tlsauth

package

v1.1.0 Latest Latest Go to latest Published: Aug 25, 2023 License: Unlicense Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

tildegit.org/tjp/sliderule

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func Allow(_ *x509.Certificate) bool
func GeminiAuth(approver Approver) sr.Middleware
func GeminiOptionalAuth(approver Approver) sr.Middleware
func Identity(request *sr.Request) *x509.Certificate
func OptionalAuth(approve Approver) func(context.Context, *sr.Request) bool
func Reject(_ *x509.Certificate) bool
func RequiredAuth(approve Approver) func(context.Context, *sr.Request) bool
type Approver
- func RequireSpecificIdentity(identity *x509.Certificate) Approver

Constants ¶

This section is empty.

Variables ¶

View Source

var GeminiRequireCertificate = GeminiAuth(Allow)

GeminiRequireCertificate is a middleware that only requires a client certificate.

Functions ¶

func Allow ¶

func Allow(_ *x509.Certificate) bool

Allow is an approver which permits anything.

func GeminiAuth ¶

func GeminiAuth(approver Approver) sr.Middleware

GeminiAuth builds an authentication middleware from approval criteria.

If a request does not contain a client certificate it will be rejected with a "60 certificate required" response. If the client identity does not pass the approver it will be rejected with "62 certificate invalid".

func GeminiOptionalAuth ¶

func GeminiOptionalAuth(approver Approver) sr.Middleware

GeminiOptionalAuth builds auth middleware which doesn't require an identity.

If there is no client certificate the request will pass through the middleware. It will only be rejected with "62 certificate invalid" if there *is* a client certificate, but it fails the approval.

func Identity ¶

func Identity(request *sr.Request) *x509.Certificate

Identity returns the client certificate for the request or nil if there is none.

func OptionalAuth ¶

func OptionalAuth(approve Approver) func(context.Context, *sr.Request) bool

OptionalAuth produces an auth predicate.

The check allows through any request with no client certificate, but if there is one present then it requires that it pass the provided approver.

func Reject ¶

func Reject(_ *x509.Certificate) bool

Reject is an approver which denies everything.

func RequiredAuth ¶

func RequiredAuth(approve Approver) func(context.Context, *sr.Request) bool

RequiredAuth produces an auth predicate.

The check requires both that there is a client certificate associated with the request and that it passes the provided approver.

Types ¶

type Approver ¶

type Approver func(*x509.Certificate) bool

Approver is a function that validates a certificate.

It should not be have to handle a nil argument.

func RequireSpecificIdentity ¶

func RequireSpecificIdentity(identity *x509.Certificate) Approver

RequireSpecificIdentity builds an approver that demands one specific client certificate.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL