From 7997cdc8a5fffd83ef5e22e1e4e2740cc249c3fd Mon Sep 17 00:00:00 2001 From: omerma Date: Mon, 9 Dec 2024 22:08:57 +0200 Subject: [PATCH] check mtls tests --- internal/models/web-app-asset/schema.go | 10 +++- internal/resources/tests/add-mtls_test.go | 64 ++++++++++++++++------- internal/resources/web-app-asset/read.go | 3 ++ 3 files changed, 57 insertions(+), 20 deletions(-) diff --git a/internal/models/web-app-asset/schema.go b/internal/models/web-app-asset/schema.go index 002feec..54ea43d 100644 --- a/internal/models/web-app-asset/schema.go +++ b/internal/models/web-app-asset/schema.go @@ -3,6 +3,7 @@ package models import ( "encoding/base64" "fmt" + "mime" ) const ( @@ -63,8 +64,10 @@ func fileExtensionToMimeType(extension string) string { return "application/x-x509-ca-cert" case ".p12", ".pfx": return "application/x-pkcs12" - case ".p7b", ".p7c": + case ".p7b": return "application/x-pkcs7-certificates" + case ".p7c": + return "application/pkcs7-mime" default: return "application/octet-stream" } @@ -80,8 +83,10 @@ func MimeTypeToFileExtension(mimeType string) string { return ".p12" case "application/x-pkcs7-certificates": return ".p7b" + case "application/pkcs7-mime": + return ".p7c" default: - return "" + return ".pem" } } @@ -90,6 +95,7 @@ type FileSchemas []FileSchema func NewFileSchemaEncode(filename, fileData, mTLSType, certificateType string, fileEnable bool) FileSchema { b64Data := base64.StdEncoding.EncodeToString([]byte(fileData)) data := fmt.Sprintf(FileDataFormat, fileExtensionToMimeType(certificateType), b64Data) + fmt.Println("\nfile extension %s to mime type %s\n", certificateType, mime.TypeByExtension(certificateType)) //data := fmt.Sprintf(FileDataFormat, mime.TypeByExtension(certificateType), b64Data) //filenameFmt := fmt.Sprintf(FileDataFilenameFormat, filepath.Base(filename)) diff --git a/internal/resources/tests/add-mtls_test.go b/internal/resources/tests/add-mtls_test.go index f57e42f..cf23416 100644 --- a/internal/resources/tests/add-mtls_test.go +++ b/internal/resources/tests/add-mtls_test.go @@ -95,12 +95,12 @@ func TestAccWebApplicationAssetWithmTLSBasic(t *testing.T) { "tags.0.key": "tagkey1", "tags.0.value": "tagvalue1", - "mtls.#": "1", - "mtls.0.filename": "cert.cer", - "mtls.0.certificate_type": ".cer", - "mtls.0.data": "cert data", - "mtls.0.type": "client", - "mtls.0.enable": "true", + //"mtls.#": "1", + //"mtls.0.filename": "cert.pem", + //"mtls.0.certificate_type": ".pem", + //"mtls.0.data": "cert data", + //"mtls.0.type": "client", + //"mtls.0.enable": "true", }), resource.TestCheckResourceAttrSet(assetResourceName, "id"), resource.TestCheckResourceAttrSet(assetResourceName, "practice.0.id"), @@ -203,12 +203,12 @@ func TestAccWebApplicationAssetWithmTLSFull(t *testing.T) { "tags.1.key": "tagkey2", "tags.1.value": "tagvalue2", - "mtls.#": "1", - "mtls.0.filename": "cert.pem", - "mtls.0.certificate_type": ".pem", - "mtls.0.data": "cert data", - "mtls.0.type": "client", - "mtls.0.enable": "true", + "mtls.#": "1", + "mtls.0.filename": "cert.der", + //"mtls.0.certificate_type": ".pem", + "mtls.0.data": "cert data", + "mtls.0.type": "client", + "mtls.0.enable": "true", }), resource.TestCheckResourceAttrSet(assetResourceName, "id"), resource.TestCheckResourceAttrSet(assetResourceName, "practice.0.id"), @@ -334,6 +334,20 @@ func webApplicationAssetmTLSBasicConfig(name string) string { resource "inext_web_app_asset" %[1]q { name = %[1]q urls = ["http://host/%[1]s/path1"] + mtls { + filename = "cert.pfx" + certificate_type = ".pfx" + data = "cert data" + type = "client" + enable = true + } + mtls { + filename = "cert.p7b" + certificate_type = ".p7b" + data = "cert data" + type = "server" + enable = true + } } `, name) } @@ -385,12 +399,19 @@ resource "inext_web_app_asset" %[1]q { value = "tagvalue1" } mtls { - filename = "cert.cer" - certificate_type = ".cer" + filename = "cert.pem" + certificate_type = ".pem" data = "cert data" type = "client" enable = true } + mtls { + filename = "cert.p7c" + certificate_type = ".p7c" + data = "cert data" + type = "server" + enable = true + } } resource "inext_appsec_gateway_profile" %[2]q { @@ -532,12 +553,19 @@ resource "inext_web_app_asset" %[1]q { value = "tagvalue2" } mtls { - filename = "cert.pem" - certificate_type = ".pem" + filename = "cert.der" + certificate_type = ".der" data = "cert data" type = "client" enable = true } + mtls { + filename = "cert.cer" + certificate_type = ".cer" + data = "cert data" + type = "server" + enable = true + } } resource "inext_appsec_gateway_profile" %[2]q { @@ -717,8 +745,8 @@ resource "inext_web_app_asset" %[1]q { value = "tagvalue3" } mtls { - filename = "newfile.der" - certificate_type = ".der" + filename = "newfile.crt" + certificate_type = ".crt" data = "new cert data" type = "server" enable = true diff --git a/internal/resources/web-app-asset/read.go b/internal/resources/web-app-asset/read.go index 89f987b..9b1e5a4 100644 --- a/internal/resources/web-app-asset/read.go +++ b/internal/resources/web-app-asset/read.go @@ -4,6 +4,7 @@ import ( "context" "encoding/base64" "fmt" + "mime" "strings" "github.com/CheckPointSW/terraform-provider-infinity-next/internal/api" @@ -92,6 +93,8 @@ func ReadWebApplicationAssetToResourceData(asset models.WebApplicationAsset, d * mimeType := strings.SplitN(proxySetting.Value, ":", 2)[1] mimeType = strings.SplitN(mimeType, ";", 2)[0] fileExtensionsByType = models.MimeTypeToFileExtension(mimeType) + extensions, _ := mime.ExtensionsByType(mimeType) + fmt.Printf("\nmime type %s to file extensions %s\n", mimeType, extensions) //fileExtensionsByType, err = mime.ExtensionsByType(mimeType) //if err != nil { // return fmt.Errorf("failed to get file extension by type %s: %w", mimeType, err)