diff options
Diffstat (limited to 'contrib/tlsauth/auth.go')
| -rw-r--r-- | contrib/tlsauth/auth.go | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/contrib/tlsauth/auth.go b/contrib/tlsauth/auth.go index 439d297..ff8529b 100644 --- a/contrib/tlsauth/auth.go +++ b/contrib/tlsauth/auth.go @@ -1,7 +1,6 @@ package tlsauth import ( - "context" "crypto/x509" sr "tildegit.org/tjp/sliderule" @@ -14,33 +13,3 @@ func Identity(request *sr.Request) *x509.Certificate { } return request.TLSState.PeerCertificates[0] } - -// RequiredAuth produces an auth predicate. -// -// The check requires both that there is a client certificate associated with the -// request and that it passes the provided approver. -func RequiredAuth(approve Approver) func(context.Context, *sr.Request) bool { - return func(_ context.Context, request *sr.Request) bool { - identity := Identity(request) - if identity == nil { - return false - } - - return approve(identity) - } -} - -// OptionalAuth produces an auth predicate. -// -// The check allows through any request with no client certificate, but if -// there is one present then it requires that it pass the provided approver. -func OptionalAuth(approve Approver) func(context.Context, *sr.Request) bool { - return func(_ context.Context, request *sr.Request) bool { - identity := Identity(request) - if identity == nil { - return true - } - - return approve(identity) - } -} |