use of com.google.cloud.security.privateca.v1.CertificateTemplate in project java-security-private-ca by googleapis.
the class CertificateAuthorityServiceClientTest method listCertificateTemplatesTest2.
@Test
public void listCertificateTemplatesTest2() throws Exception {
CertificateTemplate responsesElement = CertificateTemplate.newBuilder().build();
ListCertificateTemplatesResponse expectedResponse = ListCertificateTemplatesResponse.newBuilder().setNextPageToken("").addAllCertificateTemplates(Arrays.asList(responsesElement)).build();
mockCertificateAuthorityService.addResponse(expectedResponse);
String parent = "parent-995424086";
ListCertificateTemplatesPagedResponse pagedListResponse = client.listCertificateTemplates(parent);
List<CertificateTemplate> resources = Lists.newArrayList(pagedListResponse.iterateAll());
Assert.assertEquals(1, resources.size());
Assert.assertEquals(expectedResponse.getCertificateTemplatesList().get(0), resources.get(0));
List<AbstractMessage> actualRequests = mockCertificateAuthorityService.getRequests();
Assert.assertEquals(1, actualRequests.size());
ListCertificateTemplatesRequest actualRequest = ((ListCertificateTemplatesRequest) actualRequests.get(0));
Assert.assertEquals(parent, actualRequest.getParent());
Assert.assertTrue(channelProvider.isHeaderSent(ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
}
use of com.google.cloud.security.privateca.v1.CertificateTemplate in project java-security-private-ca by googleapis.
the class CertificateAuthorityServiceClientTest method listCertificateTemplatesTest.
@Test
public void listCertificateTemplatesTest() throws Exception {
CertificateTemplate responsesElement = CertificateTemplate.newBuilder().build();
ListCertificateTemplatesResponse expectedResponse = ListCertificateTemplatesResponse.newBuilder().setNextPageToken("").addAllCertificateTemplates(Arrays.asList(responsesElement)).build();
mockCertificateAuthorityService.addResponse(expectedResponse);
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
ListCertificateTemplatesPagedResponse pagedListResponse = client.listCertificateTemplates(parent);
List<CertificateTemplate> resources = Lists.newArrayList(pagedListResponse.iterateAll());
Assert.assertEquals(1, resources.size());
Assert.assertEquals(expectedResponse.getCertificateTemplatesList().get(0), resources.get(0));
List<AbstractMessage> actualRequests = mockCertificateAuthorityService.getRequests();
Assert.assertEquals(1, actualRequests.size());
ListCertificateTemplatesRequest actualRequest = ((ListCertificateTemplatesRequest) actualRequests.get(0));
Assert.assertEquals(parent.toString(), actualRequest.getParent());
Assert.assertTrue(channelProvider.isHeaderSent(ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
}
use of com.google.cloud.security.privateca.v1.CertificateTemplate in project java-security-private-ca by googleapis.
the class UpdateCertificateTemplate method updateCertificateTemplate.
// Updates an existing certificate template.
public static void updateCertificateTemplate(String project, String location, String certificateTemplateId) throws IOException, ExecutionException, InterruptedException, TimeoutException {
/* Initialize client that will be used to send requests. This client only needs to be created
once, and can be reused for multiple requests. After completing all of your requests, call
the `certificateAuthorityServiceClient.close()` method on the client to safely
clean up any remaining background resources. */
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
String certificateTemplateName = CertificateTemplateName.of(project, location, certificateTemplateId).toString();
// Set the parent name and the properties to be updated.
CertificateTemplate certificateTemplate = CertificateTemplate.newBuilder().setName(certificateTemplateName).setIdentityConstraints(CertificateIdentityConstraints.newBuilder().setAllowSubjectPassthrough(false).setAllowSubjectAltNamesPassthrough(true).build()).build();
// Set the mask corresponding to the properties updated above.
FieldMask fieldMask = FieldMask.newBuilder().addPaths("identity_constraints.allow_subject_alt_names_passthrough").addPaths("identity_constraints.allow_subject_passthrough").build();
/* Set the new template.
Set the mask to specify which properties of the template should be updated. */
UpdateCertificateTemplateRequest request = UpdateCertificateTemplateRequest.newBuilder().setCertificateTemplate(certificateTemplate).setUpdateMask(fieldMask).build();
// Create the update certificate template request.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.updateCertificateTemplateCallable().futureCall(request);
Operation response = futureCall.get(60, TimeUnit.SECONDS);
// Check for errors.
if (response.hasError()) {
System.out.println("Error in updating certificate template ! " + response.getError());
return;
}
// Get the updated certificate template and check if the properties have been updated.
