本文整理匯總了Golang中github.com/openshift/origin/pkg/cmd/util.CertificatesFromFile函數的典型用法代碼示例。如果您正苦於以下問題:Golang CertificatesFromFile函數的具體用法?Golang CertificatesFromFile怎麽用?Golang CertificatesFromFile使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了CertificatesFromFile函數的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: getOAuthClientCertCAs
func getOAuthClientCertCAs(options MasterConfig) ([]*x509.Certificate, error) {
if !UseTLS(options.ServingInfo.ServingInfo) {
return nil, nil
}
allCerts := []*x509.Certificate{}
if options.OAuthConfig != nil {
for _, identityProvider := range options.OAuthConfig.IdentityProviders {
switch provider := identityProvider.Provider.(type) {
case (*RequestHeaderIdentityProvider):
caFile := provider.ClientCA
if len(caFile) == 0 {
continue
}
certs, err := cmdutil.CertificatesFromFile(caFile)
if err != nil {
return nil, fmt.Errorf("Error reading %s: %s", caFile, err)
}
allCerts = append(allCerts, certs...)
}
}
}
return allCerts, nil
}示例2: getAPIClientCertCAs
func getAPIClientCertCAs(options MasterConfig) ([]*x509.Certificate, error) {
if !UseTLS(options.ServingInfo.ServingInfo) {
return nil, nil
}
return cmdutil.CertificatesFromFile(options.ServingInfo.ClientCA)
}示例3: TestOAuthCertFallback
func TestOAuthCertFallback(t *testing.T) {
var (
invalidToken = "invalid"
noToken = ""
invalidCert = restclient.TLSClientConfig{
// We have to generate this dynamically in order to have an invalid cert signed by a signer with the same name as the valid CA
// CertData: ...,
// KeyData: ...,
}
noCert = restclient.TLSClientConfig{}
tokenUser = "user"
certUser = "system:admin"
unauthorizedError = "the server has asked for the client to provide credentials (get users ~)"
anonymousError = `User "system:anonymous" cannot get users at the cluster scope`
)
testutil.RequireEtcd(t)
// Build master config
masterOptions, err := testserver.DefaultMasterOptions()
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
// Start server
clusterAdminKubeConfig, err := testserver.StartConfiguredMaster(masterOptions)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
adminConfig, err := testutil.GetClusterAdminClientConfig(clusterAdminKubeConfig)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
validCert := adminConfig.TLSClientConfig
validToken, err := tokencmd.RequestToken(adminConfig, nil, tokenUser, "pass")
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
if len(validToken) == 0 {
t.Fatalf("Expected valid token, got none")
}
// make a client cert signed by a fake CA with the same name as the real CA.
// this is needed to get the go client to actually send the cert to the server,
// since the server advertises the signer name it requires
fakecadir, err := ioutil.TempDir("", "fakeca")
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
defer os.RemoveAll(fakecadir)
cacerts, err := util.CertificatesFromFile(masterOptions.ServingInfo.ClientCA)
if err != nil || len(cacerts) != 1 {
t.Fatalf("Unexpected error or number of certs: %v, %d", err, len(cacerts))
}
fakeca, err := (&admin.CreateSignerCertOptions{
CertFile: path.Join(fakecadir, "fakeca.crt"),
KeyFile: path.Join(fakecadir, "fakeca.key"),
SerialFile: path.Join(fakecadir, "fakeca.serial"),
Name: cacerts[0].Subject.CommonName,
Output: ioutil.Discard,
Overwrite: true,
}).CreateSignerCert()
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
clientCertConfig, err := fakeca.MakeClientCertificate(
path.Join(fakecadir, "fakeclient.crt"),
path.Join(fakecadir, "fakeclient.key"),
&user.DefaultInfo{Name: "fakeuser"},
)
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
invalidCert.CertData, invalidCert.KeyData, err = clientCertConfig.GetPEMBytes()
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
for k, test := range map[string]struct {
token string
cert restclient.TLSClientConfig
expectedUser string
errorExpected bool
errorString string
}{
"valid token, valid cert": {
token: validToken,
cert: validCert,
expectedUser: tokenUser,
},
"valid token, invalid cert": {
token: validToken,
cert: invalidCert,
expectedUser: tokenUser,
},
//.........這裏部分代碼省略.........