github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/internal/selfregmanager/caller_provider.go

github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/internal/selfregmanager/caller_provider.go (about)

     1  package selfregmanager
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/kyma-incubator/compass/components/director/internal/securehttp"
     7  	authpkg "github.com/kyma-incubator/compass/components/director/pkg/auth"
     8  	"github.com/kyma-incubator/compass/components/director/pkg/config"
     9  	"github.com/kyma-incubator/compass/components/director/pkg/oauth"
    10  	"github.com/pkg/errors"
    11  )
    12  
    13  // CallerProvider is used to provide ExternalSvcCaller to call external services with given authentication
    14  type CallerProvider struct{}
    15  
    16  // GetCaller provides ExternalSvcCaller to call external services with given authentication
    17  func (c *CallerProvider) GetCaller(config config.SelfRegConfig, region string) (ExternalSvcCaller, error) {
    18  	instanceConfig, exists := config.RegionToInstanceConfig[region]
    19  	if !exists {
    20  		return nil, errors.Errorf("missing configuration for region: %s", region)
    21  	}
    22  
    23  	var credentials authpkg.Credentials
    24  	if config.OAuthMode == oauth.Standard {
    25  		credentials = &authpkg.OAuthCredentials{
    26  			ClientID:     instanceConfig.ClientID,
    27  			ClientSecret: instanceConfig.ClientSecret,
    28  			TokenURL:     instanceConfig.URL + config.OauthTokenPath,
    29  		}
    30  	} else if config.OAuthMode == oauth.Mtls {
    31  		mtlsCredentials, err := authpkg.NewOAuthMtlsCredentials(instanceConfig.ClientID, instanceConfig.Cert, instanceConfig.Key, instanceConfig.TokenURL, config.OauthTokenPath, config.ExternalClientCertSecretName)
    32  		if err != nil {
    33  			return nil, errors.Wrap(err, "while creating OAuth Mtls credentials")
    34  		}
    35  		credentials = mtlsCredentials
    36  	} else {
    37  		return nil, errors.New(fmt.Sprintf("unsupported OAuth mode: %s", config.OAuthMode))
    38  	}
    39  
    40  	callerConfig := securehttp.CallerConfig{
    41  		Credentials:                  credentials,
    42  		ClientTimeout:                config.ClientTimeout,
    43  		SkipSSLValidation:            config.SkipSSLValidation,
    44  		ExternalClientCertSecretName: config.ExternalClientCertSecretName,
    45  	}
    46  	caller, err := securehttp.NewCaller(callerConfig)
    47  	if err != nil {
    48  		return nil, err
    49  	}
    50  
    51  	return caller, nil
    52  }