trying to pass access token to template

1 year ago · a32bb66e47
parent ff41a1193d
commit a32bb66e47
2 changed files with 35 additions and 0 deletions
--- a/acme/challenge.go
+++ b/acme/challenge.go
@ -18,6 +18,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"gopkg.in/square/go-jose.v2/jwt"
 	"io"
 	"net"
 	"net/url"
@ -535,6 +536,19 @@ func wireDPOP01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
 	if err = db.UpdateChallenge(ctx, ch); err != nil {
 		return WrapErrorISE(err, "error updating challenge")
 	}
+
+	//var access := wireChallengePayload.AccessToken
+	parsedAccessToken, err := jwt.ParseSigned(wireChallengePayload.AccessToken)
+	if err != nil {
+		return WrapErrorISE(err, "Invalid access token")
+	}
+	access := make(map[string]interface{})
+	if err := parsedAccessToken.UnsafeClaimsWithoutVerification(&access); err != nil {
+		return WrapErrorISE(err, "Failed parsing access token")
+	}
+
+	ctx = context.WithValue(ctx, "access", access)
+
 	return nil
 }

--- a/acme/order.go
+++ b/acme/order.go
@ -208,6 +208,27 @@ func (o *Order) Finalize(ctx context.Context, db DB, csr *x509.CertificateReques
 	}
 	data.SetSubject(subject)

+	/*// inject the raw dpop token as template variable
+	dpop, ok := ctx.Value("dpop").(map[string]interface{})
+	if !ok {
+		return WrapErrorISE(err, "Invalid or absent dpop in context")
+	}
+	data.Set("dpop", dpop)*/
+
+	// inject the raw access token as template variable
+	access, ok := ctx.Value("access").(map[string]interface{})
+	if !ok {
+		return WrapErrorISE(err, "Invalid or absent access in context")
+	}
+	data.Set("access", access)
+
+	/*// inject the raw OIDC id token as template variable
+	oidc, ok := ctx.Value("oidc").(map[string]interface{})
+	if !ok {
+		return WrapErrorISE(err, "Invalid or absent oidc in context")
+	}
+	data.Set("oidc", oidc)*/
+
 	// Custom sign options passed to authority.Sign
 	var extraOptions []provisioner.SignOption