corks_proto library

Classes

ActionScope

ActionScope enumerates allowed actions for the cork.

Any

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Caveat

Caveat restricts how a cork may be used. Placement order matters because the chained MAC is sensitive to the sequence of caveats.

CedarCork

A bearer token that can be used to make claims about an entity for the purpose of authorization and authentication w/ Cedar.

Cork

Cork captures the metadata and chained MAC tail for a Celest authorization token.

Discharge

Discharge fulfils a third-party caveat and may add additional caveats.

Expiry

Expiry constrains the latest time a cork may be used.

FirstPartyCaveat

FirstPartyCaveat encodes predicates evaluated inside the verifier.

IpBinding

IpBinding limits usage to specific CIDR ranges.

OrganizationScope

OrganizationScope encodes Celest tenant hierarchy context.

SessionState

SessionState encodes versioning information for revocation.

ThirdPartyCaveat

ThirdPartyCaveat delegates checks to an external discharge service.

ThirdPartyTicket

ThirdPartyTicket envelopes the derived keys and context needed to issue a discharge. Implementations are free to define their own serialization, but the shared-secret helpers in the SDK rely on this structure.

Enums

Caveat_Body

Extensions

AnyHelper on T

GeneratedMessageGenericExtensions on T

Extensions on GeneratedMessages.

Constants

ActionScope$json → const Map<String, Object>

Caveat$json → const Map<String, Object>

CedarCork$json → const Map<String, Object>

Cork$json → const Map<String, Object>

Discharge$json → const Map<String, Object>

Expiry$json → const Map<String, Object>

FirstPartyCaveat$json → const Map<String, Object>

IpBinding$json → const Map<String, Object>

OrganizationScope$json → const Map<String, Object>

SessionState$json → const Map<String, Object>

ThirdPartyCaveat$json → const Map<String, Object>

ThirdPartyTicket$json → const Map<String, Object>

Properties

actionScopeDescriptor → Uint8List

Descriptor for ActionScope. Decode as a google.protobuf.DescriptorProto.

final

caveatDescriptor → Uint8List

Descriptor for Caveat. Decode as a google.protobuf.DescriptorProto.

final

cedarCorkDescriptor → Uint8List

Descriptor for CedarCork. Decode as a google.protobuf.DescriptorProto.

final

corkDescriptor → Uint8List

Descriptor for Cork. Decode as a google.protobuf.DescriptorProto.

final

dischargeDescriptor → Uint8List

Descriptor for Discharge. Decode as a google.protobuf.DescriptorProto.

final

expiryDescriptor → Uint8List

Descriptor for Expiry. Decode as a google.protobuf.DescriptorProto.

final

firstPartyCaveatDescriptor → Uint8List

Descriptor for FirstPartyCaveat. Decode as a google.protobuf.DescriptorProto.

final

ipBindingDescriptor → Uint8List

Descriptor for IpBinding. Decode as a google.protobuf.DescriptorProto.

final

organizationScopeDescriptor → Uint8List

Descriptor for OrganizationScope. Decode as a google.protobuf.DescriptorProto.

final

sessionStateDescriptor → Uint8List

Descriptor for SessionState. Decode as a google.protobuf.DescriptorProto.

final

thirdPartyCaveatDescriptor → Uint8List

Descriptor for ThirdPartyCaveat. Decode as a google.protobuf.DescriptorProto.

final

thirdPartyTicketDescriptor → Uint8List

Descriptor for ThirdPartyTicket. Decode as a google.protobuf.DescriptorProto.

final