| OLD | NEW |
|---|
| 1 // Code generated by protoc-gen-go. DO NOT EDIT. | 1 // Code generated by protoc-gen-go. DO NOT EDIT. |
| 2 // source: github.com/luci/luci-go/tokenserver/api/admin/v1/config.proto | 2 // source: github.com/luci/luci-go/tokenserver/api/admin/v1/config.proto |
| 3 | 3 |
| 4 package admin | 4 package admin |
| 5 | 5 |
| 6 import proto "github.com/golang/protobuf/proto" | 6 import proto "github.com/golang/protobuf/proto" |
| 7 import fmt "fmt" | 7 import fmt "fmt" |
| 8 import math "math" | 8 import math "math" |
| 9 | 9 |
| 10 // Reference imports to suppress errors if they are not otherwise used. | 10 // Reference imports to suppress errors if they are not otherwise used. |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 // CertificateAuthorityConfig defines a single CA we trust. | 33 // CertificateAuthorityConfig defines a single CA we trust. |
| 34 // | 34 // |
| 35 // Such CA issues certificates for nodes that use The Token Service. Each node | 35 // Such CA issues certificates for nodes that use The Token Service. Each node |
| 36 // has a private key and certificate with Common Name set to the FQDN of this | 36 // has a private key and certificate with Common Name set to the FQDN of this |
| 37 // node, e.g. "CN=slave43-c1.c.chromecompute.google.com.internal". | 37 // node, e.g. "CN=slave43-c1.c.chromecompute.google.com.internal". |
| 38 // | 38 // |
| 39 // The Token Server uses this CN to derive an identity string for a machine. It | 39 // The Token Server uses this CN to derive an identity string for a machine. It |
| 40 // splits FQDN into a hostname ("slave43-c1") and a domain name | 40 // splits FQDN into a hostname ("slave43-c1") and a domain name |
| 41 // ("c.chromecompute.google.com.internal"), searches for a domain name in | 41 // ("c.chromecompute.google.com.internal"), searches for a domain name in |
| 42 // "known_domains" set, and, if it is present, uses parameters described there | 42 // "known_domains" set, and, if it is present, uses parameters described there |
| 43 // for generating a token with machine_id <hostname>@<token-server-url>. | 43 // for generating a token that contains machine's FQDN and certificate serial |
| 44 // number (among other things, see MachineTokenBody in machine_token.proto). |
| 44 type CertificateAuthorityConfig struct { | 45 type CertificateAuthorityConfig struct { |
| 45 UniqueId int64 `protobuf:"varint,6,opt,name=unique_id,json=uniqueId" js
on:"unique_id,omitempty"` | 46 UniqueId int64 `protobuf:"varint,6,opt,name=unique_id,json=uniqueId" js
on:"unique_id,omitempty"` |
| 46 Cn string `protobuf:"bytes,1,opt,name=cn" json:"cn,omitempty"` | 47 Cn string `protobuf:"bytes,1,opt,name=cn" json:"cn,omitempty"` |
| 47 CertPath string `protobuf:"bytes,2,opt,name=cert_path,json=certPath" jso
n:"cert_path,omitempty"` | 48 CertPath string `protobuf:"bytes,2,opt,name=cert_path,json=certPath" jso
n:"cert_path,omitempty"` |
| 48 CrlUrl string `protobuf:"bytes,3,opt,name=crl_url,json=crlUrl" json:"c
rl_url,omitempty"` | 49 CrlUrl string `protobuf:"bytes,3,opt,name=crl_url,json=crlUrl" json:"c
rl_url,omitempty"` |
| 49 UseOauth bool `protobuf:"varint,4,opt,name=use_oauth,json=useOauth" js
on:"use_oauth,omitempty"` | 50 UseOauth bool `protobuf:"varint,4,opt,name=use_oauth,json=useOauth" js
on:"use_oauth,omitempty"` |
| 50 // KnownDomains describes parameters to use for each particular domain. | 51 // KnownDomains describes parameters to use for each particular domain. |
| 51 KnownDomains []*DomainConfig `protobuf:"bytes,5,rep,name=known_domains,j
son=knownDomains" json:"known_domains,omitempty"` | 52 KnownDomains []*DomainConfig `protobuf:"bytes,5,rep,name=known_domains,j
son=knownDomains" json:"known_domains,omitempty"` |
| 52 } | 53 } |
| 53 | 54 |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 94 func (m *CertificateAuthorityConfig) GetKnownDomains() []*DomainConfig { | 95 func (m *CertificateAuthorityConfig) GetKnownDomains() []*DomainConfig { |
| 95 if m != nil { | 96 if m != nil { |
| 96 return m.KnownDomains | 97 return m.KnownDomains |
| 97 } | 98 } |
| 98 return nil | 99 return nil |
| 99 } | 100 } |
| 100 | 101 |
| 101 // DomainConfig is used inside CertificateAuthorityConfig. | 102 // DomainConfig is used inside CertificateAuthorityConfig. |
| 102 type DomainConfig struct { | 103 type DomainConfig struct { |
| 103 // Domain is domain names of hosts this config applies to. | 104 // Domain is domain names of hosts this config applies to. |
| 105 // |
| 106 // Machines that reside in a subdomain of given domain are also consider
ed |
| 107 // part of it, e.g. both FQDNs "host.example.com" and "host.abc.example.
