Package utils contains a variety of small utility functions used by other tokenserver packages.



const (

	// DefaultMinValidityDuration is a value for minimal returned token lifetime if 'min_validity_duration'
	// field is not specified in the request.
	DefaultMinValidityDuration = 5 * time.Minute


This section is empty.


func DumpPEM

func DumpPEM(data []byte, header string) string

DumpPEM transforms block to pem-encoding.

Reverse of ParsePEM.

func LogRequest

func LogRequest(c context.Context, rpc RPC, req proto.Message, caller identity.Identity)

LogRequest logs the RPC request.

func ParsePEM

func ParsePEM(data, header string) ([]byte, error)

ParsePEM takes pem-encoded block and decodes it, checking the header.

func SerializeSN

func SerializeSN(sn *big.Int) ([]byte, error)

SerializeSN converts a certificate serial number to a byte blob.

func ServiceVersion

func ServiceVersion(c context.Context, s signing.Signer) (string, error)

ServiceVersion returns a string that identifies the app and the version.

It is put in some server responses. The function extracts this information from the given signer.

This function almost never returns errors. It can return an error only when called for the first time during the process lifetime. It gets cached after first successful return.

func TokenFingerprint

func TokenFingerprint(tok string) string

TokenFingerprint returns first 16 bytes of SHA256 of the token, as hex.

Token fingerprints can be used to identify tokens without parsing them.

func ValidateAndNormalizeRequest

func ValidateAndNormalizeRequest(c context.Context, oauthScope []string, durationSecs *int64, auditTags []string) error

ValidateAndNormalizeRequest validates and normalizes RPC requests.

func ValidateProject

func ValidateProject(c context.Context, project string) error

ValidateProject validates a LUCI project string.

func ValidateTags

func ValidateTags(tags []string) error

ValidateTags returns an error if some tags are malformed.

Tags are "key:value" pairs that can be passed with some RPCs. They end up inside the tokens and/or BigQuery logs.

func ZlibCompress

func ZlibCompress(in []byte) ([]byte, error)

ZlibCompress zips a blob using zlib.

func ZlibDecompress

func ZlibDecompress(in []byte) ([]byte, error)

ZlibDecompress unzips a blob using zlib.


type RPC

type RPC interface {
	Name() string

RPC interface specifies custom functionality implemented per RPC object.


Path Synopsis
identityset Package identityset implements a set-like structure for identity.Identity.
policy Package policy contains implementation of Policy parsing and querying.
revocation Package revocation contains utilities for implementing token revocation.
shards Package shards provides a low level support for implementing sharded set of []byte blobs.
tokensigning Package tokensigning implements utilities for RSA-signing of proto messages.