1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package acmpca 4 5import ( 6 "context" 7 "errors" 8 "fmt" 9 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 10 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 11 "github.com/aws/aws-sdk-go-v2/service/acmpca/types" 12 "github.com/aws/smithy-go/middleware" 13 smithytime "github.com/aws/smithy-go/time" 14 smithyhttp "github.com/aws/smithy-go/transport/http" 15 smithywaiter "github.com/aws/smithy-go/waiter" 16 "time" 17) 18 19// Retrieves the certificate signing request (CSR) for your private certificate 20// authority (CA). The CSR is created when you call the CreateCertificateAuthority 21// (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html) 22// action. Sign the CSR with your ACM Private CA-hosted or on-premises root or 23// subordinate CA. Then import the signed certificate back into ACM Private CA by 24// calling the ImportCertificateAuthorityCertificate 25// (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html) 26// action. The CSR is returned as a base64 PEM-encoded string. 27func (c *Client) GetCertificateAuthorityCsr(ctx context.Context, params *GetCertificateAuthorityCsrInput, optFns ...func(*Options)) (*GetCertificateAuthorityCsrOutput, error) { 28 if params == nil { 29 params = &GetCertificateAuthorityCsrInput{} 30 } 31 32 result, metadata, err := c.invokeOperation(ctx, "GetCertificateAuthorityCsr", params, optFns, c.addOperationGetCertificateAuthorityCsrMiddlewares) 33 if err != nil { 34 return nil, err 35 } 36 37 out := result.(*GetCertificateAuthorityCsrOutput) 38 out.ResultMetadata = metadata 39 return out, nil 40} 41 42type GetCertificateAuthorityCsrInput struct { 43 44 // The Amazon Resource Name (ARN) that was returned when you called the 45 // CreateCertificateAuthority 46 // (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html) 47 // action. This must be of the form: 48 // arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 49 // 50 // This member is required. 51 CertificateAuthorityArn *string 52 53 noSmithyDocumentSerde 54} 55 56type GetCertificateAuthorityCsrOutput struct { 57 58 // The base64 PEM-encoded certificate signing request (CSR) for your private CA 59 // certificate. 60 Csr *string 61 62 // Metadata pertaining to the operation's result. 63 ResultMetadata middleware.Metadata 64 65 noSmithyDocumentSerde 66} 67 68func (c *Client) addOperationGetCertificateAuthorityCsrMiddlewares(stack *middleware.Stack, options Options) (err error) { 69 err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetCertificateAuthorityCsr{}, middleware.After) 70 if err != nil { 71 return err 72 } 73 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetCertificateAuthorityCsr{}, middleware.After) 74 if err != nil { 75 return err 76 } 77 if err = addSetLoggerMiddleware(stack, options); err != nil { 78 return err 79 } 80 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 81 return err 82 } 83 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 84 return err 85 } 86 if err = addResolveEndpointMiddleware(stack, options); err != nil { 87 return err 88 } 89 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 90 return err 91 } 92 if err = addRetryMiddlewares(stack, options); err != nil { 93 return err 94 } 95 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 96 return err 97 } 98 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 99 return err 100 } 101 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 102 return err 103 } 104 if err = addClientUserAgent(stack); err != nil { 105 return err 106 } 107 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 108 return err 109 } 110 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 111 return err 112 } 113 if err = addOpGetCertificateAuthorityCsrValidationMiddleware(stack); err != nil { 114 return err 115 } 116 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCertificateAuthorityCsr(options.Region), middleware.Before); err != nil { 117 return err 118 } 119 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 120 return err 121 } 122 if err = addResponseErrorMiddleware(stack); err != nil { 123 return err 124 } 125 if err = addRequestResponseLogging(stack, options); err != nil { 126 return err 127 } 128 return nil 129} 130 131// GetCertificateAuthorityCsrAPIClient is a client that implements the 132// GetCertificateAuthorityCsr operation. 133type GetCertificateAuthorityCsrAPIClient interface { 134 GetCertificateAuthorityCsr(context.Context, *GetCertificateAuthorityCsrInput, ...func(*Options)) (*GetCertificateAuthorityCsrOutput, error) 135} 136 137var _ GetCertificateAuthorityCsrAPIClient = (*Client)(nil) 138 139// CertificateAuthorityCSRCreatedWaiterOptions are waiter options for 140// CertificateAuthorityCSRCreatedWaiter 141type CertificateAuthorityCSRCreatedWaiterOptions struct { 142 143 // Set of options to modify how an operation is invoked. These apply to all 144 // operations invoked for this client. Use functional options on operation call to 145 // modify this list for per operation behavior. 146 APIOptions []func(*middleware.Stack) error 147 148 // MinDelay is the minimum amount of time to delay between retries. If unset, 149 // CertificateAuthorityCSRCreatedWaiter will use default minimum delay of 3 150 // seconds. Note that MinDelay must resolve to a value lesser than or equal to the 151 // MaxDelay. 