forked from TrueCloudLab/certificates
Enable templates in acme provisioners.
This commit is contained in:
parent
e11160ebf1
commit
81cd288104
1 changed files with 14 additions and 4 deletions
|
@ -3,10 +3,12 @@ package provisioner
|
|||
import (
|
||||
"context"
|
||||
"crypto/x509"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"github.com/smallstep/certificates/errs"
|
||||
"github.com/smallstep/certificates/x509util"
|
||||
)
|
||||
|
||||
// ACME is the acme provisioner type, an entity that can authorize the ACME
|
||||
|
@ -15,8 +17,9 @@ type ACME struct {
|
|||
*base
|
||||
Type string `json:"type"`
|
||||
Name string `json:"name"`
|
||||
Claims *Claims `json:"claims,omitempty"`
|
||||
ForceCN bool `json:"forceCN,omitempty"`
|
||||
Claims *Claims `json:"claims,omitempty"`
|
||||
Options *ProvisionerOptions `json:"options,omitempty"`
|
||||
claimer *Claimer
|
||||
}
|
||||
|
||||
|
@ -72,7 +75,14 @@ func (p *ACME) Init(config Config) (err error) {
|
|||
// in the ACME protocol. This method returns a list of modifiers / constraints
|
||||
// on the resulting certificate.
|
||||
func (p *ACME) AuthorizeSign(ctx context.Context, token string) ([]SignOption, error) {
|
||||
// Certificate templates
|
||||
templateOptions, err := TemplateOptions(p.Options, x509util.NewTemplateData())
|
||||
if err != nil {
|
||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "jwk.AuthorizeSign")
|
||||
}
|
||||
|
||||
return []SignOption{
|
||||
templateOptions,
|
||||
// modifiers / withOptions
|
||||
newProvisionerExtensionOption(TypeACME, p.Name, ""),
|
||||
newForceCNOption(p.ForceCN),
|
||||
|
|
Loading…
Reference in a new issue