MCPcopy
hub / github.com/openziti/ziti / Process

Method Process

controller/model/enrollment_mod_ott.go:49–136  ·  view source on GitHub ↗
(ctx EnrollmentContext)

Source from the content-addressed store, hash-verified

47}
48
49func (module *EnrollModuleOtt) Process(ctx EnrollmentContext) (*EnrollmentResult, error) {
50 enrollment, err := module.env.GetManagers().Enrollment.ReadByToken(ctx.GetToken())
51 if err != nil {
52 return nil, err
53 }
54
55 if enrollment == nil || enrollment.IdentityId == nil {
56 return nil, apierror.NewInvalidEnrollmentToken()
57 }
58
59 if enrollment.ExpiresAt == nil || enrollment.ExpiresAt.IsZero() || enrollment.ExpiresAt.Before(time.Now()) {
60 return nil, apierror.NewEnrollmentExpired()
61 }
62
63 identity, err := module.env.GetManagers().Identity.Read(*enrollment.IdentityId)
64
65 if err != nil {
66 return nil, err
67 }
68
69 if identity == nil {
70 return nil, apierror.NewInvalidEnrollmentToken()
71 }
72
73 ctx.GetChangeContext().
74 SetChangeAuthorType(change.AuthorTypeIdentity).
75 SetChangeAuthorId(identity.Id).
76 SetChangeAuthorName(identity.Name)
77
78 csrPem := ctx.GetData().ClientCsrPem
79
80 csr, err := cert.ParseCsrPem(csrPem)
81
82 if err != nil {
83 apiErr := apierror.NewCouldNotProcessCsr()
84 apiErr.Cause = err
85 apiErr.AppendCause = true
86 return nil, apiErr
87 }
88
89 certRaw, err := module.env.GetApiClientCsrSigner().SignCsr(csr, &cert.SigningOpts{})
90
91 if err != nil {
92 apiErr := apierror.NewCouldNotProcessCsr()
93 apiErr.Cause = err
94 apiErr.AppendCause = true
95 return nil, apiErr
96 }
97
98 fp := module.fingerprintGenerator.FromRaw(certRaw)
99
100 clientChainPem, err := module.env.GetManagers().Enrollment.GetCertChainPem(certRaw)
101 if err != nil {
102 return nil, err
103 }
104
105 newAuthenticator := &Authenticator{
106 BaseEntity: models.BaseEntity{

Callers

nothing calls this directly

Calls 15

NewEnrollmentExpiredFunction · 0.92
ParseCsrPemFunction · 0.92
NewCouldNotProcessCsrFunction · 0.92
NewFunction · 0.92
SetChangeAuthorNameMethod · 0.80
SetChangeAuthorIdMethod · 0.80
SetChangeAuthorTypeMethod · 0.80
GetCertChainPemMethod · 0.80
GetManagersMethod · 0.65
GetTokenMethod · 0.65

Tested by

no test coverage detected