fix: Disable logging by default.

v3/api/agent.go

@@ -17,12 +17,14 @@ package api
 import (
 	"encoding/json"
 	"fmt"
+	"log"
 	"regexp"
 )
 
 // GetAgentList returns a list of orchestrators registered in the Keyfactor instance
 func (c *Client) GetAgentList() ([]Agent, error) {
-	// 0
+	log.Println("[INFO] Getting a list of agents registered in Keyfactor")
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -52,7 +54,8 @@ func (c *Client) GetAgentList() ([]Agent, error) {
 }
 
 func (c *Client) GetAgent(id string) ([]Agent, error) {
-	// 0
+	log.Println("[INFO] Getting agent by ID or name.")
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -103,7 +106,8 @@ func (c *Client) GetAgent(id string) ([]Agent, error) {
 }
 
 func (c *Client) ApproveAgent(id string) (string, error) {
-	// 0
+	log.Printf("[INFO] Approving agent %s in Keyfactor.\n", id)
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -137,7 +141,8 @@ func (c *Client) ApproveAgent(id string) (string, error) {
 }
 
 func (c *Client) DisApproveAgent(id string) (string, error) {
-	// 0
+	log.Printf("[INFO] Disapproving agent %s in Keyfactor.\n", id)
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -171,7 +176,8 @@ func (c *Client) DisApproveAgent(id string) (string, error) {
 }
 
 func (c *Client) ResetAgent(id string) (string, error) {
-	// 0
+	log.Printf("[INFO] Resetting agent %s in Keyfactor.\n", id)
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -204,7 +210,8 @@ func (c *Client) ResetAgent(id string) (string, error) {
 }
 
 func (c *Client) FetchAgentLogs(id string) (string, error) {
-	// 0
+	log.Printf("[INFO] Fetching agent logs for %s.\n", id)
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{

v3/api/ca.go

@@ -16,11 +16,13 @@ package api
 
 import (
 	"encoding/json"
+	"log"
 )
 
 // GetCAList returns a list of certificate authorities supported by the Keyfactor instance
 func (c *Client) GetCAList() ([]CA, error) {
-	// 0
+	log.Println("[INFO] Getting a list of CAs from Keyfactor instance")
+
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{

v3/api/certificate.go

@@ -34,7 +34,8 @@ import (
 // EnrollPFX takes arguments for EnrollPFXFctArgs to facilitate a call to Keyfactor
 // that enrolls a PFX certificate with the supplied arguments.
 func (c *Client) EnrollPFX(ea *EnrollPFXFctArgs) (*EnrollResponse, error) {
-	// 0
+	log.Println("[INFO] Enrolling PFX certificate with Keyfactor")
+
 	/* Ensure required inputs exist */
 	var missingFields []string
 
@@ -106,7 +107,8 @@ func (c *Client) EnrollPFX(ea *EnrollPFXFctArgs) (*EnrollResponse, error) {
 }
 
 func (c *Client) EnrollPFXV2(ea *EnrollPFXFctArgsV2) (*EnrollResponseV2, error) {
-	// 0
+	log.Println("[INFO] Enrolling PFX certificate with Keyfactor")
+
 	/* Ensure required inputs exist */
 	var missingFields []string
 
@@ -160,7 +162,8 @@ func (c *Client) EnrollPFXV2(ea *EnrollPFXFctArgsV2) (*EnrollResponseV2, error)
 		Payload:  &ea,
 	}
 
-	// 0
+	log.Println("[TRACE] Request: ", keyfactorAPIStruct)
+
 	resp, err := c.sendRequest(keyfactorAPIStruct)
 	if err != nil {
 		return nil, err
@@ -194,7 +197,8 @@ func (c *Client) DownloadCertificate(
 	serialNumber string,
 	issuerDn string,
 ) (*x509.Certificate, []*x509.Certificate, error) {
-	// 0
+	log.Println("[INFO] Downloading certificate")
+
 	/* The download certificate endpoint requires one of the following to retrieve a cert:
 		- CertID
 		- Thumbprint
@@ -282,7 +286,8 @@ func (c *Client) DownloadCertificate(
 //   - Template             : string
 //   - CertificateAuthority : string
 func (c *Client) EnrollCSR(ea *EnrollCSRFctArgs) (*EnrollResponse, error) {
-	// 0
+	log.Println("[INFO] Signing CSR with Keyfactor")
+
 	/* Ensure required inputs exist */
 	if (ea.Template == "") || (ea.CertificateAuthority == "") {
 		return nil, errors.New("invalid or nonexistent values required for csr enrollment")
@@ -328,9 +333,9 @@ func (c *Client) EnrollCSR(ea *EnrollCSRFctArgs) (*EnrollResponse, error) {
 //   - CertificateIds : []int
 //   - Comment        : string
 func (c *Client) RevokeCert(rvargs *RevokeCertArgs) error {
-	// 0
+	log.Println("[INFO] Revoking certificates")
 	//for _, certs := range rvargs.CertificateIds {
-	//	// 0
+	//	log.Printf("[TRACE] Revoking ID %d", certs)
 	//}
 
