3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-25 05:58:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

stub out HPKE public key fetch for self-hosted authenticate (#4360)

Browse source 
Fetch the HPKE public key only when configured to use the hosted
authenticate service. Determine whether we are using the hosted
authenticate service by comparing the resolved authenticate domain with
a hard-coded list of hosted authenticate domains.

Extract this list of hosted authenticate domains to the internal/urlutil
package in order to keep a single source of truth for this data.
This commit is contained in:
Kenneth Jenkins 2023-07-13 10:04:34 -07:00 committed by GitHub
parent 4674b98cfb
commit a1388592d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 107 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

25
internal/urlutil/hostedauthenticate.go Normal file
View file

@ -0,0 +1,25 @@
package urlutil
// HostedAuthenticateDomains is a list of all known domains associated with the
// hosted authenticate service.
var HostedAuthenticateDomains = []string{
"authenticate.pomerium.app",
"authenticate.staging.pomerium.app",
}
var hostedAuthenticateDomainSet = initHostedAuthenticateDomainSet()
func initHostedAuthenticateDomainSet() map[string]struct{} {
s := make(map[string]struct{})
for _, domain := range HostedAuthenticateDomains {
s[domain] = struct{}{}
}
return s
}
// IsHostedAuthenticateDomain indicates whether the given domain is associated
// with the hosted authenticate service.
func IsHostedAuthenticateDomain(domain string) bool {
_, isHostedAuthenticate := hostedAuthenticateDomainSet[domain]
return isHostedAuthenticate
}