diff --git a/acme/writer.go b/acme/writer.go index 65e5ce3..abc72e6 100644 --- a/acme/writer.go +++ b/acme/writer.go @@ -82,7 +82,11 @@ func (c *acmeWriter) OnStartup() error { authKey, found := os.LookupEnv(authEnvVar) if found { c.forgeAuthKey = authKey + } else { + // TODO: Remove when ready for rollout + return fmt.Errorf("environment variable %s not found", authEnvVar) } + c.ln = ln c.mux = mux.NewRouter() diff --git a/e2e_test.go b/e2e_test.go index 0a4dc76..a9d6804 100644 --- a/e2e_test.go +++ b/e2e_test.go @@ -53,6 +53,10 @@ import ( const forge = "libp2p.direct" const forgeRegistration = "registration.libp2p.direct" +const authEnvVar = "FORGE_ACCESS_TOKEN" +const authToken = "testToken" +const authForgeHeader = "Forge-Authorization" + var dnsServerAddress string var httpPort int @@ -63,6 +67,11 @@ func TestMain(m *testing.M) { os.Exit(1) } + if err := os.Setenv(authEnvVar, authToken); err != nil { + fmt.Println(err.Error()) + os.Exit(1) + } + defer os.RemoveAll(tmpDir) tmpListener, err := net.Listen("tcp", ":0") @@ -138,6 +147,7 @@ func TestSetACMEChallenge(t *testing.T) { t.Fatal(err) } req.Host = forgeRegistration + req.Header.Set(authForgeHeader, authToken) peerHTTPClient := &httppeeridauth.ClientPeerIDAuth{PrivKey: sk} _, resp, err := peerHTTPClient.AuthenticatedDo(http.DefaultClient, req) @@ -425,6 +435,7 @@ func TestLibp2pACMEE2E(t *testing.T) { client.WithForgeDomain(forge), client.WithForgeRegistrationEndpoint(fmt.Sprintf("http://127.0.0.1:%d", httpPort)), client.WithCAEndpoint(acmeEndpoint), client.WithTrustedRoots(cas), client.WithModifiedForgeRequest(func(req *http.Request) error { req.Host = forgeRegistration + req.Header.Set(authForgeHeader, authToken) return nil }), client.WithAllowPrivateForgeAddrs(),