Search in sources :

Example 1 with CertificatePluginSchemaNotFoundException

use of io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException in project gravitee-access-management by gravitee-io.

the class CertificateServiceImpl method create.

@Override
public Single<Certificate> create(String domain, NewCertificate newCertificate, User principal) {
    LOGGER.debug("Create a new certificate {} for domain {}", newCertificate, domain);
    Single<Certificate> certificateSingle = certificatePluginService.getSchema(newCertificate.getType()).switchIfEmpty(Maybe.error(new CertificatePluginSchemaNotFoundException(newCertificate.getType()))).map(schema -> objectMapper.readValue(schema, CertificateSchema.class)).flatMapSingle(new Function<CertificateSchema, SingleSource<Certificate>>() {

        @Override
        public SingleSource<Certificate> apply(CertificateSchema certificateSchema) throws Exception {
            return Single.create(emitter -> {
                String certificateId = RandomString.generate();
                Certificate certificate = new Certificate();
                certificate.setId(certificateId);
                certificate.setDomain(domain);
                certificate.setName(newCertificate.getName());
                certificate.setType(newCertificate.getType());
                // handle file
                try {
                    JsonNode certificateConfiguration = objectMapper.readTree(newCertificate.getConfiguration());
                    certificateSchema.getProperties().entrySet().stream().filter(map -> map.getValue().getWidget() != null && "file".equals(map.getValue().getWidget())).map(map -> map.getKey()).forEach(key -> {
                        try {
                            JsonNode file = objectMapper.readTree(certificateConfiguration.get(key).asText());
                            byte[] data = Base64.getDecoder().decode(file.get("content").asText());
                            certificate.setMetadata(Collections.singletonMap(CertificateMetadata.FILE, data));
                            // update configuration to set the file name
                            ((ObjectNode) certificateConfiguration).put(key, file.get("name").asText());
                            newCertificate.setConfiguration(objectMapper.writeValueAsString(certificateConfiguration));
                        } catch (IOException ex) {
                            LOGGER.error("An error occurs while trying to create certificate binaries", ex);
                            emitter.onError(ex);
                        }
                    });
                    certificate.setConfiguration(newCertificate.getConfiguration());
                    certificate.setCreatedAt(new Date());
                    certificate.setUpdatedAt(certificate.getCreatedAt());
                } catch (Exception ex) {
                    LOGGER.error("An error occurs while trying to create certificate configuration", ex);
                    emitter.onError(ex);
                }
                emitter.onSuccess(certificate);
            });
        }
    });
    return certificateSingle.flatMap(certificate -> certificateRepository.create(certificate)).flatMap(certificate -> {
        Event event = new Event(Type.CERTIFICATE, new Payload(certificate.getId(), ReferenceType.DOMAIN, certificate.getDomain(), Action.CREATE));
        return eventService.create(event).flatMap(__ -> Single.just(certificate));
    }).doOnError(ex -> {
        LOGGER.error("An error occurs while trying to create a certificate", ex);
        throw new TechnicalManagementException("An error occurs while trying to create a certificate", ex);
    });
}
Also used : X509Certificate(java.security.cert.X509Certificate) KeyPair(java.security.KeyPair) Primary(org.springframework.context.annotation.Primary) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) Date(java.util.Date) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Type(io.gravitee.am.common.event.Type) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) X500Name(org.bouncycastle.asn1.x500.X500Name) GeneralSecurityException(java.security.GeneralSecurityException) CertificateMetadata(io.gravitee.am.certificate.api.CertificateMetadata) User(io.gravitee.am.identityprovider.api.User) AuditBuilder(io.gravitee.am.service.reporter.builder.AuditBuilder) JsonNode(com.fasterxml.jackson.databind.JsonNode) ReferenceType(io.gravitee.am.model.ReferenceType) BigInteger(java.math.BigInteger) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) io.reactivex(io.reactivex) KeyPairGenerator(java.security.KeyPairGenerator) Action(io.gravitee.am.common.event.Action) CertificateNotFoundException(io.gravitee.am.service.exception.CertificateNotFoundException) CertificateWithApplicationsException(io.gravitee.am.service.exception.CertificateWithApplicationsException) KeyStore(java.security.KeyStore) EventType(io.gravitee.am.common.audit.EventType) RandomString(io.gravitee.am.common.utils.RandomString) NewCertificate(io.gravitee.am.service.model.NewCertificate) Base64(java.util.Base64) Payload(io.gravitee.am.model.common.event.Payload) Environment(org.springframework.core.env.Environment) Lazy(org.springframework.context.annotation.Lazy) Certificate(io.gravitee.am.model.Certificate) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ContentSigner(org.bouncycastle.operator.ContentSigner) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) BouncyCastleProviderSingleton(com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) Event(io.gravitee.am.model.common.event.Event) UpdateCertificate(io.gravitee.am.service.model.UpdateCertificate) CertificateSchema(io.gravitee.am.plugins.certificate.core.CertificateSchema) io.gravitee.am.service(io.gravitee.am.service) Logger(org.slf4j.Logger) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) IOException(java.io.IOException) Component(org.springframework.stereotype.Component) Function(io.reactivex.functions.Function) CertificateRepository(io.gravitee.am.repository.management.api.CertificateRepository) CertificateAuditBuilder(io.gravitee.am.service.reporter.builder.management.CertificateAuditBuilder) Collections(java.util.Collections) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) JsonNode(com.fasterxml.jackson.databind.JsonNode) RandomString(io.gravitee.am.common.utils.RandomString) IOException(java.io.IOException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) GeneralSecurityException(java.security.GeneralSecurityException) CertificateNotFoundException(io.gravitee.am.service.exception.CertificateNotFoundException) CertificateWithApplicationsException(io.gravitee.am.service.exception.CertificateWithApplicationsException) IOException(java.io.IOException) Date(java.util.Date) CertificateSchema(io.gravitee.am.plugins.certificate.core.CertificateSchema) Event(io.gravitee.am.model.common.event.Event) Payload(io.gravitee.am.model.common.event.Payload) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) X509Certificate(java.security.cert.X509Certificate) NewCertificate(io.gravitee.am.service.model.NewCertificate) Certificate(io.gravitee.am.model.Certificate) UpdateCertificate(io.gravitee.am.service.model.UpdateCertificate)

