Fix remaining gocritic remarks

This commit is contained in:
Herman Slatman 2021-10-11 23:34:23 +02:00
parent a4660f73fa
commit dd4b4b0435
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
7 changed files with 103 additions and 110 deletions

View file

@ -69,12 +69,12 @@ const noKeyID = keyID("")
// jwsEncodeEAB creates a JWS payload for External Account Binding according to RFC 8555 §7.3.4.
// Implementation taken from github.com/mholt/acmez
func jwsEncodeEAB(accountKey crypto.PublicKey, hmacKey []byte, kid keyID, url string) ([]byte, error) {
func jwsEncodeEAB(accountKey crypto.PublicKey, hmacKey []byte, kid keyID, u string) ([]byte, error) {
// §7.3.4: "The 'alg' field MUST indicate a MAC-based algorithm"
alg, sha := "HS256", crypto.SHA256
// §7.3.4: "The 'nonce' field MUST NOT be present"
phead, err := jwsHead(alg, "", url, kid, nil)
phead, err := jwsHead(alg, "", u, kid, nil)
if err != nil {
return nil, err
}
@ -99,7 +99,7 @@ func jwsEncodeEAB(accountKey crypto.PublicKey, hmacKey []byte, kid keyID, url st
// Since jwk and kid are mutually-exclusive, the jwk will be encoded
// only if kid is empty. If nonce is empty, it will not be encoded.
// Implementation taken from github.com/mholt/acmez
func jwsHead(alg, nonce, url string, kid keyID, key crypto.Signer) (string, error) {
func jwsHead(alg, nonce, u string, kid keyID, key crypto.Signer) (string, error) {
phead := fmt.Sprintf(`{"alg":%q`, alg)
if kid == noKeyID {
jwk, err := jwkEncode(key.Public())
@ -113,7 +113,7 @@ func jwsHead(alg, nonce, url string, kid keyID, key crypto.Signer) (string, erro
if nonce != "" {
phead += fmt.Sprintf(`,"nonce":%q`, nonce)
}
phead += fmt.Sprintf(`,"url":%q}`, url)
phead += fmt.Sprintf(`,"url":%q}`, u)
phead = base64.RawURLEncoding.EncodeToString([]byte(phead))
return phead, nil
}
@ -684,7 +684,7 @@ func TestHandler_NewAccount(t *testing.T) {
assert.Equals(t, acc.Key, jwk)
return nil
},
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return &acme.ExternalAccountKey{
ID: "eakID",
Provisioner: escProvName,
@ -1058,7 +1058,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
createdAt := time.Now()
return test{
db: &acme.MockDB{
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return &acme.ExternalAccountKey{
ID: "eakID",
Provisioner: escProvName,
@ -1091,7 +1091,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
eab := &ExternalAccountBinding{}
err = json.Unmarshal(eabJWS, &eab)
assert.FatalError(t, err)
eab.Payload = eab.Payload + "{}"
eab.Payload += "{}"
prov := newACMEProv(t)
prov.RequireEAB = true
ctx := context.WithValue(context.Background(), jwkContextKey, jwk)
@ -1149,7 +1149,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
ctx = context.WithValue(ctx, provisionerContextKey, prov)
return test{
db: &acme.MockDB{
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return nil, acme.NewErrorISE("error retrieving external account key")
},
},
@ -1205,7 +1205,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
boundAt := time.Now().Add(1 * time.Second)
return test{
db: &acme.MockDB{
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return &acme.ExternalAccountKey{
ID: "eakID",
Provisioner: escProvName,
@ -1240,7 +1240,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
ctx = context.WithValue(ctx, provisionerContextKey, prov)
return test{
db: &acme.MockDB{
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return &acme.ExternalAccountKey{
ID: "eakID",
Provisioner: escProvName,
@ -1276,7 +1276,7 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
ctx = context.WithValue(ctx, provisionerContextKey, prov)
return test{
db: &acme.MockDB{
MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
MockGetExternalAccountKey: func(ctx context.Context, provisionerName, keyID string) (*acme.ExternalAccountKey, error) {
return &acme.ExternalAccountKey{
ID: "eakID",
Provisioner: escProvName,

