From a488d081305f1b4bad7fc5f05757311153173764 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Wed, 26 Jan 2022 16:58:01 +0000 Subject: [PATCH 01/13] Added Enrol Logic --- src/Enclave.Sdk/Clients/AuthorityClient.cs | 32 +++++++ .../Clients/Interfaces/IAuthorityClient.cs | 16 ++++ .../Data/Authority/CertificatePermittedUse.cs | 10 +++ .../Data/Authority/EnrolRequest.cs | 33 +++++++ src/Enclave.Sdk/Data/Authority/EnrolResult.cs | 61 +++++++++++++ .../Clients/AuthorityClientTests.cs | 85 +++++++++++++++++++ 6 files changed, 237 insertions(+) create mode 100644 src/Enclave.Sdk/Clients/AuthorityClient.cs create mode 100644 src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs create mode 100644 src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs create mode 100644 src/Enclave.Sdk/Data/Authority/EnrolRequest.cs create mode 100644 src/Enclave.Sdk/Data/Authority/EnrolResult.cs create mode 100644 tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs diff --git a/src/Enclave.Sdk/Clients/AuthorityClient.cs b/src/Enclave.Sdk/Clients/AuthorityClient.cs new file mode 100644 index 0000000..22ebdee --- /dev/null +++ b/src/Enclave.Sdk/Clients/AuthorityClient.cs @@ -0,0 +1,32 @@ +using System.Net.Http.Json; +using Enclave.Sdk.Api.Clients.Interfaces; +using Enclave.Sdk.Api.Data.Authority; + +namespace Enclave.Sdk.Api.Clients; + +internal class AuthorityClient : ClientBase, IAuthorityClient +{ + private readonly string _orgRoute; + + public AuthorityClient(HttpClient httpClient, string orgRoute) + : base(httpClient) + { + _orgRoute = orgRoute; + } + + public async Task Enrol(EnrolRequest requestModel) + { + if (requestModel is null) + { + throw new ArgumentNullException(nameof(requestModel)); + } + + var result = await HttpClient.PostAsJsonAsync($"{_orgRoute}/authority/enrol", requestModel, Constants.JsonSerializerOptions); + + var model = await DeserialiseAsync(result.Content); + + EnsureNotNull(model); + + return model; + } +} diff --git a/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs b/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs new file mode 100644 index 0000000..66718f2 --- /dev/null +++ b/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs @@ -0,0 +1,16 @@ +using Enclave.Sdk.Api.Data.Authority; + +namespace Enclave.Sdk.Api.Clients.Interfaces; + +/// +/// Provides operations enrol a new system. +/// +public interface IAuthorityClient +{ + /// + /// Enrol a new system. + /// + /// The Request model to enrol the system. + /// An EnrolResult model + Task Enrol(EnrolRequest requestModel); +} \ No newline at end of file diff --git a/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs new file mode 100644 index 0000000..e5d6576 --- /dev/null +++ b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs @@ -0,0 +1,10 @@ +namespace Enclave.Sdk.Api.Data.Authority; + +public enum CertificatePermittedUse : byte +{ + None = 0x0, + Endpoint = 0x2, + Infrastructure = 0x4, + Intermediate = 0x8, + Root = 0x10 +} diff --git a/src/Enclave.Sdk/Data/Authority/EnrolRequest.cs b/src/Enclave.Sdk/Data/Authority/EnrolRequest.cs new file mode 100644 index 0000000..5899a95 --- /dev/null +++ b/src/Enclave.Sdk/Data/Authority/EnrolRequest.cs @@ -0,0 +1,33 @@ +namespace Enclave.Sdk.Api.Data.Authority; + +/// +/// Model for an enrolment request. +/// +public class EnrolRequest +{ + /// + /// A 256-bit (32 byte) public key for signing, in base-64. + /// + public string PublicKey { get; set; } = default!; + + /// + /// An Enclave Enrolment Key. + /// + public string EnrolmentKey { get; set; } = default!; + + /// + /// A 256-bit (32 byte) nonce for the request, in base-64. + /// + public string Nonce { get; set; } = default!; + + /// + /// Unix epoch timestamp from which the