1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package acmpca 4 5import ( 6 "context" 7 "errors" 8 "fmt" 9 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 10 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 11 "github.com/aws/aws-sdk-go-v2/service/acmpca/types" 12 "github.com/aws/smithy-go/middleware" 13 smithytime "github.com/aws/smithy-go/time" 14 smithyhttp "github.com/aws/smithy-go/transport/http" 15 smithywaiter "github.com/aws/smithy-go/waiter" 16 "time" 17) 18 19// Retrieves the certificate signing request (CSR) for your private certificate 20// authority (CA). The CSR is created when you call the CreateCertificateAuthority 21// (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html) 22// action. Sign the CSR with your ACM Private CA-hosted or on-premises root or 23// subordinate CA. Then import the signed certificate back into ACM Private CA by 24// calling the ImportCertificateAuthorityCertificate 25// (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html) 26// action. The CSR is returned as a base64 PEM-encoded string. 27func (c *Client) GetCertificateAuthorityCsr(ctx context.Context, params *GetCertificateAuthorityCsrInput, optFns ...func(*Options)) (*GetCertificateAuthorityCsrOutput, error) { 28 if params == nil { 29 params = &GetCertificateAuthorityCsrInput{} 30 } 31 32 result, metadata, err := c.invokeOperation(ctx, "GetCertificateAuthorityCsr", params, optFns, addOperationGetCertificateAuthorityCsrMiddlewares) 33 if err != nil { 34 return nil, err 35 } 36 37 out := result.(*GetCertificateAuthorityCsrOutput) 38 out.ResultMetadata = metadata 39 return out, nil 40} 41 42type GetCertificateAuthorityCsrInput struct { 43 44 // The Amazon Resource Name (ARN) that was returned when you called the 45 // CreateCertificateAuthority 46 // (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html) 47 // action. This must be of the form: 48 // arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 49 // 50 // This member is required. 51 CertificateAuthorityArn *string 52} 53 54type GetCertificateAuthorityCsrOutput struct { 55 56 // The base64 PEM-encoded certificate signing request (CSR) for your private CA 57 // certificate. 58 Csr *string 59 60 // Metadata pertaining to the operation's result. 61 ResultMetadata middleware.Metadata 62} 63 64func addOperationGetCertificateAuthorityCsrMiddlewares(stack *middleware.Stack, options Options) (err error) { 65 err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetCertificateAuthorityCsr{}, middleware.After) 66 if err != nil { 67 return err 68 } 69 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetCertificateAuthorityCsr{}, middleware.After) 70 if err != nil { 71 return err 72 } 73 if err = addSetLoggerMiddleware(stack, options); err != nil { 74 return err 75 } 76 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 77 return err 78 } 79 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 80 return err 81 } 82 if err = addResolveEndpointMiddleware(stack, options); err != nil { 83 return err 84 } 85 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 86 return err 87 } 88 if err = addRetryMiddlewares(stack, options); err != nil { 89 return err 90 } 91 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 92 return err 93 } 94 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 95 return err 96 } 97 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 98 return err 99 } 100 if err = addClientUserAgent(stack); err != nil { 101 return err 102 } 103 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 104 return err 105 } 106 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 107 return err 108 } 109 if err = addOpGetCertificateAuthorityCsrValidationMiddleware(stack); err != nil { 110 return err 111 } 112 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCertificateAuthorityCsr(options.Region), middleware.Before); err != nil { 113 return err 114 } 115 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 116 return err 117 } 118 if err = addResponseErrorMiddleware(stack); err != nil { 119 return err 120 } 121 if err = addRequestResponseLogging(stack, options); err != nil { 122 return err 123 } 124 return nil 125} 126 127// GetCertificateAuthorityCsrAPIClient is a client that implements the 128// GetCertificateAuthorityCsr operation. 129type GetCertificateAuthorityCsrAPIClient interface { 130 GetCertificateAuthorityCsr(context.Context, *GetCertificateAuthorityCsrInput, ...func(*Options)) (*GetCertificateAuthorityCsrOutput, error) 131} 132 133var _ GetCertificateAuthorityCsrAPIClient = (*Client)(nil) 134 135// CertificateAuthorityCSRCreatedWaiterOptions are waiter options for 136// CertificateAuthorityCSRCreatedWaiter 137type CertificateAuthorityCSRCreatedWaiterOptions struct { 138 139 // Set of options to modify how an operation is invoked. These apply to all 140 // operations invoked for this client. Use functional options on operation call to 141 // modify this list for per operation behavior. 142 APIOptions []func(*middleware.Stack) error 143 144 // MinDelay is the minimum amount of time to delay between retries. If unset, 145 // CertificateAuthorityCSRCreatedWaiter will use default minimum delay of 3 146 // seconds. Note that MinDelay must resolve to a value lesser than or equal to the 147 // MaxDelay. 