CertificateCreateValidationFilter.java

package io.cattle.platform.iaas.api.filter.ssl;

import io.cattle.platform.core.model.Certificate;
import io.cattle.platform.core.model.Instance;
import io.cattle.platform.iaas.api.filter.common.AbstractDefaultResourceManagerFilter;
import io.cattle.platform.object.util.DataUtils;
import io.cattle.platform.ssh.common.SslCertificateUtils;
import io.github.ibuildthecloud.gdapi.exception.ClientVisibleException;
import io.github.ibuildthecloud.gdapi.request.ApiRequest;
import io.github.ibuildthecloud.gdapi.request.resource.ResourceManager;
import io.github.ibuildthecloud.gdapi.util.ResponseCodes;
import io.github.ibuildthecloud.gdapi.validation.ValidationErrorCodes;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class CertificateCreateValidationFilter extends AbstractDefaultResourceManagerFilter {
    private static final Logger log = LoggerFactory.getLogger(CertificateCreateValidationFilter.class);

    @Override
    public String[] getTypes() {
        return new String[] { "certificate" };
    }

    @Override
    public Class<?>[] getTypeClasses() {
        return new Class<?>[] { Instance.class };
    }

    @Override
    public Object create(String type, ApiRequest request, ResourceManager next) {
        String cert = DataUtils.getFieldFromRequest(request, "cert", String.class);

        Certificate certificate = request.proxyRequestObject(Certificate.class);
        setCertificateFields(cert, certificate);

        return super.create(type, request, next);
    }

    @Override
    public Object update(String type, String id, ApiRequest request, ResourceManager next) {
        String cert = DataUtils.getFieldFromRequest(request, "cert", String.class);

        Certificate certificate = request.proxyRequestObject(Certificate.class);
        setCertificateFields(cert, certificate);

        return super.update(type, id, request, next);
    }

    protected void setCertificateFields(String cert, Certificate certificate) {
        try {
            DataUtils.getWritableFields(certificate).put("certFingerprint",
                    SslCertificateUtils.getCertificateFingerprint(cert));
            DataUtils.getWritableFields(certificate).put("expiresAt",
                    SslCertificateUtils.getExpirationDate(cert));
            DataUtils.getWritableFields(certificate).put("CN",
                    SslCertificateUtils.getCN(cert));
            DataUtils.getWritableFields(certificate).put("issuer",
                    SslCertificateUtils.getIssuer(cert));
            DataUtils.getWritableFields(certificate).put("issuedAt",
                    SslCertificateUtils.getIssuedDate(cert));
            DataUtils.getWritableFields(certificate).put("version",
                    SslCertificateUtils.getVersion(cert));
            DataUtils.getWritableFields(certificate).put("algorithm",
                    SslCertificateUtils.getAlgorithm(cert));
            DataUtils.getWritableFields(certificate).put("serialNumber",
                    SslCertificateUtils.getSerialNumber(cert));
            DataUtils.getWritableFields(certificate).put("keySize",
                    SslCertificateUtils.getKeySize(cert));
            DataUtils.getWritableFields(certificate).put("subjectAlternativeNames",
                    SslCertificateUtils.getSubjectAlternativeNames(cert));
        } catch (Exception e) {
            String className = e.getCause() != null ? e.getCause().getClass().getSimpleName() : e.getClass()
                    .getSimpleName();
            log.info("Exception parsing certificate fields: {} : [{}]", className, e.getMessage());
            throw new ClientVisibleException(ResponseCodes.UNPROCESSABLE_ENTITY, ValidationErrorCodes.INVALID_FORMAT,
                    e.getMessage(), null);
        }
    }
}