Merge pull request 'Permettre d'exposer le serveur API par https' (#54) from vlbeaudoin/feature/tls-api into main

Reviewed-on: #54
This commit is contained in:
Victor Lacasse-Beaudoin 2024-09-03 13:29:11 -05:00
commit 6579ea45f9
3 changed files with 70 additions and 2 deletions

View file

@ -22,7 +22,15 @@ func TestAPI(t *testing.T) {
httpClient := http.DefaultClient
defer httpClient.CloseIdleConnections()
vokiClient := voki.New(httpClient, "localhost", cfg.API.Key, cfg.API.Port, "http")
var protocol string
switch cfg.API.TLS.Enabled {
case true:
protocol = "https"
case false:
protocol = "http"
}
vokiClient := voki.New(httpClient, "localhost", cfg.API.Key, cfg.API.Port, protocol)
apiClient := APIClient{vokiClient}
t.Run("get API health", func(t *testing.T) {

17
cmd.go
View file

@ -114,7 +114,22 @@ var apiCmd = &cobra.Command{
*/
// Execution
e.Logger.Fatal(e.Start(fmt.Sprintf(":%d", cfg.API.Port)))
switch cfg.API.TLS.Enabled {
case false:
e.Logger.Fatal(
e.Start(
fmt.Sprintf(":%d", cfg.API.Port),
),
)
case true:
e.Logger.Fatal(
e.StartTLS(
fmt.Sprintf(":%d", cfg.API.Port),
cfg.API.TLS.CertificateFile,
cfg.API.TLS.PrivateKeyFile,
),
)
}
},
}

View file

@ -11,6 +11,21 @@ import (
)
const (
ViperAPITLSEnabled string = "api.tls.enabled"
FlagAPITLSEnabled string = "api-tls-enabled"
DefaultAPITLSEnabled bool = false
DescriptionAPITLSEnabled string = "Whether to use TLS or not. Requires certificate and private key files."
ViperAPITLSCertificateFile string = "api.tls.certificate_file"
FlagAPITLSCertificateFile string = "api-tls-certificate-file"
DefaultAPITLSCertificateFile string = ""
DescriptionAPITLSCertificateFile string = "Path to TLS certificate file"
ViperAPITLSPrivateKeyFile string = "api.tls.private_key_file"
FlagAPITLSPrivateKeyFile string = "api-tls-private-key-file"
DefaultAPITLSPrivateKeyFile string = ""
DescriptionAPITLSPrivateKeyFile string = "Path to TLS private key file"
ViperAPIPort string = "api.port"
FlagAPIPort string = "api-port"
DefaultAPIPort int = 1312
@ -89,6 +104,15 @@ const (
type Config struct {
API struct {
TLS struct {
Enabled bool `yaml:"enabled"`
// Path to file containing TLS certificate
CertificateFile string `yaml:"certificate_file"`
// Path to file containing TLS private key
PrivateKeyFile string `yaml:"private_key_file"`
}
Port int `yaml:"port"`
Key string `yaml:"key"`
} `yaml:"api"`
@ -116,6 +140,9 @@ type Config struct {
// DefaultConfig returns a Config filled with the default values from the
// `Default*` constants defined in this file.
func DefaultConfig() (cfg Config) {
cfg.API.TLS.Enabled = DefaultAPITLSEnabled
cfg.API.TLS.CertificateFile = DefaultAPITLSCertificateFile
cfg.API.TLS.PrivateKeyFile = DefaultAPITLSPrivateKeyFile
cfg.API.Port = DefaultAPIPort
cfg.API.Key = DefaultAPIKey
cfg.DB.Database = DefaultDBDatabase
@ -145,6 +172,24 @@ func init() {
rootCmd.AddCommand(apiCmd)
// api.tls.enabled
apiCmd.Flags().Bool(FlagAPITLSEnabled, DefaultAPITLSEnabled, DescriptionAPITLSEnabled)
if err := viper.BindPFlag(ViperAPITLSEnabled, apiCmd.Flags().Lookup(FlagAPITLSEnabled)); err != nil {
log.Fatal(err)
}
// api.tls.certificate_file
apiCmd.Flags().String(FlagAPITLSCertificateFile, DefaultAPITLSCertificateFile, DescriptionAPITLSCertificateFile)
if err := viper.BindPFlag(ViperAPITLSCertificateFile, apiCmd.Flags().Lookup(FlagAPITLSCertificateFile)); err != nil {
log.Fatal(err)
}
// api.tls.private_key_file
apiCmd.Flags().String(FlagAPITLSPrivateKeyFile, DefaultAPITLSPrivateKeyFile, DescriptionAPITLSPrivateKeyFile)
if err := viper.BindPFlag(ViperAPITLSPrivateKeyFile, apiCmd.Flags().Lookup(FlagAPITLSPrivateKeyFile)); err != nil {
log.Fatal(err)
}
// api.key
apiCmd.Flags().String(FlagAPIKey, DefaultAPIKey, DescriptionAPIKey)
if err := viper.BindPFlag(ViperAPIKey, apiCmd.Flags().Lookup(FlagAPIKey)); err != nil {