Address comments

Signed-off-by: nyagamunene <[email protected]>
absmach · Oct 9, 2024 · f21f285 · f21f285
1 parent 4156d79
commit f21f285
Show file tree

Hide file tree

Showing 9 changed files with 173 additions and 108 deletions.
diff --git a/api/http/endpoint.go b/api/http/endpoint.go
@@ -246,7 +246,7 @@ func generateCRLEndpoint(svc certs.Service) endpoint.Endpoint {
 
 func getDownloadCATokenEndpoint(svc certs.Service) endpoint.Endpoint {
 	return func(ctx context.Context, request interface{}) (response interface{}, err error) {
-		token, err := svc.RetrieveCertDownloadToken(ctx)
+		token, err := svc.RetrieveCAToken(ctx)
 		if err != nil {
 			return requestCertDownloadTokenRes{}, err
 		}

diff --git a/api/logging.go b/api/logging.go
@@ -61,7 +61,7 @@ func (lm *loggingMiddleware) RevokeCert(ctx context.Context, serialNumber string
 	return lm.svc.RevokeCert(ctx, serialNumber)
 }
 
-func (lm *loggingMiddleware) RetrieveCertDownloadToken(ctx context.Context, serialNumber ...string) (tokenString string, err error) {
+func (lm *loggingMiddleware) RetrieveCertDownloadToken(ctx context.Context, serialNumber string) (tokenString string, err error) {
 	defer func(begin time.Time) {
 		message := fmt.Sprintf("Method get_cert_download_token for cert took %s to complete", time.Since(begin))
 		if err != nil {
@@ -70,7 +70,19 @@ func (lm *loggingMiddleware) RetrieveCertDownloadToken(ctx context.Context, seri
 		}
 		lm.logger.Info(message)
 	}(time.Now())
-	return lm.svc.RetrieveCertDownloadToken(ctx, serialNumber...)
+	return lm.svc.RetrieveCertDownloadToken(ctx, serialNumber)
+}
+
+func (lm *loggingMiddleware) RetrieveCAToken(ctx context.Context) (tokenString string, err error) {
+	defer func(begin time.Time) {
+		message := fmt.Sprintf("Method get_cert_download_token for cert took %s to complete", time.Since(begin))
+		if err != nil {
+			lm.logger.Warn(fmt.Sprintf("%s with error: %s.", message, err))
+			return
+		}
+		lm.logger.Info(message)
+	}(time.Now())
+	return lm.svc.RetrieveCAToken(ctx)
 }
 
 func (lm *loggingMiddleware) IssueCert(ctx context.Context, entityID, ttl string, ipAddrs []string, options certs.SubjectOptions) (cert certs.Certificate, err error) {
@@ -97,7 +109,7 @@ func (lm *loggingMiddleware) ListCerts(ctx context.Context, pm certs.PageMetadat
 	return lm.svc.ListCerts(ctx, pm)
 }
 
-func (lm *loggingMiddleware) ViewCert(ctx context.Context, serialNumber ...string) (cert certs.Certificate, err error) {
+func (lm *loggingMiddleware) ViewCert(ctx context.Context, serialNumber string) (cert certs.Certificate, err error) {
 	defer func(begin time.Time) {
 		message := fmt.Sprintf("Method view_cert for serial number %s took %s to complete", serialNumber, time.Since(begin))
 		if err != nil {
@@ -106,7 +118,7 @@ func (lm *loggingMiddleware) ViewCert(ctx context.Context, serialNumber ...strin
 		}
 		lm.logger.Info(message)
 	}(time.Now())
-	return lm.svc.ViewCert(ctx, serialNumber...)
+	return lm.svc.ViewCert(ctx, serialNumber)
 }
 
 func (lm *loggingMiddleware) OCSP(ctx context.Context, serialNumber string) (cert *certs.Certificate, ocspStatus int, rootCACert *x509.Certificate, err error) {

diff --git a/api/metrics.go b/api/metrics.go
@@ -53,13 +53,22 @@ func (mm *metricsMiddleware) RevokeCert(ctx context.Context, serialNumber string
 	return mm.svc.RevokeCert(ctx, serialNumber)
 }
 
