本文整理汇总了Golang中github.com/openshift/origin/pkg/cmd/util.CertificatesFromFile函数的典型用法代码示例。如果您正苦于以下问题:Golang CertificatesFromFile函数的具体用法?Golang CertificatesFromFile怎么用?Golang CertificatesFromFile使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了CertificatesFromFile函数的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: getOAuthClientCertCAs
func getOAuthClientCertCAs(options MasterConfig) ([]*x509.Certificate, error) {
if !UseTLS(options.ServingInfo.ServingInfo) {
return nil, nil
}
allCerts := []*x509.Certificate{}
if options.OAuthConfig != nil {
for _, identityProvider := range options.OAuthConfig.IdentityProviders {
switch provider := identityProvider.Provider.(type) {
case (*RequestHeaderIdentityProvider):
caFile := provider.ClientCA
if len(caFile) == 0 {
continue
}
certs, err := cmdutil.CertificatesFromFile(caFile)
if err != nil {
return nil, fmt.Errorf("Error reading %s: %s", caFile, err)
}
allCerts = append(allCerts, certs...)
}
}
}
return allCerts, nil
}
开发者ID:Xmagicer,项目名称:origin,代码行数:27,代码来源:helpers.go
示例2: getAPIClientCertCAs
func getAPIClientCertCAs(options MasterConfig) ([]*x509.Certificate, error) {
if !UseTLS(options.ServingInfo.ServingInfo) {
return nil, nil
}
return cmdutil.CertificatesFromFile(options.ServingInfo.ClientCA)
}
开发者ID:Xmagicer,项目名称:origin,代码行数:7,代码来源:helpers.go
示例3: TestOAuthCertFallback
func TestOAuthCertFallback(t *testing.T) {
var (
invalidToken = "invalid"
noToken = ""
invalidCert = restclient.TLSClientConfig{
// We have to generate this dynamically in order to have an invalid cert signed by a signer with the same name as the valid CA
// CertData: ...,
// KeyData: ...,
}
noCert = restclient.TLSClientConfig{}
tokenUser = "user"
certUser = "system:admin"
unauthorizedError = "the server has asked for the client to provide credentials (get users ~)"
anonymousError = `User "system:anonymous" cannot get users at the cluster scope`
)
testutil.RequireEtcd(t)
// Build master config
masterOptions, err := testserver.DefaultMasterOptions()
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
// Start server
clusterAdminKubeConfig, err := testserver.StartConfiguredMaster(masterOptions)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
adminConfig, err := testutil.GetClusterAdminClientConfig(clusterAdminKubeConfig)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
validCert := adminConfig.TLSClientConfig
validToken, err := tokencmd.RequestToken(adminConfig, nil, tokenUser, "pass")
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
if len(validToken) == 0 {
t.Fatalf("Expected valid token, got none")
}
// make a client cert signed by a fake CA with the same name as the real CA.
// this is needed to get the go client to actually send the cert to the server,
// since the server advertises the signer name it requires
fakecadir, err := ioutil.TempDir("", "fakeca")
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
defer os.RemoveAll(fakecadir)
cacerts, err := util.CertificatesFromFile(masterOptions.ServingInfo.ClientCA)
if err != nil || len(cacerts) != 1 {
t.Fatalf("Unexpected error or number of certs: %v, %d", err, len(cacerts))
}
fakeca, err := (&admin.CreateSignerCertOptions{
CertFile: path.Join(fakecadir, "fakeca.crt"),
KeyFile: path.Join(fakecadir, "fakeca.key"),
SerialFile: path.Join(fakecadir, "fakeca.serial"),
Name: cacerts[0].Subject.CommonName,
Output: ioutil.Discard,
Overwrite: true,
}).CreateSignerCert()
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
clientCertConfig, err := fakeca.MakeClientCertificate(
path.Join(fakecadir, "fakeclient.crt"),
path.Join(fakecadir, "fakeclient.key"),
&user.DefaultInfo{Name: "fakeuser"},
)
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
invalidCert.CertData, invalidCert.KeyData, err = clientCertConfig.GetPEMBytes()
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
for k, test := range map[string]struct {
token string
cert restclient.TLSClientConfig
expectedUser string
errorExpected bool
errorString string
}{
"valid token, valid cert": {
token: validToken,
cert: validCert,
expectedUser: tokenUser,
},
"valid token, invalid cert": {
token: validToken,
cert: invalidCert,
expectedUser: tokenUser,
},
//.........这里部分代码省略.........
开发者ID:legionus,项目名称:origin,代码行数:101,代码来源:oauth_cert_fallback_test.go
注:本文中的github.com/openshift/origin/pkg/cmd/util.CertificatesFromFile函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论