From cedcf58ea7d729acb6ed1a9ab7aec1ae38aed102 Mon Sep 17 00:00:00 2001
From: tjpcc <tjp@ctrl-c.club>
Date: Mon, 9 Oct 2023 08:56:53 -0600
Subject: more useful tlsauth.Approver type

the predicate function should be able to see the whole context and request
---
 contrib/tlsauth/auth.go | 31 -------------------------------
 1 file changed, 31 deletions(-)

(limited to 'contrib/tlsauth/auth.go')

diff --git a/contrib/tlsauth/auth.go b/contrib/tlsauth/auth.go
index 439d297..ff8529b 100644
--- a/contrib/tlsauth/auth.go
+++ b/contrib/tlsauth/auth.go
@@ -1,7 +1,6 @@
 package tlsauth
 
 import (
-	"context"
 	"crypto/x509"
 
 	sr "tildegit.org/tjp/sliderule"
@@ -14,33 +13,3 @@ func Identity(request *sr.Request) *x509.Certificate {
 	}
 	return request.TLSState.PeerCertificates[0]
 }
-
-// RequiredAuth produces an auth predicate.
-//
-// The check requires both that there is a client certificate associated with the
-// request and that it passes the provided approver.
-func RequiredAuth(approve Approver) func(context.Context, *sr.Request) bool {
-	return func(_ context.Context, request *sr.Request) bool {
-		identity := Identity(request)
-		if identity == nil {
-			return false
-		}
-
-		return approve(identity)
-	}
-}
-
-// OptionalAuth produces an auth predicate.
-//
-// The check allows through any request with no client certificate, but if
-// there is one present then it requires that it pass the provided approver.
-func OptionalAuth(approve Approver) func(context.Context, *sr.Request) bool {
-	return func(_ context.Context, request *sr.Request) bool {
-		identity := Identity(request)
-		if identity == nil {
-			return true
-		}
-
-		return approve(identity)
-	}
-}
-- 
cgit v1.2.3