Skip to content

Commit 4bbeadc

Browse files
ndyakovndyakov
committed
wip(examples): debug cert example
1 parent 585b788 commit 4bbeadc

File tree

1 file changed

+47
-3
lines changed

1 file changed

+47
-3
lines changed

examples/entraid/clientcert/main.go

Lines changed: 47 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,9 @@ package main
22

33
import (
44
"context"
5+
"crypto/rsa"
56
"crypto/x509"
7+
"encoding/base64"
68
"encoding/pem"
79
"fmt"
810
"log"
@@ -23,6 +25,8 @@ func main() {
2325
if err != nil {
2426
log.Fatalf("Failed to load config: %v", err)
2527
}
28+
fmt.Println(cfg)
29+
fmt.Println(cfg.AzureCert)
2630

2731
// Create a confidential identity credentials provider with certificate authentication
2832
cp, err := entraid.NewConfidentialCredentialsProvider(entraid.ConfidentialCredentialsProviderOptions{
@@ -36,7 +40,7 @@ func main() {
3640
},
3741
Scopes: cfg.GetRedisScopes(),
3842
ClientCert: parseCertificates(cfg.AzureCert),
39-
ClientPrivateKey: []byte(cfg.AzurePrivateKey),
43+
ClientPrivateKey: parsePrivateKey(cfg.AzurePrivateKey),
4044
},
4145
})
4246
if err != nil {
@@ -102,10 +106,42 @@ func main() {
102106
fmt.Printf("Retrieved value from cluster: %s\n", clusterVal)
103107
}
104108

109+
func decodeBase64Pem(pemData string) string {
110+
decoded, err := base64.StdEncoding.DecodeString(pemData)
111+
if err != nil {
112+
log.Fatalf("Failed to decode base64: %v", err)
113+
}
114+
return string(decoded)
115+
}
116+
117+
func parsePrivateKey(base64data string) *rsa.PrivateKey {
118+
pemData := fmt.Sprintf("-----BEGIN PRIVATE KEY-----\n$s\n-----END PRIVATE KEY-----", base64data)
119+
120+
var privateKey *rsa.PrivateKey
121+
var err error
122+
block, _ := pem.Decode([]byte(pemData))
123+
if block == nil {
124+
log.Println("Failed to decode pemData block containing private key")
125+
privateKey, err = x509.ParsePKCS1PrivateKey([]byte(pemData))
126+
if err != nil {
127+
log.Printf("Failed to parse pemData key: %v", err)
128+
} else {
129+
return privateKey
130+
}
131+
}
132+
133+
privateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
134+
if err != nil {
135+
log.Printf("Failed to parse private key blocks: %v", err)
136+
}
137+
return privateKey
138+
}
139+
105140
func parseCertificates(pemData string) []*x509.Certificate {
106141
var certs []*x509.Certificate
142+
decoded := decodeBase64Pem(pemData)
107143
for {
108-
block, rest := pem.Decode([]byte(pemData))
144+
block, rest := pem.Decode([]byte(decoded))
109145
if block == nil {
110146
break
111147
}
@@ -116,7 +152,15 @@ func parseCertificates(pemData string) []*x509.Certificate {
116152
}
117153
certs = append(certs, cert)
118154
}
119-
pemData = string(rest)
155+
decoded = string(rest)
156+
}
157+
if len(certs) == 0 {
158+
decoded := decodeBase64Pem(pemData)
159+
cert, err := x509.ParseCertificate([]byte(decoded))
160+
if err != nil {
161+
log.Fatalf("Failed to parse certificate: %v", err)
162+
}
163+
certs = append(certs, cert)
120164
}
121165
return certs
122166
}

0 commit comments

Comments
 (0)