Improve the parsing of the Google RSA key

If the key comes from the config file it should be fine as is. Otherwise we replace spaces with newlines and add back the BEGIN and END RSA blocks. This adds a unit test for this.
crewjam · May 15, 2015 · 3a82aa7 · 3a82aa7
1 parent 79ce36c
commit 3a82aa7
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 7 deletions.
diff --git a/google_group.go b/google_group.go
@@ -23,19 +23,30 @@ type Group struct {
 	Name string `json:"name"`
 }
 
-var googleServiceEmail = config.String("google-service-email", "")
+const rsaKeyPrefix = "-----BEGIN RSA PRIVATE KEY-----"
 
-var googleServicePrivateKey = config.String("google-service-private-key", "")
+func formatRsaKey(key string) string {
+	// If this came from the config file it should be formatted right
+	if !strings.HasPrefix(key, rsaKeyPrefix) {
+		// Replace spaces in the key with newlines. This makes it
+		// easier to pass the key in an environment variable
+		key = strings.Replace(key, " ", "\n", -1)
+		key = fmt.Sprintf("%s\n%s\n-----END RSA PRIVATE KEY-----", rsaKeyPrefix, key)
+	}
+
+	return key
+}
 
-var googleServiceUser = config.String("google-service-user", "")
+var (
+	googleServiceEmail      = config.String("google-service-email", "")
+	googleServicePrivateKey = config.String("google-service-private-key", "")
+	googleServiceUser       = config.String("google-service-user", "")
+)
 
 // InitializeGoogleGroup checks that our Google service account is able to fetch
 // group membership for a user (It users the `google-service-user` to test).
 func InitializeGoogleGroup() error {
-	// replace spaces in googleServicePrivateKey with newlines. This makes it
-	// easier to pass the key in an environment variable
-	*googleServicePrivateKey = strings.Replace(*googleServicePrivateKey, " ", "", -1)
-	*googleServicePrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n" + *googleServicePrivateKey + "\n-----END RSA PRIVATE KEY-----"
+	*googleServicePrivateKey = formatRsaKey(*googleServicePrivateKey)
 
 	groups, err := GetUserGroups(*googleServiceUser)
 	if err != nil {

diff --git a/google_group_test.go b/google_group_test.go
@@ -0,0 +1,24 @@
+package awsconsoleauth
+
+import (
+	"testing"
+)
+
+func TestFormatRsaKey(t *testing.T) {
+	expected := `-----BEGIN RSA PRIVATE KEY-----
+FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456
+FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456
+FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456
+-----END RSA PRIVATE KEY-----`
+
+	actual := formatRsaKey(expected)
+	if actual != expected {
+		t.Errorf("Normal: expected %q, got %q", expected, actual)
+	}
+
+	compact := "FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456 FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456 FAKEFAKEABCDEF12345678FAKEFAKEABCDEF12345678FAKEFAKEABCDEF123456"
+	actual = formatRsaKey(compact)
+	if actual != expected {
+		t.Errorf("Compact: expected %q, got %q", expected, actual)
+	}
+}