diff --git a/cmd/cashierd/main.go b/cmd/cashierd/main.go
index e3aec93d7e62acfe3cc2a148d752ab9e5f803821..e71c126a41b7365b249a032cec3d07ca1dedade0 100644
--- a/cmd/cashierd/main.go
+++ b/cmd/cashierd/main.go
@@ -159,9 +159,9 @@ func signHandler(a *appContext, w http.ResponseWriter, r *http.Request) (int, er
if err != nil {
return http.StatusInternalServerError, err
}
- req.Principal = a.authprovider.Username(token)
+ username := a.authprovider.Username(token)
a.authprovider.Revoke(token) // We don't need this anymore.
- cert, err := a.sshKeySigner.SignUserKey(req)
+ cert, err := a.sshKeySigner.SignUserKey(req, username)
if err != nil {
return http.StatusInternalServerError, err
}
diff --git a/lib/const.go b/lib/const.go
index fd771a06bba037d2ae09bdb150364fd6f4b5735d..1ba274931d7ffa6ea59b67d8683f3c3d8b4e925c 100644
--- a/lib/const.go
+++ b/lib/const.go
@@ -5,7 +5,6 @@ import "time"
// SignRequest represents a signing request sent to the server.
type SignRequest struct {
Key string `json:"key"`
- Principal string `json:"principal"`
ValidUntil time.Time `json:"valid_until"`
}
diff --git a/server/signer/signer.go b/server/signer/signer.go
index 0bff1c33bbf51c129855c07b94de583c7a51c923..5ee170aebf6f346d8a27bddcbd93cbcb8d314018 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -27,7 +27,7 @@ type KeySigner struct {
}
// SignUserKey returns a signed ssh certificate.
-func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error) {
+func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) {
pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key))
if err != nil {
return nil, err
@@ -39,11 +39,11 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error)
cert := &ssh.Certificate{
CertType: ssh.UserCert,
Key: pubkey,
- KeyId: fmt.Sprintf("%s_%d", req.Principal, time.Now().UTC().Unix()),
+ KeyId: fmt.Sprintf("%s_%d", username, time.Now().UTC().Unix()),
ValidBefore: uint64(req.ValidUntil.Unix()),
ValidAfter: uint64(time.Now().UTC().Add(-5 * time.Minute).Unix()),
}
- cert.ValidPrincipals = append(cert.ValidPrincipals, req.Principal)
+ cert.ValidPrincipals = append(cert.ValidPrincipals, username)
cert.ValidPrincipals = append(cert.ValidPrincipals, s.principals...)
cert.Extensions = s.permissions
if err := cert.SignCert(rand.Reader, s.ca); err != nil {
diff --git a/server/signer/signer_test.go b/server/signer/signer_test.go
index 805f0fc2a46e255375d5025e61272307269f9525..cdfb4ca230d4f5037e0a010ae94947813ac913ec 100644
--- a/server/signer/signer_test.go
+++ b/server/signer/signer_test.go
@@ -27,10 +27,9 @@ func TestCert(t *testing.T) {
t.Parallel()
r := &lib.SignRequest{
Key: string(testdata.Pub),
- Principal: "gopher1",
ValidUntil: time.Now().Add(1 * time.Hour),
}
- cert, err := signer.SignUserKey(r)
+ cert, err := signer.SignUserKey(r, "gopher1")
if err != nil {
t.Error(err)
}
@@ -38,7 +37,7 @@ func TestCert(t *testing.T) {
t.Error("Cert signer and server signer don't match")
}
var principals []string
- principals = append(principals, r.Principal)
+ principals = append(principals, "gopher1")
principals = append(principals, signer.principals...)
if !reflect.DeepEqual(cert.ValidPrincipals, principals) {
t.Errorf("Expected %s, got %s", cert.ValidPrincipals, principals)
@@ -57,12 +56,10 @@ func TestRevocationList(t *testing.T) {
t.Parallel()
r := &lib.SignRequest{
Key: string(testdata.Pub),
- Principal: "revoked",
ValidUntil: time.Now().Add(1 * time.Hour),
}
- cert1, _ := signer.SignUserKey(r)
- r.Principal = "ok"
- cert2, _ := signer.SignUserKey(r)
+ cert1, _ := signer.SignUserKey(r, "revoked")
+ cert2, _ := signer.SignUserKey(r, "ok")
var rec []*store.CertRecord
rec = append(rec, &store.CertRecord{
KeyID: cert1.KeyId,