增加了自定义 CA 证书文件
diff --git a/webservice.go b/webservice.go
index 5e9183a..8dca00a 100644
--- a/webservice.go
+++ b/webservice.go
@@ -17,10 +17,17 @@
"sync"
"time"
+ "crypto/x509"
+
log "github.com/Sirupsen/logrus"
"github.com/franela/goreq"
)
+var (
+ // ErrBadCAPEM 错误的 CA 文件
+ ErrBadCAPEM = errors.New("不正确的PEM文件")
+)
+
// WebSession web session object
type WebSession struct {
// AppId app id
@@ -109,10 +116,7 @@
}
// DoGet send GET request
-func (w *WebSession) DoGet(uri string, params map[string]string) (*http.Response, error) {
- transport := w.httpConnectionPool.Get().(*http.Transport)
- defer w.httpConnectionPool.Put(transport)
- client := &http.Client{Transport: transport, Timeout: time.Duration(3) * time.Second}
+func (w *WebSession) DoGet(uri string, params map[string]string) (*goreq.Response, error) {
fullURL := w.BaseURL + uri
@@ -124,8 +128,7 @@
}
}
fullURL = fullURL + "?" + vl.Encode()
- // fmt.Printf("%v\n", full_url)
- return client.Get(fullURL)
+ return goreq.Request{Uri: fullURL, Method: "GET"}.Do()
}
// GetTimestamp get time stamp format 20160103133455
@@ -161,14 +164,14 @@
TLSClientConfig: &tls.Config{InsecureSkipVerify: b},
TLSHandshakeTimeout: time.Duration(1) * time.Second,
Dial: func(network, addr string) (net.Conn, error) {
- default_timeout := time.Duration(1) * time.Second
- return net.DialTimeout(network, addr, default_timeout)
+ defaultTimeout := time.Duration(1) * time.Second
+ return net.DialTimeout(network, addr, defaultTimeout)
}}
} else if strings.HasPrefix(baseurl, "http://") {
transport = http.Transport{MaxIdleConnsPerHost: 0,
Dial: func(network, addr string) (net.Conn, error) {
- default_timeout := time.Duration(1) * time.Second
- return net.DialTimeout(network, addr, default_timeout)
+ defaultTimeout := time.Duration(1) * time.Second
+ return net.DialTimeout(network, addr, defaultTimeout)
}}
}
log.Debugf("创建新连接")
@@ -230,8 +233,22 @@
}}}
}
+// NewSessionWithCA new session ca
+func NewSessionWithCA(appID, appSecret, termID, baseURL string,
+ timeout int, ca []byte) (*WebSession, error) {
+ certs := x509.NewCertPool()
+ if !certs.AppendCertsFromPEM(ca) {
+ return nil, ErrBadCAPEM
+ }
+ if transport, ok := goreq.DefaultTransport.(*http.Transport); ok {
+ transport.TLSClientConfig = &tls.Config{RootCAs: certs}
+ }
+
+ return NewSession(appID, appSecret, termID, baseURL, timeout, true), nil
+}
+
func (w *WebSession) getAuthToken() (string, error) {
- type FormJson struct {
+ type FormJSON struct {
AppID string `json:"app_id"`
TermID string `json:"term_id"`
AccessToken string `json:"access_token"`
@@ -244,7 +261,6 @@
r, err := w.DoGet(uri, params)
if err != nil {
- // log.Errorf("Status = %v, err = %v\n", r.StatusCode, err)
return "", err
}
if r.StatusCode != 200 {
@@ -254,7 +270,7 @@
body, err := ioutil.ReadAll(r.Body)
defer r.Body.Close()
- s := &FormJson{}
+ s := &FormJSON{}
err = json.Unmarshal(body, &s)
if err != nil {
log.Errorf("json unmarshal err %v", err)
@@ -264,7 +280,7 @@
}
func (w *WebSession) getAppAccessKey(token string) error {
- type FormJson struct {
+ type FormJSON struct {
AppID string `json:"app_id"`
TermID string `json:"term_id"`
SessionKey string `json:"session_key"`
@@ -291,12 +307,12 @@
}
if r.StatusCode != 200 {
log.Errorf(" errcode = %v\n", r.StatusCode)
- return errors.New(fmt.Sprintf("code %v", r.StatusCode))
+ return fmt.Errorf("code %v", r.StatusCode)
}
body, err := ioutil.ReadAll(r.Body)
- s := &FormJson{}
+ s := &FormJSON{}
err = json.Unmarshal(body, &s)
if err != nil {
log.Errorf("json unmarshal err %v", err)
@@ -322,7 +338,7 @@
}
if r.StatusCode != 200 {
- return nil, errors.New(fmt.Sprintf("Request StatusCode:%v", r.StatusCode))
