-
Notifications
You must be signed in to change notification settings - Fork 0
/
service_account_keys.go
160 lines (135 loc) · 4.94 KB
/
service_account_keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
package authlib
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
"time"
"github.com/google/uuid"
)
// ServiceAccountKey represents the structure of a service account key
type ServiceAccountKey struct {
ID uuid.UUID `json:"id"`
ServiceAccountID uuid.UUID `json:"service_account_id"`
PublicKey []byte `json:"public_key"`
PrivateKey []byte `json:"private_key"`
CreatedAt time.Time `json:"created_at"`
}
// SaveServiceAccountKeyInput represents the required input to save a service account key
type SaveServiceAccountKeyInput struct {
ServiceAccountID uuid.UUID `json:"service_account_id"`
}
func (c *Client) SaveServiceAccountKey(ctx context.Context, input SaveServiceAccountKeyInput) (*ServiceAccountKey, error) {
// JSON encode the input
requestBody, err := json.Marshal(input)
if err != nil {
return nil, fmt.Errorf("failed to encode request body: %w", err)
}
// Construct the HTTP request
req, err := http.NewRequestWithContext(ctx, "POST", c.BaseURL+"/service-account-keys", bytes.NewBuffer(requestBody))
if err != nil {
return nil, fmt.Errorf("failed to create request: %w", err)
}
req.Header.Set("Content-Type", "application/json")
// Execute the HTTP request
resp, err := c.HttpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to execute request: %w", err)
}
defer resp.Body.Close()
// Check for error response
if resp.StatusCode != http.StatusCreated {
var errorResponse ErrorResponse
if err := json.NewDecoder(resp.Body).Decode(&errorResponse); err != nil {
return nil, fmt.Errorf("failed to decode error response: %w", err)
}
return nil, errors.New(errorResponse.Message)
}
// Decode the successful response
var createdServiceAccountKey ServiceAccountKey
if err := json.NewDecoder(resp.Body).Decode(&createdServiceAccountKey); err != nil {
return nil, fmt.Errorf("failed to decode successful response: %w", err)
}
return &createdServiceAccountKey, nil
}
// SignDataInput represents the required input to sign data
type SignDataInput struct {
ServiceAccountID uuid.UUID `json:"service_account_id"`
Data []byte `json:"data"`
}
// SignDataOutput represents the response from the sign data API
type SignDataOutput struct {
Signature []byte `json:"signature"`
}
func (c *Client) SignData(ctx context.Context, input SignDataInput) (*SignDataOutput, error) {
// JSON encode the input
requestBody, err := json.Marshal(input)
if err != nil {
return nil, fmt.Errorf("failed to encode request body: %w", err)
}
// Construct the HTTP request
req, err := http.NewRequestWithContext(ctx, "POST", c.BaseURL+"/sign-data", bytes.NewBuffer(requestBody))
if err != nil {
return nil, fmt.Errorf("failed to create request: %w", err)
}
req.Header.Set("Content-Type", "application/json")
// Execute the HTTP request
resp, err := c.HttpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to execute request: %w", err)
}
defer resp.Body.Close()
// Check for error response
if resp.StatusCode != http.StatusOK {
var errorResponse ErrorResponse
if err := json.NewDecoder(resp.Body).Decode(&errorResponse); err != nil {
return nil, fmt.Errorf("failed to decode error response: %w", err)
}
return nil, errors.New(errorResponse.Message)
}
// Decode the successful response
var signDataOutput SignDataOutput
if err := json.NewDecoder(resp.Body).Decode(&signDataOutput); err != nil {
return nil, fmt.Errorf("failed to decode successful response: %w", err)
}
return &signDataOutput, nil
}
// FetchPrivateKeyInput represents the required input to fetch a service account key
type FetchPrivateKeyInput struct {
ServiceAccountID uuid.UUID `json:"service_account_id"`
}
func (c *Client) FetchPrivateKey(ctx context.Context, input FetchPrivateKeyInput) ([]byte, error) {
// JSON encode the input
requestBody, err := json.Marshal(input)
if err != nil {
return nil, fmt.Errorf("failed to encode request body: %w", err)
}
// Construct the HTTP request
req, err := http.NewRequestWithContext(ctx, "GET", c.BaseURL+"/service-account-keys/"+input.ServiceAccountID.String(), bytes.NewBuffer(requestBody))
if err != nil {
return nil, fmt.Errorf("failed to create request: %w", err)
}
req.Header.Set("Content-Type", "application/json")
// Execute the HTTP request
resp, err := c.HttpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to execute request: %w", err)
}
defer resp.Body.Close()
// Check for error response
if resp.StatusCode != http.StatusOK {
var errorResponse ErrorResponse
if err := json.NewDecoder(resp.Body).Decode(&errorResponse); err != nil {
return nil, fmt.Errorf("failed to decode error response: %w", err)
}
return nil, errors.New(errorResponse.Message)
}
// Decode the successful response
var fetchedPrivateKey []byte
if err := json.NewDecoder(resp.Body).Decode(&fetchedPrivateKey); err != nil {
return nil, fmt.Errorf("failed to decode successful response: %w", err)
}
return fetchedPrivateKey, nil
}