github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/cps/third_party_csr.go (about) 1 package cps 2 3 import ( 4 "context" 5 "errors" 6 "fmt" 7 "net/http" 8 9 "github.com/akamai/AkamaiOPEN-edgegrid-golang/v8/pkg/edgegriderr" 10 validation "github.com/go-ozzo/ozzo-validation/v4" 11 ) 12 13 type ( 14 // ThirdPartyCSR is a CPS API enabling management of third-party certificates 15 ThirdPartyCSR interface { 16 // GetChangeThirdPartyCSR gets certificate signing request 17 // 18 // See: https://techdocs.akamai.com/cps/reference/get-change-allowed-input-param 19 GetChangeThirdPartyCSR(ctx context.Context, params GetChangeRequest) (*ThirdPartyCSRResponse, error) 20 21 // UploadThirdPartyCertAndTrustChain uploads signed certificate and trust chain to cps 22 // 23 // See: https://techdocs.akamai.com/cps/reference/post-change-allowed-input-param 24 UploadThirdPartyCertAndTrustChain(context.Context, UploadThirdPartyCertAndTrustChainRequest) error 25 } 26 27 // ThirdPartyCSRResponse is a response object containing list of csrs 28 ThirdPartyCSRResponse struct { 29 CSRs []CertSigningRequest `json:"csrs"` 30 } 31 32 // CertSigningRequest holds CSR 33 CertSigningRequest struct { 34 CSR string `json:"csr"` 35 KeyAlgorithm string `json:"keyAlgorithm"` 36 } 37 38 // UploadThirdPartyCertAndTrustChainRequest contains parameters to upload certificates 39 UploadThirdPartyCertAndTrustChainRequest struct { 40 EnrollmentID int 41 ChangeID int 42 Certificates ThirdPartyCertificates 43 } 44 45 // ThirdPartyCertificates contains certificates information 46 ThirdPartyCertificates struct { 47 CertificatesAndTrustChains []CertificateAndTrustChain `json:"certificatesAndTrustChains"` 48 } 49 50 // CertificateAndTrustChain contains single certificate with associated trust chain 51 CertificateAndTrustChain struct { 52 Certificate string `json:"certificate"` 53 TrustChain string `json:"trustChain,omitempty"` 54 KeyAlgorithm string `json:"keyAlgorithm"` 55 } 56 ) 57 58 // Validate validates UploadThirdPartyCertAndTrustChainRequest 59 func (r UploadThirdPartyCertAndTrustChainRequest) Validate() error { 60 return edgegriderr.ParseValidationErrors(validation.Errors{ 61 "EnrollmentID": validation.Validate(r.EnrollmentID, validation.Required), 62 "ChangeID": validation.Validate(r.ChangeID, validation.Required), 63 "Certificates": validation.Validate(r.Certificates, validation.Required), 64 }) 65 } 66 67 // Validate validates ThirdPartyCertificates 68 func (r ThirdPartyCertificates) Validate() error { 69 return validation.Errors{ 70 "CertificatesAndTrustChains": validation.Validate(r.CertificatesAndTrustChains), 71 }.Filter() 72 } 73 74 // Validate validates CertificateAndTrustChain 75 func (r CertificateAndTrustChain) Validate() error { 76 return validation.Errors{ 77 "Certificate": validation.Validate(r.Certificate, validation.Required), 78 "KeyAlgorithm": validation.Validate(r.KeyAlgorithm, validation.Required, validation.In("RSA", "ECDSA"). 79 Error(fmt.Sprintf("value '%s' is invalid. Must be one of: 'RSA', 'ECDSA'", r.KeyAlgorithm))), 80 }.Filter() 81 } 82 83 var ( 84 // ErrGetChangeThirdPartyCSR is returned when GetChangeThirdPartyCSR fails 85 ErrGetChangeThirdPartyCSR = errors.New("get change third-party csr") 86 // ErrUploadThirdPartyCertAndTrustChain is returned when UploadThirdPartyCertAndTrustChain fails 87 ErrUploadThirdPartyCertAndTrustChain = errors.New("upload third-party cert and trust chain") 88 ) 89 90 func (c *cps) GetChangeThirdPartyCSR(ctx context.Context, params GetChangeRequest) (*ThirdPartyCSRResponse, error) { 91 c.Log(ctx).Debug("GetChangeThirdPartyCSR") 92 93 if err := params.Validate(); err != nil { 94 return nil, fmt.Errorf("%s: %w: %s", ErrGetChangeThirdPartyCSR, ErrStructValidation, err) 95 } 96 97 uri := fmt.Sprintf("/cps/v2/enrollments/%d/changes/%d/input/info/third-party-csr", 98 params.EnrollmentID, params.ChangeID) 99 100 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 101 if err != nil { 102 return nil, fmt.Errorf("%w: failed to create request: %s", ErrGetChangeThirdPartyCSR, err) 103 } 104 req.Header.Set("Accept", "application/vnd.akamai.cps.csr.v2+json") 105 106 var result ThirdPartyCSRResponse 107 resp, err := c.Exec(req, &result) 108 if err != nil { 109 return nil, fmt.Errorf("%w: request failed: %s", ErrGetChangeThirdPartyCSR, err) 110 } 111 112 if resp.StatusCode != http.StatusOK { 113 return nil, fmt.Errorf("%s: %w", ErrGetChangeThirdPartyCSR, c.Error(resp)) 114 } 115 116 return &result, nil 117 } 118 119 func (c *cps) UploadThirdPartyCertAndTrustChain(ctx context.Context, params UploadThirdPartyCertAndTrustChainRequest) error { 120 c.Log(ctx).Debug("UploadThirdPartyCertAndTrustChain") 121 122 if err := params.Validate(); err != nil { 123 return fmt.Errorf("%s: %w: %s", ErrUploadThirdPartyCertAndTrustChain, ErrStructValidation, err) 124 } 125 126 uri := fmt.Sprintf("/cps/v2/enrollments/%d/changes/%d/input/update/third-party-cert-and-trust-chain", 127 params.EnrollmentID, params.ChangeID) 128 129 req, err := http.NewRequestWithContext(ctx, http.MethodPost, uri, nil) 130 if err != nil { 131 return fmt.Errorf("%w: failed to create request: %s", ErrUploadThirdPartyCertAndTrustChain, err) 132 } 133 req.Header.Set("Accept", "application/vnd.akamai.cps.change-id.v1+json") 134 req.Header.Set("Content-Type", "application/vnd.akamai.cps.certificate-and-trust-chain.v2+json; charset=utf-8") 135 136 resp, err := c.Exec(req, nil, params.Certificates) 137 if err != nil { 138 return fmt.Errorf("%w: request failed: %s", ErrUploadThirdPartyCertAndTrustChain, err) 139 } 140 141 if resp.StatusCode != http.StatusOK { 142 return fmt.Errorf("%s: %w", ErrUploadThirdPartyCertAndTrustChain, c.Error(resp)) 143 } 144 145 return nil 146 }