forked from TrueCloudLab/certificates
Address comments in code review.
This commit is contained in:
parent
07cdc1021c
commit
23e6de57a2
5 changed files with 6 additions and 26 deletions
|
@ -126,12 +126,6 @@ func TestAuthorityNew(t *testing.T) {
|
|||
// sanity check
|
||||
_, ok = auth.provisioners.Load("fooo")
|
||||
assert.False(t, ok)
|
||||
|
||||
// assert.Equals(t, auth.audiences, []string{
|
||||
// "step-certificate-authority",
|
||||
// "https://127.0.0.1/sign",
|
||||
// "https://127.0.0.1/1.0/sign",
|
||||
// })
|
||||
}
|
||||
}
|
||||
})
|
||||
|
|
|
@ -25,7 +25,6 @@ type Claims struct {
|
|||
|
||||
// Authorize authorizes a signature request by validating and authenticating
|
||||
// a OTT that must be sent w/ the request.
|
||||
// TODO(mariano): protection against reuse for oidc
|
||||
func (a *Authority) Authorize(ott string) ([]provisioner.SignOption, error) {
|
||||
var errContext = map[string]interface{}{"ott": ott}
|
||||
|
||||
|
|
|
@ -101,8 +101,8 @@ func (c *Collection) LoadByCertificate(cert *x509.Certificate) (Interface, bool)
|
|||
return &noop{}, true
|
||||
}
|
||||
|
||||
// LoadEncryptedKey returns a the encrypted key by KeyID. At this moment only
|
||||
// JWK encrypted keys are indexed by KeyID.
|
||||
// LoadEncryptedKey returns an encrypted key by indexed by KeyID. At this moment
|
||||
// only JWK encrypted keys are indexed by KeyID.
|
||||
func (c *Collection) LoadEncryptedKey(keyID string) (string, bool) {
|
||||
p, ok := loadProvisioner(c.byKey, keyID)
|
||||
if !ok {
|
||||
|
@ -112,15 +112,15 @@ func (c *Collection) LoadEncryptedKey(keyID string) (string, bool) {
|
|||
return key, ok
|
||||
}
|
||||
|
||||
// Store adds a provisioner to the collection, it makes sure two provisioner
|
||||
// does not have the same ID.
|
||||
// Store adds a provisioner to the collection and enforces the uniqueness of
|
||||
// provisioner IDs.
|
||||
func (c *Collection) Store(p Interface) error {
|
||||
// Store provisioner always in byID. ID must be unique.
|
||||
if _, loaded := c.byID.LoadOrStore(p.GetID(), p); loaded == true {
|
||||
return errors.New("cannot add multiple provisioners with the same id")
|
||||
}
|
||||
|
||||
// Store provisioner in byKey in EncryptedKey is defined.
|
||||
// Store provisioner in byKey if EncryptedKey is defined.
|
||||
if kid, _, ok := p.GetEncryptedKey(); ok {
|
||||
c.byKey.Store(kid, p)
|
||||
}
|
||||
|
|
|
@ -47,7 +47,7 @@ func (p *JWK) GetEncryptedKey() (string, string, bool) {
|
|||
return p.Key.KeyID, p.EncryptedKey, len(p.EncryptedKey) > 0
|
||||
}
|
||||
|
||||
// Init initializes and validates a the fields of Provisioner type.
|
||||
// Init initializes and validates the fields of a JWK type.
|
||||
func (p *JWK) Init(config Config) (err error) {
|
||||
switch {
|
||||
case p.Name == "":
|
||||
|
|
|
@ -38,19 +38,6 @@ func TestGetEncryptedKey(t *testing.T) {
|
|||
http.StatusNotFound, context{}},
|
||||
}
|
||||
},
|
||||
// "fail-invalid-type-found": func(t *testing.T) *ek {
|
||||
// c, err := LoadConfiguration("../ca/testdata/ca.json")
|
||||
// assert.FatalError(t, err)
|
||||
// a, err := New(c)
|
||||
// assert.FatalError(t, err)
|
||||
// a.encryptedKeyIndex.Store("foo", 5)
|
||||
// return &ek{
|
||||
// a: a,
|
||||
// kid: "foo",
|
||||
// err: &apiError{errors.Errorf("stored value is not a string"),
|
||||
// http.StatusInternalServerError, context{}},
|
||||
// }
|
||||
// },
|
||||
}
|
||||
|
||||
for name, genTestCase := range tests {
|
||||
|
|
Loading…
Reference in a new issue