/
tls.go
159 lines (132 loc) · 3.89 KB
/
tls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
package fastly
import (
"fmt"
"reflect"
"strconv"
"time"
"github.com/google/jsonapi"
)
// GetPrivateKeyInput is an input to the GetPrivateKey function.
// Allowed values for the fields are described at https://developer.fastly.com/reference/api/tls/platform/.
type GetPrivateKeyInput struct {
ID string
}
// PrivateKey represents a private key is used to sign a Certificate.
type PrivateKey struct {
ID string `jsonapi:"primary,tls_private_key"`
Name string `jsonapi:"attr,name"`
KeyLength int `jsonapi:"attr,key_length"`
KeyType string `jsonapi:"attr,key_type"`
PublicKeySHA1 string `jsonapi:"attr,public_key_sha1"`
CreatedAt *time.Time `jsonapi:"attr,created_at,iso8601"`
Replace bool `jsonapi:"attr,replace"`
}
// ListPrivateKeysInput is used as input to the ListPrivateKeys function.
type ListPrivateKeysInput struct {
PageNumber int // The page index for pagination.
PageSize int // The number of keys per page.
FilterInUse string // Limit the returned keys to those without any matching TLS certificates.
}
// formatFilters converts user input into query parameters for filtering.
func (i *ListPrivateKeysInput) formatFilters() map[string]string {
result := map[string]string{}
pairings := map[string]interface{}{
"filter[in_use]": i.FilterInUse,
"page[size]": i.PageSize,
"page[number]": i.PageNumber,
}
for key, value := range pairings {
switch t := reflect.TypeOf(value).String(); t {
case "string":
if value != "" {
result[key] = value.(string)
}
case "int":
if value != 0 {
result[key] = strconv.Itoa(value.(int))
}
}
}
return result
}
// ListPrivateKeys list all TLS private keys.
func (c *Client) ListPrivateKeys(i *ListPrivateKeysInput) ([]*PrivateKey, error) {
p := "/tls/private_keys"
filters := &RequestOptions{
Params: i.formatFilters(),
Headers: map[string]string{
"Accept": "application/vnd.api+json", // this is required otherwise the filters don't work
},
}
r, err := c.Get(p, filters)
if err != nil {
return nil, err
}
defer r.Body.Close()
data, err := jsonapi.UnmarshalManyPayload(r.Body, reflect.TypeOf(new(PrivateKey)))
if err != nil {
return nil, err
}
ppk := make([]*PrivateKey, len(data))
for i := range data {
typed, ok := data[i].(*PrivateKey)
if !ok {
return nil, fmt.Errorf("got back a non-PrivateKey response")
}
ppk[i] = typed
}
return ppk, nil
}
// GetPrivateKey show a TLS private key.
func (c *Client) GetPrivateKey(i *GetPrivateKeyInput) (*PrivateKey, error) {
if i.ID == "" {
return nil, ErrMissingID
}
p := fmt.Sprintf("/tls/private_keys/%s", i.ID)
r, err := c.Get(p, nil)
if err != nil {
return nil, err
}
var ppk PrivateKey
if err := jsonapi.UnmarshalPayload(r.Body, &ppk); err != nil {
return nil, err
}
return &ppk, nil
}
// CreatePrivateKeyInput is used as input to the CreatePrivateKey function.
type CreatePrivateKeyInput struct {
Key string `jsonapi:"attr,key,omitempty"`
Name string `jsonapi:"attr,name,omitempty"`
}
// CreatePrivateKey create a TLS private key.
func (c *Client) CreatePrivateKey(i *CreatePrivateKeyInput) (*PrivateKey, error) {
p := "/tls/private_keys"
if i.Key == "" {
return nil, ErrMissingKey
}
if i.Name == "" {
return nil, ErrMissingName
}
r, err := c.PostJSONAPI(p, i, nil)
if err != nil {
return nil, err
}
var ppk PrivateKey
if err := jsonapi.UnmarshalPayload(r.Body, &ppk); err != nil {
return nil, err
}
return &ppk, nil
}
// DeletePrivateKeyInput used for deleting a private key.
type DeletePrivateKeyInput struct {
ID string
}
// DeletePrivateKey destroy a TLS private key. Only private keys not already matched to any certificates can be deleted.
func (c *Client) DeletePrivateKey(i *DeletePrivateKeyInput) error {
if i.ID == "" {
return ErrMissingID
}
path := fmt.Sprintf("/tls/private_keys/%s", i.ID)
_, err := c.Delete(path, nil)
return err
}