CertificateIdentityConstraints updatedCertificateIdentityConstraints = certificateAuthorityServiceClient.getCertificateTemplate(certificateTemplateName).getIdentityConstraints();
if (!updatedCertificateIdentityConstraints.getAllowSubjectPassthrough() && updatedCertificateIdentityConstraints.getAllowSubjectAltNamesPassthrough()) {
System.out.println("Successfully updated the certificate template ! " + response.getName());
return;
}
System.out.println("Error in updating certificate template ! ");
}
}
use of com.google.cloud.security.privateca.v1.CertificateTemplate in project java-security-private-ca by googleapis.
the class CreateCertificateTemplate method createCertificateTemplate.
/* Creates a Certificate template. These templates can be reused for common
certificate issuance scenarios. */
public static void createCertificateTemplate(String project, String location, String certificateTemplateId) throws IOException, ExecutionException, InterruptedException, TimeoutException {
/* Initialize client that will be used to send requests. This client only needs to be created
once, and can be reused for multiple requests. After completing all of your requests, call
the `certificateAuthorityServiceClient.close()` method on the client to safely
clean up any remaining background resources. */
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
/* Describes any predefined X.509 values set by this template.
The provided extensions are copied over to certificate requests that use this template.*/
KeyUsage keyUsage = KeyUsage.newBuilder().setBaseKeyUsage(KeyUsageOptions.newBuilder().setDigitalSignature(true).setKeyEncipherment(true).build()).setExtendedKeyUsage(ExtendedKeyUsageOptions.newBuilder().setServerAuth(true).build()).build();
CaOptions caOptions = CaOptions.newBuilder().setIsCa(false).build();
/* CEL expression that is evaluated against the Subject and
Subject Alternative Name of the certificate before it is issued. */
Expr expr = Expr.newBuilder().setExpression("subject_alt_names.all(san, san.type == DNS)").build();
// Set the certificate issuance schema.
CertificateTemplate certificateTemplate = CertificateTemplate.newBuilder().setPredefinedValues(X509Parameters.newBuilder().setKeyUsage(keyUsage).setCaOptions(caOptions).build()).setIdentityConstraints(CertificateIdentityConstraints.newBuilder().setCelExpression(expr).setAllowSubjectPassthrough(false).setAllowSubjectAltNamesPassthrough(false).build()).build();
// Set the parent and certificate template properties.
CreateCertificateTemplateRequest certificateTemplateRequest = CreateCertificateTemplateRequest.newBuilder().setParent(LocationName.of(project, location).toString()).setCertificateTemplate(certificateTemplate).setCertificateTemplateId(certificateTemplateId).build();
// Create Template request.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.createCertificateTemplateCallable().futureCall(certificateTemplateRequest);
Operation response = futureCall.get(60, TimeUnit.SECONDS);
if (response.hasError()) {
System.out.println("Error creating certificate template ! " + response.getError());
return;
}
System.out.println("Successfully created certificate template ! " + response.getName());
}
}
use of com.google.cloud.security.privateca.v1.CertificateTemplate in project java-security-private-ca by googleapis.
the class ListCertificateTemplates method listCertificateTemplates.
// Lists the certificate templates present in the given project and location.
public static void listCertificateTemplates(String project, String location) throws IOException, ExecutionException, InterruptedException, TimeoutException {
/* Initialize client that will be used to send requests. This client only needs to be created
once, and can be reused for multiple requests. After completing all of your requests, call
the `certificateAuthorityServiceClient.close()` method on the client to safely
clean up any remaining background resources. */
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
// Set the parent name to list the certificate templates.
ListCertificateTemplatesRequest request = ListCertificateTemplatesRequest.newBuilder().setParent(LocationName.of(project, location).toString()).build();
ApiFuture<ListCertificateTemplatesResponse> futureCall = certificateAuthorityServiceClient.listCertificateTemplatesCallable().futureCall(request);
// Get the response.
ListCertificateTemplatesResponse response = futureCall.get(60, TimeUnit.SECONDS);
// List all templates.
for (CertificateTemplate template : response.getCertificateTemplatesList()) {
System.out.println(template.getName());
}
}
}
Aggregations