Use render.Error on crl endpoint

This commit is contained in:
Mariano Cano 2022-09-14 11:50:11 -07:00
parent 0829f37fe8
commit 221e756f40

View file

@ -2,35 +2,20 @@ package api
import ( import (
"encoding/pem" "encoding/pem"
"fmt"
"github.com/pkg/errors"
"github.com/smallstep/certificates/errs"
"net/http" "net/http"
"github.com/smallstep/certificates/api/render"
) )
// CRL is an HTTP handler that returns the current CRL in DER or PEM format // CRL is an HTTP handler that returns the current CRL in DER or PEM format
func CRL(w http.ResponseWriter, r *http.Request) { func CRL(w http.ResponseWriter, r *http.Request) {
crlBytes, err := mustAuthority(r.Context()).GetCertificateRevocationList() crlBytes, err := mustAuthority(r.Context()).GetCertificateRevocationList()
if err != nil {
render.Error(w, err)
return
}
_, formatAsPEM := r.URL.Query()["pem"] _, formatAsPEM := r.URL.Query()["pem"]
if err != nil {
caErr, isCaErr := err.(*errs.Error)
if isCaErr {
http.Error(w, caErr.Msg, caErr.Status)
return
}
w.WriteHeader(500)
_, err = fmt.Fprintf(w, "%v\n", err)
if err != nil {
panic(errors.Wrap(err, "error writing http response"))
}
return
}
if formatAsPEM { if formatAsPEM {
pemBytes := pem.EncodeToMemory(&pem.Block{ pemBytes := pem.EncodeToMemory(&pem.Block{
Type: "X509 CRL", Type: "X509 CRL",
@ -38,15 +23,10 @@ func CRL(w http.ResponseWriter, r *http.Request) {
}) })
w.Header().Add("Content-Type", "application/x-pem-file") w.Header().Add("Content-Type", "application/x-pem-file")
w.Header().Add("Content-Disposition", "attachment; filename=\"crl.pem\"") w.Header().Add("Content-Disposition", "attachment; filename=\"crl.pem\"")
_, err = w.Write(pemBytes) w.Write(pemBytes)
} else { } else {
w.Header().Add("Content-Type", "application/pkix-crl") w.Header().Add("Content-Type", "application/pkix-crl")
w.Header().Add("Content-Disposition", "attachment; filename=\"crl.der\"") w.Header().Add("Content-Disposition", "attachment; filename=\"crl.der\"")
_, err = w.Write(crlBytes) w.Write(crlBytes)
} }
if err != nil {
panic(errors.Wrap(err, "error writing http response"))
}
} }