Documentation
¶
Index ¶
- Variables
- func RoleName(role int) string
- type AdminUser
- type AnalyzeCertRequest
- type AnalyzePrivKeyRequest
- type BatchDeleteUsersRequest
- type BindUsersRequest
- type CABindingDTO
- type CACert
- type CertAnalysis
- type Client
- func (c *Client) AnalyzeCert(ctx context.Context, cert string) (*CertAnalysis, error)
- func (c *Client) AnalyzePrivKey(ctx context.Context, privKey, password string) (*PrivKeyAnalysis, error)
- func (c *Client) BatchCreateUsers(ctx context.Context, users []CreateUserRequest) error
- func (c *Client) BatchDeleteUsers(ctx context.Context, usernames []string) error
- func (c *Client) BindUsersToCA(ctx context.Context, caUUID string, usernames []string) error
- func (c *Client) ConvertDERtoPEM(ctx context.Context, der string) (*ConvertResult, error)
- func (c *Client) ConvertPEMtoDER(ctx context.Context, pem string) (*ConvertResult, error)
- func (c *Client) ConvertPEMtoPFX(ctx context.Context, req ConvertPEMtoPFXRequest) (*ConvertResult, error)
- func (c *Client) CountAdminCAs(ctx context.Context) (int64, error)
- func (c *Client) CountAdminUsers(ctx context.Context) (int64, error)
- func (c *Client) CountAllCAs(ctx context.Context) (int64, error)
- func (c *Client) CountAllSSLCerts(ctx context.Context) (int64, error)
- func (c *Client) CountUserCAs(ctx context.Context) (int64, error)
- func (c *Client) CountUserSSLCerts(ctx context.Context) (int64, error)
- func (c *Client) CreateUser(ctx context.Context, req CreateUserRequest) (*AdminUser, error)
- func (c *Client) DeleteAdminCA(ctx context.Context, uuid string) error
- func (c *Client) DeleteSSLCert(ctx context.Context, uuid string) error
- func (c *Client) DeleteSuperadminUser(ctx context.Context, username string) error
- func (c *Client) ForceLogoutUser(ctx context.Context, username string) error
- func (c *Client) GetAdminCACert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
- func (c *Client) GetAdminCAPrivKey(ctx context.Context, uuid, password string) (string, error)
- func (c *Client) GetBaseURL() string
- func (c *Client) GetBoundUsers(ctx context.Context, uuid string, page, size int) (*PageDTO[AdminUser], error)
- func (c *Client) GetOIDCAuthURL(ctx context.Context) (string, error)
- func (c *Client) GetProfile(ctx context.Context) (*UserProfile, error)
- func (c *Client) GetSession() string
- func (c *Client) GetUnboundUsers(ctx context.Context, uuid string, page, size int) (*PageDTO[AdminUser], error)
- func (c *Client) GetUserCACert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
- func (c *Client) GetUserSSLCert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
- func (c *Client) GetUserSSLPrivKey(ctx context.Context, uuid, password string) (string, error)
- func (c *Client) ImportAdminCA(ctx context.Context, req ImportCACertRequest) (*CACert, error)
- func (c *Client) ListAdminCAs(ctx context.Context, page, size int) (*PageDTO[CACert], error)
- func (c *Client) ListAdminUsers(ctx context.Context, page, size int) (*PageDTO[AdminUser], error)
- func (c *Client) ListAllSessions(ctx context.Context, page, limit int) (*PageDTO[LoginRecord], error)
- func (c *Client) ListUserCAs(ctx context.Context, page, size int) (*PageDTO[CACert], error)
- func (c *Client) ListUserSSLCerts(ctx context.Context, page, size int) (*PageDTO[SSLCert], error)
- func (c *Client) ListUserSessions(ctx context.Context, page, size int) (*PageDTO[LoginRecord], error)
- func (c *Client) ListUserSessionsBySuperadmin(ctx context.Context, username string, page, limit int) (*PageDTO[LoginRecord], error)
- func (c *Client) Login(ctx context.Context, username, password string) error
- func (c *Client) Logout(ctx context.Context) error
- func (c *Client) LogoutAllSessions(ctx context.Context) error
- func (c *Client) LogoutSession(ctx context.Context, uuid string) error
- func (c *Client) Ping(ctx context.Context) error
- func (c *Client) RenewAdminCA(ctx context.Context, uuid string, req RenewCACertRequest) (*CACert, error)
