Hello Gophers,
I am trying to write a client which basically uses an http client with client credentials and also needs to use Root CA certificates for building trust.
the way I achieved this is described as below:
package client
import (
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"net/http"
"net/url"
"strings"
"golang.org/x/oauth2"
"golang.org/x/oauth2/clientcredentials"
)
func makeRequest() {
credentials := &clientcredentials.Config{
ClientID: "ClientID",
ClientSecret: "Secret",
TokenURL: fmt.Sprintf("%s/v1/token", "www.exampleAuth.com"),
Scopes: []string{"FullScope"},
EndpointParams: url.Values{
"client_id": {"ClientID"},
"client_secret": {"Secret"},
},
}
client := credentials.Client(context.TODO())
caCertPool := x509.NewCertPool()
_ = caCertPool.AppendCertsFromPEM([]byte("Some RSA cert"))
// This works but not sure if it messes up something
client.Transport.(*oauth2.Transport).Base = &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: caCertPool,
},
}
req, _ := http.NewRequest("POST", "www.example.com", strings.NewReader("hi"))
client.Do(req)
}
My question would be , is that a good way to achieve the same ? Will overriding Transport on client returned from oauth2/clientcredentials cause any issues?
Docs for ouath2/clientcredentials do specify not to change transport on returned client. Is there a better way/package to achieve the same?
any help would be great help. Thanks!
EDIT : After some code reading, found that context can be passed in oauth2.NewClient() method with a context key having our implementation of transport on http client.
Amit