controller.go in planetscale-0.3.1 vs controller.go in planetscale-0.3.3

- old
+ new

@@ -4,30 +4,33 @@
 	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/tls"
-	"crypto/x509"
-	"encoding/pem"
 	"errors"
 	"fmt"
 	"io"
 	"net/http"
 	"os"
 	"strconv"
 	"time"
 
 	_ "net/http/pprof"
 
+	nanoid "github.com/matoous/go-nanoid/v2"
+
 	"github.com/armon/circbuf"
 	"github.com/gorilla/mux"
 	"github.com/planetscale/planetscale-go/planetscale"
 	"github.com/planetscale/sql-proxy/proxy"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 )
 
+const publicIdAlphabet = "0123456789abcdefghijklmnopqrstuvwxyz"
+const publicIdLength = 6
+
 type controller struct {
 	localAddr string
 
 	org, db, branch string
 
@@ -178,58 +181,58 @@
 	pkey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	if err != nil {
 		return nil, fmt.Errorf("couldn't generate private key: %s", err)
 	}
 
-	cert, err := r.client.Certificates.Create(ctx, &planetscale.CreateCertificateRequest{
+	request := &planetscale.DatabaseBranchCertificateRequest{
 		Organization: org,
-		DatabaseName: db,
+		Database:     db,
 		Branch:       branch,
 		PrivateKey:   pkey,
-	})
+		DisplayName:  fmt.Sprintf("planetscale-ruby-%s-%s", time.Now().Format("2006-01-02"), nanoid.MustGenerate(publicIdAlphabet, publicIdLength)),
+	}
+
+	cert, err := r.client.Certificates.Create(ctx, request)
 	if err != nil {
 		return nil, err
 	}
 
+	tlsPair, err := cert.X509KeyPair(request)
+	if err != nil {
+		return nil, err
+	}
+
 	return &proxy.Cert{
-		ClientCert: cert.ClientCert,
-		CACerts:    cert.CACerts,
-		RemoteAddr: cert.RemoteAddr,
+		ClientCert: tlsPair,
+		AccessHost: cert.Branch.AccessHostURL,
 		Ports: proxy.RemotePorts{
-			Proxy: cert.Ports.Proxy,
+			Proxy: 3307,
 		},
 	}, nil
 }
 
 type localCertSource struct {
 	privKey     string
 	certificate string
-	certChain   string
 	remoteAddr  string
 	port        string
 }
 
 func (l *localCertSource) Cert(ctx context.Context, org, db, branch string) (*proxy.Cert, error) {
 	clientCert, err := tls.X509KeyPair([]byte(l.certificate), []byte(l.privKey))
 	if err != nil {
 		return nil, err
 	}
 
-	caCert, err := parseCerts(l.certChain)
-	if err != nil {
-		return nil, err
-	}
-
 	port, err := strconv.Atoi(l.port)
 	if err != nil {
 		return nil, err
 	}
 
 	return &proxy.Cert{
 		ClientCert: clientCert,
-		CACerts:    caCert,
-		RemoteAddr: l.remoteAddr,
+		AccessHost: l.remoteAddr,
 		Ports: proxy.RemotePorts{
 			Proxy: port,
 		},
 	}, nil
 }
@@ -245,24 +248,6 @@
 		}
 		return http.HandlerFunc(fn)
 	}
 }
 
-func parseCerts(pemCert string) ([]*x509.Certificate, error) {
-	perCertBlock := []byte(pemCert)
-	var certs []*x509.Certificate
-
-	for {
-		var certBlock *pem.Block
-		certBlock, perCertBlock = pem.Decode(perCertBlock)
-		if certBlock == nil {
-			break
-		}
-		cert, err := x509.ParseCertificate(certBlock.Bytes)
-		if err != nil {
-			return nil, err
-		}
-
-		certs = append(certs, cert)
-	}
-	return certs, nil
-}
+func main() {}