- func (c *Client) RenewSSLCert(ctx context.Context, uuid string, req RenewSSLCertRequest) (*SSLCert, error)
- func (c *Client) RequestAdminCA(ctx context.Context, req RequestCACertRequest) (*CACert, error)
- func (c *Client) RequestSSLCert(ctx context.Context, req RequestSSLCertRequest) (*SSLCert, error)
- func (c *Client) SetBaseURL(url string)
- func (c *Client) SetSession(session string)
- func (c *Client) ToggleAdminCAAvailable(ctx context.Context, uuid string, available bool) error
- func (c *Client) UnbindUsersFromCA(ctx context.Context, caUUID string, usernames []string) error
- func (c *Client) UpdateAdminCAComment(ctx context.Context, uuid, comment string) error
- func (c *Client) UpdateProfile(ctx context.Context, req UpdateProfileRequest) error
- func (c *Client) UpdateSSLCertComment(ctx context.Context, uuid, comment string) error
- func (c *Client) UpdateSuperadminUser(ctx context.Context, username string, req UpdateSuperadminUserRequest) error
- func (c *Client) UpdateUserRole(ctx context.Context, req UpdateUserRoleRequest) error
- type ConvertPEMtoPFXRequest
- type ConvertRequest
- type ConvertResult
- type CreateUserRequest
- type GetPrivKeyRequest
- type ImportCACertRequest
- type LoginRecord
- type LoginRequest
- type PageDTO
- type PrivKeyAnalysis
- type PrivKeyResponse
- type RenewCACertRequest
- type RenewSSLCertRequest
- type RequestCACertRequest
- type RequestSSLCertRequest
- type ResultVO
- type SSLCert
- type SubjectAltName
- type ToggleAvailableRequest
- type UpdateCommentRequest
- type UpdateProfileRequest
- type UpdateSuperadminUserRequest
- type UpdateUserRoleRequest
- type UserProfile
Constants ¶
This section is empty.
Variables ¶
ErrUnauthorized is returned when the server returns HTTP 401 or API code 401, indicating the session has expired and the user must log in again.
Functions ¶
Types ¶
type AdminUser ¶
type AdminUser struct {
Username string `json:"username"`
DisplayName string `json:"displayName"`
Email string `json:"email"`
Role int `json:"role"`
}
AdminUser represents a user in the admin view (UserProfileDTO from API).
type AnalyzeCertRequest ¶
type AnalyzeCertRequest struct {
Cert string `json:"cert"`
}
AnalyzeCertRequest is the request to analyze a certificate.
type AnalyzePrivKeyRequest ¶
type AnalyzePrivKeyRequest struct {
PrivKey string `json:"privkey"`
Password string `json:"password,omitempty"`
}
AnalyzePrivKeyRequest is the request to analyze a private key.
type BatchDeleteUsersRequest ¶
type BatchDeleteUsersRequest struct {
Usernames []string `json:"usernames"`
}
BatchDeleteUsersRequest deletes multiple users.
type BindUsersRequest ¶
type BindUsersRequest struct {
Usernames []string `json:"usernames"`
}
BindUsersRequest binds users to a CA.
type CABindingDTO ¶
CABindingDTO represents a CA-User binding.
type CACert ¶
type CACert struct {
UUID string `json:"uuid"`
Owner string `json:"owner"`
AllowSubCa bool `json:"allowSubCa"`
ParentCa string `json:"parentCa"`
Comment string `json:"comment"`
Available bool `json:"available"`
NotBefore string `json:"notBefore"`
NotAfter string `json:"notAfter"`
}
CACert represents a CA certificate info DTO (CaInfoDTO from API).
type CertAnalysis ¶
type CertAnalysis struct {
Subject string `json:"subject,omitempty"`
Issuer string `json:"issuer,omitempty"`
NotBefore string `json:"notBefore"`
NotAfter string `json:"notAfter"`
SerialNumber string `json:"serialNumber,omitempty"`
Algorithm string `json:"algorithm"`
IsCA bool `json:"isCA"`
Fingerprint string `json:"fingerprint,omitempty"`
PublicKey map[string]interface{} `json:"publicKey,omitempty"`
Extensions map[string]string `json:"extensions,omitempty"`
SANs []string `json:"subjectAltNames,omitempty"`
}
CertAnalysis holds the result of a certificate analysis. The fields are a superset of all possible API response fields.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is the CertVault API HTTP client.
func (*Client) AnalyzeCert ¶
AnalyzeCert analyzes a PEM certificate. The cert argument must already be base64-encoded (as returned by the cert fetch endpoints).
