/** * Updates the signing certificate of a trust bundle. * * @param bundleName The name of the trust bundle to update. * @param certData A DER encoded representation of the new signing certificate. * @return Status of 204 if the trust bundle's signing certificate was updated, status of 400 if * the signing certificate is invalid, or a status 404 if a trust bundle with the given name * does not exist. */ @POST @Path("{bundle}/signingCert") @Consumes(MediaType.APPLICATION_JSON) public Response updateSigningCert(@PathParam("bundle") String bundleName, byte[] certData) { X509Certificate signingCert = null; if (certData.length > 0) { try { signingCert = CertUtils.toX509Certificate(certData); } catch (CertificateConversionException ex) { log.error("Signing certificate is not in a valid format " + bundleName, ex); return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build(); } } // make sure the bundle exists org.nhindirect.config.store.TrustBundle entityBundle; try { entityBundle = bundleDao.getTrustBundleByName(bundleName); if (entityBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up bundle.", e); return Response.serverError().cacheControl(noCache).build(); } // now update try { bundleDao.updateTrustBundleSigningCertificate(entityBundle.getId(), signingCert); return Response.noContent().cacheControl(noCache).build(); } catch (Exception e) { log.error("Error updating trust bundle signing certificate.", e); return Response.serverError().cacheControl(noCache).build(); } }
/** * Gets all trust bundles in the system. * * @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the * bundle. When only needing bundle names, this parameter should be set to false for better * performance. * @return A JSON representation of a collection of all trust bundles in the system. Returns a * status of 204 if no trust bundles exist. */ @GET @Produces(MediaType.APPLICATION_JSON) public Response getTrustBundles( @QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) { Collection<org.nhindirect.config.store.TrustBundle> retBundles = null; try { retBundles = bundleDao.getTrustBundles(); if (retBundles.isEmpty()) return Response.noContent().cacheControl(noCache).build(); } catch (Throwable e) { log.error("Error looking up trust bundles", e); return Response.serverError().cacheControl(noCache).build(); } final Collection<TrustBundle> modelBundles = new ArrayList<TrustBundle>(); for (org.nhindirect.config.store.TrustBundle bundle : retBundles) { if (!fetchAnchors) bundle.setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>()); modelBundles.add(EntityModelConversion.toModelTrustBundle(bundle)); } final GenericEntity<Collection<TrustBundle>> entity = new GenericEntity<Collection<TrustBundle>>(modelBundles) {}; return Response.ok(entity).cacheControl(noCache).build(); }
/** * Updates multiple bundle attributes. If the URL of the bundle changes, then the bundle is * automatically refreshed. * * @param bundleName The name of the bundle to update. * @param bundleData The data of the trust bundle to update. Empty or null attributes indicate * that the attribute should not be changed. * @return Status of 204 if the bundle attributes were updated, status of 400 if the signing * certificate is invalid, or a status 404 if a trust bundle with the given name does not * exist. */ @POST @Path("{bundle}/bundleAttributes") @Consumes(MediaType.APPLICATION_JSON) public Response updateBundleAttributes( @PathParam("bundle") String bundleName, TrustBundle bundleData) { // make sure the bundle exists org.nhindirect.config.store.TrustBundle entityBundle; try { entityBundle = bundleDao.getTrustBundleByName(bundleName); if (entityBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up bundle.", e); return Response.serverError().cacheControl(noCache).build(); } final String oldBundleURL = entityBundle.getBundleURL(); // if there is a signing certificate in the request, make sure it's valid X509Certificate newSigningCert = null; if (bundleData.getSigningCertificateData() != null) { try { newSigningCert = CertUtils.toX509Certificate(bundleData.getSigningCertificateData()); } catch (CertificateConversionException ex) { log.error("Signing certificate is not in a valid format " + bundleName, ex); return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build(); } } // update the bundle try { bundleDao.updateTrustBundleAttributes( entityBundle.getId(), bundleData.getBundleName(), bundleData.getBundleURL(), newSigningCert, bundleData.getRefreshInterval()); // if the URL changed, the bundle needs to be refreshed if (bundleData.getBundleURL() != null && !bundleData.getBundleURL().isEmpty() && !oldBundleURL.equals(bundleData.getBundleURL())) { entityBundle = bundleDao.getTrustBundleById(entityBundle.getId()); template.sendBody(entityBundle); } return Response.noContent().cacheControl(noCache).build(); } catch (Exception e) { log.error("Error updating trust bundle attributes.", e); return Response.serverError().cacheControl(noCache).build(); } }
