github.com/fastly/go-fastly/v5@v5.3.0/fastly/custom_tls_certificate.go

github.com/fastly/go-fastly/v5@v5.3.0/fastly/custom_tls_certificate.go (about)

     1  package fastly
     2  
     3  import (
     4  	"fmt"
     5  	"reflect"
     6  	"strconv"
     7  	"time"
     8  
     9  	"github.com/google/jsonapi"
    10  )
    11  
    12  // CustomTLSCertificate represents a custom certificate. Uses common TLSDomain type from BulkCertificate.
    13  type CustomTLSCertificate struct {
    14  	ID                 string       `jsonapi:"primary,tls_certificate"`
    15  	IssuedTo           string       `jsonapi:"attr,issued_to"`
    16  	Issuer             string       `jsonapi:"attr,issuer"`
    17  	Name               string       `jsonapi:"attr,name"`
    18  	NotAfter           *time.Time   `jsonapi:"attr,not_after,iso8601"`
    19  	NotBefore          *time.Time   `jsonapi:"attr,not_before,iso8601"`
    20  	Replace            bool         `jsonapi:"attr,replace"`
    21  	SerialNumber       string       `jsonapi:"attr,serial_number"`
    22  	SignatureAlgorithm string       `jsonapi:"attr,signature_algorithm"`
    23  	Domains            []*TLSDomain `jsonapi:"relation,tls_domains"`
    24  	CreatedAt          *time.Time   `jsonapi:"attr,created_at,iso8601"`
    25  	UpdatedAt          *time.Time   `jsonapi:"attr,updated_at,iso8601"`
    26  }
    27  
    28  // ListCustomTLSCertificatesInput is used as input to the Client.ListCustomTLSCertificates function.
    29  type ListCustomTLSCertificatesInput struct {
    30  	FilterNotAfter     string // Limit the returned certificates to those that expire prior to the specified date in UTC. Accepts parameters: lte (e.g., filter[not_after][lte]=2020-05-05).
    31  	FilterTLSDomainsID string // Limit the returned certificates to those that include the specific domain.
    32  	Include            string // Include related objects. Optional, comma-separated values. Permitted values: tls_activations.
    33  	PageNumber         int    // The page index for pagination.
    34  	PageSize           int    // The number of keys per page.
    35  	Sort               string // The order in which to list certificates. Valid values are created_at, not_before, not_after. May precede any value with a - for descending.
    36  }
    37  
    38  // formatFilters converts user input into query parameters for filtering.
    39  func (i *ListCustomTLSCertificatesInput) formatFilters() map[string]string {
    40  	result := map[string]string{}
    41  	pairings := map[string]interface{}{
    42  		"filter[not_after]":      i.FilterNotAfter,
    43  		"filter[tls_domains.id]": i.FilterTLSDomainsID,
    44  		"include":                i.Include,
    45  		"page[size]":             i.PageSize,
    46  		"page[number]":           i.PageNumber,
    47  		"sort":                   i.Sort,
    48  	}
    49  
    50  	for key, value := range pairings {
    51  		switch t := reflect.TypeOf(value).String(); t {
    52  		case "string":
    53  			if value != "" {
    54  				result[key] = value.(string)
    55  			}
    56  		case "int":
    57  			if value != 0 {
    58  				result[key] = strconv.Itoa(value.(int))
    59  			}
    60  		}
    61  	}
    62  
    63  	return result
    64  }
    65  
    66  // ListCustomTLSCertificates list all certificates.
    67  func (c *Client) ListCustomTLSCertificates(i *ListCustomTLSCertificatesInput) ([]*CustomTLSCertificate, error) {
    68  	p := "/tls/certificates"
    69  	filters := &RequestOptions{
    70  		Params: i.formatFilters(),
    71  		Headers: map[string]string{
    72  			"Accept": "application/vnd.api+json", // this is required otherwise the filters don't work
    73  		},
    74  	}
    75  
    76  	r, err := c.Get(p, filters)
    77  	if err != nil {
    78  		return nil, err
    79  	}
    80  
    81  	data, err := jsonapi.UnmarshalManyPayload(r.Body, reflect.TypeOf(new(CustomTLSCertificate)))
    82  	if err != nil {
    83  		return nil, err
    84  	}
    85  
    86  	cc := make([]*CustomTLSCertificate, len(data))
    87  	for i := range data {
    88  		typed, ok := data[i].(*CustomTLSCertificate)
    89  		if !ok {
    90  			return nil, fmt.Errorf("unexpected response type: %T", data[i])
    91  		}
    92  		cc[i] = typed
    93  	}
    94  
    95  	return cc, nil
    96  }
    97  
    98  // GetCustomTLSCertificateInput is used as input to the GetCustomTLSCertificate function.