func (*Client) AnalyzePrivKey ¶
func (c *Client) AnalyzePrivKey(ctx context.Context, privKey, password string) (*PrivKeyAnalysis, error)
AnalyzePrivKey analyzes a private key. The privKey argument must already be base64-encoded (as returned by the privkey fetch endpoints).
func (*Client) BatchCreateUsers ¶
func (c *Client) BatchCreateUsers(ctx context.Context, users []CreateUserRequest) error
BatchCreateUsers creates multiple users at once.
func (*Client) BatchDeleteUsers ¶
BatchDeleteUsers deletes multiple users at once.
func (*Client) BindUsersToCA ¶
BindUsersToCA binds a user to a CA. Uses POST /api/v1/admin/cert/ca/bind/create with CABindingDTO.
func (*Client) ConvertDERtoPEM ¶
ConvertDERtoPEM converts a base64-encoded DER certificate to PEM format.
func (*Client) ConvertPEMtoDER ¶
ConvertPEMtoDER converts a PEM certificate to DER format.
func (*Client) ConvertPEMtoPFX ¶
func (c *Client) ConvertPEMtoPFX(ctx context.Context, req ConvertPEMtoPFXRequest) (*ConvertResult, error)
ConvertPEMtoPFX converts a PEM cert+key to PFX format.
func (*Client) CountAdminCAs ¶
CountAdminCAs returns the total number of CA certs (admin+).
func (*Client) CountAdminUsers ¶
CountAdminUsers returns the total number of users (admin+).
func (*Client) CountAllCAs ¶
CountAllCAs returns the total number of CA certs (superadmin only).
func (*Client) CountAllSSLCerts ¶
CountAllSSLCerts returns the total number of SSL certs (superadmin only).
func (*Client) CountUserCAs ¶
CountUserCAs returns the number of CAs bound to the current user.
func (*Client) CountUserSSLCerts ¶
CountUserSSLCerts returns the number of SSL certs owned by the current user.
func (*Client) CreateUser ¶
CreateUser creates a new user (superadmin only).
func (*Client) DeleteAdminCA ¶
DeleteAdminCA deletes a CA certificate.
func (*Client) DeleteSSLCert ¶
DeleteSSLCert deletes an SSL certificate.
func (*Client) DeleteSuperadminUser ¶
DeleteSuperadminUser deletes a user (superadmin only).
func (*Client) ForceLogoutUser ¶
ForceLogoutUser force-logs out a user (superadmin only).
func (*Client) GetAdminCACert ¶
func (c *Client) GetAdminCACert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
GetAdminCACert gets the CA certificate PEM.
func (*Client) GetAdminCAPrivKey ¶
GetAdminCAPrivKey gets the CA private key. The API returns the private key as a base64-encoded PEM string in the data field.
func (*Client) GetBoundUsers ¶
func (c *Client) GetBoundUsers(ctx context.Context, uuid string, page, size int) (*PageDTO[AdminUser], error)
GetBoundUsers gets users bound to a CA. Uses GET /api/v1/admin/cert/ca/{uuid}/bind.
func (*Client) GetOIDCAuthURL ¶
GetOIDCAuthURL returns the OIDC authorization URL.
func (*Client) GetProfile ¶
func (c *Client) GetProfile(ctx context.Context) (*UserProfile, error)
GetProfile returns the current user's profile.
func (*Client) GetSession ¶
GetSession returns the current JSESSIONID value.
func (*Client) GetUnboundUsers ¶
func (c *Client) GetUnboundUsers(ctx context.Context, uuid string, page, size int) (*PageDTO[AdminUser], error)
GetUnboundUsers gets users not yet bound to a CA. Uses GET /api/v1/admin/cert/ca/{uuid}/bind/not.
func (*Client) GetUserCACert ¶
func (c *Client) GetUserCACert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
GetUserCACert gets the PEM certificate for a CA.
func (*Client) GetUserSSLCert ¶
func (c *Client) GetUserSSLCert(ctx context.Context, uuid string, chain, needRoot bool) (string, error)
GetUserSSLCert gets the PEM certificate content. chain=true fetches the full certificate chain; needRoot=false excludes the root CA.
func (*Client) GetUserSSLPrivKey ¶
GetUserSSLPrivKey retrieves the encrypted private key. The API returns the private key as a base64-encoded PEM string in the data field.
func (*Client) ImportAdminCA ¶
ImportAdminCA imports a CA certificate.
func (*Client) ListAdminCAs ¶
ListAdminCAs lists all CA certificates (admin only).
func (*Client) ListAdminUsers ¶
ListAdminUsers lists all users (admin only).
func (*Client) ListAllSessions ¶
func (c *Client) ListAllSessions(ctx context.Context, page, limit int) (*PageDTO[LoginRecord], error)
ListAllSessions lists all sessions across all users (superadmin only).
func (*Client) ListUserCAs ¶
ListUserCAs lists CAs bound to the current user.
func (*Client) ListUserSSLCerts ¶
ListUserSSLCerts lists SSL certs belonging to the current user.
func (*Client) ListUserSessions ¶
func (c *Client) ListUserSessions(ctx context.Context, page, size int) (*PageDTO[LoginRecord], error)
ListUserSessions lists the current user's sessions.
func (*Client) ListUserSessionsBySuperadmin ¶
func (c *Client) ListUserSessionsBySuperadmin(ctx context.Context, username string, page, limit int) (*PageDTO[LoginRecord], error)
ListUserSessionsBySuperadmin lists sessions for a specific user (superadmin only).
func (*Client) LogoutAllSessions ¶
LogoutAllSessions logs out all sessions for the current user.
func (*Client) LogoutSession ¶
LogoutSession logs out a specific session by UUID.
func (*Client) RenewAdminCA ¶
func (c *Client) RenewAdminCA(ctx context.Context, uuid string, req RenewCACertRequest) (*CACert, error)
RenewAdminCA renews a CA certificate.
func (*Client) RenewSSLCert ¶
func (c *Client) RenewSSLCert(ctx context.Context, uuid string, req RenewSSLCertRequest) (*SSLCert, error)
RenewSSLCert renews an SSL certificate.
func (*Client) RequestAdminCA ¶
RequestAdminCA creates a new CA certificate.
func (*Client) RequestSSLCert ¶
RequestSSLCert requests a new SSL certificate.
func (*Client) SetBaseURL ¶
SetBaseURL updates the base URL.
func (*Client) SetSession ¶
SetSession sets the JSESSIONID cookie on the client.
func (*Client) ToggleAdminCAAvailable ¶
ToggleAdminCAAvailable toggles the CA availability.
func (*Client) UnbindUsersFromCA ¶
UnbindUsersFromCA unbinds a user from a CA. Uses POST /api/v1/admin/cert/ca/bind/delete with CABindingDTO.
func (*Client) UpdateAdminCAComment ¶
UpdateAdminCAComment updates the CA comment.
func (*Client) UpdateProfile ¶
func (c *Client) UpdateProfile(ctx context.Context, req UpdateProfileRequest) error
UpdateProfile updates the current user's profile.
func (*Client) UpdateSSLCertComment ¶
UpdateSSLCertComment updates the comment on an SSL cert.
func (*Client) UpdateSuperadminUser ¶
func (c *Client) UpdateSuperadminUser(ctx context.Context, username string, req UpdateSuperadminUserRequest) error
UpdateSuperadminUser updates a user's info (superadmin only).
func (*Client) UpdateUserRole ¶
func (c *Client) UpdateUserRole(ctx context.Context, req UpdateUserRoleRequest) error
UpdateUserRole updates a user's role (superadmin only).
type ConvertPEMtoPFXRequest ¶
type ConvertPEMtoPFXRequest struct {
Cert string `json:"cert"`
PrivKey string `json:"privkey"`
Password string `json:"password"`
}
ConvertPEMtoPFXRequest converts PEM to PFX.
type ConvertRequest ¶
type ConvertRequest struct {
Cert string `json:"cert,omitempty"`
PrivKey string `json:"privkey,omitempty"`
}
ConvertRequest for PEM↔DER conversions.
type ConvertResult ¶
type ConvertResult struct {
Data string `json:"data"`
}
ConvertResult holds a converted certificate.
type CreateUserRequest ¶
type CreateUserRequest struct {
Username string `json:"username"`
DisplayName string `json:"displayName"`
Email string `json:"email"`
Password string `json:"password"`
Role int `json:"role"`
}
CreateUserRequest creates a new user.
type GetPrivKeyRequest ¶
type GetPrivKeyRequest struct {
Password string `json:"password"`
}
GetPrivKeyRequest requests a private key.
type ImportCACertRequest ¶
type ImportCACertRequest struct {
Certificate string `json:"certificate"`
PrivKey string `json:"privkey"`
Comment string `json:"comment,omitempty"`
}
ImportCACertRequest is the request to import a CA certificate.
