Make sure to define the KeyID from the token if available.

This commit is contained in:
Mariano Cano 2019-12-10 16:34:01 -08:00
parent 014d2c7ccd
commit e841a86b48

View file

@ -209,8 +209,9 @@ func (p *JWK) AuthorizeSSHSign(ctx context.Context, token string) ([]SignOption,
if !opts.ValidBefore.IsZero() { if !opts.ValidBefore.IsZero() {
signOptions = append(signOptions, sshCertificateValidBeforeModifier(opts.ValidBefore.RelativeTime(t).Unix())) signOptions = append(signOptions, sshCertificateValidBeforeModifier(opts.ValidBefore.RelativeTime(t).Unix()))
} }
// Make sure to define the the KeyID if opts.KeyID != "" {
if opts.KeyID == "" { signOptions = append(signOptions, sshCertificateKeyIDModifier(opts.KeyID))
} else {
signOptions = append(signOptions, sshCertificateKeyIDModifier(claims.Subject)) signOptions = append(signOptions, sshCertificateKeyIDModifier(claims.Subject))
} }