Skip to content

Commit 9eeb3a7

Browse files
cristiGuranIonoscristiGuranIonos
authored
fix: create client in config along with transport (#30)
1 parent 0cc0519 commit 9eeb3a7

File tree

2 files changed

+167
-11
lines changed

2 files changed

+167
-11
lines changed

shared/configuration.go

Lines changed: 26 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99
"crypto/tls"
1010
"crypto/x509"
1111
"fmt"
12+
"net"
1213
"net/http"
1314
"net/url"
1415
"os"
@@ -179,6 +180,7 @@ func NewConfigurationFromOptions(clientOptions ClientOptions) *Configuration {
179180
WaitTime: defaultWaitTime,
180181
Servers: ServerConfigurations{},
181182
OperationServers: map[string]ServerConfigurations{},
183+
HTTPClient: http.DefaultClient,
182184
}
183185
if clientOptions.Endpoint != "" {
184186
cfg.Servers = ServerConfigurations{
@@ -188,15 +190,30 @@ func NewConfigurationFromOptions(clientOptions ClientOptions) *Configuration {
188190
},
189191
}
190192
}
191-
if clientOptions.SkipTLSVerify {
192-
if transport, ok := cfg.HTTPClient.Transport.(*http.Transport); ok {
193-
transport.TLSClientConfig.InsecureSkipVerify = clientOptions.SkipTLSVerify
194-
}
193+
cfg.HTTPClient.Transport = CreateTransport(clientOptions.SkipTLSVerify, clientOptions.Certificate)
194+
return cfg
195+
}
196+
197+
func CreateTransport(insecure bool, certificate string) *http.Transport {
198+
dialer := &net.Dialer{
199+
Timeout: 30 * time.Second,
200+
KeepAlive: 30 * time.Second,
195201
}
196-
if clientOptions.Certificate != "" {
197-
AddCertsToClient(cfg.HTTPClient, clientOptions.Certificate)
202+
transport := &http.Transport{
203+
Proxy: http.ProxyFromEnvironment,
204+
DialContext: dialer.DialContext,
205+
DisableKeepAlives: true,
206+
IdleConnTimeout: 30 * time.Second,
207+
TLSHandshakeTimeout: 15 * time.Second,
208+
ExpectContinueTimeout: 1 * time.Second,
209+
MaxIdleConnsPerHost: 3,
210+
MaxConnsPerHost: 3,
198211
}
199-
return cfg
212+
transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: insecure}
213+
if certificate != "" {
214+
transport.TLSClientConfig.RootCAs = AddCertsToClient(certificate)
215+
}
216+
return transport
200217
}
201218

202219
func NewConfigurationFromEnv() *Configuration {
@@ -394,15 +411,13 @@ func SetSkipTLSVerify(configProvider ConfigProvider, skipTLSVerify bool) {
394411
}
395412

396413
// AddCertsToClient adds certificates to the http client
397-
func AddCertsToClient(httpClient *http.Client, authorityData string) {
414+
func AddCertsToClient(authorityData string) *x509.CertPool {
398415
rootCAs, _ := x509.SystemCertPool()
399416
if rootCAs == nil {
400417
rootCAs = x509.NewCertPool()
401418
}
402419
if ok := rootCAs.AppendCertsFromPEM([]byte(authorityData)); !ok && SdkLogLevel.Satisfies(Debug) {
403420
SdkLogger.Printf("No certs appended, using system certs only")
404421
}
405-
if transport, ok := httpClient.Transport.(*http.Transport); ok {
406-
transport.TLSClientConfig.RootCAs = rootCAs
407-
}
422+
return rootCAs
408423
}

