/**
* Adds a trust bundle to the system.
*
* @param uriInfo Injected URI context used for building the location URI.
* @param bundle The bundle to add to the system.
* @return Status of 201 if the bundle was added or a status of 409 if a bundle with the same name
* already exists.
*/
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public Response addTrustBundle(@Context UriInfo uriInfo, TrustBundle bundle) {
// make sure it doesn't exist
try {
if (bundleDao.getTrustBundleByName(bundle.getBundleName()) != null)
return Response.status(Status.CONFLICT).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
try {
final org.nhindirect.config.store.TrustBundle entityBundle =
EntityModelConversion.toEntityTrustBundle(bundle);
bundleDao.addTrustBundle(entityBundle);
final UriBuilder newLocBuilder = uriInfo.getBaseUriBuilder();
final URI newLoc = newLocBuilder.path("trustbundle/" + bundle.getBundleName()).build();
// the trust bundle does not contain any of the anchors
// they must be fetched from the URL... use the
// refresh route to force downloading the anchors
template.sendBody(entityBundle);
return Response.created(newLoc).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error adding trust bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Updates the signing certificate of a trust bundle.
*
* @param bundleName The name of the trust bundle to update.
* @param certData A DER encoded representation of the new signing certificate.
* @return Status of 204 if the trust bundle's signing certificate was updated, status of 400 if
* the signing certificate is invalid, or a status 404 if a trust bundle with the given name
* does not exist.
*/
@POST
@Path("{bundle}/signingCert")
@Consumes(MediaType.APPLICATION_JSON)
public Response updateSigningCert(@PathParam("bundle") String bundleName, byte[] certData) {
X509Certificate signingCert = null;
if (certData.length > 0) {
try {
signingCert = CertUtils.toX509Certificate(certData);
} catch (CertificateConversionException ex) {
log.error("Signing certificate is not in a valid format " + bundleName, ex);
return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
}
}
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
// now update
try {
bundleDao.updateTrustBundleSigningCertificate(entityBundle.getId(), signingCert);
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error updating trust bundle signing certificate.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Updates multiple bundle attributes. If the URL of the bundle changes, then the bundle is
* automatically refreshed.
*
* @param bundleName The name of the bundle to update.
* @param bundleData The data of the trust bundle to update. Empty or null attributes indicate
* that the attribute should not be changed.
* @return Status of 204 if the bundle attributes were updated, status of 400 if the signing
* certificate is invalid, or a status 404 if a trust bundle with the given name does not
* exist.
*/
@POST
@Path("{bundle}/bundleAttributes")
@Consumes(MediaType.APPLICATION_JSON)
public Response updateBundleAttributes(
@PathParam("bundle") String bundleName, TrustBundle bundleData) {
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
final String oldBundleURL = entityBundle.getBundleURL();
// if there is a signing certificate in the request, make sure it's valid
X509Certificate newSigningCert = null;
if (bundleData.getSigningCertificateData() != null) {
try {
newSigningCert = CertUtils.toX509Certificate(bundleData.getSigningCertificateData());
} catch (CertificateConversionException ex) {
log.error("Signing certificate is not in a valid format " + bundleName, ex);
return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
}
}
// update the bundle
try {
bundleDao.updateTrustBundleAttributes(
entityBundle.getId(),
bundleData.getBundleName(),
bundleData.getBundleURL(),
newSigningCert,
bundleData.getRefreshInterval());
// if the URL changed, the bundle needs to be refreshed
if (bundleData.getBundleURL() != null
&& !bundleData.getBundleURL().isEmpty()
&& !oldBundleURL.equals(bundleData.getBundleURL())) {
entityBundle = bundleDao.getTrustBundleById(entityBundle.getId());
template.sendBody(entityBundle);
}
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error updating trust bundle attributes.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Gets all trust bundles in the system.
*
* @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the
* bundle. When only needing bundle names, this parameter should be set to false for better
* performance.
* @return A JSON representation of a collection of all trust bundles in the system. Returns a
* status of 204 if no trust bundles exist.
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response getTrustBundles(
@QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) {
Collection<org.nhindirect.config.store.TrustBundle> retBundles = null;
try {
retBundles = bundleDao.getTrustBundles();
if (retBundles.isEmpty()) return Response.noContent().cacheControl(noCache).build();
} catch (Throwable e) {
log.error("Error looking up trust bundles", e);
return Response.serverError().cacheControl(noCache).build();
}
final Collection<TrustBundle> modelBundles = new ArrayList<TrustBundle>();
for (org.nhindirect.config.store.TrustBundle bundle : retBundles) {
if (!fetchAnchors) bundle.setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>());
modelBundles.add(EntityModelConversion.toModelTrustBundle(bundle));
}
final GenericEntity<Collection<TrustBundle>> entity =
new GenericEntity<Collection<TrustBundle>>(modelBundles) {};
return Response.ok(entity).cacheControl(noCache).build();
}
/**
* Associates a trust bundle to a domain along with directional trust.
*
* @param bundleName The name of the bundle to associate to a domain.
* @param domainName The name of the domain to associate to a bundle.
* @param incoming Indicates if trust should be allowed for incoming messages.
* @param outgoing Indicates if trust should be allowed for outgoing messages.
* @return Status of 204 if the association was made or a status of 404 if either a domain or
* trust bundle with its given name does not exist.
