go.temporal.io/server@v1.23.0/common/rpc/encryption/fixedTLSConfigProvider.go (about)

     1  // The MIT License
     2  //
     3  // Copyright (c) 2020 Temporal Technologies Inc.  All rights reserved.
     4  //
     5  // Copyright (c) 2020 Uber Technologies, Inc.
     6  //
     7  // Permission is hereby granted, free of charge, to any person obtaining a copy
     8  // of this software and associated documentation files (the "Software"), to deal
     9  // in the Software without restriction, including without limitation the rights
    10  // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    11  // copies of the Software, and to permit persons to whom the Software is
    12  // furnished to do so, subject to the following conditions:
    13  //
    14  // The above copyright notice and this permission notice shall be included in
    15  // all copies or substantial portions of the Software.
    16  //
    17  // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    18  // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    19  // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    20  // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    21  // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    22  // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    23  // THE SOFTWARE.
    24  
    25  package encryption
    26  
    27  import (
    28  	"crypto/tls"
    29  	"time"
    30  )
    31  
    32  // FixedTLSConfigProvider is a [TLSConfigProvider] that is for fixed sets of TLS
    33  // configs. This is usually only used for testing.
    34  
    35  type FixedTLSConfigProvider struct {
    36  	InternodeServerConfig      *tls.Config
    37  	InternodeClientConfig      *tls.Config
    38  	FrontendServerConfig       *tls.Config
    39  	FrontendClientConfig       *tls.Config
    40  	RemoteClusterClientConfigs map[string]*tls.Config
    41  	CertExpirationChecker      CertExpirationChecker
    42  }
    43  
    44  var _ TLSConfigProvider = (*FixedTLSConfigProvider)(nil)
    45  
    46  // GetInternodeServerConfig implements [TLSConfigProvider.GetInternodeServerConfig].
    47  func (f *FixedTLSConfigProvider) GetInternodeServerConfig() (*tls.Config, error) {
    48  	return f.InternodeServerConfig, nil
    49  }
    50  
    51  // GetInternodeClientConfig implements [TLSConfigProvider.GetInternodeClientConfig].
    52  func (f *FixedTLSConfigProvider) GetInternodeClientConfig() (*tls.Config, error) {
    53  	return f.InternodeClientConfig, nil
    54  }
    55  
    56  // GetFrontendServerConfig implements [TLSConfigProvider.GetFrontendServerConfig].
    57  func (f *FixedTLSConfigProvider) GetFrontendServerConfig() (*tls.Config, error) {
    58  	return f.FrontendServerConfig, nil
    59  }
    60  
    61  // GetFrontendClientConfig implements [TLSConfigProvider.GetFrontendClientConfig].
    62  func (f *FixedTLSConfigProvider) GetFrontendClientConfig() (*tls.Config, error) {
    63  	return f.FrontendClientConfig, nil
    64  }
    65  
    66  // GetRemoteClusterClientConfig implements [TLSConfigProvider.GetRemoteClusterClientConfig].
    67  func (f *FixedTLSConfigProvider) GetRemoteClusterClientConfig(hostname string) (*tls.Config, error) {
    68  	return f.RemoteClusterClientConfigs[hostname], nil
    69  }
    70  
    71  // GetExpiringCerts implements [TLSConfigProvider.GetExpiringCerts].
    72  func (f *FixedTLSConfigProvider) GetExpiringCerts(
    73  	timeWindow time.Duration,
    74  ) (expiring CertExpirationMap, expired CertExpirationMap, err error) {
    75  	if f.CertExpirationChecker != nil {
    76  		return f.CertExpirationChecker.GetExpiringCerts(timeWindow)
    77  	}
    78  	return nil, nil, nil
    79  }