From 6235886ae3579fd20e00d56b3f12c94f3002d8ed Mon Sep 17 00:00:00 2001
From: benthecarman <benthecarman@live.com>
Date: Wed, 31 Jul 2024 14:18:44 -0500
Subject: [PATCH] Add cert path option for cli

---
 src/cli.rs | 34 ++++++++++++++++++++++++++--------
 1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/src/cli.rs b/src/cli.rs
index 4568abfe..bd6cfe09 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -47,9 +47,17 @@ struct Cli {
     /// This option is for passing a pem-encoded TLS certificate string to establish a connection
     /// with the LNDK server. If this isn't set, the cli will look for the TLS file in the default
     /// location (~.lndk).
+    /// Only one of cert_pem or cert_path can be set at once.
     #[arg(long, global = true, required = false)]
     cert_pem: Option<String>,
 
+    /// This option is for passing a file path to a pem-encoded TLS certificate string to establish
+    /// a connection with the LNDK server. If this isn't set, the cli will look for the TLS file in
+    /// the default location (~.lndk).
+    /// Only one of cert_pem or cert_path can be set at once.
+    #[arg(long, global = true, required = false)]
+    cert_path: Option<PathBuf>,
+
     #[arg(long, global = true, required = false, default_value = format!("https://{DEFAULT_SERVER_HOST}"))]
     grpc_host: String,
 
@@ -155,7 +163,7 @@ async fn main() {
             amount,
             payer_note,
         } => {
-            let tls = read_cert_from_args(args.cert_pem);
+            let tls = read_cert_from_args(args.cert_pem, args.cert_path);
             let grpc_host = args.grpc_host;
             let grpc_port = args.grpc_port;
             let channel = Channel::from_shared(format!("{grpc_host}:{grpc_port}"))
@@ -211,7 +219,7 @@ async fn main() {
             amount,
             payer_note,
         } => {
-            let tls = read_cert_from_args(args.cert_pem);
+            let tls = read_cert_from_args(args.cert_pem, args.cert_path);
             let grpc_host = args.grpc_host;
             let grpc_port = args.grpc_port;
             let channel = Channel::from_shared(format!("{grpc_host}:{grpc_port}"))
@@ -266,7 +274,7 @@ async fn main() {
             ref invoice_string,
             amount,
         } => {
-            let tls = read_cert_from_args(args.cert_pem.clone());
+            let tls = read_cert_from_args(args.cert_pem, args.cert_path);
             let grpc_host = args.grpc_host.clone();
             let grpc_port = args.grpc_port;
             let channel = Channel::from_shared(format!("{grpc_host}:{grpc_port}"))
@@ -323,13 +331,23 @@ fn read_macaroon_from_file(path: PathBuf) -> Result<String, std::io::Error> {
     Ok(hex::encode(buffer))
 }
 
-fn read_cert_from_args(cert_pem: Option<String>) -> ClientTlsConfig {
-    let data_dir = home::home_dir().unwrap().join(DEFAULT_DATA_DIR);
-    let pem = match &cert_pem {
-        Some(pem) => pem.clone(),
-        None => {
+fn read_cert_from_args(cert_pem: Option<String>, cert_path: Option<PathBuf>) -> ClientTlsConfig {
+    // Make sure both cert options are not set.
+    if cert_path.is_some() && cert_pem.is_some() {
+        println!("ERROR: Only one of `cert_path` or `cert_pem` should be set.");
+        exit(1)
+    }
+
+    let pem = match (&cert_pem, &cert_path) {
+        (Some(pem), _) => pem.clone(),
+        (None, Some(cert_path)) => std::fs::read_to_string(cert_path).unwrap_or_else(|e| {
+            println!("ERROR reading cert: {e:?}");
+            exit(1)
+        }),
+        (None, None) => {
             // If no cert pem string is provided, we'll look for the tls certificate in the
             // default location.
+            let data_dir = home::home_dir().unwrap().join(DEFAULT_DATA_DIR);
             std::fs::read_to_string(data_dir.join(TLS_CERT_FILENAME)).unwrap_or_else(|e| {
                 println!("ERROR reading cert: {e:?}");
                 exit(1)