+ return nil, fmt.Errorf("Request StatusCode:%v", r.StatusCode)
}
body, err := ioutil.ReadAll(r.Body)
@@ -350,22 +366,22 @@
vl.Set(k, fmt.Sprintf("%v", v))
}
- sign_data := ""
+ signData := ""
for _, k := range signField {
if v, ok := params[k]; ok {
- sign_data += fmt.Sprintf("%v", v)
+ signData += fmt.Sprintf("%v", v)
}
}
- sign_data += ts + w.sessionKey
+ signData += ts + w.sessionKey
vl.Set("sign_method", "HMAC")
- log.Debugf("Sign: key[%v] data[%v]\n", w.sessionKey, sign_data)
- vl.Set("sign", w.SignWithKey(w.AppSecret, sign_data))
+ log.Debugf("Sign: key[%v] data[%v]\n", w.sessionKey, signData)
+ vl.Set("sign", w.SignWithKey(w.AppSecret, signData))
- full_url := w.BaseURL + path
- log.Debugf("CallService: %v\n", full_url)
+ fullURL := w.BaseURL + path
+ log.Debugf("CallService: %v\n", fullURL)
var r *goreq.Response
r, err = goreq.Request{
- Uri: full_url,
+ Uri: fullURL,
Accept: "application/json",
ContentType: "application/x-www-form-urlencoded",
Method: "POST",
@@ -377,7 +393,7 @@
}
if r.StatusCode != 200 {
log.Errorf("Request Error %v\n", r.StatusCode)
- err = errors.New(fmt.Sprintf("Request Error, StatusCode : %v", r.StatusCode))
+ err = fmt.Errorf("Request Error, StatusCode : %v", r.StatusCode)
return
}
if r.Body != nil {
diff --git a/webservice_test.go b/webservice_test.go
new file mode 100644
index 0000000..1bcdca2
--- /dev/null
+++ b/webservice_test.go
@@ -0,0 +1,64 @@
+package swservice
+
+import (
+ "testing"
+)
+
+const caPEM = `-----BEGIN CERTIFICATE-----
+MIID8TCCAtmgAwIBAgIJAKFBiWb1ivtAMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD
+VQQGEwJDTjELMAkGA1UECAwCU0gxETAPBgNVBAcMCFNoYW5naGFpMRIwEAYDVQQK
+DAlTdXB3aXNkb20xDDAKBgNVBAsMA1lrdDEaMBgGA1UEAwwReWt0LnN1cHdpc2Rv
+bS5jb20xITAfBgkqhkiG9w0BCQEWEnRlY2hAc3Vwd2lzZG9tLmNvbTAeFw0xNjA3
+MTQwMjU4MTBaFw0xNjA4MTMwMjU4MTBaMIGOMQswCQYDVQQGEwJDTjELMAkGA1UE
+CAwCU0gxETAPBgNVBAcMCFNoYW5naGFpMRIwEAYDVQQKDAlTdXB3aXNkb20xDDAK
+BgNVBAsMA1lrdDEaMBgGA1UEAwwReWt0LnN1cHdpc2RvbS5jb20xITAfBgkqhkiG
+9w0BCQEWEnRlY2hAc3Vwd2lzZG9tLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANaI/Go+ysBu1pQytxyFKehHic+WCfWeFltnKJg6QczYczqqZR8K
+xpRfEOWy3srRr5K+IRASuYka5DIHyZkozisdcLH8pzBd/gKluh0PlMClOJ8nYbe/
+6LHuASPzaehLxenjg8G39A0qX3cJCo0Wo95fkzViroyMKX4wu91GYlOlMv/5PlbZ
+dtL5G2yJPuvyyG8cp7OUQjVFdfI1S3rLnwn3DDCnhsw48j8GFTbdPWbnIqG2sgW0
+K6ycTioTmvxEWjMEl+f1aodQ13FbtG84xcLOz0kcvAHzcLATKHXhs3f9jZMo62Y1
+jDjq9kmPkznv35r/Wvh94dsBPjroH15sLXUCAwEAAaNQME4wHQYDVR0OBBYEFOXs
+u68Yd29qPaSADyL9cq8T7aYOMB8GA1UdIwQYMBaAFOXsu68Yd29qPaSADyL9cq8T
+7aYOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADkZxo5/r82rmwKz
+A5Jba2YLWiBtjalHfpi2US8IQKva47Jb/P/TmbukdNCeaNjS8FRypaA4HM81G+tE
+mDIIL5U8KnZ3DeZA/Ql4GtWscLxs92NdNo4dNqMZyLtphEQVY4mkynygqW4koCwN
+fo6rwgTWN+kZ2Eo5i8ZPsCi2mew7vy8IK+B06toVw0picCgvhCXtVjHS4ndj52FZ
+9nNHnIoaJLxPj+UhICKH73WVJdZQEPpfB7upkBARNJ7y313wm6wh8FIA86frqKiV
+mggFtcm1X5BXnYYe9p+3+e5qQK2hkiZuRKzjAaIwzww5oI5QMHLkyDa1Mhn87w2v
+9HSYpIA=
+-----END CERTIFICATE-----
+
+`
+const (
+ appID = "100001"
+ appSecret = "3072a87ece234b728b519ded8dd152b1"
+ termID = "1020303"
+)
+
+func T1estUseHTTP(t *testing.T) {
+ uri := "http://vb-docker:8443/epayapi/services"
+ session := NewSession(appID, appSecret, termID, uri, 3, true)
+ err := session.Auth()
+ if err != nil {
+ t.Errorf("Auth Error: %v", err)
+ }
+}
+
+func TestUseHTTPS(t *testing.T) {
+ uri := "https://vb-docker:8443/epayapi/services"
+ session, err := NewSessionWithCA(appID, appSecret, termID, uri, 3, []byte(caPEM))
+ if err != nil {
+ t.Error("New Session , ", err)
+ return
+ }
+ err = session.Auth()
+ if err != nil {
+ t.Errorf("Auth Error: %v", err)
+ return
+ }
+}
+
+func TestUseSecureHTTPS(t *testing.T) {
+
+}