/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package com.intel.mtwilson.attestation.client.jaxrs;
import com.intel.mtwilson.jaxrs2.client.MtWilsonClient;
import com.intel.mtwilson.as.rest.v2.model.HostAikCertificate;
import com.intel.mtwilson.as.rest.v2.model.HostAikCertificateCollection;
import com.intel.mtwilson.as.rest.v2.model.HostAikCertificateFilterCriteria;
import java.net.URL;
import java.util.HashMap;
import java.util.Properties;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.MediaType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author ssbangal
*/
public class HostAikCertificates extends MtWilsonClient {
Logger log = LoggerFactory.getLogger(getClass().getName());
public HostAikCertificates(URL url) throws Exception{
super(url);
}
public HostAikCertificates(Properties properties) throws Exception {
super(properties);
}
/**
* Associates the host with a new AIK certificate specified.
* @param obj HostAikCertificate object with the details of the AIK certificate to be associated with the host.
* @return HostAikCertificate created in the system.
* @since Mt.Wilson 2.0
* @mtwRequiresPermissions host_aik_certificates:create
* @mtwContentTypeReturned JSON/XML/YAML
* @mtwMethodType POST
* @mtwSampleRestCall
* <pre>
* https://server.com:8181/mtwilson/v2/hosts/d24dd52f-524e-43aa-8673-4013ecf64a4a/aik-certificates
* Input: {"certificate":"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlDdlRDQ0FhV2dBd0lCQWdJR0FVZWE0TWt2TUEwR0NTcUdTSWIz
* RFFFQkJRVUFNQnN4R1RBWEJnTlZCQU1URUcxMGQybHNjMjl1DQpMWEJqWVMxaGFXc3dIaGNOTVRRd09EQXpNRGMxT0RRNFdoY05NalF3T0
* RBeU1EYzFPRFE0V2pBQU1JSUJJakFOQmdrcWhraUc5dzBCDQpBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF6amZLQTJxWXVaakc2anIvcTVX
* eHlWVWhYQW1BbXFtaC9pUmVnd040ZUZMa3NZR2NDY01hDQo5TlpLaTdnR3ZHSEhFZG1JMmQrV3Z0MTlEb0tFRU5pOTNVVmErVHdBUmw0NG
* JidTNzSlp5dzRLcThka1NjZ004U1ozVFMvcWhCWDdEDQpyaXRselZqN0ZQazRTanJWcndWaHIrWjdGQ1RuOTAvVkIzRVp0U0w5S2wzcnJY
* MDZRZEIvM3hFODlFOHdFckttWHZGby9wVVo5OHRIDQpwRHlHRVVyRFJvaGpLVkZCZEhSSUVWeGg1amZUV1FkRlNsVnlnRGhVSFBGZUdOWW
* Jldk5wbTloOVVWanNRV3Z6RFJLZUZWWEhONklFDQp4VUx3NWRPTjRxYm1kdHZjWHAvS1Ftb0orZ1JDeU4yVVBYM1M1SjN0TWNlaEliek9R
* ckl6MFZQOFI2RU15UUlEQVFBQm95SXdJREFlDQpCZ05WSFJFQkFmOEVGREFTZ1JCSVNWTWdTV1JsYm5ScGRIa2dTMlY1TUEwR0NTcUdTSWI
* zRFFFQkJRVUFBNElCQVFCYXFmT2Jvc29tDQpEcDhWTEczd2lLR05nVzZycHN0OGJsVkFSZGhVd2xCSHFuNjFDcUFOSkh2S09ld2hzd1BKWW
* Qzc0JoS1hHcUFMWXRGOE55b1JYQ05jDQp0SXlGU3hLekFySnprOEprZk5OdWhrUm13SmNLNjcyTW9hdDkxZzNUOVR6enpPcWdXa05xU1JiO
* TRLSXdOQjYvakRDa2hTWGx1RVhsDQpvUnFsczIzc1dUNy9FUlNEQVBTZWFnOE10RTBKRThDMVkydlBDdE9raFA0bWVnR0F3ZWQxcXpPbVNr
* WHBVdVJJczNxcXFScWFrTldtDQpFVTJubURCZWwzTHFNRFE3NTl4NCszRTNUOWMvNkdDcThKMlN6N1pwcWRjSFhvVDN1aDRlRSszWEpjS3p
* WYyszSkFhNDd4Z2o2VnpODQppbEhhVXJIRk1ER3ROcDJjb3JnYUxEeFFGVC9kDQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tDQo="}
*
* Output: {"id":"c9a6e943-301c-4984-870c-ce3aafbe4e94","host_uuid":"d24dd52f-524e-43aa-8673-4013ecf64a4a","certificate":
* "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlDdlRDQ0FhV2dBd0lCQWdJR0FVZWE0TWt2TUEwR0NTcUdTSWIzRFFFQkJRVUFNQnN4
* R1RBWEJnTlZCQU1URUcxMGQybHNjMjl1DQpMWEJqWVMxaGFXc3dIaGNOTVRRd09EQXpNRGMxT0RRNFdoY05NalF3T0RBeU1EYzFPRFE0V2pBQ
* U1JSUJJakFOQmdrcWhraUc5dzBCDQpBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF6amZLQTJxWXVaakc2anIvcTVXeHlWVWhYQW1BbXFtaC9pUm
* Vnd040ZUZMa3NZR2NDY01hDQo5TlpLaTdnR3ZHSEhFZG1JMmQrV3Z0MTlEb0tFRU5pOTNVVmErVHdBUmw0NGJidTNzSlp5dzRLcThka1NjZ00
* 4U1ozVFMvcWhCWDdEDQpyaXRselZqN0ZQazRTanJWcndWaHIrWjdGQ1RuOTAvVkIzRVp0U0w5S2wzcnJYMDZRZEIvM3hFODlFOHdFckttWHZG
* by9wVVo5OHRIDQpwRHlHRVVyRFJvaGpLVkZCZEhSSUVWeGg1amZUV1FkRlNsVnlnRGhVSFBGZUdOWWJldk5wbTloOVVWanNRV3Z6RFJLZUZWW
* EhONklFDQp4VUx3NWRPTjRxYm1kdHZjWHAvS1Ftb0orZ1JDeU4yVVBYM1M1SjN0TWNlaEliek9Rckl6MFZQOFI2RU15UUlEQVFBQm95SXdJRE
* FlDQpCZ05WSFJFQkFmOEVGREFTZ1JCSVNWTWdTV1JsYm5ScGRIa2dTMlY1TUEwR0NTcUdTSWIzRFFFQkJRVUFBNElCQVFCYXFmT2Jvc29tDQp
* EcDhWTEczd2lLR05nVzZycHN0OGJsVkFSZGhVd2xCSHFuNjFDcUFOSkh2S09ld2hzd1BKWWQzc0JoS1hHcUFMWXRGOE55b1JYQ05jDQp0SXlG
* U3hLekFySnprOEprZk5OdWhrUm13SmNLNjcyTW9hdDkxZzNUOVR6enpPcWdXa05xU1JiOTRLSXdOQjYvakRDa2hTWGx1RVhsDQpvUnFsczIzc
* 1dUNy9FUlNEQVBTZWFnOE10RTBKRThDMVkydlBDdE9raFA0bWVnR0F3ZWQxcXpPbVNrWHBVdVJJczNxcXFScWFrTldtDQpFVTJubURCZWwzTH
* FNRFE3NTl4NCszRTNUOWMvNkdDcThKMlN6N1pwcWRjSFhvVDN1aDRlRSszWEpjS3pWYyszSkFhNDd4Z2o2VnpODQppbEhhVXJIRk1ER3ROcDJ
* jb3JnYUxEeFFGVC9kDQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tDQo="
* </pre>
* @mtwSampleApiCall
* <pre>
* HostAikCertificates client = new HostAikCertificates(getClientProperties());
* HostAikCertificate aikCert = new HostAikCertificate();
* aikCert.setHostUuid("d24dd52f-524e-43aa-8673-4013ecf64a4a");
* aikCert.setCertificate(certificate);
* client.createHostAikCertificate(aikCert);
* </pre>
*/
public HostAikCertificate createHostAikCertificate(HostAikCertificate obj) {
log.debug("target: {}", getTarget().getUri().toString());
HashMap<String,Object> map = new HashMap<>();
map.put("host_id", obj.getHostUuid());
HostAikCertificate newObj = getTarget().path("hosts/{host_id}/aik-certificates").resolveTemplates(map)
.request().accept(MediaType.APPLICATION_JSON).post(Entity.json(obj), HostAikCertificate.class);
return newObj;
}
/**
* Searches for the host's AIK certificate with the specified criteria. Since the system currently supports only one AIK per host, only
* criteria that is supported is the UUID of the host for which the AIK certificate need to be retrieved.
