forked from TrueCloudLab/certificates
Use templates from authority instead of config.
This commit is contained in:
Mariano Cano
parent
a845b56283
commit
e3ae751b57
3 changed files with 16 additions and 14 deletions
|
|
@ -31,6 +31,7 @@ type Authority struct {
|
|||
keyManager kms.KeyManager
|
||||
provisioners *provisioner.Collection
|
||||
db db.AuthDB
|
||||
templates *templates.Templates
|
||||
|
||||
// X509 CA
|
||||
rootX509Certs []*x509.Certificate
|
||||
|
|
@ -301,13 +302,14 @@ func (a *Authority) init() error {
|
|||
|
||||
// Configure templates, currently only ssh templates are supported.
|
||||
if a.sshCAHostCertSignKey != nil || a.sshCAUserCertSignKey != nil {
|
||||
if a.config.Templates == nil {
|
||||
a.config.Templates = templates.DefaultTemplates()
|
||||
a.templates = a.config.Templates
|
||||
if a.templates == nil {
|
||||
a.templates = templates.DefaultTemplates()
|
||||
}
|
||||
if a.config.Templates.Data == nil {
|
||||
a.config.Templates.Data = make(map[string]interface{})
|
||||
if a.templates.Data == nil {
|
||||
a.templates.Data = make(map[string]interface{})
|
||||
}
|
||||
a.config.Templates.Data["Step"] = tmplVars
|
||||
a.templates.Data["Step"] = tmplVars
|
||||
}
|
||||
|
||||
// JWT numeric dates are seconds.
|
||||
|
|
|
|||
|
|
@ -125,19 +125,19 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin
|
|||
return nil, errs.NotFound("getSSHConfig: ssh is not configured")
|
||||
}
|
||||
|
||||
if a.config.Templates == nil {
|
||||
if a.templates == nil {
|
||||
return nil, errs.NotFound("getSSHConfig: ssh templates are not configured")
|
||||
}
|
||||
|
||||
var ts []templates.Template
|
||||
switch typ {
|
||||
case provisioner.SSHUserCert:
|
||||
if a.config.Templates != nil && a.config.Templates.SSH != nil {
|
||||
ts = a.config.Templates.SSH.User
|
||||
if a.templates != nil && a.templates.SSH != nil {
|
||||
ts = a.templates.SSH.User
|
||||
}
|
||||
case provisioner.SSHHostCert:
|
||||
if a.config.Templates != nil && a.config.Templates.SSH != nil {
|
||||
ts = a.config.Templates.SSH.Host
|
||||
if a.templates != nil && a.templates.SSH != nil {
|
||||
ts = a.templates.SSH.Host
|
||||
}
|
||||
default:
|
||||
return nil, errs.BadRequest("getSSHConfig: type %s is not valid", typ)
|
||||
|
|
@ -147,11 +147,11 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin
|
|||
var mergedData map[string]interface{}
|
||||
|
||||
if len(data) == 0 {
|
||||
mergedData = a.config.Templates.Data
|
||||
mergedData = a.templates.Data
|
||||
} else {
|
||||
mergedData = make(map[string]interface{}, len(a.config.Templates.Data)+1)
|
||||
mergedData = make(map[string]interface{}, len(a.templates.Data)+1)
|
||||
mergedData["User"] = data
|
||||
for k, v := range a.config.Templates.Data {
|
||||
for k, v := range a.templates.Data {
|
||||
mergedData[k] = v
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -460,7 +460,7 @@ func TestAuthority_GetSSHConfig(t *testing.T) {
|
|||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
a := testAuthority(t)
|
||||
a.config.Templates = tt.fields.templates
|
||||
a.templates = tt.fields.templates
|
||||
a.sshCAUserCertSignKey = tt.fields.userSigner
|
||||
a.sshCAHostCertSignKey = tt.fields.hostSigner
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue