Added api service to fetch root CA cert

[#136536911] Signed-off-by: Kalai Wei <[email protected]>
pivotal-cf · Dec 28, 2016 · 8bc1766 · 8bc1766
1 parent 7836407
commit 8bc1766
Show file tree

Hide file tree

Showing 2 changed files with 126 additions and 0 deletions.
diff --git a/api/security_service.go b/api/security_service.go
@@ -0,0 +1,55 @@
+package api
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httputil"
+)
+
+type SecurityService struct {
+	client httpClient
+}
+
+type certResponse struct {
+	Cert string `json:"root_ca_certificate_pem"`
+}
+
+func NewSecurityService(client httpClient) SecurityService {
+	return SecurityService{client: client}
+}
+
+func (s SecurityService) FetchRootCACert() (string, error) {
+	request, err := http.NewRequest("GET", "/api/v0/security/root_ca_certificate", nil)
+	if err != nil {
+		return "", fmt.Errorf("failed constructing request: %s", err)
+	}
+
+	response, err := s.client.Do(request)
+	if err != nil {
+		return "", fmt.Errorf("failed to submit request: %s", err)
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		out, err := httputil.DumpResponse(response, true)
+		if err != nil {
+			return "", fmt.Errorf("request failed: unexpected response: %s", err)
+		}
+		return "", fmt.Errorf("could not make api request: unexpected response.\n%s", out)
+	}
+
+	output, err := ioutil.ReadAll(response.Body)
+	if err != nil {
+		return "", err
+	}
+
+	var certResponse certResponse
+	err = json.Unmarshal(output, &certResponse)
+	if err != nil {
+		return "", fmt.Errorf("failed to unmarshal response: %s", err)
+	}
+
+	return certResponse.Cert, nil
+}
diff --git a/api/security_service_test.go b/api/security_service_test.go
@@ -0,0 +1,71 @@
+package api_test
+
+import (
+	"errors"
+	"io/ioutil"
+	"net/http"
+	"strings"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+	"github.com/pivotal-cf/om/api"
+	"github.com/pivotal-cf/om/api/fakes"
+)
+
+var _ = Describe("SecurityService", func() {
+	Describe("Fetch Root CA Cert", func() {
+		var (
+			client  *fakes.HttpClient
+			service api.SecurityService
+		)
+
+		BeforeEach(func() {
+			client = &fakes.HttpClient{}
+			service = api.NewSecurityService(client)
+		})
+
+		It("gets the root CA cert", func() {
+			client.DoReturns(&http.Response{
+				StatusCode: http.StatusOK,
+				Body:       ioutil.NopCloser(strings.NewReader(`{"root_ca_certificate_pem": "some-response-cert"}`)),
+			}, nil)
+
+			output, err := service.FetchRootCACert()
+			Expect(err).NotTo(HaveOccurred())
+
+			request := client.DoArgsForCall(0)
+			Expect(request.Method).To(Equal("GET"))
+			Expect(request.URL.Path).To(Equal("/api/v0/security/root_ca_certificate"))
+			Expect(output).To(Equal("some-response-cert"))
+		})
+
+		Context("error cases", func() {
+			It("returns error if request fails to submit", func() {
+				client.DoReturns(&http.Response{}, errors.New("some-error"))
+
+				_, err := service.FetchRootCACert()
+				Expect(err).To(MatchError("failed to submit request: some-error"))
+			})
+
+			It("returns error when response contains non-200 status code", func() {
+				client.DoReturns(&http.Response{
+					StatusCode: http.StatusTeapot,
+					Body:       ioutil.NopCloser(strings.NewReader(`{}`)),
+				}, nil)
+
+				_, err := service.FetchRootCACert()
+				Expect(err).To(MatchError(ContainSubstring("could not make api request: unexpected response")))
+			})
+
+			It("returns error if response fails to unmarshal", func() {
+				client.DoReturns(&http.Response{
+					StatusCode: http.StatusOK,
+					Body:       ioutil.NopCloser(strings.NewReader(`%%%`)),
+				}, nil)
+
+				_, err := service.FetchRootCACert()
+				Expect(err).To(MatchError(ContainSubstring("failed to unmarshal response: invalid character")))
+			})
+		})
+	})
+})