3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-19 09:38:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: add UserPrincipalName SAN match

Browse source 
Add support for UserPrincipalName SAN matching to the policy evaluator.

Add unit tests. Unfortunately, adding a new test cert requires
regenerating the existing ones as well, because the CA key isn't saved.
This commit is contained in:
Kenneth Jenkins 2024-07-23 14:16:09 -07:00
parent ee365532ac
commit d495a1531e
4 changed files with 279 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

2
authorize/evaluator/headers_evaluator_test.go
View file

@ -171,7 +171,7 @@ func TestHeadersEvaluator(t *testing.T) {
assert.Equal(t, "CUSTOM_VALUE", output.Headers.Get("X-Custom-Header"))
assert.Equal(t, "ID_TOKEN", output.Headers.Get("X-ID-Token"))
assert.Equal(t, "ACCESS_TOKEN", output.Headers.Get("X-Access-Token"))
assert.Equal(t, "ebf421e323e31c3900a7985a16e72c59f45f5a2c15283297567e226b3b17d1a1",
assert.Equal(t, "d850ddd39279f34f01b13548f364dd529b23531aaffe8f592c03bb79f76bf031",
output.Headers.Get("Client-Cert-Fingerprint"))
assert.Equal(t, "escaped $dollar sign", output.Headers.Get("Foo"))
})