Refactor the SCEP authority initialization
Instead of relying on an intermediate `scep.Service` struct, initialize the `scep.Authority` directly. This removes one redundant layer of indirection.pull/1523/head
parent
6985b4be62
commit
8fc3a46387
@ -1,29 +0,0 @@
|
||||
package scep
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
)
|
||||
|
||||
// ContextKey is the key type for storing and searching for SCEP request
|
||||
// essentials in the context of a request.
|
||||
type ContextKey string
|
||||
|
||||
const (
|
||||
// ProvisionerContextKey provisioner key
|
||||
ProvisionerContextKey = ContextKey("provisioner")
|
||||
)
|
||||
|
||||
// provisionerFromContext searches the context for a SCEP provisioner.
|
||||
// Returns the provisioner or an error.
|
||||
func provisionerFromContext(ctx context.Context) (Provisioner, error) {
|
||||
val := ctx.Value(ProvisionerContextKey)
|
||||
if val == nil {
|
||||
return nil, errors.New("provisioner expected in request context")
|
||||
}
|
||||
p, ok := val.(Provisioner)
|
||||
if !ok || p == nil {
|
||||
return nil, errors.New("provisioner in context is not a SCEP provisioner")
|
||||
}
|
||||
return p, nil
|
||||
}
|
@ -1,7 +0,0 @@
|
||||
package scep
|
||||
|
||||
import "crypto/x509"
|
||||
|
||||
type DB interface {
|
||||
StoreCertificate(crt *x509.Certificate) error
|
||||
}
|
@ -1,38 +0,0 @@
|
||||
package scep
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto"
|
||||
"crypto/x509"
|
||||
)
|
||||
|
||||
// Service is a wrapper for a crypto.Decrypter and crypto.Signer for
|
||||
// decrypting SCEP requests and signing certificates in response to
|
||||
// SCEP certificate requests.
|
||||
type Service struct {
|
||||
roots []*x509.Certificate
|
||||
intermediates []*x509.Certificate
|
||||
signerCertificate *x509.Certificate
|
||||
signer crypto.Signer
|
||||
defaultDecrypter crypto.Decrypter
|
||||
scepProvisionerNames []string
|
||||
}
|
||||
|
||||
// NewService returns a new Service type.
|
||||
func NewService(_ context.Context, opts Options) (*Service, error) {
|
||||
if err := opts.Validate(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &Service{
|
||||
roots: opts.Roots,
|
||||
intermediates: opts.Intermediates,
|
||||
signerCertificate: opts.SignerCert,
|
||||
signer: opts.Signer,
|
||||
defaultDecrypter: opts.Decrypter,
|
||||
scepProvisionerNames: opts.SCEPProvisionerNames,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Service) UpdateProvisioners(scepProvisionerNames []string) {
|
||||
s.scepProvisionerNames = scepProvisionerNames
|
||||
}
|
Loading…
Reference in New Issue