Add a cert field to HostAuthInput so we can use a cert from the host …

…to do policy checks potentially. (#85) i.e. issuer of host cert == issuer of peer cert is most likely case
Snowflake-Labs · Mar 4, 2022 · c3a150c · c3a150c
1 parent 4ddb054
commit c3a150c
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/auth/opa/rpcauth/input.go b/auth/opa/rpcauth/input.go
@@ -82,6 +82,9 @@ type HostAuthInput struct {
 	// The host address
 	Net *NetAuthInput `json:"net"`
 
+	// Information about the certificate served by the host, if any
+	Cert *CertAuthInput `json:"cert"`
+
 	// Information about the principal associated with the host, if any
 	Principal *PrincipalAuthInput `json:"principal"`
 }