go.temporal.io/server@v1.23.0/common/rpc/encryption/test_dynamic_tlsconfig_provider.go (about) 1 // The MIT License 2 // 3 // Copyright (c) 2020 Temporal Technologies Inc. All rights reserved. 4 // 5 // Copyright (c) 2020 Uber Technologies, Inc. 6 // 7 // Permission is hereby granted, free of charge, to any person obtaining a copy 8 // of this software and associated documentation files (the "Software"), to deal 9 // in the Software without restriction, including without limitation the rights 10 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 // copies of the Software, and to permit persons to whom the Software is 12 // furnished to do so, subject to the following conditions: 13 // 14 // The above copyright notice and this permission notice shall be included in 15 // all copies or substantial portions of the Software. 16 // 17 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 // THE SOFTWARE. 24 25 package encryption 26 27 import ( 28 "crypto/tls" 29 "crypto/x509" 30 "time" 31 32 "go.temporal.io/server/common/config" 33 "go.temporal.io/server/common/log" 34 ) 35 36 type TestDynamicTLSConfigProvider struct { 37 settings *config.RootTLS 38 39 InternodeCertProvider *TestDynamicCertProvider 40 InternodeClientCertProvider *TestDynamicCertProvider 41 FrontendCertProvider *TestDynamicCertProvider 42 FrontendClientCertProvider *TestDynamicCertProvider 43 WorkerCertProvider *TestDynamicCertProvider 44 45 FrontendPerHostCertProviderMap PerHostCertProviderMap 46 47 logger log.Logger 48 } 49 50 func (t *TestDynamicTLSConfigProvider) GetInternodeServerConfig() (*tls.Config, error) { 51 return newServerTLSConfig(t.InternodeCertProvider, nil, &t.settings.Internode, t.logger) 52 } 53 54 func (t *TestDynamicTLSConfigProvider) GetInternodeClientConfig() (*tls.Config, error) { 55 return newClientTLSConfig(t.InternodeClientCertProvider, t.settings.Internode.Client.ServerName, true, false, true) 56 } 57 58 func (t *TestDynamicTLSConfigProvider) GetFrontendServerConfig() (*tls.Config, error) { 59 return newServerTLSConfig(t.FrontendCertProvider, t.FrontendPerHostCertProviderMap, &t.settings.Frontend, t.logger) 60 } 61 62 func (t *TestDynamicTLSConfigProvider) GetFrontendClientConfig() (*tls.Config, error) { 63 return newClientTLSConfig(t.WorkerCertProvider, t.settings.Frontend.Client.ServerName, true, false, true) 64 } 65 66 func (t *TestDynamicTLSConfigProvider) GetExpiringCerts(timeWindow time.Duration) (expiring CertExpirationMap, expired CertExpirationMap, err error) { 67 panic("implement me") 68 } 69 70 func (t *TestDynamicTLSConfigProvider) GetRemoteClusterClientConfig(hostName string) (*tls.Config, error) { 71 panic("implement me") 72 } 73 74 var _ TLSConfigProvider = (*TestDynamicTLSConfigProvider)(nil) 75 76 func NewTestDynamicTLSConfigProvider( 77 tlsConfig *config.RootTLS, 78 internodeCerts []*tls.Certificate, 79 internodeCACerts *x509.CertPool, 80 frontendCerts []*tls.Certificate, 81 frontendCACerts *x509.CertPool, 82 wrongCACerts *x509.CertPool, 83 ) (*TestDynamicTLSConfigProvider, error) { 84 85 internodeProvider := NewTestDynamicCertProvider(internodeCerts, internodeCACerts, wrongCACerts, tlsConfig.Internode) 86 frontendProvider := NewTestDynamicCertProvider(frontendCerts, frontendCACerts, wrongCACerts, tlsConfig.Frontend) 87 88 return &TestDynamicTLSConfigProvider{ 89 InternodeCertProvider: internodeProvider, 90 InternodeClientCertProvider: internodeProvider, 91 FrontendCertProvider: frontendProvider, 92 FrontendClientCertProvider: frontendProvider, 93 WorkerCertProvider: frontendProvider, 94 FrontendPerHostCertProviderMap: frontendProvider, 95 settings: tlsConfig, 96 logger: log.NewTestLogger(), 97 }, nil 98 }