Updating API usage of IPsec tunnels

Signed-off-by: Amos Paul <amos@cloudflare.com>
cloudflare · May 26, 2022 · 979dc7b · 979dc7b
1 parent dcc2147
commit 979dc7b
Show file tree

Hide file tree

Showing 3 changed files with 197 additions and 74 deletions.
diff --git a/magic_transit_ipsec_tunnel.go b/magic_transit_ipsec_tunnel.go
@@ -16,70 +16,97 @@ const (
 	errMagicTransitIPsecTunnelNotDeleted  = "When trying to delete IPsec tunnel, API returned deleted: false"
 )
 
+// MagicTransitIPsecTunnelPskMetadata contains metadata associated with PSK
+type MagicTransitIPsecTunnelPskMetadata struct {
+	LastGeneratedOn time.Time `json:"last_generated_on,omitempty"`
+}
+
 // MagicTransitIPsecTunnel contains information about an IPsec tunnel.
 type MagicTransitIPsecTunnel struct {
-	ID                 string     `json:"id,omitempty"`
-	CreatedOn          *time.Time `json:"created_on,omitempty"`
-	ModifiedOn         *time.Time `json:"modified_on,omitempty"`
-	Name               string     `json:"name"`
-	CustomerEndpoint   string     `json:"customer_endpoint"`
-	CloudflareEndpoint string     `json:"cloudflare_endpoint"`
-	InterfaceAddress   string     `json:"interface_address"`
-	Description        string     `json:"description,omitempty"`
+	ID                 string                         `json:"id,omitempty"`
+	CreatedOn          *time.Time                     `json:"created_on,omitempty"`
+	ModifiedOn         *time.Time                     `json:"modified_on,omitempty"`
+	Name               string                         `json:"name"`
+	CustomerEndpoint   string                         `json:"customer_endpoint"`
+	CloudflareEndpoint string                         `json:"cloudflare_endpoint"`
+	InterfaceAddress   string                         `json:"interface_address"`
+	Description        string                         `json:"description,omitempty"`
+	HealthCheck        *MagicTransitTunnelHealthcheck `json:"health_check,omitempty"`
+}
+
+// MagicTransitIPsecTunnelReq contains information needed to create IPsec tunnel
+type MagicTransitIPsecTunnelReq struct {
+	MagicTransitIPsecTunnel
+	Psk string `json:"psk,omitempty"`
+}
+
+// MagicTransitIPsecTunnelResp contains information about a created IPsec tunnel
+type MagicTransitIPsecTunnelResp struct {
+	MagicTransitIPsecTunnel
+	PskMetadata *MagicTransitIPsecTunnelPskMetadata `json:"psk_metadata,omitempty"`
 }
 
 // ListMagicTransitIPsecTunnelsResponse contains a response including IPsec tunnels.
 type ListMagicTransitIPsecTunnelsResponse struct {
 	Response
 	Result struct {
-		IPsecTunnels []MagicTransitIPsecTunnel `json:"ipsec_tunnels"`
+		IPsecTunnels []MagicTransitIPsecTunnelResp `json:"ipsec_tunnels"`
 	} `json:"result"`
 }
 
 // GetMagicTransitIPsecTunnelResponse contains a response including zero or one IPsec tunnels.
 type GetMagicTransitIPsecTunnelResponse struct {
 	Response
 	Result struct {
-		IPsecTunnel MagicTransitIPsecTunnel `json:"ipsec_tunnel"`
+		IPsecTunnel MagicTransitIPsecTunnelResp `json:"ipsec_tunnel"`
 	} `json:"result"`
 }
 
 // CreateMagicTransitIPsecTunnelsRequest is an array of IPsec tunnels to create.
 type CreateMagicTransitIPsecTunnelsRequest struct {
-	IPsecTunnels []MagicTransitIPsecTunnel `json:"ipsec_tunnels"`
+	IPsecTunnels []MagicTransitIPsecTunnelReq `json:"ipsec_tunnels"`
 }
 
 // UpdateMagicTransitIPsecTunnelResponse contains a response after updating an IPsec Tunnel.
 type UpdateMagicTransitIPsecTunnelResponse struct {
 	Response
 	Result struct {
-		Modified            bool                    `json:"modified"`
-		ModifiedIPsecTunnel MagicTransitIPsecTunnel `json:"modified_ipsec_tunnel"`
+		Modified            bool                        `json:"modified"`
+		ModifiedIPsecTunnel MagicTransitIPsecTunnelResp `json:"modified_ipsec_tunnel"`
 	} `json:"result"`
 }
 
