-
Notifications
You must be signed in to change notification settings - Fork 491
/
http_util.go
86 lines (73 loc) · 2.23 KB
/
http_util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package httputil
import (
"crypto/tls"
"crypto/x509"
"encoding/base64"
"fmt"
"io/ioutil"
"net/http"
"time"
"github.com/kiali/kiali/config"
)
func HttpMethods() []string {
return []string{http.MethodGet, http.MethodHead, http.MethodPost, http.MethodPut, http.MethodPatch,
http.MethodDelete, http.MethodConnect, http.MethodOptions, http.MethodTrace}
}
func HttpGet(url string, auth *config.Auth, timeout time.Duration) ([]byte, int, error) {
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return nil, 0, err
}
transport, err := AuthTransport(auth, &http.Transport{})
if err != nil {
return nil, 0, err
}
client := http.Client{Transport: transport, Timeout: timeout}
resp, err := client.Do(req)
if err != nil {
return nil, 0, err
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
return body, resp.StatusCode, err
}
type authRoundTripper struct {
auth string
originalRT http.RoundTripper
}
func (rt *authRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
req.Header.Set("Authorization", rt.auth)
return rt.originalRT.RoundTrip(req)
}
func newAuthRoundTripper(auth *config.Auth, rt http.RoundTripper) http.RoundTripper {
switch auth.Type {
case config.AuthTypeBearer:
token := auth.Token
return &authRoundTripper{auth: "Bearer " + token, originalRT: rt}
case config.AuthTypeBasic:
encoded := base64.StdEncoding.EncodeToString([]byte(auth.Username + ":" + auth.Password))
return &authRoundTripper{auth: "Basic " + encoded, originalRT: rt}
default:
return rt
}
}
func AuthTransport(auth *config.Auth, transportConfig *http.Transport) (http.RoundTripper, error) {
if auth.InsecureSkipVerify || auth.CAFile != "" {
var certPool *x509.CertPool
if auth.CAFile != "" {
certPool = x509.NewCertPool()
cert, err := ioutil.ReadFile(auth.CAFile)
if err != nil {
return nil, fmt.Errorf("failed to get root CA certificates: %s", err)
}
if ok := certPool.AppendCertsFromPEM(cert); !ok {
return nil, fmt.Errorf("supplied CA file could not be parsed")
}
}
transportConfig.TLSClientConfig = &tls.Config{
InsecureSkipVerify: auth.InsecureSkipVerify,
RootCAs: certPool,
}
}
return newAuthRoundTripper(auth, transportConfig), nil
}