SamlCertificate.java

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package com.intel.mtwilson.ms.rest;

import com.intel.dcsg.cpg.crypto.RsaUtil;
import com.intel.dcsg.cpg.x509.X509Util;
import com.intel.mtwilson.i18n.ErrorCode;
import com.intel.mtwilson.launcher.ws.ext.V1;
import com.intel.mtwilson.ms.common.MSConfig;
import com.intel.mtwilson.ms.common.MSException;
import com.intel.mtwilson.security.annotations.PermitAll;
import com.intel.mtwilson.util.ResourceFinder;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * REST Web Service
 *
 * @author dsmagadX
 */
@V1
@Path("/ManagementService/resources/saml")
public class SamlCertificate {

    private Logger log = LoggerFactory.getLogger(getClass());

    /**
     * Creates a new instance of SamlCertificate
     */
    public SamlCertificate() {
    }
    
    @GET
    @Produces({MediaType.TEXT_PLAIN})
    public String defaultCaGetAction() {
        return ""; // note:  we are not doing anything here, this function exists only to work around this error: SEVERE: Conflicting URI templates. The URI template /ca for root resource class com.intel.mtwilson.ms.rest.CA and the URI template /ca transform to the same regular expression /ca(/.*)?
    }

    /**
     * Same as getSamlCertificate but with suggested filename
     */
    @GET
    @Path("/certificate/mtwilson-saml.crt")
    @Produces({MediaType.APPLICATION_OCTET_STREAM})
    //@PermitAll
    public byte[] getSamlCertificateFilename() {
        return getSamlCertificate();
    }    
    
    /**
     * Retrieves representation of an instance of
     * com.intel.mountwilson.ms.business.SamlCertificate
     *
     * @return an instance of java.lang.String
     */
    @GET
    @Path("/certificate")
    @Produces({MediaType.APPLICATION_OCTET_STREAM})
    //@PermitAll
    public byte[] getSamlCertificate() {

        try {
            File certFile = ResourceFinder.getFile(MSConfig.getConfiguration().getString("mtwilson.saml.certificate.file", "saml.crt.pem"));
            log.debug("Certificate File " + certFile.getPath());
            try (FileInputStream in = new FileInputStream(certFile)) {
//                byte[] certificate = IOUtils.toByteArray(in);
                String certificate = IOUtils.toString(in);
//                X509Certificate cert = X509Util.decodeDerCertificate(certificate);
                X509Certificate cert = X509Util.decodePemCertificate(certificate); 

                log.info("Read certificate successfully");

                return cert.getEncoded();
            }
        } catch (CertificateException e) {
            throw new MSException(ErrorCode.MS_BAD_CERTIFICATE_FILE, ErrorCode.MS_BAD_CERTIFICATE_FILE.getMessage(), e);

        } catch (IOException e) {
            throw new MSException(ErrorCode.MS_MISSING_CERTIFICATE_FILE, ErrorCode.MS_MISSING_CERTIFICATE_FILE.getMessage(), e);
        }

    }
    /**
     * PUT method for updating or creating an instance of SamlCertificate
     *
     * @param content representation for the resource
     * @return an HTTP response with content of the updated or created resource.
     */
    /*
     @PUT
     @Consumes("application/xml")
     public void putXml(String content) {
     }
     * 
     */
}