 // DeleteMagicTransitIPsecTunnelResponse contains a response after deleting an IPsec Tunnel.
 type DeleteMagicTransitIPsecTunnelResponse struct {
 	Response
 	Result struct {
-		Deleted            bool                    `json:"deleted"`
-		DeletedIPsecTunnel MagicTransitIPsecTunnel `json:"deleted_ipsec_tunnel"`
+		Deleted            bool                        `json:"deleted"`
+		DeletedIPsecTunnel MagicTransitIPsecTunnelResp `json:"deleted_ipsec_tunnel"`
+	} `json:"result"`
+}
+
+// GenerateMagicTransitIPsecTunnelPSKResponse contains a response after deleting an IPsec Tunnel.
+type GenerateMagicTransitIPsecTunnelPSKResponse struct {
+	Response
+	Result struct {
+		Psk         string                              `json:"psk"`
+		PskMetadata *MagicTransitIPsecTunnelPskMetadata `json:"psk_metadata"`
 	} `json:"result"`
 }
 
 // ListMagicTransitIPsecTunnels lists all IPsec tunnels for a given account
 //
 // API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-list-ipsec-tunnels
-func (api *API) ListMagicTransitIPsecTunnels(ctx context.Context, accountID string) ([]MagicTransitIPsecTunnel, error) {
+func (api *API) ListMagicTransitIPsecTunnels(ctx context.Context, accountID string) ([]MagicTransitIPsecTunnelResp, error) {
 	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels", accountID)
 	res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
 	if err != nil {
-		return []MagicTransitIPsecTunnel{}, err
+		return []MagicTransitIPsecTunnelResp{}, err
 	}
 
 	result := ListMagicTransitIPsecTunnelsResponse{}
 	if err := json.Unmarshal(res, &result); err != nil {
-		return []MagicTransitIPsecTunnel{}, errors.Wrap(err, errUnmarshalError)
+		return []MagicTransitIPsecTunnelResp{}, errors.Wrap(err, errUnmarshalError)
 	}
 
 	return result.Result.IPsecTunnels, nil
@@ -88,16 +115,16 @@ func (api *API) ListMagicTransitIPsecTunnels(ctx context.Context, accountID stri
 // GetMagicTransitIPsecTunnel returns zero or one IPsec tunnel
 //
 // API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-ipsec-tunnel-details
-func (api *API) GetMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string) (MagicTransitIPsecTunnel, error) {
+func (api *API) GetMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string) (MagicTransitIPsecTunnelResp, error) {
 	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels/%s", accountID, id)
 	res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
 	if err != nil {
-		return MagicTransitIPsecTunnel{}, err
+		return MagicTransitIPsecTunnelResp{}, err
 	}
 
 	result := GetMagicTransitIPsecTunnelResponse{}
 	if err := json.Unmarshal(res, &result); err != nil {
-		return MagicTransitIPsecTunnel{}, errors.Wrap(err, errUnmarshalError)
+		return MagicTransitIPsecTunnelResp{}, errors.Wrap(err, errUnmarshalError)
 	}
 
 	return result.Result.IPsecTunnel, nil
@@ -106,19 +133,19 @@ func (api *API) GetMagicTransitIPsecTunnel(ctx context.Context, accountID string
 // CreateMagicTransitIPsecTunnels creates one or more IPsec tunnels
 //
 // API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-create-ipsec-tunnels
-func (api *API) CreateMagicTransitIPsecTunnels(ctx context.Context, accountID string, tunnels []MagicTransitIPsecTunnel) ([]MagicTransitIPsecTunnel, error) {
+func (api *API) CreateMagicTransitIPsecTunnels(ctx context.Context, accountID string, tunnels []MagicTransitIPsecTunnelReq) ([]MagicTransitIPsecTunnelResp, error) {
 	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels", accountID)
 	res, err := api.makeRequestContext(ctx, http.MethodPost, uri, CreateMagicTransitIPsecTunnelsRequest{
 		IPsecTunnels: tunnels,
 	})
 
 	if err != nil {
-		return []MagicTransitIPsecTunnel{}, err
+		return []MagicTransitIPsecTunnelResp{}, err
 	}
 