certificate becomes valid. + /// If none provided, defaults to now. + /// + public long? NotBefore { get; set; } + + /// + /// Unix epoch timestamp until which the certificate is valid. If none provided, defaults to a permanent certificate. + /// + public long? NotAfter { get; set; } +} diff --git a/src/Enclave.Sdk/Data/Authority/EnrolResult.cs b/src/Enclave.Sdk/Data/Authority/EnrolResult.cs new file mode 100644 index 0000000..81b0c48 --- /dev/null +++ b/src/Enclave.Sdk/Data/Authority/EnrolResult.cs @@ -0,0 +1,61 @@ +namespace Enclave.Sdk.Api.Data.Authority; + +/// +/// Defines the response model for an issued certificate. +/// +public class EnrolResult +{ + /// + /// The version number field denotes the version of the certificate. + /// + public int Version { get; init; } + + /// + /// The unique serial number of the certificate assigned by the certification authority; the size of the serial number field is a 16 byte (128 bit) guid. + /// + /// + /// The value is unique to every certificate issued by a certification authority so as to allow identification of individual certificates. + /// The value may be randomly selected, or incremented by the certificate authority. + /// + public byte[] SerialNumber { get; init; } = default!; + + /// + /// Permitted uses of the certificate. + /// + public CertificatePermittedUse PermittedUse { get; init; } + + /// + /// Unique system name assigned to the generated certificate. Used to identify the system in the rest of Enclave. + /// + public string SubjectDistinguishedName { get; init; } = default!; + + /// + /// Contains the provided public key. + /// + public byte[] SubjectPublicKey { get; init; } = default!; + + /// + /// Unix epoch timestamp indicating the point from which this certificate is considered valid. + /// + public long NotBefore { get; init; } + + /// + /// Unix epoch timestamp indicating the point after which this certificate is no longer considered valid. + /// + public long NotAfter { get; init; } + + /// + /// The name of the issuing authority. + /// + public string IssuerDistinguishedName { get; init; } = default!; + + /// + /// The public key of the issuing authority. + /// + public byte[] IssuerPublicKey { get; init; } = default!; + + /// + /// Signature of this certificate. + /// + public byte[] Signature { get; init; } = default!; +} diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs new file mode 100644 index 0000000..c5141a0 --- /dev/null +++ b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs @@ -0,0 +1,85 @@ +using Enclave.Sdk.Api.Clients; +using Enclave.Sdk.Api.Data.Authority; +using Enclave.Sdk.Api.Data.Organisations; +using FluentAssertions; +using NUnit.Framework; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Text.Json; +using System.Threading.Tasks; +using WireMock.RequestBuilders; +using WireMock.ResponseBuilders; +using WireMock.Server; + +namespace Enclave.Sdk.Api.Tests.Clients; + +public class AuthorityClientTests +{ + private AuthorityClient _authorityClient; + private WireMockServer _server; + private string _orgRoute; + private JsonSerializerOptions _serializerOptions = new() + { + PropertyNamingPolicy = JsonNamingPolicy.CamelCase, + }; + + [SetUp] + public void Setup() + { + _server = WireMockServer.Start(); + + var httpClient = new HttpClient + { + BaseAddress = new Uri(_server.Urls[0]), + }; + + var organisationId = OrganisationId.New(); + _orgRoute = $"/org/{organisationId}"; + + _authorityClient = new AuthorityClient(httpClient, $"org/{organisationId}"); + } + + [Test] + public async Task Should_return_a_enrol_result_when_sending_a_valid_request() + { + // Arrange + var responseModel = new EnrolResult(); + + _server + .Given(Request.Create().WithPath($"{_orgRoute}/authority/enrol").UsingPost()) + .RespondWith( + Response.Create() + .WithStatusCode(200) + .