aboutsummaryrefslogtreecommitdiffstats
path: root/kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go
diff options
context:
space:
mode:
Diffstat (limited to 'kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go')
-rw-r--r--kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go99
1 files changed, 0 insertions, 99 deletions
diff --git a/kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go b/kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go
deleted file mode 100644
index 476ab6a..0000000
--- a/kube2msb/src/vendor/github.com/coreos/go-oidc/key/manager.go
+++ /dev/null
@@ -1,99 +0,0 @@
-package key
-
-import (
- "errors"
- "time"
-
- "github.com/jonboulle/clockwork"
-
- "github.com/coreos/go-oidc/jose"
- "github.com/coreos/pkg/health"
-)
-
-type PrivateKeyManager interface {
- ExpiresAt() time.Time
- Signer() (jose.Signer, error)
- JWKs() ([]jose.JWK, error)
- PublicKeys() ([]PublicKey, error)
-
- WritableKeySetRepo
- health.Checkable
-}
-
-func NewPrivateKeyManager() PrivateKeyManager {
- return &privateKeyManager{
- clock: clockwork.NewRealClock(),
- }
-}
-
-type privateKeyManager struct {
- keySet *PrivateKeySet
- clock clockwork.Clock
-}
-
-func (m *privateKeyManager) ExpiresAt() time.Time {
- if m.keySet == nil {
- return m.clock.Now().UTC()
- }
-
- return m.keySet.ExpiresAt()
-}
-
-func (m *privateKeyManager) Signer() (jose.Signer, error) {
- if err := m.Healthy(); err != nil {
- return nil, err
- }
-
- return m.keySet.Active().Signer(), nil
-}
-
-func (m *privateKeyManager) JWKs() ([]jose.JWK, error) {
- if err := m.Healthy(); err != nil {
- return nil, err
- }
-
- keys := m.keySet.Keys()
- jwks := make([]jose.JWK, len(keys))
- for i, k := range keys {
- jwks[i] = k.JWK()
- }
- return jwks, nil
-}
-
-func (m *privateKeyManager) PublicKeys() ([]PublicKey, error) {
- jwks, err := m.JWKs()
- if err != nil {
- return nil, err
- }
- keys := make([]PublicKey, len(jwks))
- for i, jwk := range jwks {
- keys[i] = *NewPublicKey(jwk)
- }
- return keys, nil
-}
-
-func (m *privateKeyManager) Healthy() error {
- if m.keySet == nil {
- return errors.New("private key manager uninitialized")
- }
-
- if len(m.keySet.Keys()) == 0 {
- return errors.New("private key manager zero keys")
- }
-
- if m.keySet.ExpiresAt().Before(m.clock.Now().UTC()) {
- return errors.New("private key manager keys expired")
- }
-
- return nil
-}
-
-func (m *privateKeyManager) Set(keySet KeySet) error {
- privKeySet, ok := keySet.(*PrivateKeySet)
- if !ok {
- return errors.New("unable to cast to PrivateKeySet")
- }
-
- m.keySet = privKeySet
- return nil
-}