storj/cmd/certificates/auth.go

// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.

package main

import (
	"bufio"
	"context"
	"encoding/csv"
	"fmt"
	"io"
	"os"
	"path/filepath"
	"strconv"
	"strings"
	"text/tabwriter"

	"github.com/spf13/cobra"
	"github.com/zeebo/errs"

	"storj.io/private/process"
	"storj.io/storj/certificate/authorization"
)

var (
	authCmd = &cobra.Command{
		Use:   "auth",
		Short: "CSR authorization management",
	}

	authCreateCmd = &cobra.Command{
		Use:   "create <auth_increment_count> [<email>, ...]",
		Short: "Create authorizations from a list of emails",
		Args:  cobra.MinimumNArgs(1),
		RunE:  cmdCreateAuth,
	}

	authInfoCmd = &cobra.Command{
		Use:   "info [<email>, ...]",
		Short: "Get authorization(s) info from CSR authorization DB",
		RunE:  cmdInfoAuth,
	}

	authExportCmd = &cobra.Command{
		Use:   "export [<email>, ...]",
		Short: "Export authorization(s) from CSR authorization DB to a CSV file (or stdout)",
		RunE:  cmdExportAuth,
	}
)

func parseEmailsList(fileName, delimiter string) (emails []string, err error) {
	file, err := os.Open(fileName)
	if err != nil {
		return nil, errs.Wrap(err)
	}
	scanner := bufio.NewScanner(file)
	for scanner.Scan() {
		line := scanner.Text()
		if strings.HasPrefix(line, "#") {
			continue
		}
		emails = append(emails, line)
	}
	return emails, file.Close()
}

func cmdCreateAuth(cmd *cobra.Command, args []string) error {
	ctx, _ := process.Ctx(cmd)
	count, err := strconv.Atoi(args[0])
	if err != nil {
		return errs.New("Count couldn't be parsed: %s", args[0])
	}
	authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)
	if err != nil {
		return err
	}

	var emails []string
	if len(args) > 1 {
		if authCfg.EmailsPath != "" {
			return errs.New("Either use `--emails-path` or positional args, not both.")
		}
		emails = args[1:]
	} else {
		emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)
		if err != nil {
			return errs.Wrap(err)
		}
	}

	var incErrs errs.Group
	for _, email := range emails {
		if _, err := authDB.Create(ctx, email, count); err != nil {
			incErrs.Add(err)
		}
	}
	return incErrs.Err()
}

func cmdInfoAuth(cmd *cobra.Command, args []string) error {
	ctx, _ := process.Ctx(cmd)
	authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)
	if err != nil {
		return err
	}

	var emails []string
	if len(args) > 0 {
		if authCfg.EmailsPath != "" && !authCfg.All {
			return errs.New("Either use `--emails-path` or positional args, not both.")
		}
		emails = args
	} else if len(args) == 0 || authCfg.All {
		emails, err = authDB.UserIDs(ctx)
		if err != nil {
			return err
		}
	} else if _, err := os.Stat(authCfg.EmailsPath); err != nil {
		return errs.New("Emails path error: %s", err)
	} else {
		emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)
		if err != nil {
			return errs.Wrap(err)
		}
	}

	var emailErrs, printErrs errs.Group
	w := tabwriter.NewWriter(os.Stdout, 0, 2, 2, ' ', 0)
	if _, err := fmt.Fprintln(w, "Email\tClaimed\tAvail.\t"); err != nil {
		return err
	}

	for _, email := range emails {
		if err := writeAuthInfo(ctx, authDB, email, w); err != nil {
			emailErrs.Add(err)
			continue
		}
	}

	if err := w.Flush(); err != nil {
		return errs.Wrap(err)
	}
	return errs.Combine(emailErrs.Err(), printErrs.Err())
}

func writeAuthInfo(ctx context.Context, authDB *authorization.DB, email string, w io.Writer) error {
	auths, err := authDB.Get(ctx, email)
	if err != nil {
		return err
	}
	if len(auths) < 1 {
		return nil
	}

	claimed, open := auths.GroupByClaimed()
	if _, err := fmt.Fprintf(w,
		"%s\t%d\t%d\t\n",
		email,
		len(claimed),
		len(open),
	); err != nil {
		return err
	}

	if authCfg.ShowTokens {
		if err := writeTokenInfo(claimed, open, w); err != nil {
			return err
		}
	}
	return nil
}