Example 2 with CertificatePluginSchemaNotFoundException

use of io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException in project gravitee-access-management by gravitee-io.

the class CertificateServiceImpl method update.

@Override
public Single<Certificate> update(String domain, String id, UpdateCertificate updateCertificate, User principal) {
    LOGGER.debug("Update a certificate {} for domain {}", id, domain);
    return certificateRepository.findById(id).switchIfEmpty(Maybe.error(new CertificateNotFoundException(id))).flatMapSingle(new Function<Certificate, SingleSource<CertificateWithSchema>>() {

        @Override
        public SingleSource<CertificateWithSchema> apply(Certificate certificate) throws Exception {
            return certificatePluginService.getSchema(certificate.getType()).switchIfEmpty(Maybe.error(new CertificatePluginSchemaNotFoundException(certificate.getType()))).flatMapSingle(new Function<String, SingleSource<? extends CertificateWithSchema>>() {

                @Override
                public SingleSource<? extends CertificateWithSchema> apply(String schema) throws Exception {
                    return Single.just(new CertificateWithSchema(certificate, objectMapper.readValue(schema, CertificateSchema.class)));
                }
            });
        }
    }).flatMap(oldCertificate -> {
        Single<Certificate> certificateSingle = Single.create(emitter -> {
            Certificate certificateToUpdate = new Certificate(oldCertificate.getCertificate());
            certificateToUpdate.setName(updateCertificate.getName());
            try {
                CertificateSchema certificateSchema = oldCertificate.getSchema();
                JsonNode oldCertificateConfiguration = objectMapper.readTree(oldCertificate.getCertificate().getConfiguration());
                JsonNode certificateConfiguration = objectMapper.readTree(updateCertificate.getConfiguration());
                certificateSchema.getProperties().entrySet().stream().filter(map -> map.getValue().getWidget() != null && "file".equals(map.getValue().getWidget())).map(map -> map.getKey()).forEach(key -> {
                    try {
                        String oldFileInformation = oldCertificateConfiguration.get(key).asText();
                        String fileInformation = certificateConfiguration.get(key).asText();
                        // file has changed, let's update it
                        if (!oldFileInformation.equals(fileInformation)) {
                            JsonNode file = objectMapper.readTree(certificateConfiguration.get(key).asText());
                            byte[] data = Base64.getDecoder().decode(file.get("content").asText());
                            certificateToUpdate.setMetadata(Collections.singletonMap(CertificateMetadata.FILE, data));
                            // update configuration to set the file path
                            ((ObjectNode) certificateConfiguration).put(key, file.get("name").asText());
                            updateCertificate.setConfiguration(objectMapper.writeValueAsString(certificateConfiguration));
                        }
                    } catch (IOException ex) {
                        LOGGER.error("An error occurs while trying to update certificate binaries", ex);
                        emitter.onError(ex);
                    }
                });
                certificateToUpdate.setConfiguration(updateCertificate.getConfiguration());
                certificateToUpdate.setUpdatedAt(new Date());
            } catch (Exception ex) {
                LOGGER.error("An error occurs while trying to update certificate configuration", ex);
                emitter.onError(ex);
            }
            emitter.onSuccess(certificateToUpdate);
        });
        return certificateSingle.flatMap(certificate -> certificateRepository.update(certificate)).flatMap(certificate1 -> {
            Event event = new Event(Type.CERTIFICATE, new Payload(certificate1.getId(), ReferenceType.DOMAIN, certificate1.getDomain(), Action.UPDATE));
