in internal/mock/sqladmin.go [188:246]
func CreateEphemeralSuccess(i FakeCSQLInstance, ct int) *Request {
r := &Request{
reqMethod: http.MethodPost,
reqPath: fmt.Sprintf("/sql/v1beta4/projects/%s/instances/%s:generateEphemeralCert", i.project, i.name),
reqCt: ct,
handle: func(resp http.ResponseWriter, req *http.Request) {
// Read the body from the request.
b, err := io.ReadAll(req.Body)
defer req.Body.Close()
if err != nil {
http.Error(resp, fmt.Errorf("unable to read body: %w", err).Error(), http.StatusBadRequest)
return
}
var eR sqladmin.GenerateEphemeralCertRequest
err = json.Unmarshal(b, &eR)
if err != nil {
http.Error(resp, fmt.Errorf("invalid or unexpected json: %w", err).Error(), http.StatusBadRequest)
return
}
// Extract the certificate from the request.
bl, _ := pem.Decode([]byte(eR.PublicKey))
if bl == nil {
http.Error(resp, fmt.Errorf("unable to decode PublicKey: %w", err).Error(), http.StatusBadRequest)
return
}
pubKey, err := x509.ParsePKIXPublicKey(bl.Bytes)
if err != nil {
http.Error(resp, fmt.Errorf("unable to decode PublicKey: %w", err).Error(), http.StatusBadRequest)
return
}
certBytes, err := i.ClientCert(pubKey.(*rsa.PublicKey))
if err != nil {
http.Error(resp, fmt.Errorf("failed to sign client certificate: %v", err).Error(), http.StatusBadRequest)
return
}
// Return the signed cert to the client.
c := &sqladmin.SslCert{
Cert: string(certBytes),
CommonName: "Google Cloud SQL Client",
CreateTime: time.Now().Format(time.RFC3339),
ExpirationTime: i.Cert.NotAfter.Format(time.RFC3339),
Instance: i.name,
}
certResp := sqladmin.GenerateEphemeralCertResponse{
EphemeralCert: c,
}
b, err = certResp.MarshalJSON()
if err != nil {
http.Error(resp, fmt.Errorf("unable to encode response: %w", err).Error(), http.StatusInternalServerError)
return
}
resp.WriteHeader(http.StatusOK)
resp.Write(b)
},
}
return r
}