Move Wire option validation to provisioner initialization

This commit is contained in:
Herman Slatman 2024-01-29 16:45:13 +01:00
parent 79943d2e5e
commit 8a9b1b3f79
No known key found for this signature in database
GPG Key ID: F4D8A44EA0A75A4F
4 changed files with 34 additions and 26 deletions

View File

@ -280,9 +280,9 @@ func newAuthorization(ctx context.Context, az *acme.Authorization) error {
var target string
switch az.Identifier.Type {
case acme.WireUser:
wireOptions, err := prov.GetOptions().GetWireOptions()
if err != nil {
return acme.WrapErrorISE(err, "failed getting Wire options")
wireOptions := prov.GetOptions().GetWireOptions()
if wireOptions == nil {
return acme.NewErrorISE("failed getting Wire options")
}
var targetProvider interface{ EvaluateTarget(string) (string, error) }
switch typ {
@ -305,9 +305,9 @@ func newAuthorization(ctx context.Context, az *acme.Authorization) error {
if err != nil {
return acme.WrapError(acme.ErrorMalformedType, err, "failed parsing ClientID")
}
wireOptions, err := prov.GetOptions().GetWireOptions()
if err != nil {
return acme.WrapErrorISE(err, "failed getting Wire options")
wireOptions := prov.GetOptions().GetWireOptions()
if wireOptions == nil {
return acme.NewErrorISE("failed getting Wire options")
}
var targetProvider interface{ EvaluateTarget(string) (string, error) }
switch typ {

View File

@ -362,6 +362,10 @@ func wireOIDC01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
if !ok {
return NewErrorISE("missing provisioner")
}
wireOptions := prov.GetOptions().GetWireOptions()
if wireOptions == nil {
return NewErrorISE("no Wire options available")
}
linker, ok := LinkerFromContext(ctx)
if !ok {
return NewErrorISE("missing linker")
@ -378,11 +382,6 @@ func wireOIDC01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
return WrapErrorISE(err, "error unmarshalling challenge data")
}
wireOptions, err := prov.GetOptions().GetWireOptions()
if err != nil {
return WrapErrorISE(err, "failed getting Wire options")
}
oidcOptions := wireOptions.GetOIDCOptions()
verifier := oidcOptions.GetProvider(ctx).Verifier(oidcOptions.GetConfig())
idToken, err := verifier.Verify(ctx, oidcPayload.IDToken)
@ -490,6 +489,10 @@ func wireDPOP01Validate(ctx context.Context, ch *Challenge, db DB, accountJWK *j
if !ok {
return NewErrorISE("missing provisioner")
}
wireOptions := prov.GetOptions().GetWireOptions()
if wireOptions == nil {
return NewErrorISE("no Wire options available")
}
linker, ok := LinkerFromContext(ctx)
if !ok {
return NewErrorISE("missing linker")
@ -510,11 +513,6 @@ func wireDPOP01Validate(ctx context.Context, ch *Challenge, db DB, accountJWK *j
return WrapErrorISE(err, "error parsing device id")
}
wireOptions, err := prov.GetOptions().GetWireOptions()
if err != nil {
return WrapErrorISE(err, "failed getting Wire options")
}
dpopOptions := wireOptions.GetDPOPOptions()
issuer, err := dpopOptions.EvaluateTarget(clientID.DeviceID)
if err != nil {

View File

@ -211,10 +211,27 @@ func (p *ACME) Init(config Config) (err error) {
}
}
if err := p.initializeWireOptions(); err != nil {
return fmt.Errorf("failed initializing Wire options: %w", err)
}
p.ctl, err = NewController(p, p.Claims, config, p.Options)
return
}
func (p *ACME) initializeWireOptions() error {
w := p.GetOptions().GetWireOptions()
if w == nil {
return nil
}
if err := w.Validate(); err != nil {
return fmt.Errorf("failed validating Wire options: %w", err)
}
return nil
}
// ACMEIdentifierType encodes ACME Identifier types
type ACMEIdentifierType string

View File

@ -2,7 +2,6 @@ package provisioner
import (
"encoding/json"
"fmt"
"strings"
"github.com/pkg/errors"
@ -55,17 +54,11 @@ func (o *Options) GetSSHOptions() *SSHOptions {
}
// GetWireOptions returns the SSH options.
func (o *Options) GetWireOptions() (*wire.Options, error) {
func (o *Options) GetWireOptions() *wire.Options {
if o == nil {
return nil, errors.New("no options available")
return nil
}
if o.Wire == nil {
return nil, errors.New("no Wire options available")
}
if err := o.Wire.Validate(); err != nil {
return nil, fmt.Errorf("failed validating Wire options: %w", err)
}
return o.Wire, nil
return o.Wire
}
// GetWebhooks returns the webhooks options.