Add support for SSH certificates to OIDC.

Update the interface for all the provisioners.
2019-07-29 15:54:07 -07:00 · 2019-07-29 15:54:07 -07:00 · f01286bb48
commit f01286bb48
parent a44b0a1d52
9 changed files with 147 additions and 13 deletions
--- a/authority/provisioner/sign_ssh_options.go
+++ b/authority/provisioner/sign_ssh_options.go
@ -205,11 +205,13 @@ func (m *sshCertificateValidityModifier) Modify(cert *ssh.Certificate) error {
 // sshCertificateOptionsValidator validates the user SSHOptions with the ones
 // usually present in the token.
 type sshCertificateOptionsValidator struct {
-	*SSHOptions
+	Want *SSHOptions
 }

-func (want *sshCertificateOptionsValidator) Valid(got SSHOptions) error {
-	return want.match(got)
+// Valid implements SSHCertificateOptionsValidator and returns nil if both
+// SSHOptions match.
+func (v *sshCertificateOptionsValidator) Valid(got SSHOptions) error {
+	return v.Want.match(got)
 }

 // sshCertificateDefaultValidator implements a simple validator for all the