/swagger_server/controllers/certificates_controller.py - Komentovat - Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD - Redmine

| Větev: | Tag: | Revize:

aswi2021jmsd-gitlab/swagger_server/controllers/certificates_controller.py @ 1e07432d

-e07432d
+from datetime import datetime
-a68c29
+import connexion
 import six
 from src.dao.private_key_repository import PrivateKeyRepository
 from src.model.subject import Subject
 from src.services.certificate_service import CertificateService
 from src.dao.certificate_repository import CertificateRepository    # TODO not the Controller's responsibility. 1
 from src.services.cryptography import CryptographyService           # TODO not the Controller's responsibility. 2
-            eff25d7c
+from sqlite3 import Connection                                      # TODO not the Controller's responsibility. 3
 from src.constants import DICT_USAGES, CA_ID, \
-e07432d
+    DATABASE_FILE_LOCATION, SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID, \
     DATETIME_FORMAT  # TODO DATABASE_FILE - not the Controller's
-f22957
+                                                                    #  responsibility. 4
-a68c29
+from src.services.key_service import KeyService
-e07432d
+from swagger_server.models import CertificateRequest, CertificateListItem, CAUsage, IssuerListItem
-a68c29
+            Captain_Trojan
 from swagger_server.models.certificate import Certificate  # noqa: E501
 from swagger_server.models.certificate_list_response import CertificateListResponse  # noqa: E501
 from swagger_server.models.certificate_response import CertificateResponse  # noqa: E501
 from swagger_server.models.created_response import CreatedResponse  # noqa: E501
 from swagger_server.models.error_response import ErrorResponse  # noqa: E501
 from swagger_server.models.filtering import Filtering  # noqa: E501
 from swagger_server.models.id_parameter import IdParameter  # noqa: E501
 from swagger_server.models.pem_response import PemResponse  # noqa: E501
 from swagger_server import util
-            eff25d7c
+# _ = Connection("../" + DATABASE_FILE)                                 # TODO not the Controller's responsibility. 5
-a68c29
+# cursor = _.cursor()                                                   # TODO responsibility of the
                                                                         #  CertificateRepository. It makes no sense to
                                                                         #  supply a different cursor than precisely
                                                                         #  the one corresponding to the connection.
                                                                         #  The cursor can always be generated from the
                                                                         #  connection instance.
-e07432d
+GENERAL_ERROR = "An error occured during processing of the request."
 CORRUPTED_DATABASE = "Internal server error (corrupted database)."
-a68c29
+            Captain_Trojan
 __ = CryptographyService()                                              # TODO not the Controller's responsibility. 6
-            eff25d7c
+CERTIFICATE_SERVICE = CertificateService(__, CertificateRepository(None, None))
-a68c29
+                                                                        # TODO open for discussion. Expected:
                                                                         #  CS = CertificateService.get_instance()
                                                                         #  or something like that.
-            eff25d7c
+KEY_SERVICE = KeyService(__, PrivateKeyRepository(None, None))          # TODO as above
-a68c29
+            Captain_Trojan
 def setup():
-f22957
+    """
     SQLite3 thread issue hack.
     :return:
     """
-            eff25d7c
+    _ = Connection(DATABASE_FILE_LOCATION.shortest_relative_path())
-a68c29
+    CERTIFICATE_SERVICE.certificate_repository.connection = _
     CERTIFICATE_SERVICE.certificate_repository.cursor = _.cursor()
     KEY_SERVICE.private_key_repository.connection = _
     KEY_SERVICE.private_key_repository.cursor = _.cursor()
 def create_certificate(body=None):  # noqa: E501
     """create new certificate
     Create a new certificate based on given information # noqa: E501
     :param body: Certificate data to be created
     :type body: dict | bytes
     :rtype: CreatedResponse
     """
-            eff25d7c
+    setup()                                                             # TODO remove after issue fixed
-a68c29
+            Captain_Trojan
     if connexion.request.is_json:
         body = CertificateRequest.from_dict(connexion.request.get_json())  # noqa: E501
-ef52
+        # if body.subject is None or body.usage is None or body.validity_days is None:
         #     return 400
-a68c29
+            Captain_Trojan
         key = KEY_SERVICE.create_new_key()                              # TODO pass key
         subject = Subject(
             common_name=body.subject.cn,
             country=body.subject.c,
             locality=body.subject.l,
             state=body.subject.st,
             organization=body.subject.o,
             organization_unit=body.subject.ou,
             email_address=body.subject.email_address
+        )
         usages_dict = DICT_USAGES.copy()
         if body.ca is None:
             cert = CERTIFICATE_SERVICE.create_root_ca(
                 key,
