added ability to skip ssl verification (#103)

* added ability to skip ssl verification * added back accidental delete * updated test with ssl verify args --------- Co-authored-by: sigmahour <localhost>
simulot · Dec 19, 2023 · 9c8b372 · 9c8b372
1 parent 1de980a
commit 9c8b372
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 5 deletions.
diff --git a/cmdupload/e2e_upload_folder_test.go b/cmdupload/e2e_upload_folder_test.go
@@ -114,7 +114,7 @@ func TestE2eUpload(t *testing.T) {
 	}
 
 	logger := logger.NoLogger{}
-	ic, err := immich.NewImmichClient(host, key)
+	ic, err := immich.NewImmichClient(host, key, false)
 
 	if err != nil {
 		t.Error(err)

diff --git a/immich/call_test.go b/immich/call_test.go
@@ -68,7 +68,7 @@ func TestCall(t *testing.T) {
 			server := httptest.NewServer(&tst.server)
 			defer server.Close()
 			ctx := context.Background()
-			ic, err := NewImmichClient(server.URL, "1234")
+			ic, err := NewImmichClient(server.URL, "1234", false)
 			if err != nil {
 				t.Fail()
 				return

diff --git a/immich/client.go b/immich/client.go
@@ -2,6 +2,7 @@ package immich
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net/http"
 	"os"
@@ -40,21 +41,28 @@ func (ic *ImmichClient) EnableAppTrace(state bool) *ImmichClient {
 }
 
 // Create a new ImmichClient
-func NewImmichClient(endPoint string, key string) (*ImmichClient, error) {
+func NewImmichClient(endPoint string, key string, sslVerify bool) (*ImmichClient, error) {
 	var err error
 	deviceUUID, err := os.Hostname()
 	if err != nil {
 		return nil, err
 	}
 
+	// Create a custom HTTP client with SSL verification disabled
+	transportOptions := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: !sslVerify},
+	}
+	tlsClient := &http.Client{Transport: transportOptions}
+
 	ic := ImmichClient{
 		endPoint:     endPoint + "/api",
 		key:          key,
-		client:       &http.Client{},
+		client:       tlsClient,
 		DeviceUUID:   deviceUUID,
 		Retries:      1,
 		RetriesDelay: time.Second * 1,
 	}
+
 	return &ic, nil
 }
 

diff --git a/main.go b/main.go
@@ -67,6 +67,7 @@ type Application struct {
 	LogLevel    string // Idicate the log level
 	Debug       bool   // Enable the debug mode
 	TimeZone    string // Override default TZ
+	SkipSSL     bool   // Skip SSL Verification
 
 	Immich  *immich.ImmichClient // Immich client
 	Logger  *logger.Log          // Program's logger
@@ -93,6 +94,7 @@ func Run(ctx context.Context, log *logger.Log) (*logger.Log, error) {
 	flag.BoolVar(&app.ApiTrace, "api-trace", false, "enable api call traces")
 	flag.BoolVar(&app.Debug, "debug", false, "enable debug messages")
 	flag.StringVar(&app.TimeZone, "time-zone", "", "Override the system time zone")
+	flag.BoolVar(&app.SkipSSL, "skip-verify-ssl", false, "Skip SSL verification")
 	flag.Parse()
 
 	app.Server = strings.TrimSuffix(app.Server, "/")
@@ -140,7 +142,7 @@ func Run(ctx context.Context, log *logger.Log) (*logger.Log, error) {
 		return app.Logger, err
 	}
 
-	app.Immich, err = immich.NewImmichClient(app.Server, app.Key)
+	app.Immich, err = immich.NewImmichClient(app.Server, app.Key, app.SkipSSL)
 	if err != nil {
 		return app.Logger, err
 	}

diff --git a/readme.md b/readme.md
@@ -42,6 +42,7 @@ immich-go -server URL -key KEY -general_options COMMAND -command_options... {fil
 
 `-server URL` URL of the Immich service, example http://<your-ip>:2283 or https://your-domain<br>
 `-api URL` URL of the Immich api endpoint (http://container_ip:3301)<br>
+`-skip-verify-ssl <bool>` Skip SSL verification for use with self-signed certificates (default: false)
 
 `-key KEY` A key generated by the user. Uploaded photos will belong to the key's owner.<br>
 `-no-colors-log` Remove color codes from logs.<br>