/** * Associates a trust bundle to a domain along with directional trust. * * @param bundleName The name of the bundle to associate to a domain. * @param domainName The name of the domain to associate to a bundle. * @param incoming Indicates if trust should be allowed for incoming messages. * @param outgoing Indicates if trust should be allowed for outgoing messages. * @return Status of 204 if the association was made or a status of 404 if either a domain or * trust bundle with its given name does not exist. */ @POST @Path("{bundle}/{domain}") public Response associateTrustBundleToDomain( @PathParam("bundle") String bundleName, @PathParam("domain") String domainName, @QueryParam("incoming") @DefaultValue("true") boolean incoming, @QueryParam("outgoing") @DefaultValue("true") boolean outgoing) { // make sure the bundle exists org.nhindirect.config.store.TrustBundle entityBundle; try { entityBundle = bundleDao.getTrustBundleByName(bundleName); if (entityBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up bundle.", e); return Response.serverError().cacheControl(noCache).build(); } // make sure the domain exists org.nhindirect.config.store.Domain entityDomain; try { entityDomain = domainDao.getDomainByName(domainName); if (entityDomain == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up domain.", e); return Response.serverError().cacheControl(noCache).build(); } // now make the association try { bundleDao.associateTrustBundleToDomain( entityDomain.getId(), entityBundle.getId(), incoming, outgoing); return Response.noContent().cacheControl(noCache).build(); } catch (Exception e) { log.error("Error associating trust bundle to domain.", e); return Response.serverError().cacheControl(noCache).build(); } }
/** * Removes a trust bundle from all domains. * * @param bundleName The name of the trust bundle to remove from all domains. * @return Status of 200 if the trust bundle was removed from all domains or a status of 404 if a * trust bundle with the given name does not exist. */ @DELETE @Path("{bundle}/deleteFromBundle") public Response disassociateTrustBundleFromDomains(@PathParam("bundle") String bundleName) { // make sure the bundle exists org.nhindirect.config.store.TrustBundle entityBundle; try { entityBundle = bundleDao.getTrustBundleByName(bundleName); if (entityBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up bundle.", e); return Response.serverError().cacheControl(noCache).build(); } // now make the disassociation try { bundleDao.disassociateTrustBundleFromDomains(entityBundle.getId()); return Response.ok().cacheControl(noCache).build(); } catch (Exception e) { log.error("Error disassociating trust bundle from domains.", e); return Response.serverError().cacheControl(noCache).build(); } }
/** * Deletes a trust bundle. * * @param bundleName The name of the bundle to delete. * @return Status of 200 if the trust bundle was deleted or a status of 404 if a trust bundle with * the given name does not exist. */ @DELETE @Path("{bundle}") public Response deleteBundle(@PathParam("bundle") String bundleName) { // make sure it exists org.nhindirect.config.store.TrustBundle entityBundle; try { entityBundle = bundleDao.getTrustBundleByName(bundleName); if (entityBundle == null) return Response.status(Status.NOT_FOUND).cacheControl(noCache).build(); } catch (Exception e) { log.error("Error looking up bundle.", e); return Response.serverError().cacheControl(noCache).build(); } try { bundleDao.deleteTrustBundles(new long[] {entityBundle.getId()}); return Response.ok().cacheControl(noCache).build(); } catch (Exception e) { log.error("Error deleting trust bundle.", e); return Response.serverError().cacheControl(noCache).build(); } }