View file

@ -26,8 +26,11 @@ import (
type ChallengeType string
const (
HTTP01 ChallengeType = "http-01"
DNS01 ChallengeType = "dns-01"
// HTTP-01 challenge type
HTTP01 ChallengeType = "http-01"
// DNS-01 challenge type
DNS01 ChallengeType = "dns-01"
// TLS-ALPN-01 challenge type
TLSALPN01 ChallengeType = "tls-alpn-01"
)

View file

@ -190,7 +190,7 @@ func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerName, ref
CreatedAt: clock.Now(),
}
if err = db.save(ctx, keyID, dbeak, nil, "external_account_key", externalAccountKeyTable); err != nil {
if err := db.save(ctx, keyID, dbeak, nil, "external_account_key", externalAccountKeyTable); err != nil {
return nil, err
}
@ -199,7 +199,7 @@ func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerName, ref
Reference: dbeak.Reference,
ExternalAccountKeyID: dbeak.ID,
}
if err = db.save(ctx, dbeak.Reference, dbExternalAccountKeyReference, nil, "external_account_key_reference", externalAccountKeysByReferenceTable); err != nil {
if err := db.save(ctx, dbeak.Reference, dbExternalAccountKeyReference, nil, "external_account_key_reference", externalAccountKeysByReferenceTable); err != nil {
return nil, err
}
}

