| OLD | NEW |
| 1 // Copyright 2016 The LUCI Authors. | 1 // Copyright 2016 The LUCI Authors. |
| 2 // | 2 // |
| 3 // Licensed under the Apache License, Version 2.0 (the "License"); | 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 // you may not use this file except in compliance with the License. | 4 // you may not use this file except in compliance with the License. |
| 5 // You may obtain a copy of the License at | 5 // You may obtain a copy of the License at |
| 6 // | 6 // |
| 7 // http://www.apache.org/licenses/LICENSE-2.0 | 7 // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 // | 8 // |
| 9 // Unless required by applicable law or agreed to in writing, software | 9 // Unless required by applicable law or agreed to in writing, software |
| 10 // distributed under the License is distributed on an "AS IS" BASIS, | 10 // distributed under the License is distributed on an "AS IS" BASIS, |
| (...skipping 19 matching lines...) Expand all Loading... |
| 30 | 30 |
| 31 "github.com/luci/luci-go/tokenserver/api/minter/v1" | 31 "github.com/luci/luci-go/tokenserver/api/minter/v1" |
| 32 ) | 32 ) |
| 33 | 33 |
| 34 // Client can make signed requests to the token server. | 34 // Client can make signed requests to the token server. |
| 35 type Client struct { | 35 type Client struct { |
| 36 // Client is interface to use for raw RPC calls to the token server. | 36 // Client is interface to use for raw RPC calls to the token server. |
| 37 // | 37 // |
| 38 // Use minter.NewTokenMinterClient (or NewTokenMinterPRPCClient) to | 38 // Use minter.NewTokenMinterClient (or NewTokenMinterPRPCClient) to |
| 39 // create it. Note that transport-level authentication is not needed. | 39 // create it. Note that transport-level authentication is not needed. |
| 40 » Client minter.TokenMinterClient | 40 » Client TokenMinterClient |
| 41 | 41 |
| 42 // Signer knows how to sign requests using some private key. | 42 // Signer knows how to sign requests using some private key. |
| 43 Signer Signer | 43 Signer Signer |
| 44 } | 44 } |
| 45 | 45 |
| 46 // TokenMinterClient is subset of minter.TokenMinterClient this package uses. |
| 47 type TokenMinterClient interface { |
| 48 // MintMachineToken generates a new token for an authenticated machine. |
| 49 MintMachineToken(context.Context, *minter.MintMachineTokenRequest, ...gr
pc.CallOption) (*minter.MintMachineTokenResponse, error) |
| 50 } |
| 51 |
| 46 // Signer knows how to sign requests using some private key. | 52 // Signer knows how to sign requests using some private key. |
| 47 type Signer interface { | 53 type Signer interface { |
| 48 // Algo returns an algorithm that the signer implements. | 54 // Algo returns an algorithm that the signer implements. |
| 49 Algo(ctx context.Context) (x509.SignatureAlgorithm, error) | 55 Algo(ctx context.Context) (x509.SignatureAlgorithm, error) |
| 50 | 56 |
| 51 // Certificate returns ASN.1 DER blob with the certificate of the signer
. | 57 // Certificate returns ASN.1 DER blob with the certificate of the signer
. |
| 52 Certificate(ctx context.Context) ([]byte, error) | 58 Certificate(ctx context.Context) ([]byte, error) |
| 53 | 59 |
| 54 // Sign signs a blob using the private key. | 60 // Sign signs a blob using the private key. |
| 55 Sign(ctx context.Context, blob []byte) ([]byte, error) | 61 Sign(ctx context.Context, blob []byte) ([]byte, error) |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 } | 150 } |
| 145 } | 151 } |
| 146 | 152 |
| 147 // Must not happen. But better return an error than nil-panic if it does
. | 153 // Must not happen. But better return an error than nil-panic if it does
. |
| 148 if resp.TokenResponse == nil { | 154 if resp.TokenResponse == nil { |
| 149 return nil, fmt.Errorf("token server didn't return a token") | 155 return nil, fmt.Errorf("token server didn't return a token") |
| 150 } | 156 } |
| 151 | 157 |
| 152 return resp.TokenResponse, nil | 158 return resp.TokenResponse, nil |
| 153 } | 159 } |
| OLD | NEW |