152 MinDelay time.Duration 153 154 // MaxDelay is the maximum amount of time to delay between retries. If unset or set 155 // to zero, CertificateAuthorityCSRCreatedWaiter will use default max delay of 120 156 // seconds. Note that MaxDelay must resolve to value greater than or equal to the 157 // MinDelay. 158 MaxDelay time.Duration 159 160 // LogWaitAttempts is used to enable logging for waiter retry attempts 161 LogWaitAttempts bool 162 163 // Retryable is function that can be used to override the service defined 164 // waiter-behavior based on operation output, or returned error. This function is 165 // used by the waiter to decide if a state is retryable or a terminal state. By 166 // default service-modeled logic will populate this option. This option can thus be 167 // used to define a custom waiter state with fall-back to service-modeled waiter 168 // state mutators.The function returns an error in case of a failure state. In case 169 // of retry state, this function returns a bool value of true and nil error, while 170 // in case of success it returns a bool value of false and nil error. 171 Retryable func(context.Context, *GetCertificateAuthorityCsrInput, *GetCertificateAuthorityCsrOutput, error) (bool, error) 172} 173 174// CertificateAuthorityCSRCreatedWaiter defines the waiters for 175// CertificateAuthorityCSRCreated 176type CertificateAuthorityCSRCreatedWaiter struct { 177 client GetCertificateAuthorityCsrAPIClient 178 179 options CertificateAuthorityCSRCreatedWaiterOptions 180} 181 182// NewCertificateAuthorityCSRCreatedWaiter constructs a 183// CertificateAuthorityCSRCreatedWaiter. 184func NewCertificateAuthorityCSRCreatedWaiter(client GetCertificateAuthorityCsrAPIClient, optFns ...func(*CertificateAuthorityCSRCreatedWaiterOptions)) *CertificateAuthorityCSRCreatedWaiter { 185 options := CertificateAuthorityCSRCreatedWaiterOptions{} 186 options.MinDelay = 3 * time.Second 187 options.MaxDelay = 120 * time.Second 188 options.Retryable = certificateAuthorityCSRCreatedStateRetryable 189 190 for _, fn := range optFns { 191 fn(&options) 192 } 193 return &CertificateAuthorityCSRCreatedWaiter{ 194 client: client, 195 options: options, 196 } 197} 198 199// Wait calls the waiter function for CertificateAuthorityCSRCreated waiter. The 200// maxWaitDur is the maximum wait duration the waiter will wait. The maxWaitDur is 201// required and must be greater than zero. 202func (w *CertificateAuthorityCSRCreatedWaiter) Wait(ctx context.Context, params *GetCertificateAuthorityCsrInput, maxWaitDur time.Duration, optFns ...func(*CertificateAuthorityCSRCreatedWaiterOptions)) error { 203 if maxWaitDur <= 0 { 204 return fmt.Errorf("maximum wait time for waiter must be greater than zero") 205 } 206 207 options := w.options 208 for _, fn := range optFns { 209 fn(&options) 210 } 211 212 if options.MaxDelay <= 0 { 213 options.MaxDelay = 120 * time.Second 214 } 215 216 if options.MinDelay > options.MaxDelay { 217 return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) 218 } 219 220 ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) 221 defer cancelFn() 222 223 logger := smithywaiter.Logger{} 224 remainingTime := maxWaitDur 225 226 var attempt int64 227 for { 228 229 attempt++ 230 apiOptions := options.APIOptions 231 start := time.Now() 232 233 if options.LogWaitAttempts { 234 logger.Attempt = attempt 235 apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) 236 apiOptions = append(apiOptions, logger.AddLogger) 237 } 238 239 out, err := w.client.GetCertificateAuthorityCsr(ctx, params, func(o *Options) { 240 o.APIOptions = append(o.APIOptions, apiOptions...) 241 }) 242 243 retryable, err := options.Retryable(ctx, params, out, err) 244 if err != nil { 245 return err 246 } 247 if !retryable { 248 return nil 249 } 250 251 remainingTime -= time.Since(start) 252 if remainingTime < options.MinDelay || remainingTime <= 0 { 253 break 254 } 255 256 // compute exponential backoff between waiter retries 257 delay, err := smithywaiter.ComputeDelay( 258 attempt, options.MinDelay, options.MaxDelay, remainingTime, 259 ) 260 if err != nil { 261 return fmt.Errorf("error computing waiter delay, %w", err) 262 } 263 264 remainingTime -= delay 265 // sleep for the delay amount before invoking a request 266 if err := smithytime.SleepWithContext(ctx, delay); err != nil { 267 return fmt.Errorf("request cancelled while waiting, %w", err) 268 } 269 } 270 return fmt.Errorf("exceeded max wait time for CertificateAuthorityCSRCreated waiter") 271} 272 273func certificateAuthorityCSRCreatedStateRetryable(ctx context.Context, input *GetCertificateAuthorityCsrInput, output *GetCertificateAuthorityCsrOutput, err error) (bool, error) { 274 275 if err == nil { 276 return false, nil 277 } 278 279 if err != nil { 280 var errorType *types.RequestInProgressException 281 if errors.As(err, &errorType) { 282 return true, nil 283 } 284 } 285 286 return true, nil 287} 288 289func newServiceMetadataMiddleware_opGetCertificateAuthorityCsr(region string) *awsmiddleware.RegisterServiceMetadata { 290 return &awsmiddleware.RegisterServiceMetadata{ 291 Region: region, 292 ServiceID: ServiceID, 293 SigningName: "acm-pca", 294 OperationName: "GetCertificateAuthorityCsr", 295 } 296} 297