-
Notifications
You must be signed in to change notification settings - Fork 604
/
access_ca_certificate.go
153 lines (127 loc) · 4.97 KB
/
access_ca_certificate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
package cloudflare
import (
"context"
"fmt"
"net/http"
"github.com/goccy/go-json"
)
// AccessCACertificate is the structure of the CA certificate used for
// short-lived certificates.
type AccessCACertificate struct {
ID string `json:"id"`
Aud string `json:"aud"`
PublicKey string `json:"public_key"`
}
// AccessCACertificateListResponse represents the response of all CA
// certificates within Access.
type AccessCACertificateListResponse struct {
Response
Result []AccessCACertificate `json:"result"`
ResultInfo
}
// AccessCACertificateResponse represents the response of a single CA
// certificate.
type AccessCACertificateResponse struct {
Response
Result AccessCACertificate `json:"result"`
}
type ListAccessCACertificatesParams struct {
ResultInfo
}
type CreateAccessCACertificateParams struct {
ApplicationID string
}
// ListAccessCACertificates returns all AccessCACertificate within Access.
//
// Account API reference: https://developers.cloudflare.com/api/operations/access-short-lived-certificate-c-as-list-short-lived-certificate-c-as
// Zone API reference: https://developers.cloudflare.com/api/operations/zone-level-access-short-lived-certificate-c-as-list-short-lived-certificate-c-as
func (api *API) ListAccessCACertificates(ctx context.Context, rc *ResourceContainer, params ListAccessCACertificatesParams) ([]AccessCACertificate, *ResultInfo, error) {
baseURL := fmt.Sprintf("/%s/%s/access/apps/ca", rc.Level, rc.Identifier)
autoPaginate := true
if params.PerPage >= 1 || params.Page >= 1 {
autoPaginate = false
}
if params.PerPage < 1 {
params.PerPage = 25
}
if params.Page < 1 {
params.Page = 1
}
var accessCACertificates []AccessCACertificate
var r AccessCACertificateListResponse
for {
uri := buildURI(baseURL, params)
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return []AccessCACertificate{}, &ResultInfo{}, fmt.Errorf("%s: %w", errMakeRequestError, err)
}
err = json.Unmarshal(res, &r)
if err != nil {
return []AccessCACertificate{}, &ResultInfo{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
}
accessCACertificates = append(accessCACertificates, r.Result...)
params.ResultInfo = r.ResultInfo.Next()
if params.ResultInfo.Done() || !autoPaginate {
break
}
}
return accessCACertificates, &r.ResultInfo, nil
}
// GetAccessCACertificate returns a single CA certificate associated within
// Access.
//
// Account API reference: https://developers.cloudflare.com/api/operations/access-short-lived-certificate-c-as-get-a-short-lived-certificate-ca
// Zone API reference: https://developers.cloudflare.com/api/operations/zone-level-access-short-lived-certificate-c-as-get-a-short-lived-certificate-ca
func (api *API) GetAccessCACertificate(ctx context.Context, rc *ResourceContainer, applicationID string) (AccessCACertificate, error) {
uri := fmt.Sprintf("/%s/%s/access/apps/%s/ca", rc.Level, rc.Identifier, applicationID)
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return AccessCACertificate{}, err
}
var accessCAResponse AccessCACertificateResponse
err = json.Unmarshal(res, &accessCAResponse)
if err != nil {
return AccessCACertificate{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
}
return accessCAResponse.Result, nil
}
// CreateAccessCACertificate creates a new CA certificate for an AccessApplication.
//
// Account API reference: https://developers.cloudflare.com/api/operations/access-short-lived-certificate-c-as-create-a-short-lived-certificate-ca
// Zone API reference: https://developers.cloudflare.com/api/operations/zone-level-access-short-lived-certificate-c-as-create-a-short-lived-certificate-ca
func (api *API) CreateAccessCACertificate(ctx context.Context, rc *ResourceContainer, params CreateAccessCACertificateParams) (AccessCACertificate, error) {
uri := fmt.Sprintf(
"/%s/%s/access/apps/%s/ca",
rc.Level,
rc.Identifier,
params.ApplicationID,
)
res, err := api.makeRequestContext(ctx, http.MethodPost, uri, nil)
if err != nil {
return AccessCACertificate{}, err
}
var accessCACertificate AccessCACertificateResponse
err = json.Unmarshal(res, &accessCACertificate)
if err != nil {
return AccessCACertificate{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
}
return accessCACertificate.Result, nil
}
// DeleteAccessCACertificate deletes an Access CA certificate on a defined
// AccessApplication.
//
// Account API reference: https://developers.cloudflare.com/api/operations/access-short-lived-certificate-c-as-delete-a-short-lived-certificate-ca
// Zone API reference: https://developers.cloudflare.com/api/operations/zone-level-access-short-lived-certificate-c-as-delete-a-short-lived-certificate-ca
func (api *API) DeleteAccessCACertificate(ctx context.Context, rc *ResourceContainer, applicationID string) error {
uri := fmt.Sprintf(
"/%s/%s/access/apps/%s/ca",
rc.Level,
rc.Identifier,
applicationID,
)
_, err := api.makeRequestContext(ctx, http.MethodDelete, uri, nil)
if err != nil {
return err
}
return nil
}