*/
@POST
@Path("{bundle}/{domain}")
public Response associateTrustBundleToDomain(
@PathParam("bundle") String bundleName,
@PathParam("domain") String domainName,
@QueryParam("incoming") @DefaultValue("true") boolean incoming,
@QueryParam("outgoing") @DefaultValue("true") boolean outgoing) {
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
// make sure the domain exists
org.nhindirect.config.store.Domain entityDomain;
try {
entityDomain = domainDao.getDomainByName(domainName);
if (entityDomain == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
// now make the association
try {
bundleDao.associateTrustBundleToDomain(
entityDomain.getId(), entityBundle.getId(), incoming, outgoing);
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error associating trust bundle to domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Gets all trust bundles associated to a domain.
*
* @param domainName The name of the domain to fetch trust bundles for.
* @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the
* bundle. When only needing bundle names, this parameter should be set to false for better
* performance.
* @return A JSON representation of a collection of trust bundle that are associated to the given
* domain. Returns a status of 404 if a domain with the given name does not exist or a status
* of 404 if no trust bundles are associated with the given name.
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("domains/{domainName}")
public Response getTrustBundlesByDomain(
@PathParam("domainName") String domainName,
@QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) {
// make sure the domain exists
org.nhindirect.config.store.Domain entityDomain;
try {
entityDomain = domainDao.getDomainByName(domainName);
if (entityDomain == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
Collection<org.nhindirect.config.store.TrustBundleDomainReltn> retBundles = null;
try {
retBundles = bundleDao.getTrustBundlesByDomain(entityDomain.getId());
if (retBundles.isEmpty()) return Response.noContent().cacheControl(noCache).build();
} catch (Throwable e) {
log.error("Error looking up trust bundles", e);
return Response.serverError().cacheControl(noCache).build();
}
final Collection<TrustBundleDomainReltn> modelBundles = new ArrayList<TrustBundleDomainReltn>();
for (org.nhindirect.config.store.TrustBundleDomainReltn bundleReltn : retBundles) {
if (!fetchAnchors)
bundleReltn.getTrustBundle().setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>());
final TrustBundleDomainReltn newReltn = new TrustBundleDomainReltn();
newReltn.setIncoming(bundleReltn.isIncoming());
newReltn.setOutgoing(bundleReltn.isOutgoing());
newReltn.setDomain(EntityModelConversion.toModelDomain(bundleReltn.getDomain()));
newReltn.setTrustBundle(
EntityModelConversion.toModelTrustBundle(bundleReltn.getTrustBundle()));
modelBundles.add(newReltn);
}
final GenericEntity<Collection<TrustBundleDomainReltn>> entity =
new GenericEntity<Collection<TrustBundleDomainReltn>>(modelBundles) {};
return Response.ok(entity).cacheControl(noCache).build();
}
/**
* Removes a trust bundle from all domains.
*
* @param bundleName The name of the trust bundle to remove from all domains.
* @return Status of 200 if the trust bundle was removed from all domains or a status of 404 if a
* trust bundle with the given name does not exist.
*/
@DELETE
@Path("{bundle}/deleteFromBundle")
public Response disassociateTrustBundleFromDomains(@PathParam("bundle") String bundleName) {
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
// now make the disassociation
try {
bundleDao.disassociateTrustBundleFromDomains(entityBundle.getId());
return Response.ok().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error disassociating trust bundle from domains.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Deletes a trust bundle.
*
* @param bundleName The name of the bundle to delete.
* @return Status of 200 if the trust bundle was deleted or a status of 404 if a trust bundle with
* the given name does not exist.
*/
@DELETE
@Path("{bundle}")
public Response deleteBundle(@PathParam("bundle") String bundleName) {
// make sure it exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
try {
bundleDao.deleteTrustBundles(new long[] {entityBundle.getId()});
return Response.ok().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error deleting trust bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Forces the refresh of a trust bundle.
*
* @param bundleName The name of the trust bundle to refresh.
* @return Status of 204 if the bundle was refreshed or a status of 404 if a trust bundle with the
* given name does not exist.
*/
@Path("{bundle}/refreshBundle")
@POST
public Response refreshTrustBundle(@PathParam("bundle") String bundleName) {
// make sure it exists and refresh it
try {
final org.nhindirect.config.store.TrustBundle entityBundle =
bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
template.sendBody(entityBundle);
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error refreshing bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Gets a trust bundle by name.
*
* @param bundleName The name of the trust bundle to retrieve.
* @return A JSON representation of a the trust bundle. Returns a status of 404 if a trust bundle
* with the given name does not exist.
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("{bundleName}")
public Response getTrustBundleByName(@PathParam("bundleName") String bundleName) {
try {
final org.nhindirect.config.store.TrustBundle retBundle =
bundleDao.getTrustBundleByName(bundleName);
if (retBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
final TrustBundle modelBundle = EntityModelConversion.toModelTrustBundle(retBundle);
return Response.ok(modelBundle).cacheControl(noCache).build();
} catch (Throwable e) {
log.error("Error looking up trust bundles", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Removes all trust bundle from a domain.
*
* @param domainName The name of the domain to remove trust bundle from.
* @return Status of 200 if trust bundles were removed from the domain or a status of 404 if a
* domain with the given name does not exist.
*/
@DELETE
@Path("{domain}/deleteFromDomain")
public Response disassociateTrustBundlesFromDomain(@PathParam("domain") String domainName) {
// make sure the domain exists
org.nhindirect.config.store.Domain entityDomain;
try {
entityDomain = domainDao.getDomainByName(domainName);
if (entityDomain == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
// now make the disassociation
try {
bundleDao.disassociateTrustBundlesFromDomain(entityDomain.getId());
return Response.ok().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error disassociating trust bundles from domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
}