xfccparser

package module
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 16, 2021 License: MIT Imports: 8 Imported by: 0

README

xfccparser: A parser for Envoy x-forwarded-client-cert

When Envoy terminates TLS, it sends along metadata about the client certificates in an x-forwarded-client-cert HTTP header. This library parses that header into Go structs.

Usage

var req *http.Request

xfccHeader := req.Header.Get(xfccparser.ForwardedClientCertHeader)
clientCerts, err := xfccparser.ParseXFCCHeader(xfccHeader)

Contributions

Thanks to Alec Thomas for help with the participle representation.

Documentation

Index

Constants

View Source 
const (
	// ForwardedClientCertHeader is the name of the HTTP header Envoy uses to pass metadata about certificates presented by a client
	ForwardedClientCertHeader = "x-forwarded-client-cert"
)

Variables

This section is empty.

Functions

func ParseSubject 

func ParseSubject(subject string) (*pkix.Name, error)

ParseSubject parses the subject string that is parse of the x-forwarded-client-cert header

Types

type ClientCert 

type ClientCert struct {
	By      string
	Hash    string
	Cert    string
	Chain   string
	Subject *pkix.Name
	URI     string
	DNS     []string
}

ClientCert is a client certificate passed to Envoy

func ParseXFCCHeader 

func ParseXFCCHeader(header string) ([]*ClientCert, error)

ParseXFCCHeader parses an x-forwarded-client-cert header and returns the list of certificates present. The format of the header is documented here: https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#x-forwarded-client-cert

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.