alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Move variable where it is used.

Browse source
This commit is contained in:
Mariano Cano 2020-07-28 17:58:25 -07:00
parent 715eb4eacc
commit ad28f0f59a
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
authority/provisioner/oidc.go
View file

@ -378,10 +378,6 @@ func (o *OIDC) AuthorizeSSHSign(ctx context.Context, token string) ([]SignOption
if err != nil {
return nil, errs.Wrap(http.StatusInternalServerError, err, "oidc.AuthorizeSSHSign")
}
defaults := SignSSHOptions{
CertType: SSHUserCert,
Principals: iden.Usernames,
}
// Certificate templates.
data := sshutil.CreateTemplateData(sshutil.UserCert, claims.Email, iden.Usernames)
@ -399,7 +395,10 @@ func (o *OIDC) AuthorizeSSHSign(ctx context.Context, token string) ([]SignOption
// Non-admin users can only use principals returned by the identityFunc, and
// can only sign user certificates.
if !o.IsAdmin(claims.Email) {
signOptions = append(signOptions, sshCertOptionsValidator(defaults))
signOptions = append(signOptions, sshCertOptionsValidator(SignSSHOptions{
CertType: SSHUserCert,
Principals: iden.Usernames,
}))
}
return append(signOptions,