-
Notifications
You must be signed in to change notification settings - Fork 56
/
identity_provider.go
52 lines (41 loc) · 1.25 KB
/
identity_provider.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package authorization
import (
"context"
"fmt"
)
const (
BearerScheme string = "bearer"
CertScheme string = "clientcert"
UnknownScheme string = "unknown"
)
//counterfeiter:generate -o fake -fake-name TokenIdentityInspector . TokenIdentityInspector
//counterfeiter:generate -o fake -fake-name CertIdentityInspector . CertIdentityInspector
type Identity struct {
Name string
Kind string
}
type TokenIdentityInspector interface {
WhoAmI(context.Context, string) (Identity, error)
}
type CertIdentityInspector interface {
WhoAmI(context.Context, []byte) (Identity, error)
}
type CertTokenIdentityProvider struct {
tokenInspector TokenIdentityInspector
certInspector CertIdentityInspector
}
func NewCertTokenIdentityProvider(tokenInspector TokenIdentityInspector, certInspector CertIdentityInspector) *CertTokenIdentityProvider {
return &CertTokenIdentityProvider{
tokenInspector: tokenInspector,
certInspector: certInspector,
}
}
func (p *CertTokenIdentityProvider) GetIdentity(ctx context.Context, info Info) (Identity, error) {
if info.Token != "" {
return p.tokenInspector.WhoAmI(ctx, info.Token)
}
if len(info.CertData) != 0 {
return p.certInspector.WhoAmI(ctx, info.CertData)
}
return Identity{}, fmt.Errorf("invalid authorization info")
}