Closed MikaelSmith closed 5 years ago
This is great, kind of like https://github.com/puppetlabs/trapperkeeper-authorization for Rack.
A feature I'd like to see added is extracting extensions - such as subjectAltName - from the certificate in Rails::Auth::X509::Certificate so we can match against them in an ACL.
Rails::Auth::X509::Certificate
You should be able to access the raw OpenSSL::X509::Certificate via #certificate. You can read extensions, etc. from that.
OpenSSL::X509::Certificate
#certificate
Ok, thanks for the pointer.
This is great, kind of like https://github.com/puppetlabs/trapperkeeper-authorization for Rack.
A feature I'd like to see added is extracting extensions - such as subjectAltName - from the certificate in
Rails::Auth::X509::Certificate
so we can match against them in an ACL.