alts
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package alts implements the ALTS credential support by gRPC library, whichencapsulates all the state needed by a client to authenticate with a serverusing ALTS and make various assertions, e.g., about the client's identity,role, or whether it is authorized to make a particular call.This package is experimental.
Index¶
Constants¶
This section is empty.
Variables¶
var (// ErrUntrustedPlatform is returned from ClientHandshake and// ServerHandshake is running on a platform where the trustworthiness of// the handshaker service is not guaranteed.ErrUntrustedPlatform =errors.New("ALTS: untrusted platform. ALTS is only supported on GCP"))
Functions¶
funcClientAuthorizationCheck¶added inv1.27.0
ClientAuthorizationCheck checks whether the client is authorized to accessthe requested resources based on the given expected client service accounts.This API should be used by gRPC server RPC handlers. This API should not beused by clients.
funcNewClientCreds¶
func NewClientCreds(opts *ClientOptions)credentials.TransportCredentials
NewClientCreds constructs a client-side ALTS TransportCredentials object.
funcNewServerCreds¶
func NewServerCreds(opts *ServerOptions)credentials.TransportCredentials
NewServerCreds constructs a server-side ALTS TransportCredentials object.
Types¶
typeAuthInfo¶
type AuthInfo interface {// ApplicationProtocol returns application protocol negotiated for the// ALTS connection.ApplicationProtocol()string// RecordProtocol returns the record protocol negotiated for the ALTS// connection.RecordProtocol()string// SecurityLevel returns the security level of the created ALTS secure// channel.SecurityLevel()altspb.SecurityLevel// PeerServiceAccount returns the peer service account.PeerServiceAccount()string// LocalServiceAccount returns the local service account.LocalServiceAccount()string// PeerRPCVersions returns the RPC version supported by the peer.PeerRPCVersions() *altspb.RpcProtocolVersions}AuthInfo exposes security information from the ALTS handshake to theapplication. This interface is to be implemented by ALTS. Users should notneed a brand new implementation of this interface. For situations liketesting, any new implementation should embed this interface. This allowsALTS to add new methods to this interface.
funcAuthInfoFromContext¶added inv1.13.0
AuthInfoFromContext extracts the alts.AuthInfo object from the given context,if it exists. This API should be used by gRPC server RPC handlers to getinformation about the communicating peer. For client-side, use grpc.Peer()CallOption.
typeClientOptions¶
type ClientOptions struct {// TargetServiceAccounts contains a list of expected target service// accounts.TargetServiceAccounts []string// HandshakerServiceAddress represents the ALTS handshaker gRPC service// address to connect to.HandshakerServiceAddressstring}ClientOptions contains the client-side options of an ALTS channel. Theseoptions will be passed to the underlying ALTS handshaker.
funcDefaultClientOptions¶added inv1.12.0
func DefaultClientOptions() *ClientOptions
DefaultClientOptions creates a new ClientOptions object with the defaultvalues.
typeServerOptions¶added inv1.12.0
type ServerOptions struct {// HandshakerServiceAddress represents the ALTS handshaker gRPC service// address to connect to.HandshakerServiceAddressstring}ServerOptions contains the server-side options of an ALTS channel. Theseoptions will be passed to the underlying ALTS handshaker.
funcDefaultServerOptions¶added inv1.12.0
func DefaultServerOptions() *ServerOptions
DefaultServerOptions creates a new ServerOptions object with the defaultvalues.
Source Files
Directories¶
| Path | Synopsis |
|---|---|
Package internal contains common core functionality for ALTS. | Package internal contains common core functionality for ALTS. |
authinfo Package authinfo provide authentication information returned by handshakers. | Package authinfo provide authentication information returned by handshakers. |
conn Package conn contains an implementation of a secure channel created by gRPC handshakers. | Package conn contains an implementation of a secure channel created by gRPC handshakers. |
handshaker Package handshaker provides ALTS handshaking functionality for GCP. | Package handshaker provides ALTS handshaking functionality for GCP. |
handshaker/service Package service manages connections between the VM application and the ALTS handshaker service. | Package service manages connections between the VM application and the ALTS handshaker service. |
testutil Package testutil include useful test utilities for the handshaker. | Package testutil include useful test utilities for the handshaker. |