in pulsar/auth/athenz.go [83:127]
func NewAuthenticationAthenz(
providerDomain string,
tenantDomain string,
tenantService string,
privateKey string,
keyID string,
x509CertChain string,
caCert string,
principalHeader string,
roleHeader string,
ztsURL string) Provider {
fixedKeyID := defaultKeyID
if keyID != "" {
fixedKeyID = keyID
}
fixedRoleHeader := defaultRoleHeader
if roleHeader != "" {
fixedRoleHeader = roleHeader
}
ztsNewRoleToken := func(tok zms.Token, domain string, opts zts.RoleTokenOptions) zts.RoleToken {
return zts.RoleToken(zts.NewRoleToken(tok, domain, opts))
}
ztsNewRoleTokenFromCert := func(certFile, keyFile, domain string, opts zts.RoleTokenOptions) zts.RoleToken {
return zts.RoleToken(zts.NewRoleTokenFromCert(certFile, keyFile, domain, opts))
}
return &athenzAuthProvider{
providerDomain: providerDomain,
tenantDomain: tenantDomain,
tenantService: tenantService,
privateKey: privateKey,
keyID: fixedKeyID,
x509CertChain: x509CertChain,
caCert: caCert,
principalHeader: principalHeader,
roleHeader: fixedRoleHeader,
ztsURL: strings.TrimSuffix(ztsURL, "/"),
zmsNewTokenBuilder: zms.NewTokenBuilder,
ztsNewRoleToken: ztsNewRoleToken,
ztsNewRoleTokenFromCert: ztsNewRoleTokenFromCert,
}
}