68 lines
2 KiB
Go
68 lines
2 KiB
Go
package mgmt
|
|
|
|
import (
|
|
"github.com/smallstep/certificates/authority/admin"
|
|
"github.com/smallstep/certificates/authority/config"
|
|
"github.com/smallstep/certificates/authority/provisioner"
|
|
"github.com/smallstep/certificates/authority/status"
|
|
)
|
|
|
|
// AuthConfig represents the Authority Configuration.
|
|
type AuthConfig struct {
|
|
//*cas.Options `json:"cas"`
|
|
ID string `json:"id"`
|
|
ASN1DN *config.ASN1DN `json:"asn1dn,omitempty"`
|
|
Provisioners []*Provisioner `json:"-"`
|
|
Admins []*Admin `json:"-"`
|
|
Claims *Claims `json:"claims,omitempty"`
|
|
Backdate string `json:"backdate,omitempty"`
|
|
Status status.Type `json:"status,omitempty"`
|
|
}
|
|
|
|
func NewDefaultAuthConfig() *AuthConfig {
|
|
return &AuthConfig{
|
|
Claims: NewDefaultClaims(),
|
|
ASN1DN: &config.ASN1DN{},
|
|
Backdate: config.DefaultBackdate.String(),
|
|
Status: status.Active,
|
|
}
|
|
}
|
|
|
|
// ToCertificates converts a mgmt AuthConfig to configuration that can be
|
|
// directly used by the `step-ca` process. Resources are normalized and
|
|
// initialized.
|
|
func (ac *AuthConfig) ToCertificates() (*config.AuthConfig, error) {
|
|
claims, err := ac.Claims.ToCertificates()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
backdate, err := provisioner.NewDuration(ac.Backdate)
|
|
if err != nil {
|
|
return nil, WrapErrorISE(err, "error converting backdate %s to duration", ac.Backdate)
|
|
}
|
|
var provs []provisioner.Interface
|
|
for _, p := range ac.Provisioners {
|
|
authProv, err := p.ToCertificates()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
provs = append(provs, authProv)
|
|
}
|
|
var admins []*admin.Admin
|
|
for _, adm := range ac.Admins {
|
|
authAdmin, err := adm.ToCertificates()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
admins = append(admins, authAdmin)
|
|
}
|
|
return &config.AuthConfig{
|
|
AuthorityID: ac.ID,
|
|
Provisioners: provs,
|
|
Admins: admins,
|
|
Template: ac.ASN1DN,
|
|
Claims: claims,
|
|
DisableIssuedAtCheck: false,
|
|
Backdate: backdate,
|
|
}, nil
|
|
}
|