go.temporal.io/server@v1.23.0/common/rpc/encryption/test_dynamic_cert_provider.go (about) 1 // The MIT License 2 // 3 // Copyright (c) 2020 Temporal Technologies Inc. All rights reserved. 4 // 5 // Copyright (c) 2020 Uber Technologies, Inc. 6 // 7 // Permission is hereby granted, free of charge, to any person obtaining a copy 8 // of this software and associated documentation files (the "Software"), to deal 9 // in the Software without restriction, including without limitation the rights 10 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 // copies of the Software, and to permit persons to whom the Software is 12 // furnished to do so, subject to the following conditions: 13 // 14 // The above copyright notice and this permission notice shall be included in 15 // all copies or substantial portions of the Software. 16 // 17 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 // THE SOFTWARE. 24 25 package encryption 26 27 import ( 28 "crypto/tls" 29 "crypto/x509" 30 "time" 31 32 "go.temporal.io/server/common/config" 33 ) 34 35 type TestDynamicCertProvider struct { 36 serverCerts []*tls.Certificate 37 caCerts *x509.CertPool 38 wrongCACerts *x509.CertPool 39 serverCertIndex int 40 config *config.GroupTLS 41 serverName string 42 } 43 44 var _ CertProvider = (*TestDynamicCertProvider)(nil) 45 var _ PerHostCertProviderMap = (*TestDynamicCertProvider)(nil) 46 47 func NewTestDynamicCertProvider( 48 serverCerts []*tls.Certificate, 49 caCerts *x509.CertPool, 50 wrongCACerts *x509.CertPool, 51 config config.GroupTLS) *TestDynamicCertProvider { 52 53 return &TestDynamicCertProvider{ 54 serverCerts: serverCerts, 55 caCerts: caCerts, 56 wrongCACerts: wrongCACerts, 57 config: &config, 58 serverName: "127.0.0.1", 59 } 60 } 61 62 func (t *TestDynamicCertProvider) FetchServerCertificate() (*tls.Certificate, error) { 63 i := t.serverCertIndex % len(t.serverCerts) 64 t.serverCertIndex++ 65 return t.serverCerts[i], nil 66 } 67 68 func (t *TestDynamicCertProvider) FetchClientCAs() (*x509.CertPool, error) { 69 panic("not implemented") 70 } 71 72 func (t *TestDynamicCertProvider) GetSettings() *config.GroupTLS { 73 return t.config 74 } 75 76 func (t *TestDynamicCertProvider) FetchClientCertificate(_ bool) (*tls.Certificate, error) { 77 panic("not implemented") 78 } 79 80 func (t *TestDynamicCertProvider) FetchServerRootCAsForClient(_ bool) (*x509.CertPool, error) { 81 return t.caCerts, nil 82 } 83 84 func (t *TestDynamicCertProvider) GetCertProvider(hostName string) (CertProvider, bool, error) { 85 if hostName == "localhost" { 86 return t, false, nil 87 } 88 return nil, false, nil 89 } 90 91 func (t *TestDynamicCertProvider) SwitchToWrongServerRootCACerts() { 92 t.caCerts = t.wrongCACerts 93 } 94 95 func (t *TestDynamicCertProvider) SetServerName(serverName string) { 96 t.serverName = serverName 97 } 98 99 func (t *TestDynamicCertProvider) GetExpiringCerts(_ time.Duration, 100 ) (expiring CertExpirationMap, expired CertExpirationMap, err error) { 101 panic("not implemented") 102 } 103 104 func (t *TestDynamicCertProvider) Initialize(refreshInterval time.Duration) { 105 panic("implement me") 106 } 107 108 func (t *TestDynamicCertProvider) NumberOfHosts() int { 109 return 1 110 }