Merge pull request #15 from enclave-networks/develop

Release

.github/workflows/sdk-api-build.yml

@@ -8,7 +8,6 @@ on:
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
 
     steps:
@@ -25,15 +24,15 @@ jobs:
     - name: Determine Version
       id:   gitversion
       uses: gittools/actions/gitversion/[email protected]
-              
+
     - name: Setup .NET 6 (SDK)
       uses: actions/setup-dotnet@v1
       with:
-        dotnet-version: 6.0.x        
+        dotnet-version: 6.0.x
         source-url: https://nuget.pkg.github.com/enclave-networks/index.json
       env:
         NUGET_AUTH_TOKEN: ${{github.token}}
-                
+
     - name: Build
       run: dotnet build Enclave.Sdk.Api.sln -c Release /p:Version=${{ steps.gitversion.outputs.SemVer }}
 
@@ -42,10 +41,14 @@ jobs:
       run: dotnet test -c Release
 
     - name: Push Github Source Packages
-      if: github.event_name == 'push'
-      run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg  --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true
+      if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
+      run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg  --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate
+
+    - name: Push To nuget.org
+      if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+      run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate
 
-    - name: Create Release    
+    - name: Create Release
       if: github.event_name == 'push' && github.ref == 'refs/heads/main'
       uses: actions/create-release@v1
       env:

Enclave.Sdk.Api.sln

@@ -17,7 +17,10 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{BD898880-875C-43EA-B22C-A7C801CFA607}"
 	ProjectSection(SolutionItems) = preProject
 		.editorconfig = .editorconfig
+		.gitignore = .gitignore
 		GitVersion.yml = GitVersion.yml
+		LICENSE = LICENSE
+		README.md = README.md
 		.github\workflows\sdk-api-build.yml = .github\workflows\sdk-api-build.yml
 	EndProjectSection
 EndProject

GitVersion.yml

@@ -1,11 +1,11 @@
 assembly-versioning-scheme: None
 mode: ContinuousDelivery
-next-version: 0.0.1
+next-version: 1.0.0
 branches:
   main:
    mode: ContinuousDelivery
   develop:
-   increment: Patch     
+   increment: Patch
 ignore:
   sha: []
 merge-message-formats: {}

src/Enclave.Sdk/Clients/AuthorityClient.cs

@@ -0,0 +1,35 @@
+using System.Net.Http.Json;
+using Enclave.Sdk.Api.Clients.Interfaces;
+using Enclave.Sdk.Api.Data.Authority;
+
+namespace Enclave.Sdk.Api.Clients;
+
+/// <inheritdoc cref="IAuthorityClient" />
+internal class AuthorityClient : ClientBase, IAuthorityClient
+{
+    /// <summary>
+    /// Constructor which will be called by <see cref="EnclaveClient"/> when it's created.
+    /// </summary>
+    /// <param name="httpClient">an instance of httpClient with a baseURL referencing the API.</param>
+    public AuthorityClient(HttpClient httpClient)
+        : base(httpClient)
+    {
+    }
+
+    /// <inheritdoc/>
+    public async Task<EnrolResult> EnrolAsync(EnrolRequest requestModel)
+    {
+        if (requestModel is null)
+        {
+            throw new ArgumentNullException(nameof(requestModel));
+        }
+
+        var result = await HttpClient.PostAsJsonAsync($"authority/enrol", requestModel, Constants.JsonSerializerOptions);
+
+        var model = await DeserialiseAsync<EnrolResult>(result.Content);
+
+        EnsureNotNull(model);
+
+        return model;
+    }
+}

src/Enclave.Sdk/Clients/DNSClient.cs

@@ -14,7 +14,7 @@ internal class DnsClient : ClientBase, IDnsClient
     private readonly string _orgRoute;
 
     /// <summary>
-    /// Constructor  which will be called by <see cref="OrganisationClient"/> when it's created.
+    /// Constructor which will be called by <see cref="OrganisationClient"/> when it's created.
     /// </summary>
     /// <param name="httpClient">an instance of httpClient with a baseURL referencing the API.</param>
     /// <param name="orgRoute">The organisation API route.</param>

src/Enclave.Sdk/Clients/EnrolledSystemsClient.cs

@@ -51,7 +51,7 @@ public async Task<int> RevokeSystemsAsync(params SystemId[] systemIds)
     {
         using var content = CreateJsonContent(new
         {
-            systemIds = systemIds,
+            systemIds,
         });
 
         using var request = new HttpRequestMessage
@@ -137,7 +137,7 @@ public async Task<int> BulkEnableAsync(params SystemId[] systemIds)
     {
         var requestModel = new
         {
-            systemIds = systemIds,
+            systemIds,
         };
 
         var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/systems/enable", requestModel, Constants.JsonSerializerOptions);
@@ -162,7 +162,7 @@ public async Task<int> BulkDisableAsync(params SystemId[] systemIds)
     {
         var requestModel = new
         {
-            systemIds = systemIds,
+            systemIds,
         };
 
         var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/systems/disable", requestModel, Constants.JsonSerializerOptions);

src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs

@@ -15,7 +15,7 @@ internal class EnrolmentKeysClient : ClientBase, IEnrolmentKeysClient
     private readonly string _orgRoute;
 