 	// Fields required by revoke cert API request are cert ID & comment
@@ -640,8 +645,8 @@ func (c *Client) RecoverCertificate(
 	password string,
 	collectionId int,
 ) (interface{}, *x509.Certificate, []*x509.Certificate, error) {
-	// 0
-	// 0
+	log.Println("[DEBUG] Enter RecoverCertificate")
+	log.Println("[INFO] Recovering certificate ID:", certId)
 	/* The download certificate endpoint requires one of the following to retrieve a cert:
 		- CertID
 		- Thumbprint
@@ -659,10 +664,11 @@ func (c *Client) RecoverCertificate(
 	}
 
 	if !validInput {
-		// 0
+		log.Println("[ERROR] RecoverCertificate: certID, thumbprint, or serial number AND issuer DN required to download certificate")
 		return nil, nil, nil, fmt.Errorf("certID, thumbprint, or serial number AND issuer DN required to download certificate")
 	}
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Valid input")
+
 	if password == "" {
 		return nil, nil, nil, fmt.Errorf("password required to recover private key with certificate")
 	}
@@ -676,7 +682,7 @@ func (c *Client) RecoverCertificate(
 		IncludeChain: true,
 	}
 
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Recovering certificate with args:", rca)
 	// Set Keyfactor-specific headers
 	headers := &apiHeaders{
 		Headers: []StringTuple{
@@ -691,16 +697,16 @@ func (c *Client) RecoverCertificate(
 		Query: []StringTuple{},
 	}
 	if collectionId > 0 {
-		// 0
+		log.Println("[DEBUG] RecoverCertificate: Collection ID:", collectionId)
 		query.Query = append(
 			query.Query, StringTuple{
 				"collectionId", fmt.Sprintf("%d", collectionId),
 			},
 		)
-		// 0
+		log.Println("[DEBUG] RecoverCertificate: Query:", query)
 	}
 
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Creating recover certificate request")
 	keyfactorAPIStruct := &request{
 		Method:   "POST",
 		Endpoint: "Certificates/Recover",
@@ -709,37 +715,37 @@ func (c *Client) RecoverCertificate(
 		Query:    &query,
 	}
 
-	// 0
+	log.Println("[INFO] Attempting to recover certificate from Keyfactor Command")
 	resp, err := c.sendRequest(keyfactorAPIStruct)
 	if err != nil {
 		log.Println("[ERROR] RecoverCertificate: Error recovering certificate from Keyfactor Command", err.Error())
 		return nil, nil, nil, err
 	}
 
 	jsonResp := &recoverCertResponse{}
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Decoding response")
 	err = json.NewDecoder(resp.Body).Decode(&jsonResp)
 	if err != nil {
 		log.Println("[ERROR] RecoverCertificate: Error decoding response from Keyfactor Command", err.Error())
 		return nil, nil, nil, err
 	}
 
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Decoding PFX")
 	pfxDer, err := base64.StdEncoding.DecodeString(jsonResp.PFX)
 	if err != nil {
 		log.Println("[ERROR] RecoverCertificate: Error decoding PFX", err.Error())
 		return nil, nil, nil, err
 	}
 
-	// 0
+	log.Println("[DEBUG] RecoverCertificate: Decoding PFX chain")
 	priv, leaf, chain, err := pkcs12.DecodeChain(pfxDer, rca.Password)
 	if err != nil {
 		log.Println("[ERROR] RecoverCertificate: Error decoding PFX chain", err.Error())
 		return nil, nil, nil, err
 	}
 
-	// 0
-	// 0
+	log.Println("[INFO] Recovered certificate successfully")
+	log.Println("[DEBUG] RecoverCertificate: ", leaf, chain)
 	return priv, leaf, chain, nil
 }
 
@@ -794,7 +800,7 @@ func validateDeployPFXArgs(dpfxa *DeployPFXArgs) error {
 
 // decodePKCS12Blob decodes a PKCS12 blob.
 func decodePKCS12Blob(resp *EnrollResponse) error {
-	// 0
+	log.Println("[TRACE] Decoding certificate")
 	// Keyfactor returns base-64 PFX (PKCS#12) or zipped certificate. Decode here.
 	if resp.CertificateInformation.PKCS12Blob != "" {
 		cert, err := base64.StdEncoding.DecodeString(resp.CertificateInformation.PKCS12Blob)