From 3454a55d9fa76942ed3b7a679d539a160a848d97 Mon Sep 17 00:00:00 2001
From: "Dwivedi, Vartika" <vartika.dwivedi@intel.com>
Date: Thu, 19 Oct 2023 13:54:12 +0530
Subject: [PATCH 1/2] Added TLS check to avoid API Key leakage

---
 config/config.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/config/config.go b/config/config.go
index 52418ad..6fa6379 100644
--- a/config/config.go
+++ b/config/config.go
@@ -96,6 +96,10 @@ func SetupConfig(envFilePath string) error {
 		return errors.New("Trust Authority base URL needs to be provided in configuration")
 	}
 
+	if !strings.HasPrefix(configValues.TrustAuthorityBaseUrl, "https://") {
+		return errors.New("Invalid base URL, must start with 'https://'")
+	}
+
 	_, err = url.Parse(configValues.TrustAuthorityBaseUrl)
 	if err != nil {
 		return errors.Wrap(err, "Invalid Trust Authority Base URL")

From 6aef09d76d5302aa2b803a2cb10e670a243d7259 Mon Sep 17 00:00:00 2001
From: "Dwivedi, Vartika" <vartika.dwivedi@intel.com>
Date: Thu, 19 Oct 2023 14:04:45 +0530
Subject: [PATCH 2/2] Updated error message

---
 config/config.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/config.go b/config/config.go
index 6fa6379..63b2a40 100644
--- a/config/config.go
+++ b/config/config.go
@@ -97,7 +97,7 @@ func SetupConfig(envFilePath string) error {
 	}
 
 	if !strings.HasPrefix(configValues.TrustAuthorityBaseUrl, "https://") {
-		return errors.New("Invalid base URL, must start with 'https://'")
+		return errors.New("Invalid Trust Authority base URL, must start with 'https://'")
 	}
 
 	_, err = url.Parse(configValues.TrustAuthorityBaseUrl)