github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-03 09:22:44 +00:00
Code Issues Projects Releases Wiki Activity

getting emailAddress from TLS cert

Browse Source
This commit is contained in:
Hai Huang 2016-05-04 11:18:23 -04:00
parent bf0a5e9fac
commit 235020ad64
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
plugin/pkg/auth/authenticator/request/x509/x509.go
View File

@ -18,6 +18,7 @@ package x509
import ( import (
"crypto/x509" "crypto/x509"
"encoding/asn1"
"net/http" "net/http"
"k8s.io/kubernetes/pkg/auth/user" "k8s.io/kubernetes/pkg/auth/user"
@ -104,7 +105,13 @@ var DNSNameUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (
// EmailAddressUserConversion builds user info from a certificate chain using the first EmailAddress on the certificate // EmailAddressUserConversion builds user info from a certificate chain using the first EmailAddress on the certificate
var EmailAddressUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) { var EmailAddressUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
var emailAddressOID asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 9, 1}
if len(chain[0].EmailAddresses) == 0 { if len(chain[0].EmailAddresses) == 0 {
for _, name := range chain[0].Subject.Names {
if name.Type.Equal(emailAddressOID) {
return &user.DefaultInfo{Name: name.Value.(string)}, true, nil
}
}
return nil, false, nil return nil, false, nil
} }
return &user.DefaultInfo{Name: chain[0].EmailAddresses[0]}, true, nil return &user.DefaultInfo{Name: chain[0].EmailAddresses[0]}, true, nil