* @param criteria HostAikCertificateFilterCriteria object that specifies the search criteria.
* @return HostAikCertificateCollection object with a list of AIK certificates that match the filter criteria.
* @since Mt.Wilson 2.0
* @mtwRequiresPermissions host_aik_certificates:search
* @mtwContentTypeReturned application/json OR application/x-pem-file (just Certificate in the PEM format would be returned)
* @mtwMethodType GET
* @mtwSampleRestCall
* <pre>
* https://server.com:8181/mtwilson/v2/hosts/d24dd52f-524e-43aa-8673-4013ecf64a4a/aik-certificates
* Output: {"aik_certificates":[{"id":"d24dd52f-524e-43aa-8673-4013ecf64a4a","aik_sha1":"0dfa39952dec39848990acac56a7ec8787bef1d4",
* "certificate":"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlDdlRDQ0FhV2dBd0lCQWdJR0FV.....RCBDRVJUSUZJQ0FURS0tLS0tDQo="}]}
* Output (ContentType- application/x-pem-file): -----BEGIN CERTIFICATE-----
* MIICvTCCAaWgAwIBAgIGAUea4MkvMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMTEG10d2lsc29u
* LXBjYS1haWswHhcNMTQwODAzMDc1ODQ4WhcNMjQwODAyMDc1ODQ4WjAAMIIBIjANBgkqhkiG9w0B
* AQEFAAOCAQ8AMIIBCgKCAQEAzjfKA2qYuZjG6jr/q5WxyVUhXAmAmqmh/iRegwN4eFLksYGcCcMa
* 9NZKi7gGvGHHEdmI2d+Wvt19DoKEENi93UVa+TwARl44bbu3sJZyw4Kq8dkScgM8SZ3TS/qhBX7D
* ritlzVj7FPk4SjrVrwVhr+Z7FCTn90/VB3EZtSL9Kl3rrX06QdB/3xE89E8wErKmXvFo/pUZ98tH
* pDyGEUrDRohjKVFBdHRIEVxh5jfTWQdFSlVygDhUHPFeGNYbevNpm9h9UVjsQWvzDRKeFVXHN6IE
* xULw5dON4qbmdtvcXp/KQmoJ+gRCyN2UPX3S5J3tMcehIbzOQrIz0VP8R6EMyQIDAQABoyIwIDAe
* BgNVHREBAf8EFDASgRBISVMgSWRlbnRpdHkgS2V5MA0GCSqGSIb3DQEBBQUAA4IBAQBaqfObosom
* Dp8VLG3wiKGNgW6rpst8blVARdhUwlBHqn61CqANJHvKOewhswPJYd3sBhKXGqALYtF8NyoRXCNc
* tIyFSxKzArJzk8JkfNNuhkRmwJcK672Moat91g3T9TzzzOqgWkNqSRb94KIwNB6/jDCkhSXluEXl
* oRqls23sWT7/ERSDAPSeag8MtE0JE8C1Y2vPCtOkhP4megGAwed1qzOmSkXpUuRIs3qqqRqakNWm
* EU2nmDBel3LqMDQ759x4+3E3T9c/6GCq8J2Sz7ZpqdcHXoT3uh4eE+3XJcKzVc+3JAa47xgj6VzN
* ilHaUrHFMDGtNp2corgaLDxQFT/d
* -----END CERTIFICATE-----
* </pre>
* @mtwSampleApiCall
* <pre>
* HostAikCertificates client = new HostAikCertificates(getClientProperties());
* HostAikCertificateFilterCriteria criteria = new HostAikCertificateFilterCriteria();
* criteria.hostUuid = "d24dd52f-524e-43aa-8673-4013ecf64a4a";
* HostAikCertificateCollection searchHostAikCertificates = client.searchHostAikCertificates(criteria);
* </pre>
*/
public HostAikCertificateCollection searchHostAikCertificates(HostAikCertificateFilterCriteria criteria) {
log.debug("target: {}", getTarget().getUri().toString());
HashMap<String,Object> map = new HashMap<>();
map.put("host_id", criteria.hostUuid);
HostAikCertificateCollection objCollection = getTargetPathWithQueryParams("hosts/{host_id}/aik-certificates", criteria)
.resolveTemplates(map).request(MediaType.APPLICATION_JSON).get(HostAikCertificateCollection.class);
return objCollection;
}
/**
* Retrieves the AIK certificate details of the host with the specified UUID.