 	result := ListMagicTransitIPsecTunnelsResponse{}
 	if err := json.Unmarshal(res, &result); err != nil {
-		return []MagicTransitIPsecTunnel{}, errors.Wrap(err, errUnmarshalError)
+		return []MagicTransitIPsecTunnelResp{}, errors.Wrap(err, errUnmarshalError)
 	}
 
 	return result.Result.IPsecTunnels, nil
@@ -127,21 +154,21 @@ func (api *API) CreateMagicTransitIPsecTunnels(ctx context.Context, accountID st
 // UpdateMagicTransitIPsecTunnel updates an IPsec tunnel
 //
 // API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-update-ipsec-tunnel
-func (api *API) UpdateMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string, tunnel MagicTransitIPsecTunnel) (MagicTransitIPsecTunnel, error) {
+func (api *API) UpdateMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string, tunnel MagicTransitIPsecTunnelReq) (MagicTransitIPsecTunnelResp, error) {
 	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels/%s", accountID, id)
 	res, err := api.makeRequestContext(ctx, http.MethodPut, uri, tunnel)
 
 	if err != nil {
-		return MagicTransitIPsecTunnel{}, err
+		return MagicTransitIPsecTunnelResp{}, err
 	}
 
 	result := UpdateMagicTransitIPsecTunnelResponse{}
 	if err := json.Unmarshal(res, &result); err != nil {
-		return MagicTransitIPsecTunnel{}, errors.Wrap(err, errUnmarshalError)
+		return MagicTransitIPsecTunnelResp{}, errors.Wrap(err, errUnmarshalError)
 	}
 
 	if !result.Result.Modified {
-		return MagicTransitIPsecTunnel{}, errors.New(errMagicTransitIPsecTunnelNotModified)
+		return MagicTransitIPsecTunnelResp{}, errors.New(errMagicTransitIPsecTunnelNotModified)
 	}
 
 	return result.Result.ModifiedIPsecTunnel, nil
@@ -150,22 +177,41 @@ func (api *API) UpdateMagicTransitIPsecTunnel(ctx context.Context, accountID str
 // DeleteMagicTransitIPsecTunnel deletes an IPsec Tunnel
 //
 // API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-delete-ipsec-tunnel
-func (api *API) DeleteMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string) (MagicTransitIPsecTunnel, error) {
+func (api *API) DeleteMagicTransitIPsecTunnel(ctx context.Context, accountID string, id string) (MagicTransitIPsecTunnelResp, error) {
 	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels/%s", accountID, id)
 	res, err := api.makeRequestContext(ctx, http.MethodDelete, uri, nil)
 
 	if err != nil {
-		return MagicTransitIPsecTunnel{}, err
+		return MagicTransitIPsecTunnelResp{}, err
 	}
 
 	result := DeleteMagicTransitIPsecTunnelResponse{}
 	if err := json.Unmarshal(res, &result); err != nil {
-		return MagicTransitIPsecTunnel{}, errors.Wrap(err, errUnmarshalError)
+		return MagicTransitIPsecTunnelResp{}, errors.Wrap(err, errUnmarshalError)
 	}
 
 	if !result.Result.Deleted {
-		return MagicTransitIPsecTunnel{}, errors.New(errMagicTransitIPsecTunnelNotDeleted)
+		return MagicTransitIPsecTunnelResp{}, errors.New(errMagicTransitIPsecTunnelNotDeleted)
 	}
 
 	return result.Result.DeletedIPsecTunnel, nil
 }
+
+// GenerateMagicTransitIPsecTunnelPSK generates a pre shared key (psk) for an IPsec tunnel
+//
+// API reference: https://api.cloudflare.com/#magic-ipsec-tunnels-generate-pre-shared-key-psk-for-ipsec-tunnels
+func (api *API) GenerateMagicTransitIPsecTunnelPSK(ctx context.Context, accountID string, id string) (string, *MagicTransitIPsecTunnelPskMetadata, error) {
+	uri := fmt.Sprintf("/accounts/%s/magic/ipsec_tunnels/%s/psk_generate", accountID, id)
+	res, err := api.makeRequestContext(ctx, http.MethodPost, uri, nil)
+
+	if err != nil {
+		return "", nil, err
+	}
+
+	result := GenerateMagicTransitIPsecTunnelPSKResponse{}
+	if err := json.Unmarshal(res, &result); err != nil {
+		return "", nil, errors.Wrap(err, errUnmarshalError)
+	}
+
+	return result.Result.Psk, result.Result.PskMetadata, nil
+}