forked from TrueCloudLab/certificates
Rename context type to apiCtx.
It will conflict with the context package.
This commit is contained in:
Mariano Cano
parent
082ebda85b
commit
2127d09ef3
5 changed files with 14 additions and 14 deletions
|
|
@ -82,7 +82,7 @@ func (a *Authority) Authorize(ott string) ([]provisioner.SignOption, error) {
|
||||||
// AuthorizeSign authorizes a signature request by validating and authenticating
|
// AuthorizeSign authorizes a signature request by validating and authenticating
|
||||||
// a OTT that must be sent w/ the request.
|
// a OTT that must be sent w/ the request.
|
||||||
func (a *Authority) AuthorizeSign(ott string) ([]provisioner.SignOption, error) {
|
func (a *Authority) AuthorizeSign(ott string) ([]provisioner.SignOption, error) {
|
||||||
var errContext = context{"ott": ott}
|
var errContext = apiCtx{"ott": ott}
|
||||||
|
|
||||||
p, err := a.authorizeToken(ott)
|
p, err := a.authorizeToken(ott)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -4,13 +4,13 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
type context map[string]interface{}
|
type apiCtx map[string]interface{}
|
||||||
|
|
||||||
// Error implements the api.Error interface and adds context to error messages.
|
// Error implements the api.Error interface and adds context to error messages.
|
||||||
type apiError struct {
|
type apiError struct {
|
||||||
err error
|
err error
|
||||||
code int
|
code int
|
||||||
context context
|
context apiCtx
|
||||||
}
|
}
|
||||||
|
|
||||||
// Cause implements the errors.Causer interface and returns the original error.
|
// Cause implements the errors.Causer interface and returns the original error.
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@ func (a *Authority) GetEncryptedKey(kid string) (string, error) {
|
||||||
key, ok := a.provisioners.LoadEncryptedKey(kid)
|
key, ok := a.provisioners.LoadEncryptedKey(kid)
|
||||||
if !ok {
|
if !ok {
|
||||||
return "", &apiError{errors.Errorf("encrypted key with kid %s was not found", kid),
|
return "", &apiError{errors.Errorf("encrypted key with kid %s was not found", kid),
|
||||||
http.StatusNotFound, context{}}
|
http.StatusNotFound, apiCtx{}}
|
||||||
}
|
}
|
||||||
return key, nil
|
return key, nil
|
||||||
}
|
}
|
||||||
|
|
@ -31,7 +31,7 @@ func (a *Authority) LoadProvisionerByCertificate(crt *x509.Certificate) (provisi
|
||||||
p, ok := a.provisioners.LoadByCertificate(crt)
|
p, ok := a.provisioners.LoadByCertificate(crt)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, &apiError{errors.Errorf("provisioner not found"),
|
return nil, &apiError{errors.Errorf("provisioner not found"),
|
||||||
http.StatusNotFound, context{}}
|
http.StatusNotFound, apiCtx{}}
|
||||||
}
|
}
|
||||||
return p, nil
|
return p, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,13 +12,13 @@ func (a *Authority) Root(sum string) (*x509.Certificate, error) {
|
||||||
val, ok := a.certificates.Load(sum)
|
val, ok := a.certificates.Load(sum)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, &apiError{errors.Errorf("certificate with fingerprint %s was not found", sum),
|
return nil, &apiError{errors.Errorf("certificate with fingerprint %s was not found", sum),
|
||||||
http.StatusNotFound, context{}}
|
http.StatusNotFound, apiCtx{}}
|
||||||
}
|
}
|
||||||
|
|
||||||
crt, ok := val.(*x509.Certificate)
|
crt, ok := val.(*x509.Certificate)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, &apiError{errors.Errorf("stored value is not a *x509.Certificate"),
|
return nil, &apiError{errors.Errorf("stored value is not a *x509.Certificate"),
|
||||||
http.StatusInternalServerError, context{}}
|
http.StatusInternalServerError, apiCtx{}}
|
||||||
}
|
}
|
||||||
return crt, nil
|
return crt, nil
|
||||||
}
|
}
|
||||||
|
|
@ -53,7 +53,7 @@ func (a *Authority) GetFederation() (federation []*x509.Certificate, err error)
|
||||||
if !ok {
|
if !ok {
|
||||||
federation = nil
|
federation = nil
|
||||||
err = &apiError{errors.Errorf("stored value is not a *x509.Certificate"),
|
err = &apiError{errors.Errorf("stored value is not a *x509.Certificate"),
|
||||||
http.StatusInternalServerError, context{}}
|
http.StatusInternalServerError, apiCtx{}}
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
federation = append(federation, crt)
|
federation = append(federation, crt)
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@ func withDefaultASN1DN(def *x509util.ASN1DN) x509util.WithOption {
|
||||||
// Sign creates a signed certificate from a certificate signing request.
