gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-09 16:48:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: case-insensitive issuer type validation + missing M49 types (#7)

Browse Source 
Backend rejected lowercase type strings (e.g., "acme") sent by older
cached frontends. Add normalizeIssuerType() with alias map for
case-insensitive lookup, wire into both Create paths. Add missing
Entrust/GlobalSign/EJBCA to validIssuerTypes. Add lowercase fallbacks
to issuer factory switch. 39 new test subtests covering normalization,
lowercase create flows, and M49 type acceptance.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Shankar
2026-04-15 23:20:32 -04:00
parent e1630bcb44
commit cdb448dfe5
3 changed files with 219 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/connector/issuerfactory/factory.go
+12 -12
View File
@@ -29,84 +29,84 @@ func NewFromConfig(issuerType string, configJSON json.RawMessage, logger *slog.L
}
switch issuerType {
case "local", "GenericCA":
case "local", "local_ca", "GenericCA", "genericca":
var cfg local.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid Local CA config: %w", err)
}
return local.New(&cfg, logger), nil
case "ACME":
case "ACME", "acme":
var cfg acme.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid ACME config: %w", err)
}
return acme.New(&cfg, logger), nil
case "StepCA":
case "StepCA", "stepca":
var cfg stepca.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid step-ca config: %w", err)
}
return stepca.New(&cfg, logger), nil
case "OpenSSL":
case "OpenSSL", "openssl":
var cfg openssl.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid OpenSSL config: %w", err)
}
return openssl.New(&cfg, logger), nil
case "VaultPKI":
case "VaultPKI", "vaultpki":
var cfg vault.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid Vault PKI config: %w", err)
}
return vault.New(&cfg, logger), nil
case "DigiCert":
case "DigiCert", "digicert":
var cfg digicert.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid DigiCert config: %w", err)
}
return digicert.New(&cfg, logger), nil
case "Sectigo":
case "Sectigo", "sectigo":
var cfg sectigo.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid Sectigo config: %w", err)
}
return sectigo.New(&cfg, logger), nil
case "GoogleCAS":
case "GoogleCAS", "googlecas":
var cfg googlecas.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid Google CAS config: %w", err)
}
return googlecas.New(&cfg, logger), nil
case "AWSACMPCA":
case "AWSACMPCA", "awsacmpca":
var cfg awsacmpca.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid AWS ACM PCA config: %w", err)
}
return awsacmpca.New(&cfg, logger), nil
case "Entrust":
case "Entrust", "entrust":
var cfg entrust.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid Entrust config: %w", err)
}
return entrust.New(&cfg, logger), nil
case "GlobalSign":
case "GlobalSign", "globalsign":
var cfg globalsign.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid GlobalSign config: %w", err)
}
return globalsign.New(&cfg, logger), nil
case "EJBCA":
case "EJBCA", "ejbca":
var cfg ejbca.Config
if err := json.Unmarshal(configJSON, &cfg); err != nil {
return nil, fmt.Errorf("invalid EJBCA config: %w", err)