1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
package spiffeid
import "fmt"
// Matcher is used to match a SPIFFE ID.
type Matcher func(ID) error
// MatchAny matches any SPIFFE ID.
func MatchAny() Matcher {
return Matcher(func(actual ID) error {
return nil
})
}
// MatchID matches a specific SPIFFE ID.
func MatchID(expected ID) Matcher {
return Matcher(func(actual ID) error {
if actual != expected {
return fmt.Errorf("unexpected ID %q", actual)
}
return nil
})
}
// MatchOneOf matches any SPIFFE ID in the given list of IDs.
func MatchOneOf(expected ...ID) Matcher {
set := make(map[ID]struct{})
for _, id := range expected {
set[id] = struct{}{}
}
return Matcher(func(actual ID) error {
if _, ok := set[actual]; !ok {
return fmt.Errorf("unexpected ID %q", actual)
}
return nil
})
}
// MatchMemberOf matches any SPIFFE ID in the given trust domain.
func MatchMemberOf(expected TrustDomain) Matcher {
return Matcher(func(actual ID) error {
if !actual.MemberOf(expected) {
return fmt.Errorf("unexpected trust domain %q", actual.TrustDomain())
}
return nil
})
}
|
