httputil: move signed client creation

Signed-off-by: Hank Donnay <hdonnay@redhat.com>
quay · Nov 3, 2021 · 9ca1e8b · 9ca1e8b
1 parent 1f4ed84
commit 9ca1e8b
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 10 deletions.
diff --git a/cmd/clairctl/export.go b/cmd/clairctl/export.go
@@ -74,7 +74,7 @@ func exportAction(c *cli.Context) error {
 	}
 
 	tr := http.DefaultTransport.(*http.Transport).Clone()
-	cl, _, err := cfg.Client(httputil.RateLimiter(tr), &commonClaim)
+	cl, _, err := httputil.Client(httputil.RateLimiter(tr), &commonClaim, cfg)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/clairctl/import.go b/cmd/clairctl/import.go
@@ -12,6 +12,8 @@ import (
 	"github.com/jackc/pgx/v4/pgxpool"
 	"github.com/quay/claircore/libvuln"
 	"github.com/urfave/cli/v2"
+
+	"github.com/quay/clair/v4/internal/httputil"
 )
 
 // ImportCmd is the "import-updaters" subcommand.
@@ -35,7 +37,7 @@ func importAction(c *cli.Context) error {
 		return err
 	}
 
-	cl, _, err := cfg.Client(nil, &commonClaim)
+	cl, _, err := httputil.Client(nil, &commonClaim, cfg)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/clairctl/report.go b/cmd/clairctl/report.go
@@ -17,6 +17,7 @@ import (
 	"golang.org/x/sync/errgroup"
 
 	"github.com/quay/clair/v4/internal/codec"
+	"github.com/quay/clair/v4/internal/httputil"
 )
 
 // ReportCmd is the "report" subcommand.
@@ -121,7 +122,7 @@ func reportAction(c *cli.Context) error {
 		if e != nil {
 			return e
 		}
-		hc, _, e := cfg.Client(nil, &commonClaim)
+		hc, _, e := httputil.Client(nil, &commonClaim, cfg)
 		if e != nil {
 			return e
 		}

diff --git a/httptransport/auth_test.go b/httptransport/auth_test.go
@@ -12,10 +12,11 @@ import (
 	"net/http/httptest"
 	"testing"
 
+	"github.com/quay/zlog"
 	"gopkg.in/square/go-jose.v2/jwt"
 
 	"github.com/quay/clair/v4/config"
-	"github.com/quay/zlog"
+	"github.com/quay/clair/v4/internal/httputil"
 )
 
 type authTestcase struct {
@@ -71,11 +72,14 @@ func (tc *authTestcase) Run(ctx context.Context) func(*testing.T) {
 		}
 
 		// Create a client that has auth according to the config.
-		c, authed, err := tc.Config.Client(nil, tc.Claims)
+		c, authed, err := httputil.Client(nil, tc.Claims, &tc.Config)
 		if err != nil {
 			t.Error(err)
 		}
 		t.Logf("authed: %v", authed)
+		if c == nil {
+			t.FailNow()
+		}
 
 		// Make the request.
 		res, err := c.Get(srv.URL)

diff --git a/initialize/services.go b/initialize/services.go
@@ -164,7 +164,7 @@ func localIndexer(ctx context.Context, cfg *config.Config) (indexer.Service, err
 	// Use an empty claim because this shouldn't be talking to something that
 	// needs preconfigured authz. Callers should be providing credentials to the
 	// indexing process in the submitted manifest.
-	c, _, err := cfg.Client(tr, nil)
+	c, _, err := httputil.Client(tr, nil, cfg)
 	if err != nil {
 		return nil, mkErr(err)
 	}
@@ -190,7 +190,7 @@ func remoteIndexer(ctx context.Context, cfg *config.Config, addr string) (indexe
 
 func remoteClient(ctx context.Context, cfg *config.Config, claim jwt.Claims, addr string) (*client.HTTP, error) {
 	tr := http.DefaultTransport.(*http.Transport).Clone()
-	c, auth, err := cfg.Client(tr, &claim)
+	c, auth, err := httputil.Client(tr, &claim, cfg)
 	switch {
 	case err != nil:
 		return nil, err
@@ -287,7 +287,7 @@ func localNotifier(ctx context.Context, cfg *config.Config, i indexer.Service, m
 	}
 
 	tr := http.DefaultTransport.(*http.Transport).Clone()
-	c, _, err := cfg.Client(tr, &notifierClaim)
+	c, _, err := httputil.Client(tr, &notifierClaim, cfg)
 	if err != nil {
 		return nil, mkErr(err)
 	}

diff --git a/config/httpclient.go → internal/httputil/client.go b/config/httpclient.go → internal/httputil/client.go
@@ -1,4 +1,4 @@
-package config
+package httputil
 
 import (
 	"net/http"
@@ -8,6 +8,8 @@ import (
 	"golang.org/x/net/publicsuffix"
 	"gopkg.in/square/go-jose.v2"
 	"gopkg.in/square/go-jose.v2/jwt"
+
+	"github.com/quay/clair/v4/config"
 )
 
 // Client returns an http.Client configured according to the supplied
@@ -17,7 +19,7 @@ import (
 //
 // It returns an *http.Client and a boolean indicating whether the client is
 // configured for authentication, or an error that occurred during construction.
-func (cfg *Config) Client(next http.RoundTripper, cl *jwt.Claims) (c *http.Client, authed bool, err error) {
+func Client(next http.RoundTripper, cl *jwt.Claims, cfg *config.Config) (c *http.Client, authed bool, err error) {
 	if next == nil {
 		next = http.DefaultTransport.(*http.Transport).Clone()
 	}