From 2d6d973cd57f2ad81f7553ffc51463ab74d1237a Mon Sep 17 00:00:00 2001
From: Bas Kloosterman <baskloosterman@gmail.com>
Date: Wed, 31 May 2023 17:03:53 +0200
Subject: [PATCH] Update auth methods config marshal

---
 sharedmodel/auth.go | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/sharedmodel/auth.go b/sharedmodel/auth.go
index cd231a6..24f1ad7 100644
--- a/sharedmodel/auth.go
+++ b/sharedmodel/auth.go
@@ -1,9 +1,13 @@
 package sharedmodel
 
 import (
+	"crypto"
+	"fmt"
+
 	"google.golang.org/protobuf/types/known/structpb"
 	"gorm.io/gorm"
 	"src.whiteboxsystems.nl/DECOZO/okapi"
+	"whiteboxsystems.nl/okapidemo/certgen"
 )
 
 const AuthMethodDecozoMTLS = "http://decozo.org/proto/auth/mtls"
@@ -26,10 +30,14 @@ func (cfg AuthConfig) ToOkapi() *okapi.ProtocolAuthConfiguration {
 	conf := &structpb.Struct{}
 
 	switch cfg.Method {
-	case "BearerToken":
+	case AuthMethodDecozoBearerToken:
 		conf, _ = structpb.NewStruct(map[string]interface{}{
 			"token": cfg.Raw,
 		})
+	case AuthMethodDecozoMTLS:
+		conf, _ = structpb.NewStruct(map[string]interface{}{
+			"publicKey": cfg.Raw,
+		})
 	}
 
 	return &okapi.ProtocolAuthConfiguration{
@@ -44,8 +52,15 @@ func NewAuthConfig(cfg *okapi.ProtocolAuthConfiguration) *AuthConfig {
 	}
 
 	switch cfg.Method {
-	case "BearerToken":
+	case AuthMethodDecozoBearerToken:
 		authConfig.Raw, _ = cfg.GetConfiguration().AsMap()["token"].(string)
+	case AuthMethodDecozoMTLS:
+		k, _ := cfg.GetConfiguration().AsMap()["publicKey"].(string)
+		jwk, _ := certgen.StringToJWK(k)
+		if jwk != nil {
+			rawBytes, _ := jwk.Thumbprint(crypto.SHA256)
+			authConfig.Raw = fmt.Sprintf("%X", rawBytes)
+		}
 	}
 
 	return authConfig