api/pkg/cert/options.go

package cert

import (
	"fmt"
	"github.com/spf13/viper"
	"os"
	"strings"
	"time"
)

var (
	requiredConfigKeys = []string{
		publicKeyConfigKey,
		privateKeyPathConfigKey,
	}
)

type CurveType string

type File struct {
	PublicKeyPath  string
	PrivateKeyPath string
}

type ValidityDuration struct {
	NotBeforeRelative time.Duration
	NotAfterRelative  time.Duration
}

type ValidityByPurpose struct {
	CA     ValidityDuration
	Server ValidityDuration
}

type Options struct {
	RootCACert    File
	CertCachePath string
	Curve         CurveType
	Validity      ValidityByPurpose
}

func loadFromConfig(config *viper.Viper) (Options, error) {
	missingKeys := make([]string, 0)
	for _, requiredKey := range requiredConfigKeys {
		if !config.IsSet(requiredKey) {
			missingKeys = append(missingKeys, requiredKey)
		}
	}

	if len(missingKeys) > 0 {
		return Options{}, fmt.Errorf("config keys are missing: %s", strings.Join(missingKeys, ", "))
	}

	config.SetDefault(certCachePathConfigKey, os.TempDir())
	config.SetDefault(ecdsaCurveConfigKey, string(CurveTypeED25519))
	config.SetDefault(caCertValidityNotBeforeKey, defaultCAValidityDuration)
	config.SetDefault(caCertValidityNotAfterKey, defaultCAValidityDuration)
	config.SetDefault(serverCertValidityNotBeforeKey, defaultServerValidityDuration)
	config.SetDefault(serverCertValidityNotAfterKey, defaultServerValidityDuration)

	return Options{
		CertCachePath: config.GetString(certCachePathConfigKey),
		Curve:         CurveType(config.GetString(ecdsaCurveConfigKey)),
		Validity: ValidityByPurpose{
			CA: ValidityDuration{
				NotBeforeRelative: config.GetDuration(caCertValidityNotBeforeKey),
				NotAfterRelative:  config.GetDuration(caCertValidityNotAfterKey),
			},
			Server: ValidityDuration{
				NotBeforeRelative: config.GetDuration(serverCertValidityNotBeforeKey),
				NotAfterRelative:  config.GetDuration(serverCertValidityNotAfterKey),
			},
		},
		RootCACert: File{
			PublicKeyPath:  config.GetString(publicKeyConfigKey),
			PrivateKeyPath: config.GetString(privateKeyPathConfigKey),
		},
	}, nil
}
Move TLS/cert handling to main app - apply changes in proxy plugin and TLS interceptor - add HTTPS proxy support - move ca-generation command to main app - minor refactoring to improve API stability - move mocks to extra packages to avoid cycling imports - fix bug in multi-port configuration - change HTTP proxy to redirect to HTTP mock instead of maintaining custom rules 2020-04-25 22:22:45 +00:00			`package cert`

			`import (`
			`"fmt"`
			`"github.com/spf13/viper"`
			`"os"`
			`"strings"`
			`"time"`
			`)`

			`var (`
			`requiredConfigKeys = []string{`
			`publicKeyConfigKey,`
			`privateKeyPathConfigKey,`
			`}`
			`)`

			`type CurveType string`

			`type File struct {`
			`PublicKeyPath string`
			`PrivateKeyPath string`
			`}`

			`type ValidityDuration struct {`
			`NotBeforeRelative time.Duration`
			`NotAfterRelative time.Duration`
			`}`

			`type ValidityByPurpose struct {`
			`CA ValidityDuration`
			`Server ValidityDuration`
			`}`

			`type Options struct {`
			`RootCACert File`
			`CertCachePath string`
			`Curve CurveType`
			`Validity ValidityByPurpose`
			`}`

			`func loadFromConfig(config *viper.Viper) (Options, error) {`
			`missingKeys := make([]string, 0)`
			`for _, requiredKey := range requiredConfigKeys {`
			`if !config.IsSet(requiredKey) {`
			`missingKeys = append(missingKeys, requiredKey)`
			`}`
			`}`

			`if len(missingKeys) > 0 {`
			`return Options{}, fmt.Errorf("config keys are missing: %s", strings.Join(missingKeys, ", "))`
			`}`

			`config.SetDefault(certCachePathConfigKey, os.TempDir())`
			`config.SetDefault(ecdsaCurveConfigKey, string(CurveTypeED25519))`
			`config.SetDefault(caCertValidityNotBeforeKey, defaultCAValidityDuration)`
			`config.SetDefault(caCertValidityNotAfterKey, defaultCAValidityDuration)`
			`config.SetDefault(serverCertValidityNotBeforeKey, defaultServerValidityDuration)`
			`config.SetDefault(serverCertValidityNotAfterKey, defaultServerValidityDuration)`

			`return Options{`
			`CertCachePath: config.GetString(certCachePathConfigKey),`
			`Curve: CurveType(config.GetString(ecdsaCurveConfigKey)),`
			`Validity: ValidityByPurpose{`
			`CA: ValidityDuration{`
			`NotBeforeRelative: config.GetDuration(caCertValidityNotBeforeKey),`
			`NotAfterRelative: config.GetDuration(caCertValidityNotAfterKey),`
			`},`
			`Server: ValidityDuration{`
			`NotBeforeRelative: config.GetDuration(serverCertValidityNotBeforeKey),`
			`NotAfterRelative: config.GetDuration(serverCertValidityNotAfterKey),`
			`},`
			`},`
			`RootCACert: File{`
			`PublicKeyPath: config.GetString(publicKeyConfigKey),`
			`PrivateKeyPath: config.GetString(privateKeyPathConfigKey),`
			`},`
			`}, nil`
			`}`