We use cookies to ensure you get the best experience on our website
Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
0ct0pu5
/
moby
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: debcb76939
Dallar Biçim İmleri
moby
/
vendor
/
github.com
/
google
/
s2a-go
/
internal
/
authinfo
/
authinfo.go

authinfo.go 4.0 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. /*
    2. 

  2.  *
    3. 

  3.  * Copyright 2021 Google LLC
    4. 

  4.  *
    5. 

  5.  * Licensed under the Apache License, Version 2.0 (the "License");
    6. 

  6.  * you may not use this file except in compliance with the License.
    7. 

  7.  * You may obtain a copy of the License at
    8. 

  8.  *
    9. 

  9.  *     https://www.apache.org/licenses/LICENSE-2.0
    10. 

  10.  *
    11. 

  11.  * Unless required by applicable law or agreed to in writing, software
    12. 

  12.  * distributed under the License is distributed on an "AS IS" BASIS,
    13. 

  13.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14. 

  14.  * See the License for the specific language governing permissions and
    15. 

  15.  * limitations under the License.
    16. 

  16.  *
    17. 

  17.  */
    18. 

  18. 

  19. // Package authinfo provides authentication and authorization information that
    20. 

  20. // results from the TLS handshake.
    21. 

  21. package authinfo
    22. 

  22. 

  23. import (
    24. 

  24. 	"errors"
    25. 

  25. 

  26. 	commonpb "github.com/google/s2a-go/internal/proto/common_go_proto"
    27. 

  27. 	contextpb "github.com/google/s2a-go/internal/proto/s2a_context_go_proto"
    28. 

  28. 	grpcpb "github.com/google/s2a-go/internal/proto/s2a_go_proto"
    29. 

  29. 	"google.golang.org/grpc/credentials"
    30. 

  30. )
    31. 

  31. 

  32. var _ credentials.AuthInfo = (*S2AAuthInfo)(nil)
    33. 

  33. 

  34. const s2aAuthType = "s2a"
    35. 

  35. 

  36. // S2AAuthInfo exposes authentication and authorization information from the
    37. 

  37. // S2A session result to the gRPC stack.
    38. 

  38. type S2AAuthInfo struct {
    39. 

  39. 	s2aContext     *contextpb.S2AContext
    40. 

  40. 	commonAuthInfo credentials.CommonAuthInfo
    41. 

  41. }
    42. 

  42. 

  43. // NewS2AAuthInfo returns a new S2AAuthInfo object from the S2A session result.
    44. 

  44. func NewS2AAuthInfo(result *grpcpb.SessionResult) (credentials.AuthInfo, error) {
    45. 

  45. 	return newS2AAuthInfo(result)
    46. 

  46. }
    47. 

  47. 

  48. func newS2AAuthInfo(result *grpcpb.SessionResult) (*S2AAuthInfo, error) {
    49. 

  49. 	if result == nil {
    50. 

  50. 		return nil, errors.New("NewS2aAuthInfo given nil session result")
    51. 

  51. 	}
    52. 

  52. 	return &S2AAuthInfo{
    53. 

  53. 		s2aContext: &contextpb.S2AContext{
    54. 

  54. 			ApplicationProtocol:  result.GetApplicationProtocol(),
    55. 

  55. 			TlsVersion:           result.GetState().GetTlsVersion(),
    56. 

  56. 			Ciphersuite:          result.GetState().GetTlsCiphersuite(),
    57. 

  57. 			PeerIdentity:         result.GetPeerIdentity(),
    58. 

  58. 			LocalIdentity:        result.GetLocalIdentity(),
    59. 

  59. 			PeerCertFingerprint:  result.GetPeerCertFingerprint(),
    60. 

  60. 			LocalCertFingerprint: result.GetLocalCertFingerprint(),
    61. 

  61. 			IsHandshakeResumed:   result.GetState().GetIsHandshakeResumed(),
    62. 

  62. 		},
    63. 

  63. 		commonAuthInfo: credentials.CommonAuthInfo{SecurityLevel: credentials.PrivacyAndIntegrity},
    64. 

  64. 	}, nil
    65. 

  65. }
    66. 

  66. 

  67. // AuthType returns the authentication type.
    68. 

  68. func (s *S2AAuthInfo) AuthType() string {
    69. 

  69. 	return s2aAuthType
    70. 

  70. }
    71. 

  71. 

  72. // ApplicationProtocol returns the application protocol, e.g. "grpc".
    73. 

  73. func (s *S2AAuthInfo) ApplicationProtocol() string {
    74. 

  74. 	return s.s2aContext.GetApplicationProtocol()
    75. 

  75. }
    76. 

  76. 

  77. // TLSVersion returns the TLS version negotiated during the handshake.
    78. 

  78. func (s *S2AAuthInfo) TLSVersion() commonpb.TLSVersion {
    79. 

  79. 	return s.s2aContext.GetTlsVersion()
    80. 

  80. }
    81. 

  81. 

  82. // Ciphersuite returns the ciphersuite negotiated during the handshake.
    83. 

  83. func (s *S2AAuthInfo) Ciphersuite() commonpb.Ciphersuite {
    84. 

  84. 	return s.s2aContext.GetCiphersuite()
    85. 

  85. }
    86. 

  86. 

  87. // PeerIdentity returns the authenticated identity of the peer.
    88. 

  88. func (s *S2AAuthInfo) PeerIdentity() *commonpb.Identity {
    89. 

  89. 	return s.s2aContext.GetPeerIdentity()
    90. 

  90. }
    91. 

  91. 

  92. // LocalIdentity returns the local identity of the application used during
    93. 

  93. // session setup.
    94. 

  94. func (s *S2AAuthInfo) LocalIdentity() *commonpb.Identity {
    95. 

  95. 	return s.s2aContext.GetLocalIdentity()
    96. 

  96. }
    97. 

  97. 

  98. // PeerCertFingerprint returns the SHA256 hash of the peer certificate used in
    99. 

  99. // the S2A handshake.
    100. 

  100. func (s *S2AAuthInfo) PeerCertFingerprint() []byte {
    101. 

  101. 	return s.s2aContext.GetPeerCertFingerprint()
    102. 

  102. }
    103. 

  103. 

  104. // LocalCertFingerprint returns the SHA256 hash of the local certificate used
    105. 

  105. // in the S2A handshake.
    106. 

  106. func (s *S2AAuthInfo) LocalCertFingerprint() []byte {
    107. 

  107. 	return s.s2aContext.GetLocalCertFingerprint()
    108. 

  108. }
    109. 

  109. 

  110. // IsHandshakeResumed returns true if a cached session was used to resume
    111. 

  111. // the handshake.
    112. 

  112. func (s *S2AAuthInfo) IsHandshakeResumed() bool {
    113. 

  113. 	return s.s2aContext.GetIsHandshakeResumed()
    114. 

  114. }
    115. 

  115. 

  116. // SecurityLevel returns the security level of the connection.
    117. 

  117. func (s *S2AAuthInfo) SecurityLevel() credentials.SecurityLevel {
    118. 

  118. 	return s.commonAuthInfo.SecurityLevel
    119. 

  119. }
    120.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5