func writeTokenInfo(claimed, open authorization.Group, w io.Writer) error {
	groups := map[string]authorization.Group{
		"Claimed": claimed,
		"Open":    open,
	}
	for label, group := range groups {
		if _, err := fmt.Fprintf(w, "\t%s:\n", label); err != nil {
			return err
		}
		if len(group) > 0 {
			for _, auth := range group {
				if _, err := fmt.Fprintf(w, "\t\t%s\n", auth.Token.String()); err != nil {
					return err
				}
			}
		} else if _, err := fmt.Fprintln(w, "\t\tnone"); err != nil {
			return err
		}
	}
	return nil
}

func cmdExportAuth(cmd *cobra.Command, args []string) error {
	ctx, _ := process.Ctx(cmd)
	authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)
	if err != nil {
		return err
	}

	var emails []string
	if authCfg.All {
		if authCfg.EmailsPath != "" {
			return errs.New("Cannot use `--emails-path` with --all.")
		}
		emails, err = authDB.UserIDs(ctx)
		if err != nil {
			return err
		}
	} else {
		if authCfg.EmailsPath != "" {
			emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)
			if err != nil {
				return errs.Wrap(err)
			}
		} else if len(args) == 0 {
			return errs.New("Need either `--emails-path` or positional args.")
		}
		emails = append(emails, args...)
	}

	var (
		emailErrs, csvErrs errs.Group
		output             io.Writer
	)
	switch authCfg.Out {
	case "-":
		output = os.Stdout
	default:
		if err := os.MkdirAll(filepath.Dir(authCfg.Out), 0600); err != nil {
			return errs.Wrap(err)
		}
		output, err = os.OpenFile(authCfg.Out, os.O_CREATE, 0600)
		if err != nil {
			return errs.Wrap(err)
		}
	}
	csvWriter := csv.NewWriter(output)

	for _, email := range emails {
		if err := writeAuthExport(ctx, authDB, email, csvWriter); err != nil {
			emailErrs.Add(err)
		}
	}

	csvWriter.Flush()
	return errs.Combine(emailErrs.Err(), csvErrs.Err())
}

func writeAuthExport(ctx context.Context, authDB *authorization.DB, email string, w *csv.Writer) error {
	auths, err := authDB.Get(ctx, email)
	if err != nil {
		return err
	}
	if len(auths) < 1 {
		return nil
	}

	var authErrs errs.Group
	for _, auth := range auths {
		isClaimed := "false"
		if auth.Claim != nil {
			isClaimed = "true"
		}

		if err := w.Write([]string{email, auth.Token.String(), isClaimed}); err != nil {
			authErrs.Add(err)
		}
	}
	return authErrs.Err()
}
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`// Copyright (C) 2019 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package main`

			`import (`
fix some email list parsing in certificates tool (#1095) this avoids getting an "userID cannot be empty" error when using an emails list that has a newline at the end. 2019-01-18 15:01:55 +00:00			`"bufio"`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`"context"`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`"encoding/csv"`
			`"fmt"`
			`"io"`
			`"os"`
			`"path/filepath"`
			`"strconv"`
			`"strings"`
			`"text/tabwriter"`

			`"github.com/spf13/cobra"`
			`"github.com/zeebo/errs"`

storj: remove from `storj/pkg` packages moved to `storj/private` repo * debug * traces * cfgstruct * process Package `storj/private/version` will be removed as a separate change. Change-Id: Iadc40faa782e6225513b28218952f02d9c240a9f 2020-03-23 19:18:20 +00:00			`"storj.io/private/process"`
pkg/certificates: move certificate package to root (#3107) 2019-09-26 17:11:05 +01:00			`"storj.io/storj/certificate/authorization"`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`)`

			`var (`
			`authCmd = &cobra.Command{`
			`Use: "auth",`
			`Short: "CSR authorization management",`
			`}`

			`authCreateCmd = &cobra.Command{`
			`Use: "create <auth_increment_count> [<email>, ...]",`
			`Short: "Create authorizations from a list of emails",`
			`Args: cobra.MinimumNArgs(1),`
			`RunE: cmdCreateAuth,`
			`}`

			`authInfoCmd = &cobra.Command{`
			`Use: "info [<email>, ...]",`
			`Short: "Get authorization(s) info from CSR authorization DB",`
			`RunE: cmdInfoAuth,`
			`}`

			`authExportCmd = &cobra.Command{`
			`Use: "export [<email>, ...]",`
			`Short: "Export authorization(s) from CSR authorization DB to a CSV file (or stdout)",`
			`RunE: cmdExportAuth,`
			`}`
			`)`

fix some email list parsing in certificates tool (#1095) this avoids getting an "userID cannot be empty" error when using an emails list that has a newline at the end. 2019-01-18 15:01:55 +00:00			`func parseEmailsList(fileName, delimiter string) (emails []string, err error) {`
			`file, err := os.Open(fileName)`
			`if err != nil {`
			`return nil, errs.Wrap(err)`
			`}`
			`scanner := bufio.NewScanner(file)`
			`for scanner.Scan() {`
			`line := scanner.Text()`
			`if strings.HasPrefix(line, "#") {`
			`continue`
			`}`
			`emails = append(emails, line)`
			`}`
			`return emails, file.Close()`
			`}`

Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`func cmdCreateAuth(cmd *cobra.Command, args []string) error {`
storagenode/process: respond to Windows Service events (#3025) 2019-09-19 17:37:40 +01:00			`ctx, _ := process.Ctx(cmd)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`count, err := strconv.Atoi(args[0])`
			`if err != nil {`
			`return errs.New("Count couldn't be parsed: %s", args[0])`
			`}`
certificate/authorization: add ctx to OpenDB Database opening usually dial and hence we should pass ctx to them. Change-Id: I1362783568f66383c46f07be7549327bb1aaa39e 2020-10-29 07:46:23 +00:00			`authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`

			`var emails []string`
			`if len(args) > 1 {`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`if authCfg.EmailsPath != "" {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			return errs.New("Either use `--emails-path` or positional args, not both.")
			`}`
			`emails = args[1:]`
			`} else {`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`}`

remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`var incErrs errs.Group`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`for _, email := range emails {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`if _, err := authDB.Create(ctx, email, count); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`incErrs.Add(err)`
			`}`
			`}`
remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`return incErrs.Err()`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`

			`func cmdInfoAuth(cmd *cobra.Command, args []string) error {`
storagenode/process: respond to Windows Service events (#3025) 2019-09-19 17:37:40 +01:00			`ctx, _ := process.Ctx(cmd)`
certificate/authorization: add ctx to OpenDB Database opening usually dial and hence we should pass ctx to them. Change-Id: I1362783568f66383c46f07be7549327bb1aaa39e 2020-10-29 07:46:23 +00:00			`authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`

			`var emails []string`
			`if len(args) > 0 {`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`if authCfg.EmailsPath != "" && !authCfg.All {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			return errs.New("Either use `--emails-path` or positional args, not both.")
			`}`
			`emails = args`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`} else if len(args) == 0 \|\| authCfg.All {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`emails, err = authDB.UserIDs(ctx)`
Improvements to `certificates` commands: (#1012) 2019-01-14 14:28:52 +00:00			`if err != nil {`
			`return err`
			`}`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`} else if _, err := os.Stat(authCfg.EmailsPath); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`return errs.New("Emails path error: %s", err)`
			`} else {`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`}`

remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`var emailErrs, printErrs errs.Group`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`w := tabwriter.NewWriter(os.Stdout, 0, 2, 2, ' ', 0)`
			`if _, err := fmt.Fprintln(w, "Email\tClaimed\tAvail.\t"); err != nil {`
			`return err`
			`}`

			`for _, email := range emails {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`if err := writeAuthInfo(ctx, authDB, email, w); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`emailErrs.Add(err)`
			`continue`
			`}`
			`}`

			`if err := w.Flush(); err != nil {`
			`return errs.Wrap(err)`
			`}`
remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`return errs.Combine(emailErrs.Err(), printErrs.Err())`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`

{cmd,pkg}/certificates: service refactor (#2938) 2019-09-05 16:11:21 +01:00			`func writeAuthInfo(ctx context.Context, authDB *authorization.DB, email string, w io.Writer) error {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`auths, err := authDB.Get(ctx, email)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`
			`if len(auths) < 1 {`
			`return nil`
			`}`

{cmd,pkg}/certificates: service refactor (#2938) 2019-09-05 16:11:21 +01:00			`claimed, open := auths.GroupByClaimed()`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if _, err := fmt.Fprintf(w,`
			`"%s\t%d\t%d\t\n",`
			`email,`
			`len(claimed),`
			`len(open),`
			`); err != nil {`
			`return err`
			`}`

cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`if authCfg.ShowTokens {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err := writeTokenInfo(claimed, open, w); err != nil {`
			`return err`
			`}`
			`}`
			`return nil`
			`}`