* @param uuid - UUID of the Host for which the assoicated AIK certificate needs to be retrieved.
* @return HostAikCertificate retrieved from the system for the specified Host UUID.
* @since Mt.Wilson 2.0
* @mtwRequiresPermissions host_aik_certificates:retrieve
* @mtwContentTypeReturned application/json OR application/x-pem-file (just Certificate in the PEM format would be returned)
* @mtwMethodType GET
* @mtwSampleRestCall
* <pre>
* https://server.com:8181/mtwilson/v2/hosts/d24dd52f-524e-43aa-8673-4013ecf64a4a/aik-certificates
* Output (ContentType- application/x-pem-file): -----BEGIN CERTIFICATE-----
* MIICvTCCAaWgAwIBAgIGAUea4MkvMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMTEG10d2lsc29u
* LXBjYS1haWswHhcNMTQwODAzMDc1ODQ4WhcNMjQwODAyMDc1ODQ4WjAAMIIBIjANBgkqhkiG9w0B
* AQEFAAOCAQ8AMIIBCgKCAQEAzjfKA2qYuZjG6jr/q5WxyVUhXAmAmqmh/iRegwN4eFLksYGcCcMa
* 9NZKi7gGvGHHEdmI2d+Wvt19DoKEENi93UVa+TwARl44bbu3sJZyw4Kq8dkScgM8SZ3TS/qhBX7D
* ritlzVj7FPk4SjrVrwVhr+Z7FCTn90/VB3EZtSL9Kl3rrX06QdB/3xE89E8wErKmXvFo/pUZ98tH
* pDyGEUrDRohjKVFBdHRIEVxh5jfTWQdFSlVygDhUHPFeGNYbevNpm9h9UVjsQWvzDRKeFVXHN6IE
* xULw5dON4qbmdtvcXp/KQmoJ+gRCyN2UPX3S5J3tMcehIbzOQrIz0VP8R6EMyQIDAQABoyIwIDAe
* BgNVHREBAf8EFDASgRBISVMgSWRlbnRpdHkgS2V5MA0GCSqGSIb3DQEBBQUAA4IBAQBaqfObosom
* Dp8VLG3wiKGNgW6rpst8blVARdhUwlBHqn61CqANJHvKOewhswPJYd3sBhKXGqALYtF8NyoRXCNc
* tIyFSxKzArJzk8JkfNNuhkRmwJcK672Moat91g3T9TzzzOqgWkNqSRb94KIwNB6/jDCkhSXluEXl
* oRqls23sWT7/ERSDAPSeag8MtE0JE8C1Y2vPCtOkhP4megGAwed1qzOmSkXpUuRIs3qqqRqakNWm
* EU2nmDBel3LqMDQ759x4+3E3T9c/6GCq8J2Sz7ZpqdcHXoT3uh4eE+3XJcKzVc+3JAa47xgj6VzN
* ilHaUrHFMDGtNp2corgaLDxQFT/d
* -----END CERTIFICATE-----
* </pre>
* @mtwSampleApiCall
* <pre>
* HostAikCertificates client = new HostAikCertificates(getClientProperties());
* HostAikCertificate retrieveHostAikCertificate = client.retrieveHostAikCertificate("d24dd52f-524e-43aa-8673-4013ecf64a4a");
* </pre>
*/
public HostAikCertificate retrieveHostAikCertificate(String hostUuid) {
log.debug("target: {}", getTarget().getUri().toString());
HashMap<String,Object> map = new HashMap<>();
map.put("host_id", hostUuid);
// We are passing the host UUID to "id" also even though it will not be used (without this framework treats this call as a
// search call instead of a retrieve call. Currently we support only one aik certificate for a host, we can retrieve
// the aik certificate for the host uniquely with the host uuid itself.
map.put("id", hostUuid);
HostAikCertificate obj = getTarget().path("hosts/{host_id}/aik-certificates/{id}")
.resolveTemplates(map).request(MediaType.APPLICATION_JSON).get(HostAikCertificate.class);
return obj;
}
}