batch requests client checks for ssl config and add test

batch_requests.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -40,7 +41,16 @@ type BatchRequestHandler struct {
 
 // doRequest will make the same request but return a BatchReplyUnit
 func (b *BatchRequestHandler) doRequest(req *http.Request, relURL string) BatchReplyUnit {
-	resp, err := http.DefaultClient.Do(req)
+	tr := &http.Transport{TLSClientConfig: &tls.Config{}}
+
+	if cert := getUpstreamCertificate(req.Host, b.API); cert != nil {
+		tr.TLSClientConfig.Certificates = []tls.Certificate{*cert}
+	}
+
+	tr.TLSClientConfig.InsecureSkipVerify = config.Global.ProxySSLInsecureSkipVerify
+	client := &http.Client{Transport: tr}
+
+	resp, err := client.Do(req)
 	if err != nil {
 		log.Error("Webhook request failed: ", err)
 		return BatchReplyUnit{}

batch_requests_test.go

@@ -1,10 +1,16 @@
 package main
 
 import (
+	"crypto/tls"
+	"encoding/base64"
 	"encoding/json"
 	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
 	"testing"
 
+	"github.com/TykTechnologies/tyk/apidef"
+	"github.com/TykTechnologies/tyk/config"
 	"github.com/TykTechnologies/tyk/test"
 )
 
@@ -65,3 +71,101 @@ func TestBatch(t *testing.T) {
 		}
 	}
 }
+
+const virtBatchTest = `function batchTest (request, session, config) {
+    // Set up a response object
+    var response = {
+        Body: ""
+        Headers: {
+            "content-type": "application/json"
+        },
+        Code: 202
+    }
+    
+    // Batch request
+    var batch = {
+        "requests": [
+			{
+				"method": "GET",
+				"relative_url": "https://127.0.0.1:65504"
+			},
+		],
+        "suppress_parallel_execution": false
+    }
+    
+    log("[Virtual Test] Making Upstream Batch Request")
+    var newBody = TykBatchRequest(JSON.stringify(batch))
+    
+    
+    var asJS = JSON.parse(newBody)
+    for (var i in asJS) {
+        asJS[i].body = JSON.parse(asJS[i].body)
+    }
+    
+    // We need to send a string object back to Tyk to embed in the response
+    response.Body = JSON.stringify(asJS)
+    
+    return TykJsResponse(response, session.meta_data)
+    
+}`
+
+func TestSSLBatch(t *testing.T) {
+
+	// _, _, combinedClientPEM, clientCert := genCertificate(&x509.Certificate{})
+	// clientCert.Leaf, _ = x509.ParseCertificate(clientCert.Certificate[0])
+
+	// _, _, combinedPEM, _ := genServerCertificate()
+	// serverCertID, _ := CertificateManager.Add(combinedPEM, "")
+	// defer CertificateManager.Delete(serverCertID)
+
+	upstream := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+	}))
+	// Mutual TLS protected upstream
+	// pool := x509.NewCertPool()
+	upstream.TLS = &tls.Config{
+		// ClientAuth:         tls.RequireAndVerifyClientCert,
+		// ClientCAs:          pool,
+		InsecureSkipVerify: true,
+	}
+	upstream.StartTLS()
+	upstream.URL = "https://127.0.0.1:65504"
+
+	defer upstream.Close()
+	// clientCertID, _ := CertificateManager.Add(combinedClientPEM, "")
+	// defer CertificateManager.Delete(clientCertID)
+
+	// pool.AddCert(clientCert.Leaf)
+	//config.Global.HttpServerOptions.UseSSL = true
+	//config.Global.HttpServerOptions.SSLCertificates = []string{serverCertID}
+	config.Global.ProxySSLInsecureSkipVerify = true
+
+	defer resetTestConfig()
+
+	ts := newTykTestServer()
+	defer ts.Close()
+
+	buildAndLoadAPI(func(spec *APISpec) {
+		spec.Proxy.ListenPath = "/"
+		// spec.UpstreamCertificates = map[string]string{
+		// 	"*": clientCertID,
+		// }
+
+		virtualMeta := apidef.VirtualMeta{
+			ResponseFunctionName: "virtBatchTest",
+			FunctionSourceType:   "blob",
+			FunctionSourceURI:    base64.StdEncoding.EncodeToString([]byte(virtBatchTest)),
+			Path:                 "/virt",
+			Method:               "GET",
+		}
+		v := spec.VersionData.Versions["v1"]
+		v.UseExtendedPaths = true
+		v.ExtendedPaths = apidef.ExtendedPathsSet{
+			Virtual: []apidef.VirtualMeta{virtualMeta},
+		}
+		spec.VersionData.Versions["v1"] = v
+	})
+
+	ts.Run(t, test.TestCase{
+		Path: "/virt", Code: 202,
+	})
+}