forked from TrueCloudLab/certificates
Add certificate requests in the templates.
This commit is contained in:
parent
ca2fb42d68
commit
28ff122f83
3 changed files with 22 additions and 12 deletions
|
@ -43,7 +43,7 @@ func NewCertificate(cr *x509.CertificateRequest, opts ...Option) (*Certificate,
|
||||||
return nil, errors.Wrap(err, "error validating certificate request")
|
return nil, errors.Wrap(err, "error validating certificate request")
|
||||||
}
|
}
|
||||||
|
|
||||||
o, err := new(Options).apply(opts)
|
o, err := new(Options).apply(cr, opts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,7 @@ package x509util
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"crypto/x509"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"text/template"
|
"text/template"
|
||||||
|
|
||||||
|
@ -15,9 +16,9 @@ type Options struct {
|
||||||
CertBuffer *bytes.Buffer
|
CertBuffer *bytes.Buffer
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *Options) apply(opts []Option) (*Options, error) {
|
func (o *Options) apply(cr *x509.CertificateRequest, opts []Option) (*Options, error) {
|
||||||
for _, fn := range opts {
|
for _, fn := range opts {
|
||||||
if err := fn(o); err != nil {
|
if err := fn(cr, o); err != nil {
|
||||||
return o, err
|
return o, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -25,18 +26,19 @@ func (o *Options) apply(opts []Option) (*Options, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Option is the type used as a variadic argument in NewCertificate.
|
// Option is the type used as a variadic argument in NewCertificate.
|
||||||
type Option func(o *Options) error
|
type Option func(cr *x509.CertificateRequest, o *Options) error
|
||||||
|
|
||||||
// WithTemplate is an options that executes the given template text with the
|
// WithTemplate is an options that executes the given template text with the
|
||||||
// given data.
|
// given data.
|
||||||
func WithTemplate(text string, data map[string]interface{}) Option {
|
func WithTemplate(text string, data TemplateData) Option {
|
||||||
return func(o *Options) error {
|
return func(cr *x509.CertificateRequest, o *Options) error {
|
||||||
tmpl, err := template.New("template").Funcs(sprig.TxtFuncMap()).Parse(text)
|
tmpl, err := template.New("template").Funcs(sprig.TxtFuncMap()).Parse(text)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrapf(err, "error parsing template")
|
return errors.Wrapf(err, "error parsing template")
|
||||||
}
|
}
|
||||||
|
|
||||||
buf := new(bytes.Buffer)
|
buf := new(bytes.Buffer)
|
||||||
|
data.SetCertificateRequest(cr)
|
||||||
if err := tmpl.Execute(buf, data); err != nil {
|
if err := tmpl.Execute(buf, data); err != nil {
|
||||||
return errors.Wrapf(err, "error executing template")
|
return errors.Wrapf(err, "error executing template")
|
||||||
}
|
}
|
||||||
|
@ -47,8 +49,8 @@ func WithTemplate(text string, data map[string]interface{}) Option {
|
||||||
|
|
||||||
// WithTemplateFile is an options that reads the template file and executes it
|
// WithTemplateFile is an options that reads the template file and executes it
|
||||||
// with the given data.
|
// with the given data.
|
||||||
func WithTemplateFile(path string, data map[string]interface{}) Option {
|
func WithTemplateFile(path string, data TemplateData) Option {
|
||||||
return func(o *Options) error {
|
return func(cr *x509.CertificateRequest, o *Options) error {
|
||||||
filename := config.StepAbs(path)
|
filename := config.StepAbs(path)
|
||||||
b, err := ioutil.ReadFile(filename)
|
b, err := ioutil.ReadFile(filename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -61,6 +63,7 @@ func WithTemplateFile(path string, data map[string]interface{}) Option {
|
||||||
}
|
}
|
||||||
|
|
||||||
buf := new(bytes.Buffer)
|
buf := new(bytes.Buffer)
|
||||||
|
data.SetCertificateRequest(cr)
|
||||||
if err := tmpl.Execute(buf, data); err != nil {
|
if err := tmpl.Execute(buf, data); err != nil {
|
||||||
return errors.Wrapf(err, "error executing %s", path)
|
return errors.Wrapf(err, "error executing %s", path)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,13 @@
|
||||||
package x509util
|
package x509util
|
||||||
|
|
||||||
|
import "crypto/x509"
|
||||||
|
|
||||||
const (
|
const (
|
||||||
UserKey = "User"
|
UserKey = "User"
|
||||||
SubjectKey = "Subject"
|
SubjectKey = "Subject"
|
||||||
SANsKey = "SANs"
|
SANsKey = "SANs"
|
||||||
TokenKey = "Token"
|
TokenKey = "Token"
|
||||||
|
CertificateRequestKey = "CR"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TemplateData is an alias for map[string]interface{}. It represents the data
|
// TemplateData is an alias for map[string]interface{}. It represents the data
|
||||||
|
@ -31,6 +34,10 @@ func (t TemplateData) SetToken(v interface{}) {
|
||||||
t[TokenKey] = v
|
t[TokenKey] = v
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (t TemplateData) SetCertificateRequest(cr *x509.CertificateRequest) {
|
||||||
|
t[CertificateRequestKey] = newCertificateRequest(cr)
|
||||||
|
}
|
||||||
|
|
||||||
const DefaultLeafTemplate = `{
|
const DefaultLeafTemplate = `{
|
||||||
"subject": {{ toJson .Subject }},
|
"subject": {{ toJson .Subject }},
|
||||||
"sans": {{ toJson .SANs }},
|
"sans": {{ toJson .SANs }},
|
||||||
|
|
Loading…
Reference in a new issue