Class: Vcert::TPPConnection

Inherits:

Object

Object
Vcert::TPPConnection

show all

Defined in:: lib/tpp/tpp.rb

Instance Method Summary collapse

#addStartEnd(s) ⇒ Object
#escape(value) ⇒ Object
#initialize(url, user, password, trust_bundle: nil) ⇒ TPPConnection constructor

A new instance of TPPConnection.
#policy(zone_tag) ⇒ Object
#renew(request, generate_new_key: true) ⇒ Object
#request(zone_tag, request) ⇒ Object
#retrieve(request) ⇒ Object
#zone_configuration(zone_tag) ⇒ Object

Constructor Details

#initialize(url, user, password, trust_bundle: nil) ⇒ `TPPConnection`

Returns a new instance of TPPConnection.

# File 'lib/tpp/tpp.rb', line 7

def initialize(url, user, password, trust_bundle: nil)
  @url = normalize_url url
  @user = user
  @password = password
  @token = nil
  @trust_bundle = trust_bundle
end

Instance Method Details

#addStartEnd(s) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 227

def addStartEnd(s)
  unless s.index("^") == 0
    s = "^" + s
  end
  unless s.end_with?("$")
    s = s + "$"
  end
  s
end

#escape(value) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 237

def escape(value)
  if value.kind_of? Array
    return value.map { |v| addStartEnd(Regexp.escape(v)) }
  else
    return addStartEnd(Regexp.escape(value))
  end
end

#policy(zone_tag) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 41

def policy(zone_tag)
  code, response = post URL_ZONE_CONFIG, {:PolicyDN => policy_dn(zone_tag)}
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  parse_policy_response response, zone_tag
end

#renew(request, generate_new_key: true) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 57

def renew(request, generate_new_key: true)
  if request.id == nil && request.thumbprint == nil
    raise("Either request ID or certificate thumbprint is required to renew the certificate")
  end

  if request.thumbprint != nil
    request.id = search_by_thumbprint(request.thumbprint)
  end
  renew_req_data = {"CertificateDN": request.id}
  if generate_new_key
    _, r = post(URL_SECRET_STORE_SEARCH, d = {"Namespace": "config", "Owner": request.id, "VaultType": 512})
    vaultId = r["VaultIDs"][0]
    _, r = post(URL_SECRET_STORE_RETRIEVE, d = {"VaultID": vaultId})
    csr_base64_data = r['Base64Data']
    csr_pem = "-----BEGIN CERTIFICATE REQUEST-----\n#{csr_base64_data}\n-----END CERTIFICATE REQUEST-----\n"
    parsed_csr = parse_csr_fields(csr_pem)
    renew_request = Vcert::Request.new(
        common_name: parsed_csr.fetch(:CN, nil),
        san_dns: parsed_csr.fetch(:DNS, nil),
        country: parsed_csr.fetch(:C, nil),
        province: parsed_csr.fetch(:ST, nil),
        locality: parsed_csr.fetch(:L, nil),
        organization: parsed_csr.fetch(:O, nil),
        organizational_unit: parsed_csr.fetch(:OU, nil))
    renew_req_data.merge!(PKCS10: renew_request.csr)
  end
  LOG.info("Trying to renew certificate %s" % request.id)
  _, d = post(URL_CERTIFICATE_RENEW, renew_req_data)
  if d.key?('Success')
    if generate_new_key
      return request.id, renew_request.private_key
    else
      return request.id, nil
    end
  else
    raise "Certificate renew error"
  end

end

#request(zone_tag, request) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 15

def request(zone_tag, request)
  data = {:PolicyDN => policy_dn(zone_tag),
          :PKCS10 => request.csr,
          :ObjectName => request.friendly_name,
          :DisableAutomaticRenewal => "true"}
  code, response = post URL_CERTIFICATE_REQUESTS, data
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  request.id = response['CertificateDN']
end

#retrieve(request) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 27

def retrieve(request)
  retrieve_request = {CertificateDN: request.id, Format: "base64", IncludeChain: 'true', RootFirstOrder: "false"}
  code, response = post URL_CERTIFICATE_RETRIEVE, retrieve_request
  if code != 200
    return nil
  end
  full_chain = Base64.decode64(response['CertificateData'])
  cert = parse_full_chain full_chain
  if cert.private_key == nil
    cert.private_key = request.private_key
  end
  cert
end

#zone_configuration(zone_tag) ⇒ `Object`

# File 'lib/tpp/tpp.rb', line 49

def zone_configuration(zone_tag)
  code, response = post URL_ZONE_CONFIG, {:PolicyDN => policy_dn(zone_tag)}
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  parse_zone_configuration response
end

Class: Vcert::TPPConnection

Instance Method Summary collapse

Constructor Details

#initialize(url, user, password, trust_bundle: nil) ⇒ TPPConnection

Instance Method Details

#addStartEnd(s) ⇒ Object

#escape(value) ⇒ Object

#policy(zone_tag) ⇒ Object

#renew(request, generate_new_key: true) ⇒ Object

#request(zone_tag, request) ⇒ Object

#retrieve(request) ⇒ Object

#zone_configuration(zone_tag) ⇒ Object

#initialize(url, user, password, trust_bundle: nil) ⇒ `TPPConnection`

#addStartEnd(s) ⇒ `Object`

#escape(value) ⇒ `Object`

#policy(zone_tag) ⇒ `Object`

#renew(request, generate_new_key: true) ⇒ `Object`

#request(zone_tag, request) ⇒ `Object`

#retrieve(request) ⇒ `Object`

#zone_configuration(zone_tag) ⇒ `Object`