From dba3de4451f29fc0b8cb6474b9bbb18ed61d9eac Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Thu, 1 Sep 2016 22:28:12 +0100
Subject: Remove the Principal field from the request

The server will always overwrite this field with the username obtained from
the auth provider. Allowing the client to set it is a waste of time.
---
 cmd/cashierd/main.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'cmd')

diff --git a/cmd/cashierd/main.go b/cmd/cashierd/main.go
index e3aec93..e71c126 100644
--- a/cmd/cashierd/main.go
+++ b/cmd/cashierd/main.go
@@ -159,9 +159,9 @@ func signHandler(a *appContext, w http.ResponseWriter, r *http.Request) (int, er
 	if err != nil {
 		return http.StatusInternalServerError, err
 	}
-	req.Principal = a.authprovider.Username(token)
+	username := a.authprovider.Username(token)
 	a.authprovider.Revoke(token) // We don't need this anymore.
-	cert, err := a.sshKeySigner.SignUserKey(req)
+	cert, err := a.sshKeySigner.SignUserKey(req, username)
 	if err != nil {
 		return http.StatusInternalServerError, err
 	}
-- 
cgit v1.2.3