feat: rpc client tls cert create api for app

internal/api/controllers/app/keypair.go

@@ -4,7 +4,9 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/ncuhome/GeniusAuthoritarian/internal/api/callback"
 	"github.com/ncuhome/GeniusAuthoritarian/internal/global"
+	"github.com/ncuhome/GeniusAuthoritarian/internal/tools"
 	"github.com/ncuhome/GeniusAuthoritarian/pkg/keypair"
+	"time"
 )
 
 func ServerPublicKeys(c *gin.Context) {
@@ -19,3 +21,20 @@ func ServerPublicKeys(c *gin.Context) {
 		"ca":  global.CaIssuer.CaCertPem,
 	})
 }
+
+func RpcClientCredential(c *gin.Context) {
+	appCode := tools.GetAppCode(c)
+
+	validBefore := time.Now().AddDate(0, 0, 7)
+	certPem, privatePem, err := global.CaIssuer.Issue([]string{appCode}, validBefore)
+	if err != nil {
+		callback.Error(c, callback.ErrUnexpected, err)
+		return
+	}
+
+	callback.Success(c, gin.H{
+		"cert":        certPem,
+		"key":         privatePem,
+		"validBefore": validBefore.Unix(),
+	})
+}

internal/api/router/app/init.go

@@ -11,4 +11,5 @@ func Router(G *gin.RouterGroup) {
 
 	keypair := G.Group("keypair")
 	keypair.GET("server", controllers.ServerPublicKeys)
+	keypair.POST("rpc", controllers.RpcClientCredential)
 }