-
Notifications
You must be signed in to change notification settings - Fork 442
/
types.go
71 lines (62 loc) · 2.48 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package webhook
import (
"time"
"go.step.sm/crypto/sshutil"
"go.step.sm/crypto/x509util"
)
// ResponseBody is the body returned by webhook servers.
type ResponseBody struct {
Data any `json:"data"`
Allow bool `json:"allow"`
}
// X509CertificateRequest is the certificate request sent to webhook servers for
// enriching webhooks when signing x509 certificates
type X509CertificateRequest struct {
*x509util.CertificateRequest
PublicKey []byte `json:"publicKey"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
Raw []byte `json:"raw"`
}
// X509Certificate is the certificate sent to webhook servers for authorizing
// webhooks when signing x509 certificates
type X509Certificate struct {
*x509util.Certificate
PublicKey []byte `json:"publicKey"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
NotBefore time.Time `json:"notBefore"`
NotAfter time.Time `json:"notAfter"`
}
// SSHCertificateRequest is the certificate request sent to webhook servers for
// enriching webhooks when signing SSH certificates
type SSHCertificateRequest struct {
PublicKey []byte `json:"publicKey"`
Type string `json:"type"`
KeyID string `json:"keyID"`
Principals []string `json:"principals"`
}
// SSHCertificate is the certificate sent to webhook servers for authorizing
// webhooks when signing SSH certificates
type SSHCertificate struct {
*sshutil.Certificate
PublicKey []byte `json:"publicKey"`
SignatureKey []byte `json:"signatureKey"`
ValidBefore uint64 `json:"validBefore"`
ValidAfter uint64 `json:"validAfter"`
}
// AttestationData is data validated by acme device-attest-01 challenge
type AttestationData struct {
PermanentIdentifier string `json:"permanentIdentifier"`
}
// RequestBody is the body sent to webhook servers.
type RequestBody struct {
Timestamp time.Time `json:"timestamp"`
// Only set after successfully completing acme device-attest-01 challenge
AttestationData *AttestationData `json:"attestationData,omitempty"`
// Set for most provisioners, but not acme or scep
// Token any `json:"token,omitempty"`
// Exactly one of the remaining fields should be set
X509CertificateRequest *X509CertificateRequest `json:"x509CertificateRequest,omitempty"`
X509Certificate *X509Certificate `json:"x509Certificate,omitempty"`
SSHCertificateRequest *SSHCertificateRequest `json:"sshCertificateRequest,omitempty"`
SSHCertificate *SSHCertificate `json:"sshCertificate,omitempty"`
}