{"id":15704060,"url":"https://github.com/vkuznet/x509proxy","last_synced_at":"2025-05-12T15:26:16.657Z","repository":{"id":136818599,"uuid":"53734052","full_name":"vkuznet/x509proxy","owner":"vkuznet","description":"Library to handle X509 proxy certificates","archived":false,"fork":false,"pushed_at":"2025-01-19T19:03:35.000Z","size":16,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-20T13:37:19.486Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vkuznet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-03-12T13:51:38.000Z","updated_at":"2025-01-19T19:03:37.000Z","dependencies_parsed_at":null,"dependency_job_id":"88744c09-383f-4a37-9f83-331ef5ff425d","html_url":"https://github.com/vkuznet/x509proxy","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vkuznet%2Fx509proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vkuznet%2Fx509proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vkuznet%2Fx509proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vkuznet%2Fx509proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vkuznet","download_url":"https://codeload.github.com/vkuznet/x509proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253764747,"owners_count":21960624,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-03T20:10:10.772Z","updated_at":"2025-05-12T15:26:16.634Z","avatar_url":"https://github.com/vkuznet.png","language":"Go","readme":"# x509proxy\n\n[![Go CI build](https://github.com/dmwm/auth-proxy-server/actions/workflows/go-ci.yml/badge.svg)](https://github.com/dmwm/auth-proxy-server/actions/workflows/go-ci.yml)\n[![GoDoc](https://godoc.org/github.com/vkuznet/x509proxy?status.svg)](https://godoc.org/github.com/vkuznet/x509proxy)\n[![Go Report Card](https://goreportcard.com/badge/github.com/vkuznet/x509proxy)](https://goreportcard.com/report/github.com/vkuznet/x509proxy)\n[![Coverage Status](https://coveralls.io/repos/github/vkuznet/x509proxy/badge.svg)](https://coveralls.io/github/vkuznet/x509proxy)\n[![DOI](https://zenodo.org/badge/53734052.svg)](https://zenodo.org/badge/latestdoi/53734052)\n\nPackage to handle X509 proxy certificates.\n\n### Example\n\n```go\nimport (\n\t\"crypto/tls\"\n\t\"io/ioutil\"\n\t\"log\"\n\t\"net/http\"\n    \"github.com/vkuznet/x509proxy\"\n    \"os\"\n)\n\n// load X509 certificates\nfunc Certs() (tls_certs []tls.Certificate) {\n\tuproxy := os.Getenv(\"X509_USER_PROXY\")\n\tuckey := os.Getenv(\"X509_USER_KEY\")\n\tucert := os.Getenv(\"X509_USER_CERT\")\n\tlog.Println(\"X509_USER_PROXY\", uproxy)\n\tlog.Println(\"X509_USER_KEY\", uckey)\n\tlog.Println(\"X509_USER_CERT\", ucert)\n\tif len(uproxy) \u003e 0 {\n\t\t// use local implementation of LoadX409KeyPair instead of tls one\n\t\tx509cert, err := x509proxy.LoadX509Proxy(uproxy)\n\t\tif err != nil {\n\t\t\tlog.Println(\"Fail to parser proxy X509 certificate\", err)\n\t\t\treturn\n\t\t}\n\t\ttls_certs = []tls.Certificate{x509cert}\n\t} else if len(uckey) \u003e 0 {\n\t\tx509cert, err := tls.LoadX509KeyPair(ucert, uckey)\n\t\tif err != nil {\n\t\t\tlog.Println(\"Fail to parser user X509 certificate\", err)\n\t\t\treturn\n\t\t}\n\t\ttls_certs = []tls.Certificate{x509cert}\n\t} else {\n\t\treturn\n\t}\n\treturn\n}\n\n// HTTP client\nfunc HttpClient() (client *http.Client) {\n\t// create HTTP client\n\tcerts := Certs()\n\tlog.Println(\"Number of certificates\", len(certs))\n\tif len(certs) == 0 {\n\t\tclient = \u0026http.Client{}\n\t\treturn\n\t}\n\ttr := \u0026http.Transport{\n\t\tTLSClientConfig: \u0026tls.Config{Certificates: certs,\n\t\t\tInsecureSkipVerify: true},\n\t}\n\tlog.Println(\"Create TLSClientConfig\")\n\tclient = \u0026http.Client{Transport: tr}\n\treturn\n}\n\n// create global HTTP client and re-use it through the code\nvar client = HttpClient()\n\n// now you http client is ready to use X509 proxy\n```\n","funding_links":[],"categories":["Authentication and Authorization"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvkuznet%2Fx509proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvkuznet%2Fx509proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvkuznet%2Fx509proxy/lists"}