148 MinDelay time.Duration 149 150 // MaxDelay is the maximum amount of time to delay between retries. If unset or set 151 // to zero, CertificateAuthorityCSRCreatedWaiter will use default max delay of 120 152 // seconds. Note that MaxDelay must resolve to value greater than or equal to the 153 // MinDelay. 154 MaxDelay time.Duration 155 156 // LogWaitAttempts is used to enable logging for waiter retry attempts 157 LogWaitAttempts bool 158 159 // Retryable is function that can be used to override the service defined 160 // waiter-behavior based on operation output, or returned error. This function is 161 // used by the waiter to decide if a state is retryable or a terminal state. By 162 // default service-modeled logic will populate this option. This option can thus be 163 // used to define a custom waiter state with fall-back to service-modeled waiter 164 // state mutators.The function returns an error in case of a failure state. In case 165 // of retry state, this function returns a bool value of true and nil error, while 166 // in case of success it returns a bool value of false and nil error. 167 Retryable func(context.Context, *GetCertificateAuthorityCsrInput, *GetCertificateAuthorityCsrOutput, error) (bool, error) 168} 169 170// CertificateAuthorityCSRCreatedWaiter defines the waiters for 171// CertificateAuthorityCSRCreated 172type CertificateAuthorityCSRCreatedWaiter struct { 173 client GetCertificateAuthorityCsrAPIClient 174 175 options CertificateAuthorityCSRCreatedWaiterOptions 176} 177 178// NewCertificateAuthorityCSRCreatedWaiter constructs a 179// CertificateAuthorityCSRCreatedWaiter. 180func NewCertificateAuthorityCSRCreatedWaiter(client GetCertificateAuthorityCsrAPIClient, optFns ...func(*CertificateAuthorityCSRCreatedWaiterOptions)) *CertificateAuthorityCSRCreatedWaiter { 181 options := CertificateAuthorityCSRCreatedWaiterOptions{} 182 options.MinDelay = 3 * time.Second 183 options.MaxDelay = 120 * time.Second 184 options.Retryable = certificateAuthorityCSRCreatedStateRetryable 185 186 for _, fn := range optFns { 187 fn(&options) 188 } 189 return &CertificateAuthorityCSRCreatedWaiter{ 190 client: client, 191 options: options, 192 } 193} 194 195// Wait calls the waiter function for CertificateAuthorityCSRCreated waiter. The 196// maxWaitDur is the maximum wait duration the waiter will wait. The maxWaitDur is 197// required and must be greater than zero. 198func (w *CertificateAuthorityCSRCreatedWaiter) Wait(ctx context.Context, params *GetCertificateAuthorityCsrInput, maxWaitDur time.Duration, optFns ...func(*CertificateAuthorityCSRCreatedWaiterOptions)) error { 199 if maxWaitDur <= 0 { 200 return fmt.Errorf("maximum wait time for waiter must be greater than zero") 201 } 202 203 options := w.options 204 for _, fn := range optFns { 205 fn(&options) 206 } 207 208 if options.MaxDelay <= 0 { 209 options.MaxDelay = 120 * time.Second 210 } 211 212 if options.MinDelay > options.MaxDelay { 213 return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) 214 } 215 216 ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) 217 defer cancelFn() 218 219 logger := smithywaiter.Logger{} 220 remainingTime := maxWaitDur 221 222 var attempt int64 223 for { 224 225 attempt++ 226 apiOptions := options.APIOptions 227 start := time.Now() 228 229 if options.LogWaitAttempts { 230 logger.Attempt = attempt 231 apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) 232 apiOptions = append(apiOptions, logger.AddLogger) 233 } 234 235 out, err := w.client.GetCertificateAuthorityCsr(ctx, params, func(o *Options) { 236 o.APIOptions = append(o.APIOptions, apiOptions...) 237 }) 238 239 retryable, err := options.Retryable(ctx, params, out, err) 240 if err != nil { 241 return err 242 } 243 if !retryable { 244 return nil 245 } 246 247 remainingTime -= time.Since(start) 248 if remainingTime < options.MinDelay || remainingTime <= 0 { 249 break 250 } 251 252 // compute exponential backoff between waiter retries 253 delay, err := smithywaiter.ComputeDelay( 254 attempt, options.MinDelay, options.MaxDelay, remainingTime, 255 ) 256 if err != nil { 257 return fmt.Errorf("error computing waiter delay, %w", err) 258 } 259 260 remainingTime -= delay 261 // sleep for the delay amount before invoking a request 262 if err := smithytime.SleepWithContext(ctx, delay); err != nil { 263 return fmt.Errorf("request cancelled while waiting, %w", err) 264 } 265 } 266 return fmt.Errorf("exceeded max wait time for CertificateAuthorityCSRCreated waiter") 267} 268 269func certificateAuthorityCSRCreatedStateRetryable(ctx context.Context, input *GetCertificateAuthorityCsrInput, output *GetCertificateAuthorityCsrOutput, err error) (bool, error) { 270 271 if err == nil { 272 return false, nil 273 } 274 275 if err != nil { 276 var errorType *types.RequestInProgressException 277 if errors.As(err, &errorType) { 278 return true, nil 279 } 280 } 281 282 return true, nil 283} 284 285func newServiceMetadataMiddleware_opGetCertificateAuthorityCsr(region string) *awsmiddleware.RegisterServiceMetadata { 286 return &awsmiddleware.RegisterServiceMetadata{ 287 Region: region, 288 ServiceID: ServiceID, 289 SigningName: "acm-pca", 290 OperationName: "GetCertificateAuthorityCsr", 291 } 292} 293