From 498702805b39a701a420f71c49242ad51e7c801a Mon Sep 17 00:00:00 2001
From: Jean 'clark' EYMERT <jean@akiros.io>
Date: Wed, 17 Nov 2021 11:57:26 +0100
Subject: [PATCH] SES: add SourceArn, FromArn and ReturnPathArn #16

---
 internal/relay/ses/relay.go      | 12 +++++++++
 internal/relay/ses/relay_test.go | 45 +++++++++++++++++++++++++++-----
 main.go                          |  5 +++-
 3 files changed, 55 insertions(+), 7 deletions(-)

diff --git a/internal/relay/ses/relay.go b/internal/relay/ses/relay.go
index cada4f6..07d0a25 100644
--- a/internal/relay/ses/relay.go
+++ b/internal/relay/ses/relay.go
@@ -16,6 +16,9 @@ type Client struct {
 	setName         *string
 	allowFromRegExp *regexp.Regexp
 	denyToRegExp    *regexp.Regexp
+	sourceArn       *string
+	fromArn         *string
+	returnPathArn   *string
 }
 
 // Send uses the client SESAPI to send email data
@@ -40,6 +43,9 @@ func (c Client) Send(
 			Source:               &from,
 			Destinations:         allowedRecipients,
 			RawMessage:           &ses.RawMessage{Data: data},
+			SourceArn:            c.sourceArn,
+			FromArn:              c.fromArn,
+			ReturnPathArn:        c.returnPathArn,
 		})
 		relay.Log(origin, &from, allowedRecipients, err)
 		if err != nil {
@@ -54,11 +60,17 @@ func New(
 	configurationSetName *string,
 	allowFromRegExp *regexp.Regexp,
 	denyToRegExp *regexp.Regexp,
+	sourceArn *string,
+	fromArn *string,
+	returnPathArn *string,
 ) Client {
 	return Client{
 		sesAPI:          ses.New(session.Must(session.NewSession())),
 		setName:         configurationSetName,
 		allowFromRegExp: allowFromRegExp,
 		denyToRegExp:    denyToRegExp,
+		sourceArn:       sourceArn,
+		fromArn:         fromArn,
+		returnPathArn:   returnPathArn,
 	}
 }
diff --git a/internal/relay/ses/relay_test.go b/internal/relay/ses/relay_test.go
index 5210cbc..ad8a969 100644
--- a/internal/relay/ses/relay_test.go
+++ b/internal/relay/ses/relay_test.go
@@ -38,6 +38,9 @@ func sendHelper(
 	configurationSetName *string,
 	allowFromRegExp *regexp.Regexp,
 	denyToRegExp *regexp.Regexp,
+	sourceArn *string,
+	fromArn *string,
+	returnPathArn *string,
 	apiErr error,
 ) (email *ses.SendRawEmailInput, out []byte, err []byte, sendErr error) {
 	outReader, outWriter, _ := os.Pipe()
@@ -58,6 +61,9 @@ func sendHelper(
 			setName:         configurationSetName,
 			allowFromRegExp: allowFromRegExp,
 			denyToRegExp:    denyToRegExp,
+			sourceArn:       sourceArn,
+			fromArn:         fromArn,
+			returnPathArn:   returnPathArn,
 		}
 		testData.err = apiErr
 		sendErr = c.Send(origin, from, to, data)
@@ -75,7 +81,10 @@ func TestSend(t *testing.T) {
 	to := []string{"bob@example.org"}
 	data := []byte{'T', 'E', 'S', 'T'}
 	setName := ""
-	input, out, err, _ := sendHelper(&origin, from, to, data, &setName, nil, nil, nil)
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
+	input, out, err, _ := sendHelper(&origin, from, to, data, &setName, nil, nil, &sourceArn, &fromArn, &returnPathArn, nil)
 	if *input.Source != from {
 		t.Errorf(
 			"Unexpected source: %s. Expected: %s",
@@ -115,7 +124,10 @@ func TestSendWithMultipleRecipients(t *testing.T) {
 	to := []string{"bob@example.org", "charlie@example.org"}
 	data := []byte{'T', 'E', 'S', 'T'}
 	setName := ""
-	input, out, err, _ := sendHelper(&origin, from, to, data, &setName, nil, nil, nil)
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
+	input, out, err, _ := sendHelper(&origin, from, to, data, &setName, nil, nil, &sourceArn, &fromArn, &returnPathArn, nil)
 	if len(input.Destinations) != 2 {
 		t.Errorf(
 			"Unexpected number of destinations: %d. Expected: %d",
@@ -144,8 +156,11 @@ func TestSendWithDeniedSender(t *testing.T) {
 	to := []string{"bob@example.org", "charlie@example.org"}
 	data := []byte{'T', 'E', 'S', 'T'}
 	setName := ""
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