            return eventService.create(event).flatMap(__ -> Single.just(certificate1));
        }).onErrorResumeNext(ex -> {
            LOGGER.error("An error occurs while trying to update a certificate", ex);
            throw new TechnicalManagementException("An error occurs while trying to update a certificate", ex);
        });
    });
}
Also used : X509Certificate(java.security.cert.X509Certificate) KeyPair(java.security.KeyPair) Primary(org.springframework.context.annotation.Primary) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) Date(java.util.Date) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Type(io.gravitee.am.common.event.Type) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) X500Name(org.bouncycastle.asn1.x500.X500Name) GeneralSecurityException(java.security.GeneralSecurityException) CertificateMetadata(io.gravitee.am.certificate.api.CertificateMetadata) User(io.gravitee.am.identityprovider.api.User) AuditBuilder(io.gravitee.am.service.reporter.builder.AuditBuilder) JsonNode(com.fasterxml.jackson.databind.JsonNode) ReferenceType(io.gravitee.am.model.ReferenceType) BigInteger(java.math.BigInteger) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) io.reactivex(io.reactivex) KeyPairGenerator(java.security.KeyPairGenerator) Action(io.gravitee.am.common.event.Action) CertificateNotFoundException(io.gravitee.am.service.exception.CertificateNotFoundException) CertificateWithApplicationsException(io.gravitee.am.service.exception.CertificateWithApplicationsException) KeyStore(java.security.KeyStore) EventType(io.gravitee.am.common.audit.EventType) RandomString(io.gravitee.am.common.utils.RandomString) NewCertificate(io.gravitee.am.service.model.NewCertificate) Base64(java.util.Base64) Payload(io.gravitee.am.model.common.event.Payload) Environment(org.springframework.core.env.Environment) Lazy(org.springframework.context.annotation.Lazy) Certificate(io.gravitee.am.model.Certificate) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ContentSigner(org.bouncycastle.operator.ContentSigner) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) BouncyCastleProviderSingleton(com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) Event(io.gravitee.am.model.common.event.Event) UpdateCertificate(io.gravitee.am.service.model.UpdateCertificate) CertificateSchema(io.gravitee.am.plugins.certificate.core.CertificateSchema) io.gravitee.am.service(io.gravitee.am.service) Logger(org.slf4j.Logger) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) IOException(java.io.IOException) Component(org.springframework.stereotype.Component) Function(io.reactivex.functions.Function) CertificateRepository(io.gravitee.am.repository.management.api.CertificateRepository) CertificateAuditBuilder(io.gravitee.am.service.reporter.builder.management.CertificateAuditBuilder) Collections(java.util.Collections) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) JsonNode(com.fasterxml.jackson.databind.JsonNode) RandomString(io.gravitee.am.common.utils.RandomString) IOException(java.io.IOException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) GeneralSecurityException(java.security.GeneralSecurityException) CertificateNotFoundException(io.gravitee.am.service.exception.CertificateNotFoundException) CertificateWithApplicationsException(io.gravitee.am.service.exception.CertificateWithApplicationsException) IOException(java.io.IOException) Date(java.util.Date) Function(io.reactivex.functions.Function) CertificateNotFoundException(io.gravitee.am.service.exception.CertificateNotFoundException) CertificateSchema(io.gravitee.am.plugins.certificate.core.CertificateSchema) Event(io.gravitee.am.model.common.event.Event) Payload(io.gravitee.am.model.common.event.Payload) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) X509Certificate(java.security.cert.X509Certificate) NewCertificate(io.gravitee.am.service.model.NewCertificate) Certificate(io.gravitee.am.model.Certificate) UpdateCertificate(io.gravitee.am.service.model.UpdateCertificate)