shared/configuration_test.go

Lines changed: 141 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,141 @@
1+
package shared
2+
3+
import (
4+
"crypto/tls"
5+
"github.com/stretchr/testify/assert"
6+
"net/http"
7+
"testing"
8+
)
9+
10+
const testEndpoint = "https://test.endpoint"
11+
12+
func TestNewConfigurationFromOptions(t *testing.T) {
13+
tests := []struct {
14+
name string
15+
clientOptions ClientOptions
16+
expectedConfig *Configuration
17+
}{
18+
{
19+
name: "ValidOptions",
20+
clientOptions: ClientOptions{
21+
Endpoint: testEndpoint,
22+
SkipTLSVerify: true,
23+
Certificate: "",
24+
Credentials: Credentials{
25+
Username: "testUser",
26+
Password: "testPass",
27+
Token: "testToken",
28+
},
29+
},
30+
expectedConfig: &Configuration{
31+
Username: "testUser",
32+
Password: "testPass",
33+
Token: "testToken",
34+
Servers: ServerConfigurations{
35+
{
36+
URL: testEndpoint,
37+
Description: "Production",
38+
},
39+
},
40+
HTTPClient: &http.Client{
41+
Transport: &http.Transport{
42+
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
43+
},
44+
},
45+
},
46+
},
47+
{
48+
name: "EmptyEndpoint",
49+
clientOptions: ClientOptions{
50+
SkipTLSVerify: true,
51+
Certificate: "",
52+
Credentials: Credentials{
53+
Username: "testUser",
54+
Password: "testPass",
55+
Token: "testToken",
56+
},
57+
},
58+
expectedConfig: &Configuration{
59+
Username: "testUser",
60+
Password: "testPass",
61+
Token: "testToken",
62+
Servers: ServerConfigurations{},
63+
HTTPClient: &http.Client{
64+
Transport: &http.Transport{
65+
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
66+
},
67+
},
68+
},
69+
},
70+
{
71+
name: "NoCredentials",
72+
clientOptions: ClientOptions{
73+
Endpoint: testEndpoint,
74+
SkipTLSVerify: true,
75+
Certificate: "",
76+
},
77+
expectedConfig: &Configuration{
78+
Username: "",
79+
Password: "",
80+
Token: "",
81+
Servers: ServerConfigurations{
82+
{
83+
URL: testEndpoint,
84+
Description: "Production",
85+
},
86+
},
87+
HTTPClient: &http.Client{
88+
Transport: &http.Transport{
89+
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
90+
},
91+
},
92+
},
93+
},
94+
{
95+
name: "AddCertificate",
96+
clientOptions: ClientOptions{
97+
Endpoint: testEndpoint,
98+
SkipTLSVerify: true,
99+
Certificate: "testCertData",
100+
Credentials: Credentials{
101+
Username: "testUser",
102+
Password: "testPass",
103+
Token: "testToken",
104+
},
105+
},
106+
expectedConfig: &Configuration{
107+
Username: "testUser",
108+
Password: "testPass",
109+
Token: "testToken",
110+
Servers: ServerConfigurations{
111+
{
112+
URL: testEndpoint,
113+
Description: "Production",
114+
},
115+
},
116+
HTTPClient: &http.Client{
117+
Transport: &http.Transport{
118+
TLSClientConfig: &tls.Config{
119+
InsecureSkipVerify: true,
120+
RootCAs: AddCertsToClient("testCertData"),
121+
},
122+
},
123+
},
124+
},
125+
},
126+
}
127+
128+
for _, tt := range tests {
129+
t.Run(tt.name, func(t *testing.T) {
130+
config := NewConfigurationFromOptions(tt.clientOptions)
131+
assert.Equal(t, tt.expectedConfig.Username, config.Username)
132+
assert.Equal(t, tt.expectedConfig.Password, config.Password)
133+
assert.Equal(t, tt.expectedConfig.Token, config.Token)
134+
assert.Equal(t, tt.expectedConfig.Servers, config.Servers)
135+
assert.NotNil(t, config.HTTPClient)
136+
assert.Equal(t, tt.expectedConfig.HTTPClient.Transport.(*http.Transport).TLSClientConfig.InsecureSkipVerify,
137+
config.HTTPClient.Transport.(*http.Transport).TLSClientConfig.InsecureSkipVerify)
138+
assert.True(t, config.HTTPClient.Transport.(*http.Transport).TLSClientConfig.RootCAs.Equal(tt.expectedConfig.HTTPClient.Transport.(*http.Transport).TLSClientConfig.RootCAs))
139+
})
140+
}
141+
}

0 commit comments

Comments
 (0)