(ctx context.Context, clientCertFile, clientKeyFile string, tlsClientCAFile string)
| 2447 | } |
| 2448 | |
| 2449 | func ConfigureHTTPClient(ctx context.Context, clientCertFile, clientKeyFile string, tlsClientCAFile string) (context.Context, *http.Client, error) { |
| 2450 | if clientCertFile != "" && clientKeyFile != "" { |
| 2451 | certificates, err := loadCertificates([]string{clientCertFile}, []string{clientKeyFile}) |
| 2452 | if err != nil { |
| 2453 | return ctx, nil, err |
| 2454 | } |
| 2455 | |
| 2456 | tlsClientConfig := &tls.Config{ |
| 2457 | MinVersion: tls.VersionTLS12, |
| 2458 | Certificates: certificates, |
| 2459 | NextProtos: []string{"h2", "http/1.1"}, |
| 2460 | } |
| 2461 | err = configureCAPool(tlsClientCAFile, tlsClientConfig) |
| 2462 | if err != nil { |
| 2463 | return nil, nil, err |
| 2464 | } |
| 2465 | |
| 2466 | httpClient := &http.Client{ |
| 2467 | Transport: &http.Transport{ |
| 2468 | TLSClientConfig: tlsClientConfig, |
| 2469 | }, |
| 2470 | } |
| 2471 | return context.WithValue(ctx, oauth2.HTTPClient, httpClient), httpClient, nil |
| 2472 | } |
| 2473 | return ctx, &http.Client{}, nil |
| 2474 | } |
| 2475 | |
| 2476 | // nolint:revive |
| 2477 | func redirectToAccessURL(handler http.Handler, accessURL *url.URL, tunnel bool, appHostnameRegex *regexp.Regexp) http.Handler { |
no test coverage detected