github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use UUIDv4 as automatically generated client request identifier

Browse Source
This commit is contained in:
Herman Slatman
2024-02-29 20:26:27 +01:00
parent b9d6bfc1eb
commit 0898c6db97
2 changed files with 23 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ca/client.go
View File

@@ -24,7 +24,6 @@ import (
"strings"
"github.com/pkg/errors"
"github.com/rs/xid"
"github.com/smallstep/certificates/api"
"github.com/smallstep/certificates/authority"
"github.com/smallstep/certificates/authority/provisioner"
@@ -35,6 +34,7 @@ import (
"go.step.sm/crypto/jose"
"go.step.sm/crypto/keyutil"
"go.step.sm/crypto/pemutil"
"go.step.sm/crypto/randutil"
"go.step.sm/crypto/x509util"
"golang.org/x/net/http2"
"google.golang.org/protobuf/encoding/protojson"
@@ -105,6 +105,17 @@ func (c *uaClient) PostWithContext(ctx context.Context, u, contentType string, b
// the CA client to the CA and back again.
const requestIDHeader = "X-Request-Id"
// newRequestID generates a new random UUIDv4 request ID. If it fails,
// the request ID will be the empty string.
func newRequestID() string {
requestID, err := randutil.UUIDv4()
if err != nil {
return ""
}
return requestID
}
// enforceRequestID checks if the X-Request-Id HTTP header is filled. If it's
// empty, the context is searched for a request ID. If that's also empty, a new
// request ID is generated.
@@ -115,7 +126,7 @@ func enforceRequestID(r *http.Request) {
// used before by the client (unless it's a retry for the same request)?
requestID = reqID
} else {
requestID = xid.New().String()
requestID = newRequestID()
}
r.Header.Set(requestIDHeader, requestID)
}

10
ca/client_test.go
View File

@@ -17,6 +17,7 @@ import (
"testing"
"time"
"github.com/google/uuid"
"github.com/smallstep/certificates/api"
"github.com/smallstep/certificates/api/read"
"github.com/smallstep/certificates/api/render"
@@ -1056,3 +1057,12 @@ func Test_enforceRequestID(t *testing.T) {
})
}
}
func Test_newRequestID(t *testing.T) {
requestID := newRequestID()
u, err := uuid.Parse(requestID)
assert.NoError(t, err)
assert.Equal(t, uuid.Version(0x4), u.Version())
assert.Equal(t, uuid.RFC4122, u.Variant())
assert.Equal(t, requestID, u.String())
}