Пример #1
0
  /**
   * Adds a trust bundle to the system.
   *
   * @param uriInfo Injected URI context used for building the location URI.
   * @param bundle The bundle to add to the system.
   * @return Status of 201 if the bundle was added or a status of 409 if a bundle with the same name
   *     already exists.
   */
  @PUT
  @Consumes(MediaType.APPLICATION_JSON)
  public Response addTrustBundle(@Context UriInfo uriInfo, TrustBundle bundle) {
    // make sure it doesn't exist
    try {
      if (bundleDao.getTrustBundleByName(bundle.getBundleName()) != null)
        return Response.status(Status.CONFLICT).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    try {
      final org.nhindirect.config.store.TrustBundle entityBundle =
          EntityModelConversion.toEntityTrustBundle(bundle);

      bundleDao.addTrustBundle(entityBundle);

      final UriBuilder newLocBuilder = uriInfo.getBaseUriBuilder();
      final URI newLoc = newLocBuilder.path("trustbundle/" + bundle.getBundleName()).build();

      // the trust bundle does not contain any of the anchors
      // they must be fetched from the URL... use the
      // refresh route to force downloading the anchors
      template.sendBody(entityBundle);

      return Response.created(newLoc).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error adding trust bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #2
0
  /**
   * Updates the signing certificate of a trust bundle.
   *
   * @param bundleName The name of the trust bundle to update.
   * @param certData A DER encoded representation of the new signing certificate.
   * @return Status of 204 if the trust bundle's signing certificate was updated, status of 400 if
   *     the signing certificate is invalid, or a status 404 if a trust bundle with the given name
   *     does not exist.
   */
  @POST
  @Path("{bundle}/signingCert")
  @Consumes(MediaType.APPLICATION_JSON)
  public Response updateSigningCert(@PathParam("bundle") String bundleName, byte[] certData) {
    X509Certificate signingCert = null;
    if (certData.length > 0) {
      try {
        signingCert = CertUtils.toX509Certificate(certData);
      } catch (CertificateConversionException ex) {
        log.error("Signing certificate is not in a valid format " + bundleName, ex);
        return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
      }
    }

    // make sure the bundle exists
    org.nhindirect.config.store.TrustBundle entityBundle;
    try {
      entityBundle = bundleDao.getTrustBundleByName(bundleName);
      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    // now update
    try {
      bundleDao.updateTrustBundleSigningCertificate(entityBundle.getId(), signingCert);

      return Response.noContent().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error updating trust bundle signing certificate.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #3
0
  /**
   * Updates multiple bundle attributes. If the URL of the bundle changes, then the bundle is
   * automatically refreshed.
   *
   * @param bundleName The name of the bundle to update.
   * @param bundleData The data of the trust bundle to update. Empty or null attributes indicate
   *     that the attribute should not be changed.
   * @return Status of 204 if the bundle attributes were updated, status of 400 if the signing
   *     certificate is invalid, or a status 404 if a trust bundle with the given name does not
   *     exist.
   */
  @POST
  @Path("{bundle}/bundleAttributes")
  @Consumes(MediaType.APPLICATION_JSON)
  public Response updateBundleAttributes(
      @PathParam("bundle") String bundleName, TrustBundle bundleData) {
    // make sure the bundle exists
    org.nhindirect.config.store.TrustBundle entityBundle;
    try {
      entityBundle = bundleDao.getTrustBundleByName(bundleName);
      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    final String oldBundleURL = entityBundle.getBundleURL();

    // if there is a signing certificate in the request, make sure it's valid
    X509Certificate newSigningCert = null;
    if (bundleData.getSigningCertificateData() != null) {

      try {
        newSigningCert = CertUtils.toX509Certificate(bundleData.getSigningCertificateData());
      } catch (CertificateConversionException ex) {
        log.error("Signing certificate is not in a valid format " + bundleName, ex);
        return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
      }
    }

    // update the bundle
    try {
      bundleDao.updateTrustBundleAttributes(
          entityBundle.getId(),
          bundleData.getBundleName(),
          bundleData.getBundleURL(),
          newSigningCert,
          bundleData.getRefreshInterval());

      // if the URL changed, the bundle needs to be refreshed
      if (bundleData.getBundleURL() != null
          && !bundleData.getBundleURL().isEmpty()
          && !oldBundleURL.equals(bundleData.getBundleURL())) {
        entityBundle = bundleDao.getTrustBundleById(entityBundle.getId());

        template.sendBody(entityBundle);
      }

      return Response.noContent().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error updating trust bundle attributes.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #4
0
  /**
   * Gets all trust bundles in the system.
   *
   * @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the
   *     bundle. When only needing bundle names, this parameter should be set to false for better
   *     performance.
   * @return A JSON representation of a collection of all trust bundles in the system. Returns a
   *     status of 204 if no trust bundles exist.
   */
  @GET
  @Produces(MediaType.APPLICATION_JSON)
  public Response getTrustBundles(
      @QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) {

