otp"`
	PGPKey string `json:"pgp_key"`
}

type GenerateRootStatusResponse

type GenerateRootStatusResponse struct {
	Nonce            string `json:"nonce"`
	Started          bool   `json:"started"`
	Progress         int    `json:"progress"`
	Required         int    `json:"required"`
	Complete         bool   `json:"complete"`
	EncodedToken     string `json:"encoded_token"`
	EncodedRootToken string `json:"encoded_root_token"`
	PGPFingerprint   string `json:"pgp_fingerprint"`
	OTP              string `json:"otp"`
	OTPLength        int    `json:"otp_length"`
}

type GenerateRootUpdateRequest

type GenerateRootUpdateRequest struct {
	Nonce string
	Key   string
}

type HealthResponse

type HealthResponse struct {
	Initialized                bool                   `json:"initialized"`
	Sealed                     bool                   `json:"sealed"`
	Standby                    bool                   `json:"standby"`
	PerformanceStandby         bool                   `json:"performance_standby"`
	ReplicationPerformanceMode string                 `json:"replication_performance_mode"`
	ReplicationDRMode          string                 `json:"replication_dr_mode"`
	ServerTimeUTC              int64                  `json:"server_time_utc"`
	Version                    string                 `json:"version"`
	ClusterName                string                 `json:"cluster_name,omitempty"`
	ClusterID                  string                 `json:"cluster_id,omitempty"`
	LastWAL                    uint64                 `json:"last_wal,omitempty"`
	License                    *HealthResponseLicense `json:"license,omitempty"`
}

type HealthResponseLicense

type HealthResponseLicense struct {
	State      string `json:"state"`
	ExpiryTime string `json:"expiry_time"`
	Terminated bool   `json:"terminated"`
}

type InitRequest

type InitRequest struct {
	SecretShares      int      `json:"secret_shares"`
	SecretThreshold   int      `json:"secret_threshold"`
	StoredShares      int      `json:"stored_shares"`
	PGPKeys           []string `json:"pgp_keys"`
	RecoveryShares    int      `json:"recovery_shares"`
	RecoveryThreshold int      `json:"recovery_threshold"`
	RecoveryPGPKeys   []string `json:"recovery_pgp_keys"`
	RootTokenPGPKey   string   `json:"root_token_pgp_key"`
}

type InitResponse

type InitResponse struct {
	Keys            []string `json:"keys"`
	KeysB64         []string `json:"keys_base64"`
	RecoveryKeys    []string `json:"recovery_keys,omitempty"`
	RecoveryKeysB64 []string `json:"recovery_keys_base64,omitempty"`
	RootToken       string   `json:"root_token"`
}

type InitStatusResponse

type InitStatusResponse struct {
	Initialized bool `json:"initialized"`
}

type JoinRequest

type JoinRequest struct {
	AutoJoin            string `json:"auto_join"`
	AutoJoinScheme      string `json:"auto_join_scheme"`
	AutoJoinPort        uint   `json:"auto_join_port"`
	LeaderAPIAddr       string `json:"leader_api_addr"`
	LeaderCACert        string `json:"leader_ca_cert"`
	LeaderClientCert    string `json:"leader_client_cert"`
	LeaderClientKey     string `json:"leader_client_key"`
	LeaderTLSServerName string `json:"leader_tls_servername"`
	Retry               bool   `json:"retry"`
	NonVoter            bool   `json:"non_voter"`
}

type JoinResponse

type JoinResponse struct {
	Joined bool `json:"joined"`
}

type RekeyRequest

type RekeyRequest struct {
	SecretShares        int      `json:"secret_shares"`
	SecretThreshold     int      `json:"secret_threshold"`
	StoredShares        int      `json:"stored_shares"`
	PGPKeys             []string `json:"pgp_keys"`
	Backup              bool     `json:"backup"`
	RequireVerification bool     `json:"require_verification"`
}

type RekeyStatusResponse

type RekeyStatusResponse struct {
	Nonce                string   `json:"nonce"`
	Started              bool     `json:"started"`
	T                    int      `json:"t"`
	N                    int      `json:"n"`
	Progress             int      `json:"progress"`
	Required             int      `json:"required"`
	PGPFingerprints      []string `json:"pgp_fingerprints"`
	Backup               bool     `json:"backup"`
	VerificationRequired bool     `json:"verification_required"`
	VerificationNonce    string   `json:"verification_nonce,omitempty"`
}

type RekeyUpdateRequest

type RekeyUpdateRequest struct {
	Nonce string
	Key   string
}

type RekeyUpdateResponse

type RekeyUpdateResponse struct {
	Nonce                string   `json:"nonce"`
	Complete             bool     `json:"complete"`
	Keys                 []string `json:"keys"`
	KeysB64              []string `json:"keys_base64"`
	PGPFingerprints      []string `json:"pgp_fingerprints"`
	Backup               bool     `json:"backup"`
	VerificationRequired bool     `json:"verification_required"`
	VerificationNonce    string   `json:"verification_nonce,omitempty"`
}

type RekeyVerificationStatusResponse

type RekeyVerificationStatusResponse struct {
	Nonce    string `json:"nonce"`
	Started  bool   `json:"started"`
	T        int    `json:"t"`
	N        int    `json:"n"`
	Progress int    `json:"progress"`
}

type RekeyVerificationUpdateRequest

type RekeyVerificationUpdateRequest struct {
	Nonce string `json:"nonce"`
	Key   string `json:"key"`
}

type RekeyVerificationUpdateResponse

type RekeyVerificationUpdateResponse struct {
	Nonce    string `json:"nonce"`
	Complete bool   `json:"complete"`
}

type UIAssetWrapper

type UIAssetWrapper struct {
	FileSystem http.FileSystem
}

func (*UIAssetWrapper) Open

func (fsw *UIAssetWrapper) Open(name string) (http.File, error)

type UnsealRequest

type UnsealRequest struct {
	Key     string
	Reset   bool
	Migrate bool
}

Note: because we didn't provide explicit tagging in the past we can't do it now because if it then no longer accepts capitalized versions it could break clients

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL