github.com/makyo/juju@v0.0.0-20160425123129-2608902037e9/apiserver/params/registration.go

github.com/makyo/juju@v0.0.0-20160425123129-2608902037e9/apiserver/params/registration.go (about)

     1  // Copyright 2016 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package params
     5  
     6  import (
     7  	"gopkg.in/macaroon.v1"
     8  )
     9  
    10  // SecretKeyLoginRequest contains the parameters for completing
    11  // the registration of a user. The request contains the tag of
    12  // the user, and an encrypted and authenticated payload that
    13  // proves that the requester has a secret key recorded on the
    14  // controller.
    15  type SecretKeyLoginRequest struct {
    16  	// User is the tag-representation of the user that the
    17  	// requester wishes to authenticate as.
    18  	User string `json:"user"`
    19  
    20  	// Nonce is the nonce used by the client to encrypt
    21  	// and authenticate PayloadCiphertext.
    22  	Nonce []byte `json:"nonce"`
    23  
    24  	// PayloadCiphertext is the encrypted and authenticated
    25  	// payload. The payload is encrypted/authenticated using
    26  	// NaCl Secretbox.
    27  	PayloadCiphertext []byte `json:"ciphertext"`
    28  }
    29  
    30  // SecretKeyLoginRequestPayload is JSON-encoded and then encrypted
    31  // and authenticated with the NaCl Secretbox algorithm.
    32  type SecretKeyLoginRequestPayload struct {
    33  	// Password is the new password to set for the user.
    34  	Password string `json:"password"`
    35  }
    36  
    37  // SecretKeyLoginResponse contains the result of completing a user
    38  // registration. This contains an encrypted and authenticated payload,
    39  // containing the information necessary to securely log into the
    40  // controller via the standard password authentication method.
    41  type SecretKeyLoginResponse struct {
    42  	// Nonce is the nonce used by the server to encrypt and
    43  	// authenticate PayloadCiphertext.
    44  	Nonce []byte `json:"nonce"`
    45  
    46  	// PayloadCiphertext is the encrypted and authenticated
    47  	// payload, which is a JSON-encoded SecretKeyLoginResponsePayload.
    48  	PayloadCiphertext []byte `json:"ciphertext"`
    49  }
    50  
    51  // SecretKeyLoginResponsePayload is JSON-encoded and then encrypted
    52  // and authenticated with the NaCl Secretbox algorithm.
    53  type SecretKeyLoginResponsePayload struct {
    54  	// CACert is the CA certificate, required to establish a secure
    55  	// TLS connection to the Juju controller
    56  	CACert string `json:"ca-cert"`
    57  
    58  	// ControllerUUID is the UUID of the Juju controller.
    59  	ControllerUUID string `json:"controller-uuid"`
    60  
    61  	// Macaroon is a time-limited macaroon that can be used for
    62  	// authenticating as the registered user.
    63  	Macaroon *macaroon.Macaroon `json:"macaroon"`
    64  }