{cmd,pkg}/certificates: service refactor (#2938) 2019-09-05 16:11:21 +01:00			`func writeTokenInfo(claimed, open authorization.Group, w io.Writer) error {`
			`groups := map[string]authorization.Group{`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`"Claimed": claimed,`
			`"Open": open,`
			`}`
			`for label, group := range groups {`
			`if _, err := fmt.Fprintf(w, "\t%s:\n", label); err != nil {`
			`return err`
			`}`
			`if len(group) > 0 {`
			`for _, auth := range group {`
			`if _, err := fmt.Fprintf(w, "\t\t%s\n", auth.Token.String()); err != nil {`
			`return err`
			`}`
			`}`
Enable gocritic linter (#2051) * first round cleanup based on go-critic * more issues resolved for ifelsechain and unlambda checks * updated from master and gocritic found a new ifElseChain issue * disable appendAssign. i reports false positives * re-enabled go-critic appendAssign and disabled lint check at code line level * fixed go-critic lint error * fixed // nolint add gocritic specifically 2019-05-29 14:14:25 +01:00			`} else if _, err := fmt.Fprintln(w, "\t\tnone"); err != nil {`
			`return err`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`
			`}`
			`return nil`
			`}`

			`func cmdExportAuth(cmd *cobra.Command, args []string) error {`
storagenode/process: respond to Windows Service events (#3025) 2019-09-19 17:37:40 +01:00			`ctx, _ := process.Ctx(cmd)`
certificate/authorization: add ctx to OpenDB Database opening usually dial and hence we should pass ctx to them. Change-Id: I1362783568f66383c46f07be7549327bb1aaa39e 2020-10-29 07:46:23 +00:00			`authDB, err := authorization.OpenDBFromCfg(ctx, authCfg.Config.AuthorizationDB)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`

			`var emails []string`
fix certificates auth export command (#3110) * fix certificates auth export command * actually fix command config logic * fix test-certificates.sh * simplify 2019-09-24 17:38:18 +01:00			`if authCfg.All {`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`if authCfg.EmailsPath != "" {`
fix certificates auth export command (#3110) * fix certificates auth export command * actually fix command config logic * fix test-certificates.sh * simplify 2019-09-24 17:38:18 +01:00			return errs.New("Cannot use `--emails-path` with --all.")
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`emails, err = authDB.UserIDs(ctx)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`
fix certificates auth export command (#3110) * fix certificates auth export command * actually fix command config logic * fix test-certificates.sh * simplify 2019-09-24 17:38:18 +01:00			`} else {`
			`if authCfg.EmailsPath != "" {`
			`emails, err = parseEmailsList(authCfg.EmailsPath, authCfg.Delimiter)`
			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`} else if len(args) == 0 {`
			return errs.New("Need either `--emails-path` or positional args.")
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`
fix certificates auth export command (#3110) * fix certificates auth export command * actually fix command config logic * fix test-certificates.sh * simplify 2019-09-24 17:38:18 +01:00			`emails = append(emails, args...)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`

			`var (`
remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`emailErrs, csvErrs errs.Group`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`output io.Writer`
			`)`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`switch authCfg.Out {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`case "-":`
			`output = os.Stdout`
			`default:`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`if err := os.MkdirAll(filepath.Dir(authCfg.Out), 0600); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`return errs.Wrap(err)`
			`}`
cmd/certificates: separate subcommand configs (#2932) 2019-09-05 15:56:57 +01:00			`output, err = os.OpenFile(authCfg.Out, os.O_CREATE, 0600)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`}`
			`csvWriter := csv.NewWriter(output)`

			`for _, email := range emails {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`if err := writeAuthExport(ctx, authDB, email, csvWriter); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`emailErrs.Add(err)`
			`}`
			`}`

			`csvWriter.Flush()`
remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`return errs.Combine(emailErrs.Err(), csvErrs.Err())`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`

{cmd,pkg}/certificates: service refactor (#2938) 2019-09-05 16:11:21 +01:00			`func writeAuthExport(ctx context.Context, authDB authorization.DB, email string, w csv.Writer) error {`
pkg/*: add monkit task to missing places (#2109) 2019-06-04 12:36:27 +01:00			`auths, err := authDB.Get(ctx, email)`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`if err != nil {`
			`return err`
			`}`
			`if len(auths) < 1 {`
			`return nil`
			`}`

remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`var authErrs errs.Group`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`for _, auth := range auths {`
cmd/certificates: auth export improvements & certificates test script (#2897) 2019-09-04 18:58:38 +01:00			`isClaimed := "false"`
			`if auth.Claim != nil {`
			`isClaimed = "true"`
			`}`

			`if err := w.Write([]string{email, auth.Token.String(), isClaimed}); err != nil {`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`authErrs.Add(err)`
			`}`
			`}`
remove utils.CombineErrors and utils.ErrorGroup (#1603) 2019-03-29 12:30:23 +00:00			`return authErrs.Err()`
Improve cert signing integration test+: (#997) 2019-01-11 14:59:35 +00:00			`}`