more useful tlsauth.Approver type

the predicate function should be able to see the whole context and request

1 files changed, 0 insertions, 31 deletions

diff --git a/contrib/tlsauth/auth.go b/contrib/tlsauth/auth.go
index 439d297..ff8529b 100644
--- a/contrib/tlsauth/auth.go
+++ b/contrib/tlsauth/auth.go
@@ -1,7 +1,6 @@
 package tlsauth
 
 import (
-	"context"
 	"crypto/x509"
 
 	sr "tildegit.org/tjp/sliderule"
@@ -14,33 +13,3 @@ func Identity(request *sr.Request) *x509.Certificate {
 	}
 	return request.TLSState.PeerCertificates[0]
 }
-
-// RequiredAuth produces an auth predicate.
-//
-// The check requires both that there is a client certificate associated with the
-// request and that it passes the provided approver.
-func RequiredAuth(approve Approver) func(context.Context, *sr.Request) bool {
-	return func(_ context.Context, request *sr.Request) bool {
-		identity := Identity(request)
-		if identity == nil {
-			return false
-		}
-
-		return approve(identity)
-	}
-}
-
-// OptionalAuth produces an auth predicate.
-//
-// The check allows through any request with no client certificate, but if
-// there is one present then it requires that it pass the provided approver.
-func OptionalAuth(approve Approver) func(context.Context, *sr.Request) bool {
-	return func(_ context.Context, request *sr.Request) bool {
-		identity := Identity(request)
-		if identity == nil {
-			return true
-		}
-
-		return approve(identity)
-	}
-}