Merge pull request #60 from Venafi/master-ven54749-examples

add example for ListCertificates
Venafi · Dec 23, 2019 · 7f93760 · 7f93760
2 parents 3c3d05c + ac226b7
commit 7f93760
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 33 deletions.
diff --git a/examples/simple-cli/main.go b/examples/simple-cli/main.go
@@ -42,7 +42,7 @@ func main() {
 	var commonName = os.Args[1]
 
 	//
-	// 0. get client instance based on connection config
+	// 0. Get client instance based on connection config
 	//
 	config := tppConfig
 	//config := cloudConfig
@@ -53,7 +53,7 @@ func main() {
 	}
 
 	//
-	// 1.1. compose request object
+	// 1.1. Compose request object
 	//
 	//Not all Venafi Cloud providers support IPAddress and EmailAddresses extensions.
 	var enrollReq = &certificate.Request{}
@@ -98,15 +98,15 @@ func main() {
 	}
 
 	//
-	// 1.2. generate private key and certificate request (CSR) based on request's options
+	// 1.2. Generate private key and certificate request (CSR) based on request's options
 	//
 	err = c.GenerateRequest(nil, enrollReq)
 	if err != nil {
 		t.Fatalf("could not generate certificate request: %s", err)
 	}
 
 	//
-	// 1.3. submit certificate request, get request ID as a response
+	// 1.3. Submit certificate request, get request ID as a response
 	//
 	requestID, err := c.RequestCertificate(enrollReq)
 	if err != nil {
@@ -115,7 +115,7 @@ func main() {
 	t.Printf("Successfully submitted certificate request. Will pickup certificate by ID %s", requestID)
 
 	//
-	// 1.4. retrieve certificate using request ID obtained on previous step, get PEM collection as a response
+	// 1.4. Retrieve certificate using request ID obtained on previous step, get PEM collection as a response
 	//
 	pickupReq := &certificate.Request{
 		PickupID: requestID,
@@ -127,15 +127,15 @@ func main() {
 	}
 
 	//
-	// 1.5. (optional) add certificate's private key to PEM collection
+	// 1.5. (optional) Add certificate's private key to PEM collection
 	//
 	_ = pcc.AddPrivateKey(enrollReq.PrivateKey, []byte(enrollReq.KeyPassword))
 
 	t.Printf("Successfully picked up certificate for %s", commonName)
 	pp(pcc)
 
 	//
-	// 2.1. compose renewal object
+	// 2.1. Compose renewal object
 	//
 	renewReq := &certificate.RenewalRequest{
 		// certificate is identified using DN
@@ -146,7 +146,7 @@ func main() {
 	}
 
 	//
-	// 2.2. submit renewal request
+	// 2.2. Submit renewal request
 	//
 	newRequestID, err := c.RenewCertificate(renewReq)
 	if err != nil {
@@ -155,7 +155,7 @@ func main() {
 	t.Printf("Successfully submitted certificate renewal request. Will pickup certificate by ID %s", newRequestID)
 
 	//
-	// 2.3. retrieve certificate using request ID obtained on previous step, get PEM collection as a response
+	// 2.3. Retrieve certificate using request ID obtained on previous step, get PEM collection as a response
 	//
 	renewRetrieveReq := &certificate.Request{
 		PickupID: newRequestID,
@@ -171,7 +171,7 @@ func main() {
 	t.Printf("New serial number %s", getSerial(pcc2.Certificate))
 
 	//
-	// 3.1. compose revocation object
+	// 3.1. Compose revocation object
 	//
 	revokeReq := &certificate.RevocationRequest{
 		CertificateDN: requestID,
@@ -181,7 +181,7 @@ func main() {
 	}
 
 	//
-	// 3.2. submit revocation request (not supported in Venafi Cloud)
+	// 3.2. Submit revocation request (not supported in Venafi Cloud)
 	//
 	if config.ConnectorType != endpoint.ConnectorTypeCloud {
 		err = c.RevokeCertificate(revokeReq)
@@ -191,7 +191,7 @@ func main() {
 		t.Printf("Successfully submitted revocation request for %s", requestID)
 	}
 	//
-	// 2. Import certificate to another object of the same Zone
+	// 4. Import certificate to another object of the same Zone
 	//
 	var importReq = &certificate.ImportRequest{}
 	switch {
@@ -224,7 +224,7 @@ func main() {
 	t.Printf("Successfully imported certificate to %s", importResp.CertificateDN)
 
 	//
-	// 3. retrieve certificate & key from new object
+	// 5. Retrieve certificate & key from new object
 	//
 	var importedRetriveReq = &certificate.Request{}
 	switch {
@@ -253,7 +253,7 @@ func main() {
 	pp(pcc3)
 
 	//
-	// 4. Get refresh token and refresh access token
+	// 6. Get refresh token and refresh access token
 	//
 	if config.ConnectorType == endpoint.ConnectorTypeTPP {
 		tppConnector, err := tpp.NewConnector(config.BaseUrl, config.Zone, false, nil)
@@ -277,6 +277,24 @@ func main() {
 		}
 
 	}
+
+	//
+	// 7. Audit certificates list in zone
+	//
+
+	_l := 10
+	certList, err := c.ListCertificates(endpoint.Filter{Limit: &_l})
+	if err != nil {
+		t.Fatal(err)
+	}
+	fmt.Println("ID             Common Name              Expire")
+	for _, cert := range certList {
+		validTo := cert.ValidTo.String()
+		if cert.ValidTo.Before(time.Now()) {
+			validTo = fmt.Sprintf("\033[1;31m%s\033[0m", validTo)
+		}
+		fmt.Printf("%v    %v     %v\n", cert.ID, cert.CN, validTo)
+	}
 }
 
 func getSerial(crt string) *big.Int {

diff --git a/examples/simple-cli/main_test.go b/examples/simple-cli/main_test.go
@@ -37,15 +37,15 @@ func init() {
 
 func TestRequestCertificate(t *testing.T) {
 	//
-	// 0. get client instance based on connection config
+	// 0. Get client instance based on connection config
 	//
 	c, err := vcert.NewClient(effectiveConfig)
 	if err != nil {
 		t.Fatalf("could not connect to endpoint: %s", err)
 	}
 
