Examples with TokenInfo ee.ria.xroad.signer.protocol.dto.TokenInfo used on opensource projects

Example 11 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class SignerCLI method listKeys.

/**
 * Lists all keys on all tokens.
 *
 * @throws Exception if an error occurs
 */
@Command(description = "Lists all keys on all tokens")
public void listKeys() throws Exception {
    List<TokenInfo> tokens = SignerClient.execute(new ListTokens());
    tokens.forEach(t -> {
        printTokenInfo(t, verbose);
        if (verbose) {
            System.out.println("Keys: ");
        }
        t.getKeyInfo().forEach(k -> printKeyInfo(k, verbose, "\t"));
        System.out.println();
    });
}

Example 12 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class KeyService method getPossibleActionsForKey.

/**
 * Return possible actions for one key
 * @throw KeyNotFoundException if key with given id was not found
 */
public EnumSet<PossibleActionEnum> getPossibleActionsForKey(String keyId) throws KeyNotFoundException {
    TokenInfo tokenInfo = tokenService.getTokenForKeyId(keyId);
    KeyInfo keyInfo = getKey(tokenInfo, keyId);
    EnumSet<PossibleActionEnum> possibleActions = possibleActionsRuleEngine.getPossibleKeyActions(tokenInfo, keyInfo);
    return possibleActions;
}

Example 13 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class KeyService method deleteKey.

/**
 * Deletes one key, and related CSRs and certificates. If the key is an authentication key with a registered
 * certificate and ignoreWarnings = false, an UnhandledWarningsException is thrown and the key is not deleted. If
 * ignoreWarnings = true, the authentication certificate is first unregistered, and the key and certificate are
 * deleted after that.
 * @param keyId
 * @param ignoreWarnings
 * @throws ActionNotPossibleException if delete was not possible for the key
 * @throws KeyNotFoundException if key with given id was not found
 * @throws GlobalConfOutdatedException if global conf was outdated
 * @throws UnhandledWarningsException if the key is an authentication key, it has a registered certificate,
 * and ignoreWarnings was false
 */
public void deleteKey(String keyId, Boolean ignoreWarnings) throws KeyNotFoundException, ActionNotPossibleException, GlobalConfOutdatedException, UnhandledWarningsException {
    TokenInfo tokenInfo = tokenService.getTokenForKeyId(keyId);
    auditDataHelper.put(tokenInfo);
    KeyInfo keyInfo = getKey(tokenInfo, keyId);
    auditDataHelper.put(keyInfo);
    // verify permissions
    if (keyInfo.getUsage() == null) {
        securityHelper.verifyAuthority("DELETE_KEY");
    } else if (keyInfo.getUsage() == KeyUsageInfo.AUTHENTICATION) {
        securityHelper.verifyAuthority("DELETE_AUTH_KEY");
    } else if (keyInfo.getUsage() == KeyUsageInfo.SIGNING) {
        securityHelper.verifyAuthority("DELETE_SIGN_KEY");
    }
    // verify that action is possible
    possibleActionsRuleEngine.requirePossibleKeyAction(PossibleActionEnum.DELETE, tokenInfo, keyInfo);
    // unregister possible auth certs
    if (keyInfo.getUsage() == KeyUsageInfo.AUTHENTICATION) {
        // get list of auth certs to be unregistered
        List<CertificateInfo> unregister = keyInfo.getCerts().stream().filter(this::shouldUnregister).collect(Collectors.toList());
        if (!unregister.isEmpty() && !ignoreWarnings) {
            throw new UnhandledWarningsException(new WarningDeviation(WARNING_AUTH_KEY_REGISTERED_CERT_DETECTED, keyId));
        }
        for (CertificateInfo certificateInfo : unregister) {
            unregisterAuthCert(certificateInfo);
        }
    }
    if (!auditDataHelper.dataIsForEvent(RestApiAuditEvent.DELETE_ORPHANS)) {
        auditEventHelper.changeRequestScopedEvent(RestApiAuditEvent.DELETE_KEY_FROM_TOKEN_AND_CONFIG);
    }
    // delete key needs to be done twice. First call deletes the certs & csrs
    try {
        signerProxyFacade.deleteKey(keyId, false);
        signerProxyFacade.deleteKey(keyId, true);
    } catch (CodedException e) {
        throw e;
    } catch (Exception other) {
        throw new SignerNotReachableException("delete key failed", other);
    }
}

Example 14 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class ClientsApiControllerIntegrationTest method createMockTokenInfos.

/**
 * @param certificateInfo one certificate to put inside this tokenInfo
 * structure
 * @return
 */
private List<TokenInfo> createMockTokenInfos(CertificateInfo certificateInfo) {
    List<TokenInfo> mockTokens = new ArrayList<>();
    List<CertificateInfo> certificates = new ArrayList<>();
    if (certificateInfo != null) {
        certificates.add(certificateInfo);
    }
    KeyInfo keyInfo = new KeyInfo(false, null, "friendlyName", "id", "label", "publicKey", certificates, new ArrayList<CertRequestInfo>(), "signMecchanismName");
    TokenInfo tokenInfo = new TokenInfo("type", "friendlyName", "id", false, false, false, "serialNumber", "label", -1, null, Arrays.asList(keyInfo), null);
    mockTokens.add(tokenInfo);
    return mockTokens;
}

Example 15 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class ClientsApiControllerIntegrationTest method getOrphans.

@Test
@WithMockUser(authorities = { "DELETE_CLIENT" })
public void getOrphans() {
    ClientId orphanClient = TestUtils.getClientId("FI:GOV:ORPHAN:SS1");
    KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertRequestInfoBuilder().clientId(orphanClient).build()).build();
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().key(keyInfo).build();
    doReturn(Collections.singletonList(tokenInfo)).when(tokenService).getAllTokens();
    ResponseEntity<OrphanInformation> orphanResponse = clientsApiController.getClientOrphans("FI:GOV:ORPHAN:SS1");
    assertEquals(HttpStatus.OK, orphanResponse.getStatusCode());
    assertEquals(true, orphanResponse.getBody().getOrphansExist());
    try {
        clientsApiController.getClientOrphans("FI:GOV:M1:SS777");
        fail("should not find orphans");
    } catch (ResourceNotFoundException expected) {
    }
}