|
// Sign creates a signed certificate from a certificate signing request.
|
||||||
func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts provisioner.Options, extraOpts ...provisioner.SignOption) (*x509.Certificate, *x509.Certificate, error) {
|
func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts provisioner.Options, extraOpts ...provisioner.SignOption) (*x509.Certificate, *x509.Certificate, error) {
|
||||||
var (
|
var (
|
||||||
errContext = context{"csr": csr, "signOptions": signOpts}
|
errContext = apiCtx{"csr": csr, "signOptions": signOpts}
|
||||||
mods = []x509util.WithOption{withDefaultASN1DN(a.config.AuthorityConfig.Template)}
|
mods = []x509util.WithOption{withDefaultASN1DN(a.config.AuthorityConfig.Template)}
|
||||||
certValidators = []provisioner.CertificateValidator{}
|
certValidators = []provisioner.CertificateValidator{}
|
||||||
issIdentity = a.intermediateIdentity
|
issIdentity = a.intermediateIdentity
|
||||||
|
|
@ -181,23 +181,23 @@ func (a *Authority) Renew(oldCert *x509.Certificate) (*x509.Certificate, *x509.C
|
||||||
leaf, err := x509util.NewLeafProfileWithTemplate(newCert,
|
leaf, err := x509util.NewLeafProfileWithTemplate(newCert,
|
||||||
issIdentity.Crt, issIdentity.Key)
|
issIdentity.Crt, issIdentity.Key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, &apiError{err, http.StatusInternalServerError, context{}}
|
return nil, nil, &apiError{err, http.StatusInternalServerError, apiCtx{}}
|
||||||
}
|
}
|
||||||
crtBytes, err := leaf.CreateCertificate()
|
crtBytes, err := leaf.CreateCertificate()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, &apiError{errors.Wrap(err, "error renewing certificate from existing server certificate"),
|
return nil, nil, &apiError{errors.Wrap(err, "error renewing certificate from existing server certificate"),
|
||||||
http.StatusInternalServerError, context{}}
|
http.StatusInternalServerError, apiCtx{}}
|
||||||
}
|
}
|
||||||
|
|
||||||
serverCert, err := x509.ParseCertificate(crtBytes)
|
serverCert, err := x509.ParseCertificate(crtBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, &apiError{errors.Wrap(err, "error parsing new server certificate"),
|
return nil, nil, &apiError{errors.Wrap(err, "error parsing new server certificate"),
|
||||||
http.StatusInternalServerError, context{}}
|
http.StatusInternalServerError, apiCtx{}}
|
||||||
}
|
}
|
||||||
caCert, err := x509.ParseCertificate(issIdentity.Crt.Raw)
|
caCert, err := x509.ParseCertificate(issIdentity.Crt.Raw)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, &apiError{errors.Wrap(err, "error parsing intermediate certificate"),
|
return nil, nil, &apiError{errors.Wrap(err, "error parsing intermediate certificate"),
|
||||||
http.StatusInternalServerError, context{}}
|
http.StatusInternalServerError, apiCtx{}}
|
||||||
}
|
}
|
||||||
|
|
||||||
return serverCert, caCert, nil
|
return serverCert, caCert, nil
|
||||||
|
|
@ -222,7 +222,7 @@ type RevokeOptions struct {
|
||||||
//
|
//
|
||||||
// TODO: Add OCSP and CRL support.
|
// TODO: Add OCSP and CRL support.
|
||||||
func (a *Authority) Revoke(opts *RevokeOptions) error {
|
func (a *Authority) Revoke(opts *RevokeOptions) error {
|
||||||
errContext := context{
|
errContext := apiCtx{
|
||||||
"serialNumber": opts.Serial,
|
"serialNumber": opts.Serial,
|
||||||
"reasonCode": opts.ReasonCode,
|
"reasonCode": opts.ReasonCode,
|
||||||
"reason": opts.Reason,
|
"reason": opts.Reason,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue