go.temporal.io/server@v1.23.0/common/rpc/encryption/fixedTLSConfigProvider.go (about) 1 // The MIT License 2 // 3 // Copyright (c) 2020 Temporal Technologies Inc. All rights reserved. 4 // 5 // Copyright (c) 2020 Uber Technologies, Inc. 6 // 7 // Permission is hereby granted, free of charge, to any person obtaining a copy 8 // of this software and associated documentation files (the "Software"), to deal 9 // in the Software without restriction, including without limitation the rights 10 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 // copies of the Software, and to permit persons to whom the Software is 12 // furnished to do so, subject to the following conditions: 13 // 14 // The above copyright notice and this permission notice shall be included in 15 // all copies or substantial portions of the Software. 16 // 17 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 // THE SOFTWARE. 24 25 package encryption 26 27 import ( 28 "crypto/tls" 29 "time" 30 ) 31 32 // FixedTLSConfigProvider is a [TLSConfigProvider] that is for fixed sets of TLS 33 // configs. This is usually only used for testing. 34 35 type FixedTLSConfigProvider struct { 36 InternodeServerConfig *tls.Config 37 InternodeClientConfig *tls.Config 38 FrontendServerConfig *tls.Config 39 FrontendClientConfig *tls.Config 40 RemoteClusterClientConfigs map[string]*tls.Config 41 CertExpirationChecker CertExpirationChecker 42 } 43 44 var _ TLSConfigProvider = (*FixedTLSConfigProvider)(nil) 45 46 // GetInternodeServerConfig implements [TLSConfigProvider.GetInternodeServerConfig]. 47 func (f *FixedTLSConfigProvider) GetInternodeServerConfig() (*tls.Config, error) { 48 return f.InternodeServerConfig, nil 49 } 50 51 // GetInternodeClientConfig implements [TLSConfigProvider.GetInternodeClientConfig]. 52 func (f *FixedTLSConfigProvider) GetInternodeClientConfig() (*tls.Config, error) { 53 return f.InternodeClientConfig, nil 54 } 55 56 // GetFrontendServerConfig implements [TLSConfigProvider.GetFrontendServerConfig]. 57 func (f *FixedTLSConfigProvider) GetFrontendServerConfig() (*tls.Config, error) { 58 return f.FrontendServerConfig, nil 59 } 60 61 // GetFrontendClientConfig implements [TLSConfigProvider.GetFrontendClientConfig]. 62 func (f *FixedTLSConfigProvider) GetFrontendClientConfig() (*tls.Config, error) { 63 return f.FrontendClientConfig, nil 64 } 65 66 // GetRemoteClusterClientConfig implements [TLSConfigProvider.GetRemoteClusterClientConfig]. 67 func (f *FixedTLSConfigProvider) GetRemoteClusterClientConfig(hostname string) (*tls.Config, error) { 68 return f.RemoteClusterClientConfigs[hostname], nil 69 } 70 71 // GetExpiringCerts implements [TLSConfigProvider.GetExpiringCerts]. 72 func (f *FixedTLSConfigProvider) GetExpiringCerts( 73 timeWindow time.Duration, 74 ) (expiring CertExpirationMap, expired CertExpirationMap, err error) { 75 if f.CertExpirationChecker != nil { 76 return f.CertExpirationChecker.GetExpiringCerts(timeWindow) 77 } 78 return nil, nil, nil 79 }