 	//
-	// 1. compose request object
+	// 1. Compose request object
 	//
 	req := &certificate.Request{
 		Subject: pkix.Name{
@@ -67,23 +67,23 @@ func TestRequestCertificate(t *testing.T) {
 	}
 
 	//
-	// 2. generate private key and certificate request (CSR) based on request's options
+	// 2. Generate private key and certificate request (CSR) based on request's options
 	//
 	err = c.GenerateRequest(nil, req)
 	if err != nil {
 		t.Fatalf("could not generate certificate request: %s", err)
 	}
 
 	//
-	// 3. submit certificate request, get request ID as a response
+	// 3. Submit certificate request, get request ID as a response
 	//
 	requestID, err := c.RequestCertificate(req)
 	if err != nil {
 		t.Fatalf("could not submit certificate request: %s", err)
 	}
 
 	//
-	// 4. retrieve certificate using request ID obtained on previous step, get PEM collection as a response
+	// 4. Retrieve certificate using request ID obtained on previous step, get PEM collection as a response
 	//
 	req.PickupID = requestID
 	req.Timeout = 180 * time.Second
@@ -93,7 +93,7 @@ func TestRequestCertificate(t *testing.T) {
 	}
 
 	//
-	// 5. (optional) add certificate's private key to PEM collection
+	// 5. (optional) Add certificate's private key to PEM collection
 	//
 	pcc.AddPrivateKey(req.PrivateKey, []byte(req.KeyPassword))
 
@@ -106,15 +106,15 @@ func TestRequestCertificate(t *testing.T) {
 
 func TestRevokeCertificate(t *testing.T) {
 	//
-	// 0. get client instance based on connection config
+	// 0. Get client instance based on connection config
 	//
 	c, err := vcert.NewClient(effectiveConfig)
 	if err != nil {
 		t.Fatalf("could not connect to endpoint: %s", err)
 	}
 
 	//
-	// 1. compose revocation object
+	// 1. Compose revocation object
 	//
 	req := &certificate.RevocationRequest{
 		CertificateDN: `\VED\Policy\` + effectiveConfig.Zone + `\client.venafi.example.com`,
@@ -124,7 +124,7 @@ func TestRevokeCertificate(t *testing.T) {
 	}
 
 	//
-	// 2. submit revocation request
+	// 2. Submit revocation request
 	//
 	err = c.RevokeCertificate(req)
 	if err != nil {
@@ -138,15 +138,15 @@ func TestRevokeCertificate(t *testing.T) {
 
 func TestRenewCertificate(t *testing.T) {
 	//
-	// 0. get client instance based on connection config
+	// 0. Get client instance based on connection config
 	//
 	c, err := vcert.NewClient(effectiveConfig)
 	if err != nil {
 		t.Fatalf("could not connect to endpoint: %s", err)
 	}
 
 	//
-	// 1. compose renewal object
+	// 1. Compose renewal object
 	//
 	renewReq := &certificate.RenewalRequest{
 		// certificate is identified using DN
@@ -157,15 +157,15 @@ func TestRenewCertificate(t *testing.T) {
 	}
 
 	//
-	// 2. submit renewal request
+	// 2. Submit renewal request
 	//
 	requestID, err := c.RenewCertificate(renewReq)
 	if err != nil {
 		t.Fatalf("could not submit certificate renewal request: %s", err)
 	}
 
 	//
-	// 4. retrieve certificate using request ID obtained on previous step, get PEM collection as a response
+	// 3. Retrieve certificate using request ID obtained on previous step, get PEM collection as a response
 	//
 	req := &certificate.Request{
 		PickupID: requestID,
@@ -177,12 +177,12 @@ func TestRenewCertificate(t *testing.T) {
 	}
 
 	//
-	// 3. Done!
+	// 4. Done!
 	//
 	pp(requestID)
 	pp(pcc)
 
-	// decoding renewed certificate
+	// decode renewed certificate
 	block, _ := pem.Decode([]byte(pcc.Certificate))
 	if block == nil || block.Type != "CERTIFICATE" {
 		t.Fatalf("could not get PEM certificate block")
@@ -192,22 +192,22 @@ func TestRenewCertificate(t *testing.T) {
 		t.Fatalf("could not parse x509 certificate: %s", err)
 	}
 
-	// renewed certificate serial number
+	// renew certificate by serial number
 	pp(cert.SerialNumber)
 
 }
 
 func TestImportCertificate(t *testing.T) {
 	//
-	// 0. get client instance based on connection config
+	// 0. Get client instance based on connection config
 	//
 	c, err := vcert.NewClient(effectiveConfig)
 	if err != nil {
 		t.Fatalf("could not connect to endpoint: %s", err)
 	}
 
 	//
-	// 1. compose, generate, submit request and retrieve certificate
+	// 1. Compose, generate, submit request and retrieve certificate
 	//
 	req := &certificate.Request{
 		Subject: pkix.Name{
@@ -268,7 +268,7 @@ func TestImportCertificate(t *testing.T) {
 	pp(importResp)
 
 	//
-	// 3. retrieve certificate & key from new object
+	// 3. Retrieve certificate & key from new object
 	//
 	req = &certificate.Request{
 		PickupID:        importResp.CertificateDN,