yats.git

ref: dbf87a3a1c67949d89ef6fd35e66a13b839e0f3b

server/rest/mtls.go


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
/**
 * Yats - yats
 *
 * This file is licensed under the Affero General Public License version 3 or
 * later. See the COPYING file.
 *
 * @author Paolo Lulli <kevwe.com>
 * @copyright Paolo Lulli 2024
 */

package rest

import (
	"github.com/gin-gonic/gin"
	"yats-server/config"
)

func GetClientCN(c *gin.Context, cfg config.Configuration) string {
	if cfg.TlsActive == "true" {
		s, done := extractCommonName(c)
		if done {
			return s
		}
		panic("Could not extract common name")
	}
	return c.Request.Header.Get("X-SSL-Client-CN")
}

func extractCommonName(c *gin.Context) (string, bool) {
	certificates := c.Request.TLS.PeerCertificates
	if len(certificates) > 0 {
		return certificates[0].Subject.CommonName, true
	}
	panic("Could not extract common name")
}