    Collection<org.nhindirect.config.store.TrustBundle> retBundles = null;

    try {
      retBundles = bundleDao.getTrustBundles();

      if (retBundles.isEmpty()) return Response.noContent().cacheControl(noCache).build();

    } catch (Throwable e) {
      log.error("Error looking up trust bundles", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    final Collection<TrustBundle> modelBundles = new ArrayList<TrustBundle>();
    for (org.nhindirect.config.store.TrustBundle bundle : retBundles) {
      if (!fetchAnchors) bundle.setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>());

      modelBundles.add(EntityModelConversion.toModelTrustBundle(bundle));
    }

    final GenericEntity<Collection<TrustBundle>> entity =
        new GenericEntity<Collection<TrustBundle>>(modelBundles) {};

    return Response.ok(entity).cacheControl(noCache).build();
  }
Пример #5
0
  /**
   * Associates a trust bundle to a domain along with directional trust.
   *
   * @param bundleName The name of the bundle to associate to a domain.
   * @param domainName The name of the domain to associate to a bundle.
   * @param incoming Indicates if trust should be allowed for incoming messages.
   * @param outgoing Indicates if trust should be allowed for outgoing messages.
   * @return Status of 204 if the association was made or a status of 404 if either a domain or
   *     trust bundle with its given name does not exist.
   */
  @POST
  @Path("{bundle}/{domain}")
  public Response associateTrustBundleToDomain(
      @PathParam("bundle") String bundleName,
      @PathParam("domain") String domainName,
      @QueryParam("incoming") @DefaultValue("true") boolean incoming,
      @QueryParam("outgoing") @DefaultValue("true") boolean outgoing) {
    // make sure the bundle exists
    org.nhindirect.config.store.TrustBundle entityBundle;
    try {
      entityBundle = bundleDao.getTrustBundleByName(bundleName);
      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    // make sure the domain exists
    org.nhindirect.config.store.Domain entityDomain;
    try {
      entityDomain = domainDao.getDomainByName(domainName);
      if (entityDomain == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();

    } catch (Exception e) {
      log.error("Error looking up domain.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    // now make the association
    try {
      bundleDao.associateTrustBundleToDomain(
          entityDomain.getId(), entityBundle.getId(), incoming, outgoing);
      return Response.noContent().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error associating trust bundle to domain.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #6
0
  /**
   * Gets all trust bundles associated to a domain.
   *
   * @param domainName The name of the domain to fetch trust bundles for.
   * @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the
   *     bundle. When only needing bundle names, this parameter should be set to false for better
   *     performance.
   * @return A JSON representation of a collection of trust bundle that are associated to the given
   *     domain. Returns a status of 404 if a domain with the given name does not exist or a status
   *     of 404 if no trust bundles are associated with the given name.
   */
  @GET
  @Produces(MediaType.APPLICATION_JSON)
  @Path("domains/{domainName}")
  public Response getTrustBundlesByDomain(
      @PathParam("domainName") String domainName,
      @QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) {

    // make sure the domain exists
    org.nhindirect.config.store.Domain entityDomain;
    try {
      entityDomain = domainDao.getDomainByName(domainName);
      if (entityDomain == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();

    } catch (Exception e) {
      log.error("Error looking up domain.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    Collection<org.nhindirect.config.store.TrustBundleDomainReltn> retBundles = null;

    try {
      retBundles = bundleDao.getTrustBundlesByDomain(entityDomain.getId());

      if (retBundles.isEmpty()) return Response.noContent().cacheControl(noCache).build();