com" |
| 108 // match domain "example.com". |
| 104 Domain []string `protobuf:"bytes,1,rep,name=domain" json:"domain,omitemp
ty"` | 109 Domain []string `protobuf:"bytes,1,rep,name=domain" json:"domain,omitemp
ty"` |
| 105 // MachineTokenLifetime is how long generated machine tokens live, in se
conds. | 110 // MachineTokenLifetime is how long generated machine tokens live, in se
conds. |
| 106 // | 111 // |
| 107 // If 0, machine tokens are not allowed. | 112 // If 0, machine tokens are not allowed. |
| 108 MachineTokenLifetime int64 `protobuf:"varint,5,opt,name=machine_token_li
fetime,json=machineTokenLifetime" json:"machine_token_lifetime,omitempty"` | 113 MachineTokenLifetime int64 `protobuf:"varint,5,opt,name=machine_token_li
fetime,json=machineTokenLifetime" json:"machine_token_lifetime,omitempty"` |
| 109 } | 114 } |
| 110 | 115 |
| 111 func (m *DomainConfig) Reset() { *m = DomainConfig{} } | 116 func (m *DomainConfig) Reset() { *m = DomainConfig{} } |
| 112 func (m *DomainConfig) String() string { return proto.CompactTextStri
ng(m) } | 117 func (m *DomainConfig) String() string { return proto.CompactTextStri
ng(m) } |
| 113 func (*DomainConfig) ProtoMessage() {} | 118 func (*DomainConfig) ProtoMessage() {} |
| (...skipping 217 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 331 0xb6, 0x05, 0xff, 0x8e, 0xfb, 0xa8, 0xa3, 0x37, 0x0a, 0x0c, 0x09, 0x7d,
0xba, 0xe6, 0x80, 0x5f, | 336 0xb6, 0x05, 0xff, 0x8e, 0xfb, 0xa8, 0xa3, 0x37, 0x0a, 0x0c, 0x09, 0x7d,
0xba, 0xe6, 0x80, 0x5f, |
| 332 0xa1, 0xae, 0x81, 0x3b, 0x07, 0x95, 0xd5, 0x86, 0x44, 0x9e, 0x6c, 0x85,
0x3a, 0x3a, 0x93, 0x52, | 337 0xa1, 0xae, 0x81, 0x3b, 0x07, 0x95, 0xd5, 0x86, 0x44, 0x9e, 0x6c, 0x85,
0x3a, 0x3a, 0x93, 0x52, |
| 333 0x6f, 0xa0, 0xa0, 0x56, 0x53, 0x51, 0xae, 0xc0, 0x54, 0x5a, 0x31, 0x0b,
0x24, 0xf6, 0xd6, 0x7e, | 338 0x6f, 0xa0, 0xa0, 0x56, 0x53, 0x51, 0xae, 0xc0, 0x54, 0x5a, 0x31, 0x0b,
0x24, 0xf6, 0xd6, 0x7e, |
| 334 0x4b, 0x6f, 0xf4, 0xe5, 0x96, 0xe1, 0x77, 0xa8, 0xf7, 0x38, 0xc5, 0x5c,
0x21, 0x40, 0x71, 0xf0, | 339 0x4b, 0x6f, 0xf4, 0xe5, 0x96, 0xe1, 0x77, 0xa8, 0xf7, 0x38, 0xc5, 0x5c,
0x21, 0x40, 0x71, 0xf0, |
| 335 0x0d, 0x75, 0xf3, 0xff, 0x5b, 0xfd, 0xbc, 0x95, 0xf1, 0x5b, 0x74, 0x68,
0x99, 0x59, 0x80, 0xa5, | 340 0x0d, 0x75, 0xf3, 0xff, 0x5b, 0xfd, 0xbc, 0x95, 0xf1, 0x5b, 0x74, 0x68,
0x99, 0x59, 0x80, 0xa5, |
| 336 0x75, 0x50, 0xc1, 0x81, 0x24, 0xde, 0x78, 0xd0, 0xa8, 0xd7, 0x8d, 0x88,
0xcf, 0xd0, 0x71, 0xc9, | 341 0x75, 0x50, 0xc1, 0x81, 0x24, 0xde, 0x78, 0xd0, 0xa8, 0xd7, 0x8d, 0x88,
0xcf, 0xd0, 0x71, 0xc9, |
| 337 0xee, 0xe9, 0x9a, 0x49, 0x51, 0x08, 0xfb, 0x40, 0x0b, 0x67, 0x7c, 0x58,
0xb2, 0xe7, 0x1b, 0x78, | 342 0xee, 0xe9, 0x9a, 0x49, 0x51, 0x08, 0xfb, 0x40, 0x0b, 0x67, 0x7c, 0x58,
0xb2, 0xe7, 0x1b, 0x78, |
| 338 0x56, 0xb2, 0xfb, 0xef, 0x2d, 0x9b, 0xb4, 0x68, 0x96, 0xf8, 0xdf, 0xea,
0xc3, 0xaf, 0x00, 0x00, | 343 0x56, 0xb2, 0xfb, 0xef, 0x2d, 0x9b, 0xb4, 0x68, 0x96, 0xf8, 0xdf, 0xea,
0xc3, 0xaf, 0x00, 0x00, |
| 339 0x00, 0xff, 0xff, 0x68, 0x96, 0x3b, 0x9b, 0x97, 0x03, 0x00, 0x00, | 344 0x00, 0xff, 0xff, 0x68, 0x96, 0x3b, 0x9b, 0x97, 0x03, 0x00, 0x00, |
| 340 } | 345 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2952723003:
token-server: Make machine token minter config apply to subdomains. (Closed)
