[GitHub] [arrow-adbc] zeroshade commented on a diff in pull request #381: feat(go/adbc/driver/flightsql): implement more connection options

Tue, 24 Jan 2023 10:28:15 -0800 


zeroshade commented on code in PR #381:
URL: https://github.com/apache/arrow-adbc/pull/381#discussion_r1085728297


##########
go/adbc/driver/flightsql/flightsql_adbc.go:
##########
@@ -116,47 +122,81 @@ type database struct {
 }
 
 func (d *database) SetOptions(cnOptions map[string]string) error {
-       if d.uri.Scheme == "grpc+tls" {
-               d.creds = credentials.NewTLS(&tls.Config{})
-       } else {
-               d.creds = insecure.NewCredentials()
-       }
+       var tlsConfig tls.Config
 
-       if val, ok := cnOptions[OptionSSLSkipVerify]; ok && val == 
adbc.OptionValueEnabled {
-               if d.uri.Scheme != "grpc+tls" {
+       mtlsCert := cnOptions[OptionMTLSCertChain]
+       mtlsKey := cnOptions[OptionMTLSPrivateKey]
+       if mtlsCert != "" && mtlsKey != "" {
+               cert, err := tls.X509KeyPair([]byte(mtlsCert), []byte(mtlsKey))
+               if err != nil {
                        return adbc.Error{
-                               Msg:  "Connection is not TLS-enabled",
+                               Msg:  fmt.Sprintf("Invalid mTLS certificate: 
%#v", err),
                                Code: adbc.StatusInvalidArgument,
                        }
                }
-               d.creds = credentials.NewTLS(&tls.Config{InsecureSkipVerify: 
true})
+               tlsConfig.Certificates = []tls.Certificate{cert}
+               delete(cnOptions, OptionMTLSCertChain)
+               delete(cnOptions, OptionMTLSPrivateKey)
+       } else if mtlsCert != "" {
+               return adbc.Error{
+                       Msg:  fmt.Sprintf("Must provide both '%s' and '%s', 
only provided '%s'", OptionMTLSCertChain, OptionMTLSPrivateKey, 
OptionMTLSCertChain),
+                       Code: adbc.StatusInvalidArgument,
+               }
+       } else if mtlsKey != "" {
+               return adbc.Error{
+                       Msg:  fmt.Sprintf("Must provide both '%s' and '%s', 
only provided '%s'", OptionMTLSCertChain, OptionMTLSPrivateKey, 
OptionMTLSPrivateKey),
+                       Code: adbc.StatusInvalidArgument,
+               }
+       }

Review Comment:
   the common pattern in Go is to use a switch for multiple `if`/`else if` 
conditions because it tends to be more readable:
   
   ```go
   switch {
   case mtlsCert != "" && mtlsKey != "":
       // stuff
   case mtlsCert != "":
       // error
   case mtlsKey != "":
       // error
   }
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to