authentication

package
v0.0.0-...-425cee7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 25, 2015 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var RequireOU = func(allowed []string) func(name *pkix.Name) bool {
	return func(name *pkix.Name) bool {
		for _, haveOU := range name.OrganizationalUnit {
			for _, wantOU := range allowed {
				if haveOU == wantOU {
					return true
				}
			}
		}
		return false
	}
}

Return a CheckCertificate function that returns true IFF one of the certificates in the list has an OrganiziationUnit exactly matching one of the ones allowed.

Functions

This section is empty.

Types

type X509NameVerifier 

type X509NameVerifier struct {
	CheckCertificate func(*pkix.Name) bool
	InvalidHandler   http.Handler
	HeaderName       string
}

X509NameVerifier supports wrapping an http.Handler to check the contents of an x509 distinguished name (DN) passed in a header as from Nginx

func (*X509NameVerifier) Wrap 

func (v *X509NameVerifier) Wrap(h http.Handler) http.Handler

Wrap wraps an HTTP handler to check the contents of client certificates. If CheckCertificate returns true, the request will be passed to the wrapped handler. If CheckCertificate returns false, it will be passed to the InvalidHandler or, if no InvalidHandler is specified, will return an empty 403 response and log the rejected DN.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.