     /// <summary>
-    /// Constructor  which will be called by <see cref="OrganisationClient"/> when it's created.
+    /// Constructor which will be called by <see cref="OrganisationClient"/> when it's created.
     /// </summary>
     /// <param name="httpClient">an instance of httpClient with a baseURL referencing the API.</param>
     /// <param name="orgRoute">The organisation API route.</param>

src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs

@@ -0,0 +1,16 @@
+using Enclave.Sdk.Api.Data.Authority;
+
+namespace Enclave.Sdk.Api.Clients.Interfaces;
+
+/// <summary>
+/// Provides operations enrol a new system.
+/// </summary>
+public interface IAuthorityClient
+{
+    /// <summary>
+    /// Enrol a new system.
+    /// </summary>
+    /// <param name="requestModel">The Request model to enrol the system.</param>
+    /// <returns>An EnrolResult model.</returns>
+    Task<EnrolResult> EnrolAsync(EnrolRequest requestModel);
+}

src/Enclave.Sdk/Clients/PoliciesClient.cs

@@ -15,7 +15,7 @@ internal class PoliciesClient : ClientBase, IPoliciesClient
     private readonly string _orgRoute;
 
     /// <summary>
-    /// Constructor  which will be called by <see cref="OrganisationClient"/> when it's created.
+    /// Constructor which will be called by <see cref="OrganisationClient"/> when it's created.
     /// It also calls the <see cref="ClientBase"/> constructor.
     /// </summary>
     /// <param name="httpClient">an instance of httpClient with a baseURL referencing the API.</param>
@@ -65,7 +65,7 @@ public async Task<int> DeletePoliciesAsync(params PolicyId[] policyIds)
     {
         using var content = CreateJsonContent(new
         {
-            policyIds = policyIds,
+            policyIds,
         });
 
         using var request = new HttpRequestMessage
@@ -151,7 +151,7 @@ public async Task<int> EnablePoliciesAsync(params PolicyId[] policyIds)
     {
         var requestModel = new
         {
-            policyIds = policyIds,
+            policyIds,
         };
 
         var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/policies/enable", requestModel, Constants.JsonSerializerOptions);
@@ -176,7 +176,7 @@ public async Task<int> DisablePoliciesAsync(params PolicyId[] policyIds)
     {
         var requestModel = new
         {
-            policyIds = policyIds,
+            policyIds,
         };
 
         var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/policies/disable", requestModel, Constants.JsonSerializerOptions);

src/Enclave.Sdk/Clients/TagsClient.cs

@@ -12,7 +12,7 @@ internal class TagsClient : ClientBase, ITagsClient
     private readonly string _orgRoute;
 
     /// <summary>
-    /// Constructor  which will be called by <see cref="OrganisationClient"/> when it's created.
+    /// Constructor which will be called by <see cref="OrganisationClient"/> when it's created.
     /// </summary>
     /// <param name="httpClient">an instance of httpClient with a baseURL referencing the API.</param>
     /// <param name="orgRoute">the orgRoute which specifies the orgId.</param>

src/Enclave.Sdk/Clients/UnapprovedSystemsClient.cs

@@ -48,7 +48,7 @@ public async Task<int> DeclineSystems(params SystemId[] systemIds)
     {
         using var content = CreateJsonContent(new
         {
-            systemIds = systemIds,
+            systemIds,
         });
 
         using var request = new HttpRequestMessage
@@ -118,7 +118,7 @@ public async Task<int> ApproveSystemsAsync(params SystemId[] systemIds)
     {
         var requestModel = new
         {
-            systemIds = systemIds,
+            systemIds,
         };
 
         var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/unapproved-systems/approve", requestModel, Constants.JsonSerializerOptions);

src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs

@@ -0,0 +1,42 @@
+namespace Enclave.Sdk.Api.Data.Authority;
+
+/// <summary>
+/// Defines bit-flags indicating what a certificate can be used for.
+/// </summary>
+[Flags]
+public enum CertificatePermittedUse : byte
+{
+    /// <summary>
+    /// No Permitted Uses.
+    /// </summary>
+    None = 0x0,
+
+    /// <summary>
+    /// For individual endpoints.
+    /// </summary>
+    /// <remarks>
+    /// Certificate commonName is assigned by the root or intermediate, the public key owners identity is not validated.
+    /// Certificate may only be signed by an intermediate or root. issued to a primary key.
+    /// Certificate may not be used to signed by another. Certificates signed by endpoints are considered invalid.
+    /// </remarks>
+    Endpoint = 0x2,
+
+    /// <summary>
+    /// Special class of endpoint certificate reserved for operational infrastructure, discovery service, relay services etc.
+    /// </summary>
+    Infrastructure = 0x4,
+
+    /// <summary>
+    /// For intermediate level certificates
+    /// ===================================
+    /// This class may only sign endpoints (class 0), and can only be signed by a root.
+    /// </summary>
+    Intermediate = 0x8,
+
+    /// <summary>
+    /// For root level certificates
+    /// ===========================
+    /// This class may only be used to sign intermediates and must be signed with own public key.
+    /// </summary>
+    Root = 0x10,
+}

