ability to set certificate pool into the HTTP client (#19)

core/engine.go

@@ -1,6 +1,7 @@
 package core
 
 import (
+	"crypto/x509"
 	"html/template"
 	"net/http"
 	"sync"
@@ -178,12 +179,14 @@ func (e *Engine) SetLogger(l LoggerInterface) *Engine {
 }
 
 // BuildHTTPClient builds HTTP client with provided configuration
-func (e *Engine) BuildHTTPClient(replaceDefault ...bool) *Engine {
+func (e *Engine) BuildHTTPClient(certs *x509.CertPool, replaceDefault ...bool) *Engine {
 	if e.Config.GetHTTPClientConfig() != nil {
 		client, err := NewHTTPClientBuilder().
 			WithLogger(e.Logger()).
 			SetLogging(e.Config.IsDebug()).
-			FromEngine(e).Build(replaceDefault...)
+			SetCertPool(certs).
+			FromEngine(e).
+			Build(replaceDefault...)
 
 		if err != nil {
 			panic(err)

core/engine_test.go

@@ -2,6 +2,7 @@ package core
 
 import (
 	"bytes"
+	"crypto/x509"
 	"database/sql"
 	"html/template"
 	"io/ioutil"
@@ -173,7 +174,7 @@ func (e *EngineTest) Test_BuildHTTPClient() {
 			SSLVerification: boolPtr(true),
 		},
 	}
-	e.engine.BuildHTTPClient()
+	e.engine.BuildHTTPClient(x509.NewCertPool())
 
 	assert.NotNil(e.T(), e.engine.httpClient)
 }

core/http_client_builder.go

@@ -3,6 +3,7 @@ package core
 import (
 	"context"
 	"crypto/tls"
+	"crypto/x509"
 	"fmt"
 	"net"
 	"net/http"
@@ -44,6 +45,7 @@ var DefaultTransport = http.DefaultTransport
 type HTTPClientBuilder struct {
 	httpClient    *http.Client
 	httpTransport *http.Transport
+	certsPool     *x509.CertPool
 	dialer        *net.Dialer
 	logger        LoggerInterface
 	built         bool
@@ -78,10 +80,10 @@ func (b *HTTPClientBuilder) WithLogger(logger LoggerInterface) *HTTPClientBuilde
 }
 
 // SetTimeout sets timeout for http client
-func (b *HTTPClientBuilder) SetTimeout(timeout time.Duration) *HTTPClientBuilder {
-	timeout = timeout * time.Second
-	b.timeout = timeout
-	b.httpClient.Timeout = timeout
+func (b *HTTPClientBuilder) SetTimeout(seconds time.Duration) *HTTPClientBuilder {
+	seconds = seconds * time.Second
+	b.timeout = seconds
+	b.httpClient.Timeout = seconds
 	return b
 }
 
@@ -114,6 +116,17 @@ func (b *HTTPClientBuilder) SetSSLVerification(enabled bool) *HTTPClientBuilder
 	return b
 }
 
+// SetSSLVerification enables or disables SSL certificates verification in client
+func (b *HTTPClientBuilder) SetCertPool(pool *x509.CertPool) *HTTPClientBuilder {
+	if b.httpTransport.TLSClientConfig == nil {
+		b.httpTransport.TLSClientConfig = &tls.Config{}
+	}
+
+	b.httpTransport.TLSClientConfig.RootCAs = pool
+
+	return b
+}
+
 // SetLogging enables or disables logging in mocks
 func (b *HTTPClientBuilder) SetLogging(flag bool) *HTTPClientBuilder {
 	b.logging = flag

core/http_client_builder_test.go

@@ -2,6 +2,7 @@ package core
 
 import (
 	"context"
+	"crypto/x509"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -74,6 +75,15 @@ func (t *HTTPClientBuilderTest) Test_SetSSLVerification() {
 	assert.True(t.T(), t.builder.httpTransport.TLSClientConfig.InsecureSkipVerify)
 }
 
+func (t *HTTPClientBuilderTest) Test_SetCertPool() {
+	t.builder.SetCertPool(nil)
+	assert.Nil(t.T(), t.builder.httpTransport.TLSClientConfig.RootCAs)
+
+	pool := x509.NewCertPool()
+	t.builder.SetCertPool(pool)
+	assert.Equal(t.T(), pool, t.builder.httpTransport.TLSClientConfig.RootCAs)
+}
+
 func (t *HTTPClientBuilderTest) Test_FromConfigNil() {
 	defer func() {
 		assert.Nil(t.T(), recover())
@@ -148,15 +158,20 @@ func (t *HTTPClientBuilderTest) Test_logf() {
 }
 
 func (t *HTTPClientBuilderTest) Test_Build() {
+	timeout := time.Duration(10)
+	pool := x509.NewCertPool()
 	client, err := t.builder.
-		SetTimeout(10).
+		SetTimeout(timeout).
 		SetMockAddress("api_mock:3004").
 		AddMockedDomain("google.com").
+		SetCertPool(pool).
 		Build(true)
 
 	assert.NoError(t.T(), err)
 	assert.NotNil(t.T(), client)
 	assert.Equal(t.T(), client, http.DefaultClient)
+	assert.Equal(t.T(), timeout*time.Second, client.Timeout)
+	assert.Equal(t.T(), pool, client.Transport.(*http.Transport).TLSClientConfig.RootCAs)
 }
 
 func (t *HTTPClientBuilderTest) Test_RestoreDefault() {

go.mod

@@ -5,7 +5,7 @@ go 1.12
 require (
 	github.com/DATA-DOG/go-sqlmock v1.3.3
 	github.com/aws/aws-sdk-go v1.25.14
-	github.com/certifi/gocertifi v0.0.0-20190905060710-a5e0173ced67 // indirect
+	github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054
 	github.com/denisenkom/go-mssqldb v0.0.0-20190830225923-3302f0226fbd // indirect
 	github.com/getsentry/raven-go v0.2.0
 	github.com/gin-contrib/multitemplate v0.0.0-20190914010127-bba2ccfe37ec
@@ -33,7 +33,6 @@ require (
 	golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 // indirect
 	golang.org/x/sys v0.0.0-20200428200454-593003d681fa // indirect
 	golang.org/x/text v0.3.2
-	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
 	gopkg.in/gormigrate.v1 v1.6.0
 	gopkg.in/yaml.v2 v2.2.8
 )

go.sum

@@ -18,8 +18,8 @@ github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5
 github.com/aws/aws-sdk-go v1.25.14 h1:hEsU+cukBOQe1wRRuvEgG+y6AVCyS2eyHWuTefhGxTY=
 github.com/aws/aws-sdk-go v1.25.14/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/certifi/gocertifi v0.0.0-20190905060710-a5e0173ced67 h1:8k9FLYBLKT+9v2HQJ/a95ZemmTx+/ltJcAiRhVushG8=
-github.com/certifi/gocertifi v0.0.0-20190905060710-a5e0173ced67/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4=
+github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054 h1:uH66TXeswKn5PW5zdZ39xEwfS9an067BirqA+P4QaLI=
+github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=