 	regexp, _ := regexp.Compile(`^admin@example\.org$`)
-	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, regexp, nil, nil)
+	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, regexp, nil, &sourceArn, &fromArn, &returnPathArn, nil)
 	if input != nil {
 		t.Errorf(
 			"Unexpected number of destinations: %d. Expected: %d",
@@ -170,8 +185,11 @@ func TestSendWithDeniedRecipient(t *testing.T) {
 	to := []string{"bob@example.org", "charlie@example.org"}
 	data := []byte{'T', 'E', 'S', 'T'}
 	setName := ""
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
 	regexp, _ := regexp.Compile(`^bob@example\.org$`)
-	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, nil, regexp, nil)
+	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, nil, regexp, &sourceArn, &fromArn, &returnPathArn, nil)
 	if len(input.Destinations) != 1 {
 		t.Errorf(
 			"Unexpected number of destinations: %d. Expected: %d",
@@ -203,8 +221,11 @@ func TestSendWithApiError(t *testing.T) {
 	to := []string{"bob@example.org"}
 	data := []byte{'T', 'E', 'S', 'T'}
 	setName := ""
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
 	apiErr := errors.New("API failure")
-	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, nil, nil, apiErr)
+	input, out, err, sendErr := sendHelper(&origin, from, to, data, &setName, nil, nil, &sourceArn, &fromArn, &returnPathArn, apiErr)
 	if *input.Source != from {
 		t.Errorf(
 			"Unexpected source: %s. Expected: %s",
@@ -245,7 +266,10 @@ func TestNew(t *testing.T) {
 	setName := ""
 	allowFromRegExp, _ := regexp.Compile(`^admin@example\.org$`)
 	denyToRegExp, _ := regexp.Compile(`^bob@example\.org$`)
-	client := New(&setName, allowFromRegExp, denyToRegExp)
+	sourceArn := ""
+	fromArn := ""
+	returnPathArn := ""
+	client := New(&setName, allowFromRegExp, denyToRegExp, &sourceArn, &fromArn, &returnPathArn)
 	_, ok := interface{}(client).(relay.Client)
 	if !ok {
 		t.Error("Unexpected: client is not a relay.Client")
@@ -259,4 +283,13 @@ func TestNew(t *testing.T) {
 	if client.denyToRegExp != denyToRegExp {
 		t.Errorf("Unexpected denyToRegExp: %s", client.denyToRegExp)
 	}
+	if client.sourceArn != &sourceArn {
+		t.Errorf("Unexpected sourceArn: %s", *client.sourceArn)
+	}
+	if client.fromArn != &fromArn {
+		t.Errorf("Unexpected fromArn: %s", *client.fromArn)
+	}
+	if client.returnPathArn != &returnPathArn {
+		t.Errorf("Unexpected returnPathArn: %s", *client.returnPathArn)
+	}
 }
diff --git a/main.go b/main.go
index 10797a6..4833f3b 100644
--- a/main.go
+++ b/main.go
@@ -29,6 +29,9 @@ var (
 	user      = flag.String("u", "", "Authentication username")
 	allowFrom = flag.String("l", "", "Allowed sender emails regular expression")
 	denyTo    = flag.String("d", "", "Denied recipient emails regular expression")
+	sourceArn = flag.String("sourcearn", "", "The ARN of the identity that is associated with the sending authorization policy that permits you to send for the email address specified in the Source parameter of SendRawEmail.")
+	fromArn   = flag.String("fromarn", "", "The ARN of the identity that is associated with the sending authorization policy that permits you to specify a particular 'From' address in the header of the raw email.")
+	rPathArn  = flag.String("returnpatharn", "", "The ARN of the identity that is associated with the sending authorization policy that permits you to use the email address specified in the ReturnPath parameter of SendRawEmail.")
 )
 
 var ipMap map[string]bool
@@ -83,7 +86,7 @@ func configure() error {
 	case "pinpoint":
 		relayClient = pinpointrelay.New(setName, allowFromRegExp, denyToRegExp)
 	case "ses":
-		relayClient = sesrelay.New(setName, allowFromRegExp, denyToRegExp)
+		relayClient = sesrelay.New(setName, allowFromRegExp, denyToRegExp, sourceArn, fromArn, rPathArn)
 	default:
 		return errors.New("Invalid relay API: " + *relayAPI)
 	}