                 subject,
                 usages=usages_dict,
                 days=body.validity_days
+            )
         else:
             issuer = CERTIFICATE_SERVICE.get_certificate(body.ca)
             if issuer is None:
                 return ErrorResponse(
                     success=False,
                     data="No certificate authority with such unique ID exists."
                 ), 400
             issuer_key = KEY_SERVICE.get_key(issuer.private_key_id)
             if issuer_key is None:
                 return ErrorResponse(
                     success=False,
-e07432d
+                    data=CORRUPTED_DATABASE
-a68c29
+                ), 400
             f = CERTIFICATE_SERVICE.create_ca if CA_ID in usages_dict and usages_dict[CA_ID] else \
                 CERTIFICATE_SERVICE.create_end_cert
             cert = f(
                 key,
                 subject,
                 issuer,
                 issuer_key,
                 usages=usages_dict,
                 days=body.validity_days
+            )
         if cert is not None:
-            ee883227
+            return CreatedResponse(
-a68c29
+                success=True,
                 data=cert.certificate_id
             ), 201
         else:
             return ErrorResponse(
                 success=False,
                 data="The certificate could not have been created."
             ), 400
     else:
-e07432d
+        return ErrorResponse(success=False, data="The request must be JSON-formatted."), 400
-a68c29
+            Captain_Trojan
 def get_certificate_by_id(id):  # noqa: E501
     """get certificate by ID
     Get certificate in PEM format by ID # noqa: E501
     :param id: ID of a certificate to be queried
     :type id: dict | bytes
     :rtype: PemResponse
     """
     if connexion.request.is_json:
         id = IdParameter.from_dict(connexion.request.get_json())  # noqa: E501
     return 'do some magic!'
 def get_certificate_details_by_id(id):  # noqa: E501
     """get certificate&#x27;s details by ID
     Get certificate details by ID # noqa: E501
     :param id: ID of a certificate whose details are to be queried
     :type id: dict | bytes
     :rtype: CertificateResponse
     """
     if connexion.request.is_json:
         id = IdParameter.from_dict(connexion.request.get_json())  # noqa: E501
     return 'do some magic!'
 def get_certificate_list(filtering=None):  # noqa: E501
     """get list of certificates
     Lists certificates based on provided filtering options # noqa: E501
     :param filtering: Filter certificate type to be queried
     :type filtering: dict | bytes
     :rtype: CertificateListResponse
     """
-            eff25d7c
+    setup()                                                             # TODO remove after issue fixed
-e07432d
+    key_map = {CA_ID: 'ca', SSL_ID: 'ssl', SIGNATURE_ID: 'digital_signature', AUTHENTICATION_ID: 'authentication'}
     if len(connexion.request.data) == 0:
         certs = CERTIFICATE_SERVICE.get_certificates()
         if certs is None:
             return ErrorResponse(success=False, data=GENERAL_ERROR), 500
         elif len(certs) == 0:
             return ErrorResponse(success=False, data="No certificates found."), 204
         else:
             ret = []
             for c in certs:
                 c_issuer = CERTIFICATE_SERVICE.get_certificate(c.parent_id)
                 if c_issuer is None:
                     return ErrorResponse(success=False, data=CORRUPTED_DATABASE)
                 ret.append(
                     CertificateListItem(
                         id=c.certificate_id,
                         cn=c.common_name,
                         not_before=datetime.strptime(c.valid_from, DATETIME_FORMAT).date(),
                         not_after=datetime.strptime(c.valid_to, DATETIME_FORMAT).date(),
                         usage=CAUsage(**{key_map[k]: v for k, v in c.usages.items()}),
                         issuer=IssuerListItem(
                             id=c_issuer.certificate_id,
                             cn=c_issuer.common_name
+                        )
+                    )
+                )
             return CertificateListResponse(success=True, data=ret)
-            eff25d7c
+    else:
-e07432d
+        # TODO fix filtering issue (somehow)
         return ErrorResponse(success=False, data="The request must be JSON-formatted."), 400
-a68c29
+            Captain_Trojan
 def get_certificate_root_by_id(id):  # noqa: E501
     """get certificate&#x27;s root of trust chain by ID
     Get certificate&#x27;s root of trust chain in PEM format by ID # noqa: E501
     :param id: ID of a child certificate whose root is to be queried
     :type id: dict | bytes
     :rtype: PemResponse
     """
     if connexion.request.is_json:
         id = IdParameter.from_dict(connexion.request.get_json())  # noqa: E501
     return 'do some magic!'
 def get_certificate_trust_chain_by_id(id):  # noqa: E501
     """get certificate&#x27;s trust chain by ID
     Get certificate trust chain in PEM format by ID # noqa: E501
     :param id: ID of a child certificate whose chain is to be queried
     :type id: dict | bytes
     :rtype: PemResponse
     """
     if connexion.request.is_json:
         id = IdParameter.from_dict(connexion.request.get_json())  # noqa: E501
     return 'do some magic!'

Projekt

Obecné

Profil

ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD