MCPcopy Index your code
hub / github.com/cloudflare/cloudflared / NewAccessValidator

Function NewAccessValidator

validation/validation.go:176–192  ·  view source on GitHub ↗
(ctx context.Context, domain, issuer, applicationAUD string)

Source from the content-addressed store, hash-verified

174}
175
176func NewAccessValidator(ctx context.Context, domain, issuer, applicationAUD string) (*Access, error) {
177 domainURL, err := validateUrlString(domain)
178 if err != nil {
179 return nil, err
180 }
181
182 issuerURL, err := validateUrlString(issuer)
183 if err != nil {
184 return nil, err
185 }
186
187 // An issuerURL from Cloudflare Access will always use HTTPS.
188 issuerURL = strings.Replace(issuerURL, "http:", "https:", 1)
189
190 keySet := oidc.NewRemoteKeySet(ctx, domainURL+accessCertPath)
191 return &Access{oidc.NewVerifier(issuerURL, keySet, &oidc.Config{ClientID: applicationAUD})}, nil
192}
193
194func (a *Access) Validate(ctx context.Context, jwt string) error {
195 token, err := a.verifier.Verify(ctx, jwt)

Callers 3

TestNewAccessValidatorOkFunction · 0.85
FuzzNewAccessValidatorFunction · 0.85

Calls 1

validateUrlStringFunction · 0.85

Tested by 3

TestNewAccessValidatorOkFunction · 0.68
FuzzNewAccessValidatorFunction · 0.68