tokenserver/client/default.go - infra/luci/luci-go - Git at Google

 // Copyright 2016 The LUCI Authors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package client

 import (
 	"net/http"

 	"go.chromium.org/luci/common/retry"
 	"go.chromium.org/luci/grpc/prpc"

 	"go.chromium.org/luci/tokenserver/api/minter/v1"
 )

 // Parameters is passed to New.
 type Parameters struct {
 	// PrivateKeyPath is a path to a file with a private key PEM file.
 	//
 	// Required.
 	PrivateKeyPath string

 	// CertificatePath is a path to a file with a corresponding certificate.
 	//
 	// Required. It must match the private key (this will be verified).
 	CertificatePath string

 	// Backend is a hostname of the token server to talk to.
 	//
 	// Required.
 	Backend string

 	// Insecure is true to use 'http' protocol instead of 'https'.
 	//
 	// Useful on localhost. Default is "secure".
 	Insecure bool

 	// Client is non-authenticating HTTP client to build pRPC transport on top of.
 	//
 	// Default is http.DefaultClient.
 	Client *http.Client

 	// Retry defines how to retry RPC requests on transient errors.
 	//
 	// Use retry.Default for default strategy. Default is "no retries".
 	Retry retry.Factory
 }

 // New returns new Client that uses PEM encoded keys and talks
 // to the server via pRPC.
 func New(params Parameters) (*Client, error) {
 	signer, err := LoadX509Signer(params.PrivateKeyPath, params.CertificatePath)
 	if err != nil {
 		return nil, err
 	}
 	return &Client{
 		Client: minter.NewTokenMinterClient(&prpc.Client{
 			C:    params.Client,
 			Host: params.Backend,
 			Options: &prpc.Options{
 				Retry:    params.Retry,
 				Insecure: params.Insecure,
 			},
 		}),
 		Signer: signer,
 	}, nil
 }
	// Copyright 2016 The LUCI Authors.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package client

	import (
	"net/http"

	"go.chromium.org/luci/common/retry"
	"go.chromium.org/luci/grpc/prpc"

	"go.chromium.org/luci/tokenserver/api/minter/v1"
	)

	// Parameters is passed to New.
	type Parameters struct {
	// PrivateKeyPath is a path to a file with a private key PEM file.
	//
	// Required.
	PrivateKeyPath string

	// CertificatePath is a path to a file with a corresponding certificate.
	//
	// Required. It must match the private key (this will be verified).
	CertificatePath string

	// Backend is a hostname of the token server to talk to.
	//
	// Required.
	Backend string

	// Insecure is true to use 'http' protocol instead of 'https'.
	//
	// Useful on localhost. Default is "secure".
	Insecure bool

	// Client is non-authenticating HTTP client to build pRPC transport on top of.
	//
	// Default is http.DefaultClient.
	Client *http.Client

	// Retry defines how to retry RPC requests on transient errors.
	//
	// Use retry.Default for default strategy. Default is "no retries".
	Retry retry.Factory
	}

	// New returns new Client that uses PEM encoded keys and talks
	// to the server via pRPC.
	func New(params Parameters) (*Client, error) {
	signer, err := LoadX509Signer(params.PrivateKeyPath, params.CertificatePath)
	if err != nil {
	return nil, err
	}
	return &Client{
	Client: minter.NewTokenMinterClient(&prpc.Client{
	C: params.Client,
	Host: params.Backend,
	Options: &prpc.Options{
	Retry: params.Retry,
	Insecure: params.Insecure,
	},
	}),
	Signer: signer,
	}, nil
	}