View file

@ -771,8 +771,8 @@ func TestDB_getDBExternalAccountKey(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if dbeak, err := db.getDBExternalAccountKey(context.Background(), keyID); err != nil {
d := DB{db: tc.db}
if dbeak, err := d.getDBExternalAccountKey(context.Background(), keyID); err != nil {
switch k := err.(type) {
case *acme.Error:
if assert.NotNil(t, tc.acmeErr) {
@ -787,16 +787,14 @@ func TestDB_getDBExternalAccountKey(t *testing.T) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
}
} else {
if assert.Nil(t, tc.err) {
assert.Equals(t, dbeak.ID, tc.dbeak.ID)
assert.Equals(t, dbeak.KeyBytes, tc.dbeak.KeyBytes)
assert.Equals(t, dbeak.Provisioner, tc.dbeak.Provisioner)
assert.Equals(t, dbeak.Reference, tc.dbeak.Reference)
assert.Equals(t, dbeak.CreatedAt, tc.dbeak.CreatedAt)
assert.Equals(t, dbeak.AccountID, tc.dbeak.AccountID)
assert.Equals(t, dbeak.BoundAt, tc.dbeak.BoundAt)
}
} else if assert.Nil(t, tc.err) {
assert.Equals(t, dbeak.ID, tc.dbeak.ID)
assert.Equals(t, dbeak.KeyBytes, tc.dbeak.KeyBytes)
assert.Equals(t, dbeak.Provisioner, tc.dbeak.Provisioner)
assert.Equals(t, dbeak.Reference, tc.dbeak.Reference)
assert.Equals(t, dbeak.CreatedAt, tc.dbeak.CreatedAt)
assert.Equals(t, dbeak.AccountID, tc.dbeak.AccountID)
assert.Equals(t, dbeak.BoundAt, tc.dbeak.BoundAt)
}
})
}
@ -890,8 +888,8 @@ func TestDB_GetExternalAccountKey(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if eak, err := db.GetExternalAccountKey(context.Background(), prov, keyID); err != nil {
d := DB{db: tc.db}
if eak, err := d.GetExternalAccountKey(context.Background(), prov, keyID); err != nil {
switch k := err.(type) {
case *acme.Error:
if assert.NotNil(t, tc.acmeErr) {
@ -906,16 +904,14 @@ func TestDB_GetExternalAccountKey(t *testing.T) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
}
} else {
if assert.Nil(t, tc.err) {
assert.Equals(t, eak.ID, tc.eak.ID)
assert.Equals(t, eak.KeyBytes, tc.eak.KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, eak.Reference, tc.eak.Reference)
assert.Equals(t, eak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, eak.AccountID, tc.eak.AccountID)
assert.Equals(t, eak.BoundAt, tc.eak.BoundAt)
}
} else if assert.Nil(t, tc.err) {
assert.Equals(t, eak.ID, tc.eak.ID)
assert.Equals(t, eak.KeyBytes, tc.eak.KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, eak.Reference, tc.eak.Reference)
assert.Equals(t, eak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, eak.AccountID, tc.eak.AccountID)
assert.Equals(t, eak.BoundAt, tc.eak.BoundAt)
}
})
}
@ -1056,8 +1052,8 @@ func TestDB_GetExternalAccountKeyByReference(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if eak, err := db.GetExternalAccountKeyByReference(context.Background(), prov, tc.ref); err != nil {
d := DB{db: tc.db}
if eak, err := d.GetExternalAccountKeyByReference(context.Background(), prov, tc.ref); err != nil {
switch k := err.(type) {
case *acme.Error:
if assert.NotNil(t, tc.acmeErr) {
@ -1072,16 +1068,14 @@ func TestDB_GetExternalAccountKeyByReference(t *testing.T) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
}
} else {
if assert.Nil(t, tc.err) && tc.eak != nil {
assert.Equals(t, eak.ID, tc.eak.ID)
assert.Equals(t, eak.AccountID, tc.eak.AccountID)
assert.Equals(t, eak.BoundAt, tc.eak.BoundAt)
assert.Equals(t, eak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, eak.KeyBytes, tc.eak.KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, eak.Reference, tc.eak.Reference)
}
} else if assert.Nil(t, tc.err) && tc.eak != nil {
assert.Equals(t, eak.ID, tc.eak.ID)
assert.Equals(t, eak.AccountID, tc.eak.AccountID)
assert.Equals(t, eak.BoundAt, tc.eak.BoundAt)
assert.Equals(t, eak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, eak.KeyBytes, tc.eak.KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, eak.Reference, tc.eak.Reference)
}
})
}
@ -1208,8 +1202,8 @@ func TestDB_GetExternalAccountKeys(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if eaks, err := db.GetExternalAccountKeys(context.Background(), prov); err != nil {
d := DB{db: tc.db}
if eaks, err := d.GetExternalAccountKeys(context.Background(), prov); err != nil {
switch k := err.(type) {
case *acme.Error:
if assert.NotNil(t, tc.acmeErr) {
