diff --git a/ca/client.go b/ca/client.go index 9e245cd7..b18efbaf 100644 --- a/ca/client.go +++ b/ca/client.go @@ -24,7 +24,6 @@ import ( "strings" "github.com/pkg/errors" - "github.com/rs/xid" "github.com/smallstep/certificates/api" "github.com/smallstep/certificates/authority" "github.com/smallstep/certificates/authority/provisioner" @@ -35,6 +34,7 @@ import ( "go.step.sm/crypto/jose" "go.step.sm/crypto/keyutil" "go.step.sm/crypto/pemutil" + "go.step.sm/crypto/randutil" "go.step.sm/crypto/x509util" "golang.org/x/net/http2" "google.golang.org/protobuf/encoding/protojson" @@ -105,6 +105,17 @@ func (c *uaClient) PostWithContext(ctx context.Context, u, contentType string, b // the CA client to the CA and back again. const requestIDHeader = "X-Request-Id" +// newRequestID generates a new random UUIDv4 request ID. If it fails, +// the request ID will be the empty string. +func newRequestID() string { + requestID, err := randutil.UUIDv4() + if err != nil { + return "" + } + + return requestID +} + // enforceRequestID checks if the X-Request-Id HTTP header is filled. If it's // empty, the context is searched for a request ID. If that's also empty, a new // request ID is generated. @@ -115,7 +126,7 @@ func enforceRequestID(r *http.Request) { // used before by the client (unless it's a retry for the same request)? requestID = reqID } else { - requestID = xid.New().String() + requestID = newRequestID() } r.Header.Set(requestIDHeader, requestID) } diff --git a/ca/client_test.go b/ca/client_test.go index 5fd11179..44d24c6e 100644 --- a/ca/client_test.go +++ b/ca/client_test.go @@ -17,6 +17,7 @@ import ( "testing" "time" + "github.com/google/uuid" "github.com/smallstep/certificates/api" "github.com/smallstep/certificates/api/read" "github.com/smallstep/certificates/api/render" @@ -1056,3 +1057,12 @@ func Test_enforceRequestID(t *testing.T) { }) } } + +func Test_newRequestID(t *testing.T) { + requestID := newRequestID() + u, err := uuid.Parse(requestID) + assert.NoError(t, err) + assert.Equal(t, uuid.Version(0x4), u.Version()) + assert.Equal(t, uuid.RFC4122, u.Variant()) + assert.Equal(t, requestID, u.String()) +}