claims.SANS -> claims.SANs

This commit is contained in:
max furman 2019-02-04 20:22:02 -08:00
parent 93f39c64a0
commit 6937bfea7b
2 changed files with 7 additions and 7 deletions

View file

@ -20,7 +20,7 @@ type idUsed struct {
// Claims extends jwt.Claims with step attributes.
type Claims struct {
jwt.Claims
SANS []string `json:"sans,omitempty"`
SANs []string `json:"sans,omitempty"`
}
// matchesAudience returns true if A and B share at least one element.
@ -123,10 +123,10 @@ func (a *Authority) Authorize(ott string) ([]interface{}, error) {
// NOTE: This is for backwards compatibility with older versions of cli
// and certificates. Older versions added the token subject as the only SAN
// in a CSR by default.
if len(claims.SANS) == 0 {
claims.SANS = []string{claims.Subject}
if len(claims.SANs) == 0 {
claims.SANs = []string{claims.Subject}
}
dnsNames, ips := SplitSANS(claims.SANS)
dnsNames, ips := SplitSANs(claims.SANs)
if err != nil {
return nil, err
}
@ -150,10 +150,10 @@ func (a *Authority) Authorize(ott string) ([]interface{}, error) {
return signOps, nil
}
// SplitSANS splits a slice of Subject Alternative Names into slices of
// SplitSANs splits a slice of Subject Alternative Names into slices of
// IP Addresses and DNS Names. If an element is not an IP address, then it
// is bucketed as a DNS Name.
func SplitSANS(sans []string) (dnsNames []string, ips []net.IP) {
func SplitSANs(sans []string) (dnsNames []string, ips []net.IP) {
dnsNames = []string{}
ips = []net.IP{}
if sans == nil {

View file

@ -452,7 +452,7 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
return nil, nil, errors.Wrap(err, "error generating key")
}
dnsNames, ips := authority.SplitSANS(claims.SANS)
dnsNames, ips := authority.SplitSANs(claims.SANs)
template := &x509.CertificateRequest{
Subject: pkix.Name{