From 62b746c380f7f94158610dc72b0baac52439d1f2 Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <mitchell.hashimoto@gmail.com>
Date: Wed, 28 Mar 2018 14:29:35 -0700
Subject: [PATCH] agent: rename authorize param ClientID to ClientCertURI

---
 agent/agent_endpoint.go      |  2 +-
 agent/agent_endpoint_test.go | 28 ++++++++++++++--------------
 agent/structs/connect.go     |  4 ++--
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/agent/agent_endpoint.go b/agent/agent_endpoint.go
index a6b67816d..722909467 100644
--- a/agent/agent_endpoint.go
+++ b/agent/agent_endpoint.go
@@ -906,7 +906,7 @@ func (s *HTTPServer) AgentConnectAuthorize(resp http.ResponseWriter, req *http.R
 	}
 
 	// Parse the certificate URI from the client ID
-	uriRaw, err := url.Parse(authReq.ClientID)
+	uriRaw, err := url.Parse(authReq.ClientCertURI)
 	if err != nil {
 		return &connectAuthorizeResp{
 			Authorized: false,
diff --git a/agent/agent_endpoint_test.go b/agent/agent_endpoint_test.go
index bc59f3700..1b017fa78 100644
--- a/agent/agent_endpoint_test.go
+++ b/agent/agent_endpoint_test.go
@@ -2172,8 +2172,8 @@ func TestAgentConnectAuthorize_idInvalidFormat(t *testing.T) {
 	defer a.Shutdown()
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   "web",
-		ClientID: "tubes",
+		Target:        "web",
+		ClientCertURI: "tubes",
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize", jsonReader(args))
 	resp := httptest.NewRecorder()
@@ -2195,8 +2195,8 @@ func TestAgentConnectAuthorize_idNotService(t *testing.T) {
 	defer a.Shutdown()
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   "web",
-		ClientID: "spiffe://1234.consul",
+		Target:        "web",
+		ClientCertURI: "spiffe://1234.consul",
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize", jsonReader(args))
 	resp := httptest.NewRecorder()
@@ -2237,8 +2237,8 @@ func TestAgentConnectAuthorize_allow(t *testing.T) {
 	}
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   target,
-		ClientID: connect.TestSpiffeIDService(t, "web").URI().String(),
+		Target:        target,
+		ClientCertURI: connect.TestSpiffeIDService(t, "web").URI().String(),
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize", jsonReader(args))
 	resp := httptest.NewRecorder()
@@ -2279,8 +2279,8 @@ func TestAgentConnectAuthorize_deny(t *testing.T) {
 	}
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   target,
-		ClientID: connect.TestSpiffeIDService(t, "web").URI().String(),
+		Target:        target,
+		ClientCertURI: connect.TestSpiffeIDService(t, "web").URI().String(),
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize", jsonReader(args))
 	resp := httptest.NewRecorder()
@@ -2320,8 +2320,8 @@ func TestAgentConnectAuthorize_serviceWrite(t *testing.T) {
 	}
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   "foo",
-		ClientID: connect.TestSpiffeIDService(t, "web").URI().String(),
+		Target:        "foo",
+		ClientCertURI: connect.TestSpiffeIDService(t, "web").URI().String(),
 	}
 	req, _ := http.NewRequest("POST",
 		"/v1/agent/connect/authorize?token="+token, jsonReader(args))
@@ -2339,8 +2339,8 @@ func TestAgentConnectAuthorize_defaultDeny(t *testing.T) {
 	defer a.Shutdown()
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   "foo",
-		ClientID: connect.TestSpiffeIDService(t, "web").URI().String(),
+		Target:        "foo",
+		ClientCertURI: connect.TestSpiffeIDService(t, "web").URI().String(),
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize?token=root", jsonReader(args))
 	resp := httptest.NewRecorder()
@@ -2369,8 +2369,8 @@ func TestAgentConnectAuthorize_defaultAllow(t *testing.T) {
 	defer a.Shutdown()
 
 	args := &structs.ConnectAuthorizeRequest{
-		Target:   "foo",
-		ClientID: connect.TestSpiffeIDService(t, "web").URI().String(),
+		Target:        "foo",
+		ClientCertURI: connect.TestSpiffeIDService(t, "web").URI().String(),
 	}
 	req, _ := http.NewRequest("POST", "/v1/agent/connect/authorize?token=root", jsonReader(args))
 	resp := httptest.NewRecorder()
diff --git a/agent/structs/connect.go b/agent/structs/connect.go
index 1a2e03da8..7f08615d3 100644
--- a/agent/structs/connect.go
+++ b/agent/structs/connect.go
@@ -6,12 +6,12 @@ type ConnectAuthorizeRequest struct {
 	// Target is the name of the service that is being requested.
 	Target string
 
-	// ClientID is a unique identifier for the requesting client. This
+	// ClientCertURI is a unique identifier for the requesting client. This
 	// is currently the URI SAN from the TLS client certificate.
 	//
 	// ClientCertSerial is a colon-hex-encoded of the serial number for
 	// the requesting client cert. This is used to check against revocation
 	// lists.
-	ClientID         string
+	ClientCertURI    string
 	ClientCertSerial string
 }