@ -67,7 +67,6 @@ func New(config *Config, opts ...Option) (*Authority, error) {
var a = & Authority {
var a = & Authority {
config : config ,
config : config ,
certificates : new ( sync . Map ) ,
certificates : new ( sync . Map ) ,
provisioners : provisioner . NewCollection ( config . getAudiences ( ) ) ,
}
}
// Apply options.
// Apply options.
@ -88,15 +87,9 @@ func New(config *Config, opts ...Option) (*Authority, error) {
// NewEmbedded initializes an authority that can be embedded in a different
// NewEmbedded initializes an authority that can be embedded in a different
// project without the limitations of the config.
// project without the limitations of the config.
func NewEmbedded ( opts ... Option ) ( * Authority , error ) {
func NewEmbedded ( opts ... Option ) ( * Authority , error ) {
config := & Config {
DNSNames : [ ] string { "localhost" , "127.0.0.1" , "::1" } ,
AuthorityConfig : defaultAuthConfig ,
TLS : & DefaultTLSOptions ,
}
a := & Authority {
a := & Authority {
config : config ,
config : & Config { } ,
certificates : new ( sync . Map ) ,
certificates : new ( sync . Map ) ,
provisioners : provisioner . NewCollection ( config . getAudiences ( ) ) ,
}
}
// Apply options.
// Apply options.
@ -108,6 +101,8 @@ func NewEmbedded(opts ...Option) (*Authority, error) {
// Validate required options
// Validate required options
switch {
switch {
case a . config == nil :
return nil , errors . New ( "cannot create an authority without a configuration" )
case len ( a . rootX509Certs ) == 0 && a . config . Root . HasEmpties ( ) :
case len ( a . rootX509Certs ) == 0 && a . config . Root . HasEmpties ( ) :
return nil , errors . New ( "cannot create an authority without a root certificate" )
return nil , errors . New ( "cannot create an authority without a root certificate" )
case a . x509Issuer == nil && a . config . IntermediateCert == "" :
case a . x509Issuer == nil && a . config . IntermediateCert == "" :
@ -116,6 +111,9 @@ func NewEmbedded(opts ...Option) (*Authority, error) {
return nil , errors . New ( "cannot create an authority without an issuer signer" )
return nil , errors . New ( "cannot create an authority without an issuer signer" )
}
}
// Initialize config required fields.
a . config . init ( )
// Initialize authority from options or configuration.
// Initialize authority from options or configuration.
if err := a . init ( ) ; err != nil {
if err := a . init ( ) ; err != nil {
return nil , err
return nil , err
@ -271,9 +269,11 @@ func (a *Authority) init() error {
return err
return err
}
}
// Initialize provisioners
// Initialize provisioners
audiences := a . config . getAudiences ( )
a . provisioners = provisioner . NewCollection ( audiences )
config := provisioner . Config {
config := provisioner . Config {
Claims : claimer . Claims ( ) ,
Claims : claimer . Claims ( ) ,
Audiences : a . config . getA udiences( ) ,
Audiences : a udiences,
DB : a . db ,
DB : a . db ,
SSHKeys : & provisioner . SSHKeys {
SSHKeys : & provisioner . SSHKeys {
UserKeys : sshKeys . UserKeys ,
UserKeys : sshKeys . UserKeys ,