Refactor the SCEP authority initialization
Instead of relying on an intermediate `scep.Service` struct, initialize the `scep.Authority` directly. This removes one redundant layer of indirection.pull/1523/head
parent
6985b4be62
commit
8fc3a46387
@ -1,29 +0,0 @@
|
|||||||
package scep
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"errors"
|
|
||||||
)
|
|
||||||
|
|
||||||
// ContextKey is the key type for storing and searching for SCEP request
|
|
||||||
// essentials in the context of a request.
|
|
||||||
type ContextKey string
|
|
||||||
|
|
||||||
const (
|
|
||||||
// ProvisionerContextKey provisioner key
|
|
||||||
ProvisionerContextKey = ContextKey("provisioner")
|
|
||||||
)
|
|
||||||
|
|
||||||
// provisionerFromContext searches the context for a SCEP provisioner.
|
|
||||||
// Returns the provisioner or an error.
|
|
||||||
func provisionerFromContext(ctx context.Context) (Provisioner, error) {
|
|
||||||
val := ctx.Value(ProvisionerContextKey)
|
|
||||||
if val == nil {
|
|
||||||
return nil, errors.New("provisioner expected in request context")
|
|
||||||
}
|
|
||||||
p, ok := val.(Provisioner)
|
|
||||||
if !ok || p == nil {
|
|
||||||
return nil, errors.New("provisioner in context is not a SCEP provisioner")
|
|
||||||
}
|
|
||||||
return p, nil
|
|
||||||
}
|
|
@ -1,7 +0,0 @@
|
|||||||
package scep
|
|
||||||
|
|
||||||
import "crypto/x509"
|
|
||||||
|
|
||||||
type DB interface {
|
|
||||||
StoreCertificate(crt *x509.Certificate) error
|
|
||||||
}
|
|
@ -1,38 +0,0 @@
|
|||||||
package scep
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"crypto"
|
|
||||||
"crypto/x509"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Service is a wrapper for a crypto.Decrypter and crypto.Signer for
|
|
||||||
// decrypting SCEP requests and signing certificates in response to
|
|
||||||
// SCEP certificate requests.
|
|
||||||
type Service struct {
|
|
||||||
roots []*x509.Certificate
|
|
||||||
intermediates []*x509.Certificate
|
|
||||||
signerCertificate *x509.Certificate
|
|
||||||
signer crypto.Signer
|
|
||||||
defaultDecrypter crypto.Decrypter
|
|
||||||
scepProvisionerNames []string
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewService returns a new Service type.
|
|
||||||
func NewService(_ context.Context, opts Options) (*Service, error) {
|
|
||||||
if err := opts.Validate(); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
return &Service{
|
|
||||||
roots: opts.Roots,
|
|
||||||
intermediates: opts.Intermediates,
|
|
||||||
signerCertificate: opts.SignerCert,
|
|
||||||
signer: opts.Signer,
|
|
||||||
defaultDecrypter: opts.Decrypter,
|
|
||||||
scepProvisionerNames: opts.SCEPProvisionerNames,
|
|
||||||
}, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *Service) UpdateProvisioners(scepProvisionerNames []string) {
|
|
||||||
s.scepProvisionerNames = scepProvisionerNames
|
|
||||||
}
|
|
Loading…
Reference in New Issue