vendor/github.com/spiffe/go-spiffe/v2/spiffeid/match.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

package spiffeid

import "fmt"

// Matcher is used to match a SPIFFE ID.
type Matcher func(ID) error

// MatchAny matches any SPIFFE ID.
func MatchAny() Matcher {
	return Matcher(func(actual ID) error {
		return nil
	})
}

// MatchID matches a specific SPIFFE ID.
func MatchID(expected ID) Matcher {
	return Matcher(func(actual ID) error {
		if actual != expected {
			return fmt.Errorf("unexpected ID %q", actual)
		}
		return nil
	})
}

// MatchOneOf matches any SPIFFE ID in the given list of IDs.
func MatchOneOf(expected ...ID) Matcher {
	set := make(map[ID]struct{})
	for _, id := range expected {
		set[id] = struct{}{}
	}
	return Matcher(func(actual ID) error {
		if _, ok := set[actual]; !ok {
			return fmt.Errorf("unexpected ID %q", actual)
		}
		return nil
	})
}

// MatchMemberOf matches any SPIFFE ID in the given trust domain.
func MatchMemberOf(expected TrustDomain) Matcher {
	return Matcher(func(actual ID) error {
		if !actual.MemberOf(expected) {
			return fmt.Errorf("unexpected trust domain %q", actual.TrustDomain())
		}
		return nil
	})
}