Commit 2f70405c authored by Sietse Ringers's avatar Sietse Ringers

fix: tweaks to irma server revocation permissions

parent 568919de
......@@ -290,8 +290,12 @@ func handleMapOrString(key string, dest interface{}) error {
}
func handlePermission(typ string) []string {
if !viper.IsSet(typ) && (!viper.GetBool("production") || typ != "issue-perms") {
return []string{"*"}
if !viper.IsSet(typ) {
if typ == "revoke-perms" || (viper.GetBool("production") && typ == "issue-perms") {
return []string{}
} else {
return []string{"*"}
}
}
perms := viper.GetStringSlice(typ)
if perms == nil {
......
......@@ -183,7 +183,15 @@ func (conf *Configuration) initialize() error {
}
} else {
if len(conf.Requestors) == 0 {
return errors.New("No requestors configured; either configure one or more requestors or disable requestor authentication")
revServer := false
for _, s := range conf.RevocationSettings {
if s.ServerMode {
revServer = true
}
}
if !revServer {
return errors.New("No requestors configured; either configure one or more requestors or disable requestor authentication")
}
}
authenticators = map[AuthenticationMethod]Authenticator{
AuthenticationMethodHmac: &HmacAuthenticator{hmackeys: map[string]interface{}{}, maxRequestAge: conf.MaxRequestAge},
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment