github.com/ztalab/ZACA@v0.0.1/pkg/caclient/test/mtls_test.go (about) 1 package test 2 3 import ( 4 "crypto/tls" 5 "fmt" 6 "github.com/valyala/fasthttp" 7 "github.com/ztalab/ZACA/pkg/caclient" 8 "github.com/ztalab/ZACA/pkg/spiffe" 9 "github.com/ztalab/cfssl/helpers" 10 cflog "github.com/ztalab/cfssl/log" 11 "net" 12 "net/http" 13 "os" 14 "testing" 15 "time" 16 ) 17 18 func TestMTls(t *testing.T) { 19 cflog.Level = cflog.LevelDebug 20 c := caclient.NewCAI( 21 caclient.WithCAServer(caclient.RoleDefault, "https://127.0.0.1:8081"), 22 caclient.WithOcspAddr("http://127.0.0.1:8082")) 23 serverEx, err := c.NewExchanger(&spiffe.IDGIdentity{ 24 SiteID: "test_site", 25 ClusterID: "cluster_test", 26 UniqueID: "server1", 27 }) 28 clientEx, err := c.NewExchanger(&spiffe.IDGIdentity{ 29 SiteID: "test_site", 30 ClusterID: "cluster_test", 31 UniqueID: "client1", 32 }) 33 if err != nil { 34 t.Error("transport Error: ", err) 35 } 36 37 serverTls, err := serverEx.ServerTLSConfig() 38 if err != nil { 39 t.Error("Server TLS get error: ", err) 40 } 41 fmt.Println("------------- Server trust certificate --------------") 42 fmt.Println(string(helpers.EncodeCertificatesPEM(serverEx.Transport.ClientTrustStore.Certificates()))) 43 fmt.Println("------------- END Server trust certificate --------------") 44 45 clientTls, err := clientEx.ClientTLSConfig("") 46 if err != nil { 47 t.Error("client tls config get error: ", err) 48 } 49 fmt.Println("------------- Client trust certificate --------------") 50 fmt.Println(string(helpers.EncodeCertificatesPEM(clientEx.Transport.TrustStore.Certificates()))) 51 fmt.Println("------------- END Client trust certificate --------------") 52 53 go func() { 54 httpsServer(serverTls.TLSConfig()) 55 }() 56 client := httpClient(clientTls.TLSConfig()) 57 time.Sleep(2 * time.Second) 58 59 var messages = []string{"hello world", "hello", "world"} 60 for range messages { 61 resp, err := client.Get("https://127.0.0.1:8082/test111111") 62 if err != nil { 63 fmt.Fprint(os.Stderr, "request was aborted: ", err) 64 } 65 66 fmt.Println("Request succeeded: ", resp.Status) 67 } 68 } 69 70 func httpClient(cfg *tls.Config) *http.Client { 71 client := http.Client{ 72 Transport: &http.Transport{ 73 TLSClientConfig: cfg, 74 MaxIdleConns: 50, 75 MaxIdleConnsPerHost: 50, 76 }, 77 } 78 return &client 79 } 80 81 func httpsServer(cfg *tls.Config) { 82 ln, err := net.Listen("tcp4", "0.0.0.0:8082") 83 if err != nil { 84 panic(err) 85 } 86 87 defer ln.Close() 88 89 lnTls := tls.NewListener(ln, cfg) 90 91 if err := fasthttp.Serve(lnTls, func(ctx *fasthttp.RequestCtx) { 92 str := ctx.Request.String() 93 fmt.Println("Server reception: ", str) 94 ctx.SetStatusCode(200) 95 ctx.SetBody([]byte("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")) 96 }); err != nil { 97 panic(err) 98 } 99 }