Skip to content

Commit

Permalink
feat: ok to use S2A with override endpoint (#2114)
Browse files Browse the repository at this point in the history
  • Loading branch information
xmenxk authored Aug 14, 2023
1 parent 142ffeb commit caea956
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 2 deletions.
4 changes: 2 additions & 2 deletions internal/cba.go
Original file line number Diff line number Diff line change
Expand Up @@ -274,8 +274,8 @@ func shouldUseS2A(clientCertSource cert.Source, settings *DialSettings) bool {
if !isGoogleS2AEnabled() {
return false
}
// If DefaultMTLSEndpoint is not set, skip S2A.
if settings.DefaultMTLSEndpoint == "" {
// If DefaultMTLSEndpoint is not set and no endpoint override, skip S2A.
if settings.DefaultMTLSEndpoint == "" && settings.Endpoint == "" {
return false
}
// If MTLS is not enabled for this endpoint, skip S2A.
Expand Down
11 changes: 11 additions & 0 deletions internal/cba_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,17 @@ func TestGetHTTPTransportConfigAndEndpoint(t *testing.T) {
testRegularEndpoint,
true,
},
{
"no client cert, S2A address not empty, override endpoint is set",
&DialSettings{
DefaultMTLSEndpoint: "",
Endpoint: testOverrideEndpoint,
},
validConfigResp,
func() bool { return true },
testOverrideEndpoint,
false,
},
{
"no client cert, endpoint is MTLS enabled, S2A address not empty, custom HTTP client",
&DialSettings{
Expand Down

0 comments on commit caea956

Please sign in to comment.