2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020-2021 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package certserviceclient
32 func CreateCertServiceClient(baseUrl string, healthEndpoint string, certEndpoint string, updateEndpoint string, caName string,
33 keyPemBase64 []byte, certPemBase64 []byte, cacertPemBase64 []byte) (*CertServiceClientImpl, error) {
34 cert, err := tls.X509KeyPair(certPemBase64, keyPemBase64)
39 caCertPool := x509.NewCertPool()
40 ok := caCertPool.AppendCertsFromPEM(cacertPemBase64)
42 return nil, fmt.Errorf("couldn't certs from cacert")
44 httpClient := &http.Client{
45 Transport: &http.Transport{
46 TLSClientConfig: &tls.Config{
48 Certificates: []tls.Certificate{cert},
52 healthUrl, certificationUrl, updateUrl, err := validateAndParseUrls(baseUrl, healthEndpoint, certEndpoint, updateEndpoint, caName)
56 client := CertServiceClientImpl{
58 certificationUrl: certificationUrl,
60 httpClient: httpClient,
66 func validateAndParseUrls(baseUrl string, healthEndpoint string, certEndpoint string, updateEndpoint string, caName string) (string, string, string, error) {
67 if err := validateUrls(baseUrl, healthEndpoint, certEndpoint, caName); err != nil {
68 return "", "", "", err
71 certUrl, _ := url.Parse(baseUrl)
72 healthUrl, _ := url.Parse(baseUrl)
73 updateUrl, _ := url.Parse(baseUrl)
75 certUrl.Path = path.Join(certEndpoint, caName)
76 healthUrl.Path = path.Join(healthEndpoint)
77 updateUrl.Path = path.Join(updateEndpoint, caName)
79 return healthUrl.String(), certUrl.String(), updateUrl.String(), nil
82 func validateUrls(baseUrl string, healthEndpoint string, certEndpoint string, caName string) error {
83 if _, err := url.Parse(baseUrl); err != nil {
87 return fmt.Errorf("caName cannot be empty")
89 if _, err := url.Parse(caName); err != nil {
92 if _, err := url.Parse(healthEndpoint); err != nil {
95 if _, err := url.Parse(certEndpoint); err != nil {