@ -1224,18 +1218,16 @@ func TestDB_GetExternalAccountKeys(t *testing.T) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
}
} else {
if assert.Nil(t, tc.err) {
assert.Equals(t, len(eaks), len(tc.eaks))
for i, eak := range eaks {
assert.Equals(t, eak.ID, tc.eaks[i].ID)
assert.Equals(t, eak.KeyBytes, tc.eaks[i].KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eaks[i].Provisioner)
assert.Equals(t, eak.Reference, tc.eaks[i].Reference)
assert.Equals(t, eak.CreatedAt, tc.eaks[i].CreatedAt)
assert.Equals(t, eak.AccountID, tc.eaks[i].AccountID)
assert.Equals(t, eak.BoundAt, tc.eaks[i].BoundAt)
}
} else if assert.Nil(t, tc.err) {
assert.Equals(t, len(eaks), len(tc.eaks))
for i, eak := range eaks {
assert.Equals(t, eak.ID, tc.eaks[i].ID)
assert.Equals(t, eak.KeyBytes, tc.eaks[i].KeyBytes)
assert.Equals(t, eak.Provisioner, tc.eaks[i].Provisioner)
assert.Equals(t, eak.Reference, tc.eaks[i].Reference)
assert.Equals(t, eak.CreatedAt, tc.eaks[i].CreatedAt)
assert.Equals(t, eak.AccountID, tc.eaks[i].AccountID)
assert.Equals(t, eak.BoundAt, tc.eaks[i].BoundAt)
}
}
})
@ -1440,8 +1432,8 @@ func TestDB_DeleteExternalAccountKey(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if err := db.DeleteExternalAccountKey(context.Background(), prov, keyID); err != nil {
d := DB{db: tc.db}
if err := d.DeleteExternalAccountKey(context.Background(), prov, keyID); err != nil {
switch k := err.(type) {
case *acme.Error:
if assert.NotNil(t, tc.acmeErr) {
@ -1569,22 +1561,20 @@ func TestDB_CreateExternalAccountKey(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
eak, err := db.CreateExternalAccountKey(context.Background(), prov, ref)
d := DB{db: tc.db}
eak, err := d.CreateExternalAccountKey(context.Background(), prov, ref)
if err != nil {
if assert.NotNil(t, tc.err) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
} else {
if assert.Nil(t, tc.err) {
assert.Equals(t, *tc._id, eak.ID)
assert.Equals(t, prov, eak.Provisioner)
assert.Equals(t, ref, eak.Reference)
assert.Equals(t, "", eak.AccountID)
assert.False(t, eak.CreatedAt.IsZero())
assert.False(t, eak.AlreadyBound())
assert.True(t, eak.BoundAt.IsZero())
}
} else if assert.Nil(t, tc.err) {
assert.Equals(t, *tc._id, eak.ID)
assert.Equals(t, prov, eak.Provisioner)
assert.Equals(t, ref, eak.Reference)
assert.Equals(t, "", eak.AccountID)
assert.False(t, eak.CreatedAt.IsZero())
assert.False(t, eak.AlreadyBound())
assert.True(t, eak.BoundAt.IsZero())
}
})
}
@ -1649,7 +1639,7 @@ func TestDB_UpdateExternalAccountKey(t *testing.T) {
}
},
"fail/provisioner-mismatch": func(t *testing.T) test {
dbeak := &dbExternalAccountKey{
newDBEAK := &dbExternalAccountKey{
ID: keyID,
Provisioner: "differentProvisioner",
Reference: ref,
@ -1657,7 +1647,7 @@ func TestDB_UpdateExternalAccountKey(t *testing.T) {
KeyBytes: []byte{1, 3, 3, 7},
CreatedAt: now,
}
b, err := json.Marshal(dbeak)
b, err := json.Marshal(newDBEAK)
assert.FatalError(t, err)
return test{
eak: &acme.ExternalAccountKey{
@ -1694,21 +1684,19 @@ func TestDB_UpdateExternalAccountKey(t *testing.T) {
for name, run := range tests {
tc := run(t)
t.Run(name, func(t *testing.T) {
db := DB{db: tc.db}
if err := db.UpdateExternalAccountKey(context.Background(), prov, tc.eak); err != nil {
d := DB{db: tc.db}
if err := d.UpdateExternalAccountKey(context.Background(), prov, tc.eak); err != nil {
if assert.NotNil(t, tc.err) {
assert.HasPrefix(t, err.Error(), tc.err.Error())
}
} else {
if assert.Nil(t, tc.err) {
assert.Equals(t, dbeak.ID, tc.eak.ID)
assert.Equals(t, dbeak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, dbeak.Reference, tc.eak.Reference)
assert.Equals(t, dbeak.AccountID, tc.eak.AccountID)
assert.Equals(t, dbeak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, dbeak.BoundAt, tc.eak.BoundAt)
assert.Equals(t, dbeak.KeyBytes, tc.eak.KeyBytes)
}
} else if assert.Nil(t, tc.err) {
assert.Equals(t, dbeak.ID, tc.eak.ID)
assert.Equals(t, dbeak.Provisioner, tc.eak.Provisioner)
assert.Equals(t, dbeak.Reference, tc.eak.Reference)
assert.Equals(t, dbeak.AccountID, tc.eak.AccountID)
assert.Equals(t, dbeak.CreatedAt, tc.eak.CreatedAt)
assert.Equals(t, dbeak.BoundAt, tc.eak.BoundAt)
assert.Equals(t, dbeak.KeyBytes, tc.eak.KeyBytes)
}
})
}

