forked from cloudflare/cloudflare-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
access_ca_certificate.go
166 lines (138 loc) · 5.94 KB
/
access_ca_certificate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
package cloudflare
import (
"context"
"encoding/json"
"fmt"
"net/http"
"github.com/pkg/errors"
)
// AccessCACertificate is the structure of the CA certificate used for
// short lived certificates.
type AccessCACertificate struct {
ID string `json:"id"`
Aud string `json:"aud"`
PublicKey string `json:"public_key"`
}
// AccessCACertificateListResponse represents the response of all CA
// certificates within Access.
type AccessCACertificateListResponse struct {
Response
Result []AccessCACertificate `json:"result"`
}
// AccessCACertificateResponse represents the response of a single CA
// certificate.
type AccessCACertificateResponse struct {
Response
Result AccessCACertificate `json:"result"`
}
// AccessCACertificates returns all CA certificates within Access.
//
// API reference: https://api.cloudflare.com/#access-short-lived-certificates-list-short-lived-certificates
func (api *API) AccessCACertificates(ctx context.Context, accountID string) ([]AccessCACertificate, error) {
return api.accessCACertificates(ctx, accountID, AccountRouteRoot)
}
// ZoneLevelAccessCACertificates returns all zone level CA certificates within Access.
//
// API reference: https://api.cloudflare.com/#zone-level-access-short-lived-certificates-list-short-lived-certificates
func (api *API) ZoneLevelAccessCACertificates(ctx context.Context, zoneID string) ([]AccessCACertificate, error) {
return api.accessCACertificates(ctx, zoneID, ZoneRouteRoot)
}
func (api *API) accessCACertificates(ctx context.Context, id string, routeRoot RouteRoot) ([]AccessCACertificate, error) {
uri := fmt.Sprintf("/%s/%s/access/apps/ca", routeRoot, id)
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return []AccessCACertificate{}, err
}
var accessCAListResponse AccessCACertificateListResponse
err = json.Unmarshal(res, &accessCAListResponse)
if err != nil {
return []AccessCACertificate{}, errors.Wrap(err, errUnmarshalError)
}
return accessCAListResponse.Result, nil
}
// AccessCACertificate returns a single CA certificate associated with an Access
// Application.
//
// API reference: https://api.cloudflare.com/#access-short-lived-certificates-short-lived-certificate-details
func (api *API) AccessCACertificate(ctx context.Context, accountID, applicationID string) (AccessCACertificate, error) {
return api.accessCACertificate(ctx, accountID, applicationID, AccountRouteRoot)
}
// ZoneLevelAccessCACertificate returns a single zone level CA certificate associated with an Access
// Application.
//
// API reference: https://api.cloudflare.com/#zone-level-access-short-lived-certificates-short-lived-certificate-details
func (api *API) ZoneLevelAccessCACertificate(ctx context.Context, zoneID, applicationID string) (AccessCACertificate, error) {
return api.accessCACertificate(ctx, zoneID, applicationID, ZoneRouteRoot)
}
func (api *API) accessCACertificate(ctx context.Context, id, applicationID string, routeRoot RouteRoot) (AccessCACertificate, error) {
uri := fmt.Sprintf("/%s/%s/access/apps/%s/ca", routeRoot, id, applicationID)
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return AccessCACertificate{}, err
}
var accessCAResponse AccessCACertificateResponse
err = json.Unmarshal(res, &accessCAResponse)
if err != nil {
return AccessCACertificate{}, errors.Wrap(err, errUnmarshalError)
}
return accessCAResponse.Result, nil
}
// CreateAccessCACertificate creates a new CA certificate for an Access
// Application.
//
// API reference: https://api.cloudflare.com/#access-short-lived-certificates-create-short-lived-certificate
func (api *API) CreateAccessCACertificate(ctx context.Context, accountID, applicationID string) (AccessCACertificate, error) {
return api.createAccessCACertificate(ctx, accountID, applicationID, AccountRouteRoot)
}
// CreateZoneLevelAccessCACertificate creates a new zone level CA certificate for an Access
// Application.
//
// API reference: https://api.cloudflare.com/#zone-level-access-short-lived-certificates-create-short-lived-certificate
func (api *API) CreateZoneLevelAccessCACertificate(ctx context.Context, zoneID string, applicationID string) (AccessCACertificate, error) {
return api.createAccessCACertificate(ctx, zoneID, applicationID, ZoneRouteRoot)
}
func (api *API) createAccessCACertificate(ctx context.Context, id string, applicationID string, routeRoot RouteRoot) (AccessCACertificate, error) {
uri := fmt.Sprintf(
"/%s/%s/access/apps/%s/ca",
routeRoot,
id,
applicationID,
)
res, err := api.makeRequestContext(ctx, http.MethodPost, uri, nil)
if err != nil {
return AccessCACertificate{}, err
}
var accessCACertificate AccessCACertificateResponse
err = json.Unmarshal(res, &accessCACertificate)
if err != nil {
return AccessCACertificate{}, errors.Wrap(err, errUnmarshalError)
}
return accessCACertificate.Result, nil
}
// DeleteAccessCACertificate deletes an Access CA certificate on a defined
// Access Application.
//
// API reference: https://api.cloudflare.com/#access-short-lived-certificates-delete-access-certificate
func (api *API) DeleteAccessCACertificate(ctx context.Context, accountID, applicationID string) error {
return api.deleteAccessCACertificate(ctx, accountID, applicationID, AccountRouteRoot)
}
// DeleteZoneLevelAccessCACertificate deletes a zone level Access CA certificate on a defined
// Access Application.
//
// API reference: https://api.cloudflare.com/#zone-level-access-short-lived-certificates-delete-access-certificate
func (api *API) DeleteZoneLevelAccessCACertificate(ctx context.Context, zoneID, applicationID string) error {
return api.deleteAccessCACertificate(ctx, zoneID, applicationID, ZoneRouteRoot)
}
func (api *API) deleteAccessCACertificate(ctx context.Context, id string, applicationID string, routeRoot RouteRoot) error {
uri := fmt.Sprintf(
"/%s/%s/access/apps/%s/ca",
routeRoot,
id,
applicationID,
)
_, err := api.makeRequestContext(ctx, http.MethodDelete, uri, nil)
if err != nil {
return err
}
return nil
}