aboutsummaryrefslogtreecommitdiff
path: root/server/signer/signer.go
diff options
context:
space:
mode:
Diffstat (limited to 'server/signer/signer.go')
-rw-r--r--server/signer/signer.go15
1 files changed, 15 insertions, 0 deletions
diff --git a/server/signer/signer.go b/server/signer/signer.go
index 2a15849..2a8fc98 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -10,7 +10,9 @@ import (
"go4.org/wkfs"
_ "go4.org/wkfs/gcs" // Register "/gcs/" as a wkfs.
+ "github.com/golang/protobuf/ptypes"
"github.com/nsheridan/cashier/lib"
+ "github.com/nsheridan/cashier/proto"
"github.com/nsheridan/cashier/server/config"
"github.com/nsheridan/cashier/server/store"
"github.com/stripe/krl"
@@ -51,6 +53,19 @@ func (s *KeySigner) setPermissions(cert *ssh.Certificate) {
}
}
+// SignUserKeyFromRPC returns a signed ssh certificate.
+func (s *KeySigner) SignUserKeyFromRPC(req *proto.SignRequest, username string) (*ssh.Certificate, error) {
+ valid, err := ptypes.Timestamp(req.GetValidUntil())
+ if err != nil {
+ return nil, err
+ }
+ r := &lib.SignRequest{
+ Key: string(req.GetKey()),
+ ValidUntil: valid,
+ }
+ return s.SignUserKey(r, username)
+}
+
// SignUserKey returns a signed ssh certificate.
func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) {
pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key))