2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package certserviceclient
32 func CreateCertServiceClient(baseUrl string, healthEndpoint string, certEndpoint string, caName string,
33 keyPemBase64 []byte, certPemBase64 []byte, cacertPemBase64 []byte) (*CertServiceClientImpl, error) {
34 cert, err := tls.X509KeyPair(certPemBase64, keyPemBase64)
39 caCertPool := x509.NewCertPool()
40 ok := caCertPool.AppendCertsFromPEM(cacertPemBase64)
42 return nil, fmt.Errorf("couldn't certs from cacert")
44 httpClient := &http.Client{
45 Transport: &http.Transport{
46 TLSClientConfig: &tls.Config{
48 Certificates: []tls.Certificate{cert},
52 healthUrl, certificationUrl, err := validateAndParseUrls(baseUrl, healthEndpoint, certEndpoint, caName)
56 client := CertServiceClientImpl{
58 certificationUrl: certificationUrl,
59 httpClient: httpClient,
65 func validateAndParseUrls(baseUrl string, healthEndpoint string, certEndpoint string, caName string) (string, string, error) {
66 if err := validateUrls(baseUrl, healthEndpoint, certEndpoint, caName); err != nil {
70 certUrl, _ := url.Parse(baseUrl)
71 healthUrl, _ := url.Parse(baseUrl)
73 certUrl.Path = path.Join(certEndpoint, caName)
74 healthUrl.Path = path.Join(healthEndpoint)
76 return healthUrl.String(), certUrl.String(), nil
79 func validateUrls(baseUrl string, healthEndpoint string, certEndpoint string, caName string) error {
80 if _, err := url.Parse(baseUrl); err != nil {
84 return fmt.Errorf("caName cannot be empty")
86 if _, err := url.Parse(caName); err != nil {
89 if _, err := url.Parse(healthEndpoint); err != nil {
92 if _, err := url.Parse(certEndpoint); err != nil {