2021-02-12 11:03:08 +00:00
|
|
|
package provisioner
|
|
|
|
|
|
|
|
import (
|
2021-02-12 16:02:39 +00:00
|
|
|
"time"
|
2021-02-12 11:03:08 +00:00
|
|
|
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
)
|
|
|
|
|
|
|
|
// SCEP is the SCEP provisioner type, an entity that can authorize the
|
|
|
|
// SCEP provisioning flow
|
|
|
|
type SCEP struct {
|
|
|
|
*base
|
|
|
|
Type string `json:"type"`
|
|
|
|
Name string `json:"name"`
|
|
|
|
|
2021-02-12 16:02:39 +00:00
|
|
|
// ForceCN bool `json:"forceCN,omitempty"`
|
|
|
|
Options *Options `json:"options,omitempty"`
|
|
|
|
Claims *Claims `json:"claims,omitempty"`
|
|
|
|
claimer *Claimer
|
2021-02-12 11:03:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// GetID returns the provisioner unique identifier.
|
|
|
|
func (s SCEP) GetID() string {
|
|
|
|
return "scep/" + s.Name
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetName returns the name of the provisioner.
|
|
|
|
func (s *SCEP) GetName() string {
|
|
|
|
return s.Name
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetType returns the type of provisioner.
|
|
|
|
func (s *SCEP) GetType() Type {
|
|
|
|
return TypeSCEP
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetEncryptedKey returns the base provisioner encrypted key if it's defined.
|
|
|
|
func (s *SCEP) GetEncryptedKey() (string, string, bool) {
|
|
|
|
return "", "", false
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetTokenID returns the identifier of the token.
|
|
|
|
func (s *SCEP) GetTokenID(ott string) (string, error) {
|
|
|
|
return "", errors.New("scep provisioner does not implement GetTokenID")
|
|
|
|
}
|
|
|
|
|
2021-02-12 16:02:39 +00:00
|
|
|
// GetOptions returns the configured provisioner options.
|
|
|
|
func (s *SCEP) GetOptions() *Options {
|
|
|
|
return s.Options
|
2021-02-12 11:03:08 +00:00
|
|
|
}
|
|
|
|
|
2021-02-12 16:02:39 +00:00
|
|
|
// DefaultTLSCertDuration returns the default TLS cert duration enforced by
|
|
|
|
// the provisioner.
|
|
|
|
func (s *SCEP) DefaultTLSCertDuration() time.Duration {
|
|
|
|
return s.claimer.DefaultTLSCertDuration()
|
2021-02-12 11:03:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Init initializes and validates the fields of a JWK type.
|
|
|
|
func (s *SCEP) Init(config Config) (err error) {
|
|
|
|
|
|
|
|
switch {
|
|
|
|
case s.Type == "":
|
|
|
|
return errors.New("provisioner type cannot be empty")
|
|
|
|
case s.Name == "":
|
|
|
|
return errors.New("provisioner name cannot be empty")
|
|
|
|
}
|
|
|
|
|
2021-02-12 16:02:39 +00:00
|
|
|
// Update claims with global ones
|
|
|
|
if s.claimer, err = NewClaimer(s.Claims, config.Claims); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-02-12 11:03:08 +00:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Interface guards
|
|
|
|
var (
|
|
|
|
_ Interface = (*SCEP)(nil)
|
|
|
|
//_ scep.Provisioner = (*SCEP)(nil)
|
|
|
|
)
|