diff options
| author | Kowalski, Kamil <kamil.kowalski@intel.com> | 2019-08-12 12:54:31 +0300 |
|---|---|---|
| committer | Ed Tanous <ed.tanous@intel.com> | 2019-09-24 00:01:43 +0300 |
| commit | 58eb238f94fd2ba3e8e51eaac6113a097b926f18 (patch) | |
| tree | d3055042656bbe6b92ff5931009ff6cca924f503 /redfish-core/lib/certificate_service.hpp | |
| parent | 4e68c45b5281615bccc49f71eaa5dfac6be8e490 (diff) | |
| download | bmcweb-58eb238f94fd2ba3e8e51eaac6113a097b926f18.tar.xz | |
Handling of adding certificates the Redfish way
Added handling for POSTing certificates the Redfish way (as proper JSON).
Currently it was only possible to add certificate as a RAW certificate in
request body. Now user is able to add it as
{
"CertificateType": "PEM",
"CertificateString": "..."
}
as well as previously in RAW form.
Tested:
- Uploading certificates in RAW form
- Uploading certificates in JSON form
- Uploading invalid certificates
- Uploading invalid JSON requests
Change-Id: Icf0f6b928e63fc3cc5cd089b483b3799fbe715de
Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com>
Diffstat (limited to 'redfish-core/lib/certificate_service.hpp')
| -rw-r--r-- | redfish-core/lib/certificate_service.hpp | 54 |
1 files changed, 51 insertions, 3 deletions
diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp index f2cd966c16..111bcec598 100644 --- a/redfish-core/lib/certificate_service.hpp +++ b/redfish-core/lib/certificate_service.hpp @@ -117,6 +117,39 @@ long getIDFromURL(const std::string_view url) return -1; } +std::string + getCertificateFromReqBody(const std::shared_ptr<AsyncResp> &asyncResp, + const crow::Request &req) +{ + nlohmann::json reqJson = nlohmann::json::parse(req.body, nullptr, false); + + if (reqJson.is_discarded()) + { + // We did not receive JSON request, proceed as it is RAW data + return req.body; + } + + std::string certificate; + std::optional<std::string> certificateType = "PEM"; + + if (!json_util::readJson(reqJson, asyncResp->res, "CertificateString", + certificate, "CertificateType", certificateType)) + { + BMCWEB_LOG_ERROR << "Required parameters are missing"; + messages::internalError(asyncResp->res); + return std::string(); + } + + if (*certificateType != "PEM") + { + messages::propertyValueNotInList(asyncResp->res, *certificateType, + "CertificateType"); + return std::string(); + } + + return certificate; +} + /** * Class to create a temporary certificate file for uploading to system */ @@ -897,8 +930,15 @@ class HTTPSCertificateCollection : public Node asyncResp->res.jsonValue = {{"Name", "HTTPS Certificate"}, {"Description", "HTTPS Certificate"}}; + std::string certFileBody = getCertificateFromReqBody(asyncResp, req); + + if (certFileBody.empty()) + { + return; + } + std::shared_ptr<CertificateFile> certFile = - std::make_shared<CertificateFile>(req.body); + std::make_shared<CertificateFile>(certFileBody); crow::connections::systemBus->async_method_call( [asyncResp, certFile](const boost::system::error_code ec) { @@ -1083,9 +1123,17 @@ class LDAPCertificateCollection : public Node void doPost(crow::Response &res, const crow::Request &req, const std::vector<std::string> ¶ms) override { - std::shared_ptr<CertificateFile> certFile = - std::make_shared<CertificateFile>(req.body); auto asyncResp = std::make_shared<AsyncResp>(res); + std::string certFileBody = getCertificateFromReqBody(asyncResp, req); + + if (certFileBody.empty()) + { + return; + } + + std::shared_ptr<CertificateFile> certFile = + std::make_shared<CertificateFile>(certFileBody); + crow::connections::systemBus->async_method_call( [asyncResp, certFile](const boost::system::error_code ec) { if (ec) |