View file

@ -17,7 +17,9 @@ import (
type IdentifierType string
const (
IP IdentifierType = "ip"
// IP identifier type
IP IdentifierType = "ip"
// DNS identifier type
DNS IdentifierType = "dns"
)

View file

@ -33,14 +33,14 @@ type GetExternalAccountKeysResponse struct {
// before serving requests that act on ACME EAB credentials.
func (h *Handler) requireEABEnabled(next nextHTTP) nextHTTP {
return func(w http.ResponseWriter, r *http.Request) {
provisioner := chi.URLParam(r, "prov")
eabEnabled, err := h.provisionerHasEABEnabled(r.Context(), provisioner)
prov := chi.URLParam(r, "prov")
eabEnabled, err := h.provisionerHasEABEnabled(r.Context(), prov)
if err != nil {
api.WriteError(w, err)
return
}
if !eabEnabled {
api.WriteError(w, admin.NewError(admin.ErrorBadRequestType, "ACME EAB not enabled for provisioner %s", provisioner))
api.WriteError(w, admin.NewError(admin.ErrorBadRequestType, "ACME EAB not enabled for provisioner %s", prov))
return
}
next(w, r)
@ -68,12 +68,12 @@ func (h *Handler) provisionerHasEABEnabled(ctx context.Context, provisionerName
return false, admin.NewErrorISE("error getting details for provisioner with ID: %s", p.GetID())
}
acme := details.GetACME()
if acme == nil {
acmeProvisioner := details.GetACME()
if acmeProvisioner == nil {
return false, admin.NewErrorISE("error getting ACME details for provisioner with ID: %s", p.GetID())
}
return acme.GetRequireEab(), nil
return acmeProvisioner.GetRequireEab(), nil
}
// CreateExternalAccountKey creates a new External Account Binding key
@ -89,23 +89,23 @@ func (h *Handler) CreateExternalAccountKey(w http.ResponseWriter, r *http.Reques
return
}
provisioner := chi.URLParam(r, "prov")
prov := chi.URLParam(r, "prov")
reference := body.Reference
if reference != "" {
k, err := h.acmeDB.GetExternalAccountKeyByReference(r.Context(), provisioner, reference)
k, err := h.acmeDB.GetExternalAccountKeyByReference(r.Context(), prov, reference)
// retrieving an EAB key from DB results in error if it doesn't exist, which is what we're looking for
if err == nil || k != nil {
err := admin.NewError(admin.ErrorBadRequestType, "an ACME EAB key for provisioner %s with reference %s already exists", provisioner, reference)
err := admin.NewError(admin.ErrorBadRequestType, "an ACME EAB key for provisioner %s with reference %s already exists", prov, reference)
err.Status = 409
api.WriteError(w, err)
return
}
}
eak, err := h.acmeDB.CreateExternalAccountKey(r.Context(), provisioner, reference)
eak, err := h.acmeDB.CreateExternalAccountKey(r.Context(), prov, reference)
if err != nil {
api.WriteError(w, admin.WrapErrorISE(err, "error creating ACME EAB key for provisioner %s and reference %s", provisioner, reference))
api.WriteError(w, admin.WrapErrorISE(err, "error creating ACME EAB key for provisioner %s and reference %s", prov, reference))
return
}
@ -121,10 +121,10 @@ func (h *Handler) CreateExternalAccountKey(w http.ResponseWriter, r *http.Reques
// DeleteExternalAccountKey deletes an ACME External Account Key.
func (h *Handler) DeleteExternalAccountKey(w http.ResponseWriter, r *http.Request) {
provisioner := chi.URLParam(r, "prov")
prov := chi.URLParam(r, "prov")
keyID := chi.URLParam(r, "id")
if err := h.acmeDB.DeleteExternalAccountKey(r.Context(), provisioner, keyID); err != nil {
if err := h.acmeDB.DeleteExternalAccountKey(r.Context(), prov, keyID); err != nil {
api.WriteError(w, admin.WrapErrorISE(err, "error deleting ACME EAB Key %s", keyID))
return
}

View file

@ -561,7 +561,7 @@ retry:
}
// GetExternalAccountKeysPaginate returns a page from the the GET /admin/acme/eab request to the CA.
func (c *AdminClient) GetExternalAccountKeysPaginate(provisionerName string, reference string, opts ...AdminOption) (*adminAPI.GetExternalAccountKeysResponse, error) {
func (c *AdminClient) GetExternalAccountKeysPaginate(provisionerName, reference string, opts ...AdminOption) (*adminAPI.GetExternalAccountKeysResponse, error) {
var retried bool
o := new(adminOptions)
if err := o.apply(opts); err != nil {
@ -640,7 +640,7 @@ retry:
}
// RemoveExternalAccountKey performs the DELETE /admin/acme/eab/{prov}/{key_id} request to the CA.
func (c *AdminClient) RemoveExternalAccountKey(provisionerName string, keyID string) error {
func (c *AdminClient) RemoveExternalAccountKey(provisionerName, keyID string) error {
var retried bool
u := c.endpoint.ResolveReference(&url.URL{Path: path.Join(adminURLPrefix, "acme/eab", provisionerName, "/", keyID)})
tok, err := c.generateAdminToken(u.Path)
@ -668,7 +668,7 @@ retry:
}
// GetExternalAccountKeys returns all ACME EAB Keys from the GET /admin/acme/eab request to the CA.
func (c *AdminClient) GetExternalAccountKeys(provisionerName string, reference string, opts ...AdminOption) ([]*linkedca.EABKey, error) {
func (c *AdminClient) GetExternalAccountKeys(provisionerName, reference string, opts ...AdminOption) ([]*linkedca.EABKey, error) {
var (
cursor = ""
eaks = []*linkedca.EABKey{}