Keystores.java example

Explorer
coprhd-controller-master
/*
 * Copyright (c) 2015 EMC Corporation
 * All Rights Reserved
 */
package controllers.auth;

import java.io.File;

import jobs.RegenerateCertificateJob;
import jobs.UpdateCertificateJob;

import org.apache.commons.io.FileUtils;

import play.Logger;
import play.data.validation.Validation;
import play.mvc.With;
import util.BourneUtil;
import util.MessagesUtils;

import com.emc.vipr.client.core.Keystore;
import com.emc.vipr.model.keystore.CertificateChain;
import com.emc.vipr.model.keystore.KeyAndCertificateChain;

import controllers.Common;
import controllers.Maintenance;
import controllers.deadbolt.Restrict;
import controllers.deadbolt.Restrictions;
import controllers.util.ViprResourceController;
import controllers.util.FlashException;

@With(Common.class)
@Restrictions({ @Restrict("SECURITY_ADMIN"),
        @Restrict("RESTRICTED_SECURITY_ADMIN") })
public class Keystores extends ViprResourceController {


    private static Keystore api() {
        return BourneUtil.getViprClient().keystore();
    }

    public static void updateCertificate() {
        KeystoreForm keystore = new KeystoreForm();
        String viewChain = viewChain(keystore);
        render(viewChain, keystore);
    }

    @FlashException(value = "updateCertificate", keep = true)
    public static void save(KeystoreForm keystore) {
        keystore.validate("keystore");
        if (Validation.hasErrors()) {
            handleError(keystore);
        }
        if (keystore.rotate) {
            try {
                // Here we need a sync call. Else no way to catch exception
                api().regenerateKeyAndCertificate();
            } catch (Exception e) {
                flash.error(e.getMessage());
                handleError(keystore);
            }
        } else {

            String key = null;
            String cert = null;

            try {
                key = FileUtils.readFileToString(keystore.certKey);
            } catch (Exception e) {
                flash.error(MessagesUtils
                        .get("keystore.certKey.invalid.error"));
                handleError(keystore);
            }

            try {
                cert = FileUtils.readFileToString(keystore.certChain);
            } catch (Exception e) {
                flash.error(MessagesUtils
                        .get("keystore.certChain.invalid.error"));
                handleError(keystore);
            }

            try {
                KeyAndCertificateChain keyAndCertChain = new KeyAndCertificateChain();
                keyAndCertChain.setCertificateChain(cert);
                keyAndCertChain.setPrivateKey(key);
                api().setKeyAndCertificateChain(keyAndCertChain);
            } catch (Exception e) {
                flash.error(e.getMessage());
                handleError(keystore);
            }
        }

        flash.success(MessagesUtils.get("keystore.saved.reboot"));
        Maintenance.maintenance(Common.reverseRoute(Keystores.class, "updateCertificate"));
    }

    public static String viewChain(KeystoreForm keystore) {
        CertificateChain chain = BourneUtil.getViprClient().keystore().getCertificateChain();
        if (chain == null || chain.getChain() == null || chain.getChain().isEmpty()) {
            flash.error(MessagesUtils.get("vdc.certChain.empty.error"));
        }
        return chain.getChain();
    }

    private static void handleError(KeystoreForm form) {
        params.flash();
        Validation.keep();
        updateCertificate();
    }

    public static class KeystoreForm {

        public boolean rotate;
        public File certChain;
        public File certKey;

        public void validate(String formName) {

            if (!this.rotate) {
                Validation.required(formName + ".certKey", certKey);
                Validation.required(formName + ".certChain", certChain);
            }

        }
    }

}