2022-05-03 14:50:40 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
|
|
import (
|
2022-05-10 09:34:53 +00:00
|
|
|
"crypto/ecdsa"
|
2022-05-03 14:50:40 +00:00
|
|
|
"crypto/tls"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Client struct {
|
|
|
|
|
*http.Client
|
|
|
|
|
|
|
|
|
|
baseAddress *url.URL
|
2022-05-10 09:34:53 +00:00
|
|
|
certPEM []byte
|
|
|
|
|
privateKey *ecdsa.PrivateKey
|
2022-05-03 14:50:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewClient(c *ConnectionParams) (*Client, error) {
|
|
|
|
|
u, certPem, err := c.Generate()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rootCAs, err := x509.SystemCertPool()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ok := rootCAs.AppendCertsFromPEM(certPem); !ok {
|
|
|
|
|
return nil, fmt.Errorf("failed to append certPem to rootCAs")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tr := &http.Transport{
|
|
|
|
|
TLSClientConfig: &tls.Config{
|
|
|
|
|
MinVersion: tls.VersionTLS12,
|
|
|
|
|
InsecureSkipVerify: false, // MUST BE FALSE
|
|
|
|
|
RootCAs: rootCAs,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &Client{
|
|
|
|
|
Client: &http.Client{Transport: tr},
|
|
|
|
|
baseAddress: u,
|
|
|
|
|
certPEM: certPem,
|
2022-05-10 09:34:53 +00:00
|
|
|
privateKey: c.privateKey,
|
2022-05-03 14:50:40 +00:00
|
|
|
}, nil
|
|
|
|
|
}
|