Example 3 with CertificatePluginSchemaNotFoundException

use of io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException in project gravitee-access-management by gravitee-io.

the class CertificateServiceProxyImpl method updateSensitiveData.

private Single<UpdateCertificate> updateSensitiveData(UpdateCertificate updateCertificate, Certificate oldCertificate) {
    return certificatePluginService.getSchema(oldCertificate.getType()).switchIfEmpty(Single.error(new CertificatePluginSchemaNotFoundException(oldCertificate.getType()))).map(schema -> {
        var updateConfig = objectMapper.readTree(updateCertificate.getConfiguration());
        var oldConfig = objectMapper.readTree(oldCertificate.getConfiguration());
        var schemaConfig = objectMapper.readTree(schema);
        super.updateSensitiveData(updateConfig, oldConfig, schemaConfig, updateCertificate::setConfiguration);
        return updateCertificate;
    });
}
Also used : CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException)

Example 4 with CertificatePluginSchemaNotFoundException

use of io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException in project gravitee-access-management by gravitee-io.

the class CertificateServiceProxyImpl method filterSensitiveData.

private Single<Certificate> filterSensitiveData(Certificate cert) {
    return certificatePluginService.getSchema(cert.getType()).switchIfEmpty(Single.error(new CertificatePluginSchemaNotFoundException(cert.getType()))).map(schema -> {
        // Duplicate the object to avoid side effect
        var filteredEntity = new Certificate(cert);
        var schemaNode = objectMapper.readTree(schema);
        var configurationNode = objectMapper.readTree(filteredEntity.getConfiguration());
        super.filterSensitiveData(schemaNode, configurationNode, filteredEntity::setConfiguration);
        return filteredEntity;
    });
}
Also used : CertificatePluginSchemaNotFoundException(io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException) Certificate(io.gravitee.am.model.Certificate) NewCertificate(io.gravitee.am.service.model.NewCertificate) UpdateCertificate(io.gravitee.am.service.model.UpdateCertificate)

Aggregations

CertificatePluginSchemaNotFoundException (io.gravitee.am.service.exception.CertificatePluginSchemaNotFoundException)4 Certificate (io.gravitee.am.model.Certificate)3 NewCertificate (io.gravitee.am.service.model.NewCertificate)3 UpdateCertificate (io.gravitee.am.service.model.UpdateCertificate)3 JsonNode (com.fasterxml.jackson.databind.JsonNode)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)2 BouncyCastleProviderSingleton (com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton)2 CertificateMetadata (io.gravitee.am.certificate.api.CertificateMetadata)2 EventType (io.gravitee.am.common.audit.EventType)2 Action (io.gravitee.am.common.event.Action)2 Type (io.gravitee.am.common.event.Type)2 RandomString (io.gravitee.am.common.utils.RandomString)2 User (io.gravitee.am.identityprovider.api.User)2 ReferenceType (io.gravitee.am.model.ReferenceType)2 Event (io.gravitee.am.model.common.event.Event)2 Payload (io.gravitee.am.model.common.event.Payload)2 CertificateSchema (io.gravitee.am.plugins.certificate.core.CertificateSchema)2 CertificateRepository (io.gravitee.am.repository.management.api.CertificateRepository)2 io.gravitee.am.service (io.gravitee.am.service)2