diff --git a/go.mod b/go.mod index b46686650..bf517cd26 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,6 @@ require ( github.com/ThalesIgnite/crypto11 v1.2.5 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d github.com/coreos/go-oidc/v3 v3.10.0 - github.com/fatih/structs v1.1.0 github.com/fsnotify/fsnotify v1.7.0 github.com/go-jose/go-jose/v4 v4.0.2 github.com/goadesign/goa v2.2.5+incompatible diff --git a/go.sum b/go.sum index d11f6604d..e17dcbadb 100644 --- a/go.sum +++ b/go.sum @@ -106,8 +106,6 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= -github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= -github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= diff --git a/pkg/config/config.go b/pkg/config/config.go index d80b3fb7f..9e309b4ba 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -31,8 +31,8 @@ import ( "time" "github.com/coreos/go-oidc/v3/oidc" - "github.com/fatih/structs" lru "github.com/hashicorp/golang-lru" + "github.com/mitchellh/mapstructure" "github.com/sigstore/fulcio/pkg/certificate" fulciogrpc "github.com/sigstore/fulcio/pkg/generated/protobuf" "github.com/sigstore/fulcio/pkg/log" @@ -468,14 +468,18 @@ func CheckParseTemplates(fulcioConfig *FulcioConfig) error { } for _, ciIssuerMetadata := range fulcioConfig.CIIssuerMetadata { - claimsTemplates := structs.Map(ciIssuerMetadata.ClaimsTemplates) + claimsTemplates := make(map[string]interface{}) + err := mapstructure.Decode(ciIssuerMetadata.ClaimsTemplates, &claimsTemplates) + if err != nil { + return err + } for _, temp := range claimsTemplates { err := checkParse(temp) if err != nil { return err } } - err := checkParse(ciIssuerMetadata.SubjectAlternativeNameTemplate) + err = checkParse(ciIssuerMetadata.SubjectAlternativeNameTemplate) if err != nil { return err } diff --git a/pkg/identity/ciprovider/principal.go b/pkg/identity/ciprovider/principal.go index c54231d3e..e6c3879c6 100644 --- a/pkg/identity/ciprovider/principal.go +++ b/pkg/identity/ciprovider/principal.go @@ -24,7 +24,6 @@ import ( "strings" "github.com/coreos/go-oidc/v3/oidc" - "github.com/fatih/structs" "github.com/mitchellh/mapstructure" "github.com/sigstore/fulcio/pkg/certificate" "github.com/sigstore/fulcio/pkg/config" @@ -128,8 +127,13 @@ func (principal ciPrincipal) Embed(_ context.Context, cert *x509.Certificate) er } uris := []*url.URL{sanURL} cert.URIs = uris - mapExtensionsForTemplate := mapValuesToString(structs.Map(claimsTemplates)) - for k, v := range mapExtensionsForTemplate { + mapExtensionsForTemplate := make(map[string]interface{}) + err = mapstructure.Decode(claimsTemplates, &mapExtensionsForTemplate) + if err != nil { + return err + } + + for k, v := range mapValuesToString(mapExtensionsForTemplate) { // It avoids to try applying template or replace for a empty string. if v != "" { mapExtensionsForTemplate[k], err = applyTemplateOrReplace(v, claims, defaults)