open-nomad/lib/auth/identity.go
2023-04-10 15:36:59 +00:00

40 lines
1,011 B
Go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package auth
import (
"github.com/hashicorp/nomad/nomad/structs"
)
type Identity struct {
// Claims is the format of this Identity suitable for selection
// with a binding rule.
Claims interface{}
// ClaimMappings is the format of this Identity suitable for interpolation in a
// bind name within a binding rule.
ClaimMappings map[string]string
}
// NewIdentity builds a new Identity that can be used to generate bindings via
// Bind for ACL token creation.
func NewIdentity(
authMethodConfig *structs.ACLAuthMethodConfig, authClaims *structs.ACLAuthClaims) *Identity {
claimMappings := make(map[string]string)
// Populate claimMappings vars with empty values so HIL works.
for _, k := range authMethodConfig.ClaimMappings {
claimMappings["value."+k] = ""
}
for k, val := range authClaims.Value {
claimMappings["value."+k] = val
}
return &Identity{
Claims: authClaims,
ClaimMappings: claimMappings,
}
}