authdb

package
v1.28.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2022 License: AGPL-3.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Invalid = errs.Class("invalid")

Invalid is the class of error that is returned for invalid records.

View Source 
var NotFound = errs.Class("not found")

NotFound is returned when a record is not found.

Functions

This section is empty.

Types

type Database 

type Database struct {
	// contains filtered or unexported fields
}

Database wraps a key/value store and uses it to store encrypted accesses and secrets.

func NewDatabase 

func NewDatabase(kv KV, allowedSatelliteIDs map[storj.NodeID]struct{}) *Database

NewDatabase constructs a Database. allowedSatelliteAddresses should contain the full URL (without a node ID), including port, for each satellite we allow for incoming access grants.

func (*Database) DeleteUnused 

func (db *Database) DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, selectSize, deleteSize int) (count, rounds int64, deletesPerHead map[string]int64, err error)

DeleteUnused deletes expired and invalid records from the key/value store and returns any error encountered.

func (*Database) Get 

func (db *Database) Get(ctx context.Context, accessKeyID EncryptionKey) (accessGrant string, public bool, secretKey SecretKey, err error)

Get retrieves an access grant and secret key from the key/value store, looked up by the hash of the access key and then decrypted.

func (*Database) Ping 

func (db *Database) Ping(ctx context.Context) (err error)

Ping attempts to do a DB roundtrip. If it can't it will return an error.

func (*Database) Put 

func (db *Database) Put(ctx context.Context, key EncryptionKey, accessGrant string, public bool) (secretKey SecretKey, err error)

Put encrypts the access grant with the key and stores it in a key/value store under the hash of the encryption key.

func (*Database) SetAllowedSatellites 

func (db *Database) SetAllowedSatellites(allowedSatelliteIDs map[storj.NodeID]struct{})

SetAllowedSatellites updates the allowed satellites list from configuration values.

type EncryptionKey 

type EncryptionKey [16]byte

EncryptionKey is an encryption key that an access/secret are encrypted with.

func NewEncryptionKey 

func NewEncryptionKey() (EncryptionKey, error)

NewEncryptionKey returns a new random EncryptionKey with initial version byte.

func (*EncryptionKey) FromBase32 

func (k *EncryptionKey) FromBase32(encoded string) error

FromBase32 loads the EncryptionKey from a lowercase RFC 4648 base32 string.

func (*EncryptionKey) FromBinary 

func (k *EncryptionKey) FromBinary(data []byte) error

FromBinary reads the key from binary which must include the version byte.

func (EncryptionKey) Hash 

func (k EncryptionKey) Hash() KeyHash

Hash returns the KeyHash for the EncryptionKey.

func (EncryptionKey) ToBase32 

func (k EncryptionKey) ToBase32() string

ToBase32 returns the EncryptionKey as a lowercase RFC 4648 base32 string.

func (EncryptionKey) ToBinary 

func (k EncryptionKey) ToBinary() []byte

ToBinary returns the EncryptionKey including the version byte.

func (EncryptionKey) ToStorjKey 

func (k EncryptionKey) ToStorjKey() storj.Key

ToStorjKey returns the storj.Key equivalent for the EncryptionKey.

type KV 

type KV interface {
	// Put stores the record in the key/value store.
	// It is an error if the key already exists.
	Put(ctx context.Context, keyHash KeyHash, record *Record) (err error)

	// Get retrieves the record from the key/value store.
	// It returns nil if the key does not exist.
	// If the record is invalid, the error contains why.
	Get(ctx context.Context, keyHash KeyHash) (record *Record, err error)

	// DeleteUnused deletes expired and invalid records from the key/value store
	// and returns any error encountered.
	//
	// Batch deletion and usage of asOfSystemInterval, selectSize and deleteSize
	// parameters depends on the implementation.
	DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, selectSize, deleteSize int) (count, rounds int64, deletesPerHead map[string]int64, err error)

	// Ping attempts to do a DB roundtrip. If it can't it will return an
	// error.
	Ping(ctx context.Context) error

	// Close closes the database.
	Close() error
}

KV is an abstract key/value store of KeyHash to Records.

type KeyHash 

type KeyHash [32]byte

KeyHash is the key portion of the key/value store.

type Record 

type Record struct {
	SatelliteAddress     string
	MacaroonHead         []byte // 32 bytes probably
	EncryptedSecretKey   []byte
	EncryptedAccessGrant []byte
	ExpiresAt            *time.Time
	Public               bool // if true, knowledge of secret key is not required
}

Record is a key/value store record.

type SecretKey 

type SecretKey [32]byte

SecretKey is the secret key used to sign requests.

func (SecretKey) ToBase32 

func (s SecretKey) ToBase32() string

ToBase32 returns the SecretKey as a lowercase RFC 4648 base32 string.

func (SecretKey) ToBinary 

func (s SecretKey) ToBinary() []byte

ToBinary returns the SecretKey including the version byte.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.