fixed https connection validation

pip-services3-go · Jan 12, 2023 · 87449d4 · 87449d4
1 parent 2ba2775
commit 87449d4
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # <img src="https://uploads-ssl.webflow.com/5ea5d3315186cf5ec60c3ee4/5edf1c94ce4c859f2b188094_logo.svg" alt="Pip.Services Logo" width="200"> <br/> Remote Procedure Calls for Pip.Services in Go Changelog
 
+## <a name="1.5.2"></a> 1.5.2 (2023-01-12)
+### Bug fixing
+- Fixed https connection validation
+
 ## <a name="1.5.1"></a> 1.5.1 (2023-01-12)
 ### Features
 - Update dependencies

diff --git a/component.json b/component.json
@@ -2,7 +2,7 @@
     "name":  "pip-services3-rpc-go",
     "type": "module",
     "language": "go",
-    "version": "1.5.1",
+    "version": "1.5.2",
     "build": 0,
     "registry": "pipservices",
     "artifacts": [

diff --git a/connect/HttpConnectionResolver.go b/connect/HttpConnectionResolver.go
@@ -22,7 +22,7 @@ Configuration parameters:
   - connection:
     - discovery_key:               (optional) a key to retrieve the connection from IDiscovery
     - ...                          other connection parameters
-  
+
   - connections:                   alternative to connection
     - [connection params 1]:       first connection parameters
     -  ...
@@ -102,16 +102,21 @@ func (c *HttpConnectionResolver) validateConnection(correlationId string, connec
 	}
 	// Check HTTPS credentials
 	if protocol == "https" {
-		// Check for credential
-		if credential == nil {
-			return cerr.NewConfigError(correlationId, "NO_CREDENTIAL", "SSL certificates are not configured for HTTPS protocol")
-		} else {
-			if credential.GetAsNullableString("ssl_key_file") == nil {
-				return cerr.NewConfigError(
-					correlationId, "NO_SSL_KEY_FILE", "SSL key file is not configured in credentials")
-			} else if credential.GetAsNullableString("ssl_crt_file") == nil {
-				return cerr.NewConfigError(
-					correlationId, "NO_SSL_CRT_FILE", "SSL crt file is not configured in credentials")
+		// Sometimes when we use https we are on an internal network and do not want to have to deal with security.
+		// When we need a https connection and we don't want to pass credentials, flag is 'credential.internal_network',
+		// this flag just has to be present and non null for this functionality to work.
+		if val := credential.GetAsNullableString("internal_network"); val == nil || *val == "" {
+			// Check for credential
+			if credential == nil {
+				return cerr.NewConfigError(correlationId, "NO_CREDENTIAL", "SSL certificates are not configured for HTTPS protocol")
+			} else {
+				if credential.GetAsNullableString("ssl_key_file") == nil {
+					return cerr.NewConfigError(
+						correlationId, "NO_SSL_KEY_FILE", "SSL key file is not configured in credentials")
+				} else if credential.GetAsNullableString("ssl_crt_file") == nil {
+					return cerr.NewConfigError(
+						correlationId, "NO_SSL_CRT_FILE", "SSL crt file is not configured in credentials")
+				}
 			}
 		}
 	}