package alts
import "google.golang.org/grpc/credentials/alts"
Package alts implements the ALTS credential support by gRPC library, which encapsulates all the state needed by a client to authenticate with a server using ALTS and make various assertions, e.g., about the client's identity, role, or whether it is authorized to make a particular call. This package is experimental.
Index ¶
- Variables
- func NewClientCreds(opts *ClientOptions) credentials.TransportCredentials
- func NewServerCreds() credentials.TransportCredentials
- type AuthInfo
- type ClientOptions
Variables ¶
var ( // ErrUntrustedPlatform is returned from ClientHandshake and // ServerHandshake is running on a platform where the trustworthiness of // the handshaker service is not guaranteed. ErrUntrustedPlatform = errors.New("untrusted platform") )
Functions ¶
func NewClientCreds ¶
func NewClientCreds(opts *ClientOptions) credentials.TransportCredentials
NewClientCreds constructs a client-side ALTS TransportCredentials object.
func NewServerCreds ¶
func NewServerCreds() credentials.TransportCredentials
NewServerCreds constructs a server-side ALTS TransportCredentials object.
Types ¶
type AuthInfo ¶
type AuthInfo interface {
// ApplicationProtocol returns application protocol negotiated for the
// ALTS connection.
ApplicationProtocol() string
// RecordProtocol returns the record protocol negotiated for the ALTS
// connection.
RecordProtocol() string
// SecurityLevel returns the security level of the created ALTS secure
// channel.
SecurityLevel() altspb.SecurityLevel
// PeerServiceAccount returns the peer service account.
PeerServiceAccount() string
// LocalServiceAccount returns the local service account.
LocalServiceAccount() string
// PeerRPCVersions returns the RPC version supported by the peer.
PeerRPCVersions() *altspb.RpcProtocolVersions
}
AuthInfo exposes security information from the ALTS handshake to the application. This interface is to be implemented by ALTS. Users should not need a brand new implementation of this interface. For situations like testing, any new implementation should embed this interface. This allows ALTS to add new methods to this interface.
type ClientOptions ¶
type ClientOptions struct {
// TargetServiceAccounts contains a list of expected target service
// accounts.
TargetServiceAccounts []string
}
ClientOptions contains the client-side options of an ALTS channel. These options will be passed to the underlying ALTS handshaker.
Source Files ¶
alts.go utils.go
Directories ¶
| Path | Synopsis |
|---|---|
| credentials/alts/core | Package core contains common core functionality for ALTS. |
| credentials/alts/core/authinfo | Package authinfo provide authentication information returned by handshakers. |
| credentials/alts/core/conn | Package conn contains an implementation of a secure channel created by gRPC handshakers. |
| credentials/alts/core/handshaker | Package handshaker provides ALTS handshaking functionality for GCP. |
| credentials/alts/core/handshaker/service | Package service manages connections between the VM application and the ALTS handshaker service. |
| credentials/alts/core/proto | |
| credentials/alts/core/proto/grpc_gcp | Package grpc_gcp is a generated protocol buffer package. |
| credentials/alts/core/testutil | Package testutil include useful test utilities for the handshaker. |
- Version
- v1.11.0
- Published
- Mar 27, 2018
- Platform
- windows/amd64
- Imports
- 20 packages
- Last checked
- 49 minutes ago –
Tools for package owners.