    } catch (Throwable e) {
      log.error("Error looking up trust bundles", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    final Collection<TrustBundleDomainReltn> modelBundles = new ArrayList<TrustBundleDomainReltn>();
    for (org.nhindirect.config.store.TrustBundleDomainReltn bundleReltn : retBundles) {
      if (!fetchAnchors)
        bundleReltn.getTrustBundle().setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>());

      final TrustBundleDomainReltn newReltn = new TrustBundleDomainReltn();
      newReltn.setIncoming(bundleReltn.isIncoming());
      newReltn.setOutgoing(bundleReltn.isOutgoing());
      newReltn.setDomain(EntityModelConversion.toModelDomain(bundleReltn.getDomain()));
      newReltn.setTrustBundle(
          EntityModelConversion.toModelTrustBundle(bundleReltn.getTrustBundle()));

      modelBundles.add(newReltn);
    }

    final GenericEntity<Collection<TrustBundleDomainReltn>> entity =
        new GenericEntity<Collection<TrustBundleDomainReltn>>(modelBundles) {};

    return Response.ok(entity).cacheControl(noCache).build();
  }
Пример #7
0
  /**
   * Removes a trust bundle from all domains.
   *
   * @param bundleName The name of the trust bundle to remove from all domains.
   * @return Status of 200 if the trust bundle was removed from all domains or a status of 404 if a
   *     trust bundle with the given name does not exist.
   */
  @DELETE
  @Path("{bundle}/deleteFromBundle")
  public Response disassociateTrustBundleFromDomains(@PathParam("bundle") String bundleName) {
    // make sure the bundle exists
    org.nhindirect.config.store.TrustBundle entityBundle;
    try {
      entityBundle = bundleDao.getTrustBundleByName(bundleName);
      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    // now make the disassociation
    try {
      bundleDao.disassociateTrustBundleFromDomains(entityBundle.getId());
      return Response.ok().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error disassociating trust bundle from domains.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #8
0
  /**
   * Deletes a trust bundle.
   *
   * @param bundleName The name of the bundle to delete.
   * @return Status of 200 if the trust bundle was deleted or a status of 404 if a trust bundle with
   *     the given name does not exist.
   */
  @DELETE
  @Path("{bundle}")
  public Response deleteBundle(@PathParam("bundle") String bundleName) {
    // make sure it exists
    org.nhindirect.config.store.TrustBundle entityBundle;
    try {
      entityBundle = bundleDao.getTrustBundleByName(bundleName);
      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error looking up bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    try {
      bundleDao.deleteTrustBundles(new long[] {entityBundle.getId()});

      return Response.ok().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error deleting trust bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #9
0
  /**
   * Forces the refresh of a trust bundle.
   *
   * @param bundleName The name of the trust bundle to refresh.
   * @return Status of 204 if the bundle was refreshed or a status of 404 if a trust bundle with the
   *     given name does not exist.
   */
  @Path("{bundle}/refreshBundle")
  @POST
  public Response refreshTrustBundle(@PathParam("bundle") String bundleName) {
    // make sure it exists and refresh it
    try {
      final org.nhindirect.config.store.TrustBundle entityBundle =
          bundleDao.getTrustBundleByName(bundleName);

      if (entityBundle == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();

      template.sendBody(entityBundle);

      return Response.noContent().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error refreshing bundle.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #10
0
  /**
   * Gets a trust bundle by name.
   *
   * @param bundleName The name of the trust bundle to retrieve.
   * @return A JSON representation of a the trust bundle. Returns a status of 404 if a trust bundle
   *     with the given name does not exist.
   */
  @GET
  @Produces(MediaType.APPLICATION_JSON)
  @Path("{bundleName}")
  public Response getTrustBundleByName(@PathParam("bundleName") String bundleName) {
    try {
      final org.nhindirect.config.store.TrustBundle retBundle =
          bundleDao.getTrustBundleByName(bundleName);

      if (retBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();

      final TrustBundle modelBundle = EntityModelConversion.toModelTrustBundle(retBundle);

      return Response.ok(modelBundle).cacheControl(noCache).build();

    } catch (Throwable e) {
      log.error("Error looking up trust bundles", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }
Пример #11
0
  /**
   * Removes all trust bundle from a domain.
   *
   * @param domainName The name of the domain to remove trust bundle from.
   * @return Status of 200 if trust bundles were removed from the domain or a status of 404 if a
   *     domain with the given name does not exist.
   */
  @DELETE
  @Path("{domain}/deleteFromDomain")
  public Response disassociateTrustBundlesFromDomain(@PathParam("domain") String domainName) {
    // make sure the domain exists
    org.nhindirect.config.store.Domain entityDomain;
    try {
      entityDomain = domainDao.getDomainByName(domainName);
      if (entityDomain == null)
        return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();

    } catch (Exception e) {
      log.error("Error looking up domain.", e);
      return Response.serverError().cacheControl(noCache).build();
    }

    // now make the disassociation
    try {
      bundleDao.disassociateTrustBundlesFromDomain(entityDomain.getId());
      return Response.ok().cacheControl(noCache).build();
    } catch (Exception e) {
      log.error("Error disassociating trust bundles from domain.", e);
      return Response.serverError().cacheControl(noCache).build();
    }
  }