src/Enclave.Sdk/Data/Authority/EnrolRequest.cs

@@ -0,0 +1,33 @@
+namespace Enclave.Sdk.Api.Data.Authority;
+
+/// <summary>
+/// Model for an enrolment request.
+/// </summary>
+public class EnrolRequest
+{
+    /// <summary>
+    /// A 256-bit (32 byte) public key for signing, in base-64.
+    /// </summary>
+    public string PublicKey { get; set; } = default!;
+
+    /// <summary>
+    /// An Enclave Enrolment Key.
+    /// </summary>
+    public string EnrolmentKey { get; set; } = default!;
+
+    /// <summary>
+    /// A 256-bit (32 byte) nonce for the request, in base-64.
+    /// </summary>
+    public string Nonce { get; set; } = default!;
+
+    /// <summary>
+    /// Unix epoch timestamp from which the certificate becomes valid.
+    /// If none provided, defaults to now.
+    /// </summary>
+    public long? NotBefore { get; set; }
+
+    /// <summary>
+    /// Unix epoch timestamp until which the certificate is valid. If none provided, defaults to a permanent certificate.
+    /// </summary>
+    public long? NotAfter { get; set; }
+}

src/Enclave.Sdk/Data/Authority/EnrolResult.cs

@@ -0,0 +1,61 @@
+namespace Enclave.Sdk.Api.Data.Authority;
+
+/// <summary>
+/// Defines the response model for an issued certificate.
+/// </summary>
+public class EnrolResult
+{
+    /// <summary>
+    /// The version number field denotes the version of the certificate.
+    /// </summary>
+    public int Version { get; init; }
+
+    /// <summary>
+    /// The unique serial number of the certificate assigned by the certification authority; the size of the serial number field is a 16 byte (128 bit) guid.
+    /// </summary>
+    /// <remarks>
+    ///  <para>The value is unique to every certificate issued by a certification authority so as to allow identification of individual certificates.</para>
+    ///  <para>The value may be randomly selected, or incremented by the certificate authority.</para>
+    /// </remarks>
+    public byte[] SerialNumber { get; init; } = default!;
+
+    /// <summary>
+    /// Permitted uses of the certificate.
+    /// </summary>
+    public CertificatePermittedUse PermittedUse { get; init; }
+
+    /// <summary>
+    /// Unique system name assigned to the generated certificate. Used to identify the system in the rest of Enclave.
+    /// </summary>
+    public string SubjectDistinguishedName { get; init; } = default!;
+
+    /// <summary>
+    /// Contains the provided public key.
+    /// </summary>
+    public byte[] SubjectPublicKey { get; init; } = default!;
+
+    /// <summary>
+    /// Unix epoch timestamp indicating the point from which this certificate is considered valid.
+    /// </summary>
+    public long NotBefore { get; init; }
+
+    /// <summary>
+    /// Unix epoch timestamp indicating the point after which this certificate is no longer considered valid.
+    /// </summary>
+    public long NotAfter { get; init; }
+
+    /// <summary>
+    /// The name of the issuing authority.
+    /// </summary>
+    public string IssuerDistinguishedName { get; init; } = default!;
+
+    /// <summary>
+    /// The public key of the issuing authority.
+    /// </summary>
+    public byte[] IssuerPublicKey { get; init; } = default!;
+
+    /// <summary>
+    /// Signature of this certificate.
+    /// </summary>
+    public byte[] Signature { get; init; } = default!;
+}

src/Enclave.Sdk/Enclave.Sdk.Api.csproj

@@ -9,7 +9,11 @@
         <Company>Enclave Networks Limited</Company>
         <GenerateDocumentationFile>True</GenerateDocumentationFile>
         <GeneratePackageOnBuild>True</GeneratePackageOnBuild>
+        <PackageLicenseExpression>MIT</PackageLicenseExpression>
         <PackageRequireLicenseAcceptance>false</PackageRequireLicenseAcceptance>
+        <PackageProjectUrl>https://github.com/enclave-networks/enclave.sdk.api</PackageProjectUrl>
+        <RepositoryType>git</RepositoryType>
+        <RepositoryUrl>https://github.com/enclave-networks/enclave.sdk.api</RepositoryUrl>
         <PackageReadmeFile>README.md</PackageReadmeFile>
         <Description>
             Provides a NuGet package that makes it easier to consume the Enclave Management APIs.

src/Enclave.Sdk/EnclaveClient.cs

@@ -85,6 +85,15 @@ public IOrganisationClient CreateOrganisationClient(AccountOrganisation organisa
         return new OrganisationClient(_httpClient, organisation);
     }
 
+    /// <summary>
+    /// Create an <see cref="AuthorityClient"/>.
+    /// </summary>
+    /// <returns>An instance of AuthorityClient for use with enrol requests.</returns>
+    public IAuthorityClient CreateAuthorityClient()
+    {
+        return new AuthorityClient(_httpClient);
+    }
+
     private static EnclaveClientOptions? GetSettingsFile()
     {
         var userProfile = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);