-func (mm *metricsMiddleware) RetrieveCertDownloadToken(ctx context.Context, serialNumber ...string) (string, error) {
+func (mm *metricsMiddleware) RetrieveCertDownloadToken(ctx context.Context, serialNumber string) (string, error) {
 	defer func(begin time.Time) {
 		mm.counter.With("method", "get_certificate_download_token").Add(1)
 		mm.latency.With("method", "get_certificate_download_token").Observe(time.Since(begin).Seconds())
 	}(time.Now())
 
-	return mm.svc.RetrieveCertDownloadToken(ctx, serialNumber...)
+	return mm.svc.RetrieveCertDownloadToken(ctx, serialNumber)
+}
+
+func (mm *metricsMiddleware) RetrieveCAToken(ctx context.Context) (string, error) {
+	defer func(begin time.Time) {
+		mm.counter.With("method", "get_CA_token").Add(1)
+		mm.latency.With("method", "get_CA_token").Observe(time.Since(begin).Seconds())
+	}(time.Now())
+
+	return mm.svc.RetrieveCAToken(ctx)
 }
 
 func (mm *metricsMiddleware) IssueCert(ctx context.Context, entityID, ttl string, ipAddrs []string, options certs.SubjectOptions) (certs.Certificate, error) {
@@ -78,13 +87,13 @@ func (mm *metricsMiddleware) ListCerts(ctx context.Context, pm certs.PageMetadat
 	return mm.svc.ListCerts(ctx, pm)
 }
 
-func (mm *metricsMiddleware) ViewCert(ctx context.Context, serialNumber ...string) (certs.Certificate, error) {
+func (mm *metricsMiddleware) ViewCert(ctx context.Context, serialNumber string) (certs.Certificate, error) {
 	defer func(begin time.Time) {
 		mm.counter.With("method", "view_certificate").Add(1)
 		mm.latency.With("method", "view_certificate").Observe(time.Since(begin).Seconds())
 	}(time.Now())
 
-	return mm.svc.ViewCert(ctx, serialNumber...)
+	return mm.svc.ViewCert(ctx, serialNumber)
 }
 
 func (mm *metricsMiddleware) OCSP(ctx context.Context, serialNumber string) (*certs.Certificate, int, *x509.Certificate, error) {

diff --git a/certs.go b/certs.go
@@ -43,13 +43,18 @@ type Service interface {
 	RetrieveCert(ctx context.Context, token, serialNumber string) (Certificate, []byte, error)
 
 	// ViewCert retrieves a certificate record from the database.
-	ViewCert(ctx context.Context, serialNumber ...string) (Certificate, error)
+	ViewCert(ctx context.Context, serialNumber string) (Certificate, error)
 
 	// ListCerts retrieves the certificates from the database while applying filters.
 	ListCerts(ctx context.Context, pm PageMetadata) (CertificatePage, error)
 
-	// RetrieveCertDownloadToken retrieves a certificate download token.
-	RetrieveCertDownloadToken(ctx context.Context, serialNumber ...string) (string, error)
+	// RetrieveCertDownloadToken generates a certificate download token.
+	// The token is needed to download the client certificate.
+	RetrieveCertDownloadToken(ctx context.Context, serialNumber string) (string, error)
+
+	// RetrieveCAToken generates a CA download and view token.
+	// The token is needed to view and download the CA certificate.
+	RetrieveCAToken(ctx context.Context) (string, error)
 
 	// IssueCert issues a certificate from the database.
 	IssueCert(ctx context.Context, entityID, ttl string, ipAddrs []string, option SubjectOptions) (Certificate, error)

diff --git a/mocks/service.go b/mocks/service.go
diff --git a/sdk/certs_test.go b/sdk/certs_test.go
@@ -570,6 +570,8 @@ func TestDownloadCACert(t *testing.T) {
 			token: token,
 			svcresp: certs.Certificate{
 				SerialNumber: serialNum,
+				Certificate:  []byte("cert"),
+				Key:          []byte("key"),
 			},
 			sdkCert: cert,
 			svcerr:  nil,

diff --git a/sdk/sdk.go b/sdk/sdk.go
@@ -366,7 +366,7 @@ func (sdk mgSDK) DownloadCA(token string) (CertificateBundle, errors.SDKError) {
 		}
 		switch file.Name {
 		case "ca.crt":
-			bundle.CA = fileContent
+			bundle.Certificate = fileContent
 		case "ca.key":
 			bundle.PrivateKey = fileContent
 		}