Revision 651078df
Added by Michael Moll about 4 years ago
| modules/puppetca_token_whitelisting/puppetca_token_whitelisting_autosigner.rb | ||
|---|---|---|
|
end
|
||
|
|
||
|
# Invalidate a token based on the certname
|
||
|
def disable certname
|
||
|
def disable(certname)
|
||
|
storage.remove_if do |token|
|
||
|
decoded = JWT.decode(token, smartproxy_cert.public_key, true, algorithm: JWT_ALGORITHM)
|
||
|
decoded.first['certname'] == certname
|
||
| ... | ... | |
|
end
|
||
|
|
||
|
# Create a new token for a certname
|
||
|
def autosign certname, ttl
|
||
|
def autosign(certname, ttl)
|
||
|
ttl = (ttl.to_i > 0) ? ttl.to_i : token_ttl
|
||
|
payload = { certname: certname, exp: Time.now.to_i + ttl * 60 }
|
||
|
token = JWT.encode payload, smartproxy_cert, JWT_ALGORITHM
|
||
| ... | ... | |
|
|
||
|
# Check whether a csr is valid and should be signed
|
||
|
# by checking its token if it exists
|
||
|
def validate_csr csr
|
||
|
def validate_csr(csr)
|
||
|
if csr.nil?
|
||
|
logger.warn "Request did not include a CSR."
|
||
|
return false
|
||
| ... | ... | |
|
validate_token token
|
||
|
end
|
||
|
|
||
|
def validate_token token
|
||
|
def validate_token(token)
|
||
|
# token didnt expire?
|
||
|
begin
|
||
|
JWT.decode(token, smartproxy_cert.public_key, true, algorithm: JWT_ALGORITHM)
|
||
Also available in: Unified diff
Fixes #29176 - Fix Style/MethodDefParentheses cop