    99  type GetCustomTLSCertificateInput struct {
   100  	ID string
   101  }
   102  
   103  func (c *Client) GetCustomTLSCertificate(i *GetCustomTLSCertificateInput) (*CustomTLSCertificate, error) {
   104  	if i.ID == "" {
   105  		return nil, ErrMissingID
   106  	}
   107  
   108  	p := fmt.Sprintf("/tls/certificates/%s", i.ID)
   109  
   110  	r, err := c.Get(p, nil)
   111  	if err != nil {
   112  		return nil, err
   113  	}
   114  
   115  	var cc CustomTLSCertificate
   116  	if err := jsonapi.UnmarshalPayload(r.Body, &cc); err != nil {
   117  		return nil, err
   118  	}
   119  
   120  	return &cc, nil
   121  }
   122  
   123  // CreateCustomTLSCertificateInput is used as input to the CreateCustomTLSCertificate function.
   124  type CreateCustomTLSCertificateInput struct {
   125  	ID       string `jsonapi:"primary,tls_certificate"` // ID value does not need to be set.
   126  	CertBlob string `jsonapi:"attr,cert_blob"`
   127  	Name     string `jsonapi:"attr,name,omitempty"`
   128  }
   129  
   130  // CreateCustomTLSCertificate creates a custom TLS certificate.
   131  func (c *Client) CreateCustomTLSCertificate(i *CreateCustomTLSCertificateInput) (*CustomTLSCertificate, error) {
   132  	if i.CertBlob == "" {
   133  		return nil, ErrMissingCertBlob
   134  	}
   135  
   136  	p := "/tls/certificates"
   137  
   138  	r, err := c.PostJSONAPI(p, i, nil)
   139  	if err != nil {
   140  		return nil, err
   141  	}
   142  
   143  	var cc CustomTLSCertificate
   144  	if err := jsonapi.UnmarshalPayload(r.Body, &cc); err != nil {
   145  		return nil, err
   146  	}
   147  
   148  	return &cc, nil
   149  }
   150  
   151  // UpdateCustomTLSCertificateInput is used as input to the UpdateCustomTLSCertificate function.
   152  type UpdateCustomTLSCertificateInput struct {
   153  	ID       string `jsonapi:"primary,tls_certificate"`
   154  	CertBlob string `jsonapi:"attr,cert_blob"`
   155  	Name     string `jsonapi:"attr,name,omitempty"`
   156  }
   157  
   158  // UpdateCustomTLSCertificate replace a certificate with a newly reissued certificate.
   159  // By using this endpoint, the original certificate will cease to be used for future TLS handshakes.
   160  // Thus, only SAN entries that appear in the replacement certificate will become TLS enabled.
   161  // Any SAN entries that are missing in the replacement certificate will become disabled.
   162  func (c *Client) UpdateCustomTLSCertificate(i *UpdateCustomTLSCertificateInput) (*CustomTLSCertificate, error) {
   163  	if i.ID == "" {
   164  		return nil, ErrMissingID
   165  	}
   166  
   167  	if i.CertBlob == "" {
   168  		return nil, ErrMissingCertBlob
   169  	}
   170  
   171  	path := fmt.Sprintf("/tls/certificates/%s", i.ID)
   172  	resp, err := c.PatchJSONAPI(path, i, nil)
   173  	if err != nil {
   174  		return nil, err
   175  	}
   176  
   177  	var cc CustomTLSCertificate
   178  	if err := jsonapi.UnmarshalPayload(resp.Body, &cc); err != nil {
   179  		return nil, err
   180  	}
   181  	return &cc, nil
   182  }
   183  
   184  // DeleteCustomTLSCertificateInput used for deleting a certificate.
   185  type DeleteCustomTLSCertificateInput struct {
   186  	ID string
   187  }
   188  
   189  // DeleteCustomTLSCertificate destroy a certificate. This disables TLS for all domains listed as SAN entries.
   190  func (c *Client) DeleteCustomTLSCertificate(i *DeleteCustomTLSCertificateInput) error {
   191  	if i.ID == "" {
   192  		return ErrMissingID
   193  	}
   194  
   195  	path := fmt.Sprintf("/tls/certificates/%s", i.ID)
   196  	_, err := c.Delete(path, nil)
   197  	return err
   198  }