type LoginRecord ¶
type LoginRecord struct {
UUID string `json:"uuid"`
Username string `json:"username"`
IPAddress string `json:"ipAddress"`
Region string `json:"region"`
Province string `json:"province"`
City string `json:"city"`
Browser string `json:"browser"`
OS string `json:"os"`
LoginTime string `json:"loginTime"`
IsOnline bool `json:"isOnline"`
}
LoginRecord represents a user login/session record (LoginRecordDTO).
type LoginRequest ¶
LoginRequest is the request body for login.
type PrivKeyAnalysis ¶
PrivKeyAnalysis holds the result of a private key analysis.
type PrivKeyResponse ¶
type PrivKeyResponse struct {
PrivateKey string `json:"privateKey"`
}
PrivKeyResponse holds an encrypted private key.
type RenewCACertRequest ¶
type RenewCACertRequest struct {
Expiry int `json:"expiry"`
}
RenewCACertRequest is the request to renew a CA certificate.
type RenewSSLCertRequest ¶
type RenewSSLCertRequest struct {
Expiry int `json:"expiry"`
}
RenewSSLCertRequest is the request to renew an SSL cert.
type RequestCACertRequest ¶
type RequestCACertRequest struct {
CaUUID string `json:"caUuid,omitempty"`
AllowSubCa bool `json:"allowSubCa"`
Algorithm string `json:"algorithm,omitempty"`
KeySize int `json:"keySize,omitempty"`
Country string `json:"country"`
Province string `json:"province"`
City string `json:"city"`
Organization string `json:"organization"`
OrganizationalUnit string `json:"organizationalUnit"`
CommonName string `json:"commonName"`
Expiry int `json:"expiry"`
Comment string `json:"comment,omitempty"`
}
RequestCACertRequest is the request to create a CA certificate.
type RequestSSLCertRequest ¶
type RequestSSLCertRequest struct {
CaUUID string `json:"caUuid"`
Algorithm string `json:"algorithm,omitempty"`
KeySize int `json:"keySize,omitempty"`
Country string `json:"country"`
Province string `json:"province"`
City string `json:"city"`
Organization string `json:"organization"`
OrganizationalUnit string `json:"organizationalUnit"`
CommonName string `json:"commonName"`
Expiry int `json:"expiry"`
SubjectAltNames []SubjectAltName `json:"subjectAltNames,omitempty"`
Comment string `json:"comment,omitempty"`
}
RequestSSLCertRequest is the request to issue a new SSL cert (matches API DTO).
type ResultVO ¶
type ResultVO[T any] struct { Code int `json:"code"` Msg string `json:"msg"` Data T `json:"data"` Timestamp string `json:"timestamp"` }
ResultVO is the generic API response wrapper.
type SSLCert ¶
type SSLCert struct {
UUID string `json:"uuid"`
CaUUID string `json:"caUuid"`
Owner string `json:"owner"`
Comment string `json:"comment"`
NotBefore string `json:"notBefore"`
NotAfter string `json:"notAfter"`
CreatedAt string `json:"createdAt"`
ModifiedAt string `json:"modifiedAt"`
}
SSLCert represents an SSL certificate info DTO (CertInfoDTO from API).
type SubjectAltName ¶
SubjectAltName represents a SAN entry.
type ToggleAvailableRequest ¶
type ToggleAvailableRequest struct {
Available bool `json:"available"`
}
ToggleAvailableRequest toggles CA availability.
type UpdateCommentRequest ¶
type UpdateCommentRequest struct {
Comment string `json:"comment"`
}
UpdateCommentRequest updates a comment.
type UpdateProfileRequest ¶
type UpdateProfileRequest struct {
DisplayName string `json:"displayName,omitempty"`
Email string `json:"email,omitempty"`
OldPassword string `json:"oldPassword,omitempty"`
NewPassword string `json:"newPassword,omitempty"`
}
UpdateProfileRequest for PATCH /api/v1/user/profile
type UpdateSuperadminUserRequest ¶
type UpdateSuperadminUserRequest struct {
DisplayName string `json:"displayName,omitempty"`
Email string `json:"email,omitempty"`
Password string `json:"password,omitempty"`
}
UpdateSuperadminUserRequest updates user info (superadmin).
type UpdateUserRoleRequest ¶
UpdateUserRoleRequest updates a user's role.
Source Files