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); + + // Act + var result = await _authorityClient.Enrol(new EnrolRequest + { + EnrolmentKey = "key", + Nonce = "nonce", + PublicKey = "", + }); + + // Assert + result.Should().NotBeNull(); + } + + [Test] + public async Task Should_throw_an_error_when_sending_a_null_request() + { + // Arrange + + // Act + var result = await _authorityClient.Enrol(new EnrolRequest + { + EnrolmentKey = "key", + Nonce = "nonce", + PublicKey = "", + }); + + // Assert + Assert.ThrowsAsync(async () => await _authorityClient.Enrol(null)); + } +} From 3742f916e763edac5ec66d95fedecddec896eec1 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Thu, 27 Jan 2022 10:26:15 +0000 Subject: [PATCH 02/13] added more xml docs --- src/Enclave.Sdk/Clients/AuthorityClient.cs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/Enclave.Sdk/Clients/AuthorityClient.cs b/src/Enclave.Sdk/Clients/AuthorityClient.cs index 22ebdee..34e4f72 100644 --- a/src/Enclave.Sdk/Clients/AuthorityClient.cs +++ b/src/Enclave.Sdk/Clients/AuthorityClient.cs @@ -4,16 +4,23 @@ namespace Enclave.Sdk.Api.Clients; +/// internal class AuthorityClient : ClientBase, IAuthorityClient { private readonly string _orgRoute; + /// + /// Constructor which will be called by when it's created. + /// + /// an instance of httpClient with a baseURL referencing the API. + /// The organisation API route. public AuthorityClient(HttpClient httpClient, string orgRoute) : base(httpClient) { _orgRoute = orgRoute; } + /// public async Task Enrol(EnrolRequest requestModel) { if (requestModel is null) From 7e07a9f3d73803ce5351395d8c3d6c5e27ff214c Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Thu, 27 Jan 2022 10:47:50 +0000 Subject: [PATCH 03/13] Move access of authority client to enclaveClient --- src/Enclave.Sdk/Clients/AuthorityClient.cs | 10 +++------- src/Enclave.Sdk/Clients/DNSClient.cs | 2 +- src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs | 2 +- src/Enclave.Sdk/Clients/PoliciesClient.cs | 2 +- src/Enclave.Sdk/Clients/TagsClient.cs | 2 +- .../Data/Authority/CertificatePermittedUse.cs | 1 + src/Enclave.Sdk/EnclaveClient.cs | 9 +++++++++ .../Clients/AuthorityClientTests.cs | 6 ++---- 8 files changed, 19 insertions(+), 15 deletions(-) diff --git a/src/Enclave.Sdk/Clients/AuthorityClient.cs b/src/Enclave.Sdk/Clients/AuthorityClient.cs index 34e4f72..00cb972 100644 --- a/src/Enclave.Sdk/Clients/AuthorityClient.cs +++ b/src/Enclave.Sdk/Clients/AuthorityClient.cs @@ -7,17 +7,13 @@ namespace Enclave.Sdk.Api.Clients; /// internal class AuthorityClient : ClientBase, IAuthorityClient { - private readonly string _orgRoute; - /// - /// Constructor which will be called by when it's created. + /// Constructor which will be called by when it's created. /// /// an instance of httpClient with a baseURL referencing the API. - /// The organisation API route. - public AuthorityClient(HttpClient httpClient, string orgRoute) + public AuthorityClient(HttpClient httpClient) : base(httpClient) { - _orgRoute = orgRoute; } /// @@ -28,7 +24,7 @@ public async Task Enrol(EnrolRequest requestModel) throw new ArgumentNullException(nameof(requestModel)); } - var result = await HttpClient.PostAsJsonAsync($"{_orgRoute}/authority/enrol", requestModel, Constants.JsonSerializerOptions); + var result = await HttpClient.PostAsJsonAsync($"authority/enrol", requestModel, Constants.JsonSerializerOptions); var model = await DeserialiseAsync(result.Content); diff --git a/src/Enclave.Sdk/Clients/DNSClient.cs b/src/Enclave.Sdk/Clients/DNSClient.cs index 6a58b87..fbdda37 100644 --- a/src/Enclave.Sdk/Clients/DNSClient.cs +++ b/src/Enclave.Sdk/Clients/DNSClient.cs @@ -14,7 +14,7 @@ internal class DnsClient : ClientBase, IDnsClient private readonly string _orgRoute; /// - /// Constructor which will be called by when it's created. + /// Constructor which will be called by when it's created. /// /// an instance of httpClient with a baseURL referencing the API. /// The organisation API route. diff --git a/src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs b/src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs index fc7530f..f2b6244 100644 --- a/src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs +++ b/src/Enclave.Sdk/Clients/EnrolmentKeysClient.cs @@ -15,7 +15,7 @@ internal class EnrolmentKeysClient : ClientBase, IEnrolmentKeysClient private readonly string _orgRoute; /// - /// Constructor which will be called by when it's created. + /// Constructor which will be called by when it's created. /// /// an instance of httpClient with a baseURL referencing the API. /// The organisation API route. diff --git a/src/Enclave.Sdk/Clients/PoliciesClient.cs b/src/Enclave.Sdk/Clients/PoliciesClient.cs index 3473212..a33e685 100644 --- a/src/Enclave.Sdk/Clients/PoliciesClient.cs +++ b/src/Enclave.Sdk/Clients/PoliciesClient.cs @@ -15,7 +15,7 @@ internal class PoliciesClient : ClientBase, IPoliciesClient private readonly string _orgRoute; /// - /// Constructor which will be called by when it's created. + /// Constructor which will be called by when it's created. /// It also calls the constructor. /// /// an instance of httpClient with a baseURL referencing the API. diff --git a/src/Enclave.Sdk/Clients/TagsClient.cs b/src/Enclave.Sdk/Clients/TagsClient.cs index 74c0354..1b0b41b 100644 --- a/src/Enclave.Sdk/Clients/TagsClient.cs +++ b/src/Enclave.Sdk/Clients/TagsClient.cs @@ -12,7 +12,7 @@ internal class TagsClient : ClientBase, ITagsClient private readonly string _orgRoute; /// - /// Constructor which will be called by when it's created. + /// Constructor which will be called by when it's created. /// /// an instance of httpClient with a baseURL referencing the API. /// the orgRoute which specifies the orgId. diff --git a/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs index e5d6576..7e2565a 100644 --- a/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs +++ b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs @@ -1,5 +1,6 @@ namespace Enclave.Sdk.Api.Data.Authority; +[Flags] public enum CertificatePermittedUse : byte { None = 0x0, diff --git a/src/Enclave.Sdk/EnclaveClient.cs b/src/Enclave.Sdk/EnclaveClient.cs index 0ad177a..eeb5acb 100644 --- a/src/Enclave.Sdk/EnclaveClient.cs +++ b/src/Enclave.Sdk/EnclaveClient.cs @@ -85,6 +85,15 @@ public IOrganisationClient CreateOrganisationClient(AccountOrganisation organisa return new OrganisationClient(_httpClient, organisation); } + /// + /// Create an . + /// + /// An instance of AuthorityClient for use with enrol requests. + public IAuthorityClient CreateAuthorityClient() + { + return new AuthorityClient(_httpClient); + } + private static EnclaveClientOptions? GetSettingsFile() { var userProfile = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile); diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs index c5141a0..6a0895c 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs @@ -19,7 +19,6 @@ public class AuthorityClientTests { private AuthorityClient _authorityClient; private WireMockServer _server; - private string _orgRoute; private JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, @@ -36,9 +35,8 @@ public void Setup() }; var organisationId = OrganisationId.New(); - _orgRoute = $"/org/{organisationId}"; - _authorityClient = new AuthorityClient(httpClient, $"org/{organisationId}"); + _authorityClient = new AuthorityClient(httpClient); } [Test] @@ -48,7 +46,7 @@ public async Task Should_return_a_enrol_result_when_sending_a_valid_request() var responseModel = new EnrolResult(); _server - .Given(Request.Create().WithPath($"{_orgRoute}/authority/enrol").UsingPost()) + .Given(Request.Create().WithPath($"authority/enrol").UsingPost()) .RespondWith( Response.Create() .WithStatusCode(200) From ac7a5df8d15a7346e50edf32b97ff5f461114db5 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Thu, 27 Jan 2022 12:03:53 +0000 Subject: [PATCH 04/13] Cleanup warnings --- src/Enclave.Sdk/Clients/AuthorityClient.cs | 2 +- .../Clients/EnrolledSystemsClient.cs | 6 ++-- .../Clients/Interfaces/IAuthorityClient.cs | 4 +-- src/Enclave.Sdk/Clients/PoliciesClient.cs | 6 ++-- .../Clients/UnapprovedSystemsClient.cs | 4 +-- .../Data/Authority/CertificatePermittedUse.cs | 33 ++++++++++++++++++- .../Clients/AuthorityClientTests.cs | 10 +++--- .../Clients/DnsClientTests.cs | 2 +- .../Clients/EnrolledSystemClientTests.cs | 2 +- .../Clients/EnrolmentKeyClientTests.cs | 2 +- .../Clients/LogsClientTests.cs | 2 +- .../Clients/OrganisationClientTests.cs | 2 +- .../Clients/PoliciesClientTests.cs | 2 +- .../Clients/TagClientTests.cs | 12 +++---- .../Clients/UnapprovedSystemsClientTests.cs | 8 ++--- 15 files changed, 63 insertions(+), 34 deletions(-) diff --git a/src/Enclave.Sdk/Clients/AuthorityClient.cs b/src/Enclave.Sdk/Clients/AuthorityClient.cs index 00cb972..b9796e6 100644 --- a/src/Enclave.Sdk/Clients/AuthorityClient.cs +++ b/src/Enclave.Sdk/Clients/AuthorityClient.cs @@ -17,7 +17,7 @@ public AuthorityClient(HttpClient httpClient) } /// - public async Task Enrol(EnrolRequest requestModel) + public async Task EnrolAsync(EnrolRequest requestModel) { if (requestModel is null) { diff --git a/src/Enclave.Sdk/Clients/EnrolledSystemsClient.cs b/src/Enclave.Sdk/Clients/EnrolledSystemsClient.cs index b1d5c78..a447292 100644 --- a/src/Enclave.Sdk/Clients/EnrolledSystemsClient.cs +++ b/src/Enclave.Sdk/Clients/EnrolledSystemsClient.cs @@ -51,7 +51,7 @@ public async Task RevokeSystemsAsync(params SystemId[] systemIds) { using var content = CreateJsonContent(new { - systemIds = systemIds, + systemIds, }); using var request = new HttpRequestMessage @@ -137,7 +137,7 @@ public async Task BulkEnableAsync(params SystemId[] systemIds) { var requestModel = new { - systemIds = systemIds, + systemIds, }; var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/systems/enable", requestModel, Constants.JsonSerializerOptions); @@ -162,7 +162,7 @@ public async Task BulkDisableAsync(params SystemId[] systemIds) { var requestModel = new { - systemIds = systemIds, + systemIds, }; var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/systems/disable", requestModel, Constants.JsonSerializerOptions); diff --git a/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs b/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs index 66718f2..e617c31 100644 --- a/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs +++ b/src/Enclave.Sdk/Clients/Interfaces/IAuthorityClient.cs @@ -11,6 +11,6 @@ public interface IAuthorityClient /// Enrol a new system. /// /// The Request model to enrol the system. - /// An EnrolResult model - Task Enrol(EnrolRequest requestModel); + /// An EnrolResult model. + Task EnrolAsync(EnrolRequest requestModel); } \ No newline at end of file diff --git a/src/Enclave.Sdk/Clients/PoliciesClient.cs b/src/Enclave.Sdk/Clients/PoliciesClient.cs index a33e685..fe4a71f 100644 --- a/src/Enclave.Sdk/Clients/PoliciesClient.cs +++ b/src/Enclave.Sdk/Clients/PoliciesClient.cs @@ -65,7 +65,7 @@ public async Task DeletePoliciesAsync(params PolicyId[] policyIds) { using var content = CreateJsonContent(new { - policyIds = policyIds, + policyIds, }); using var request = new HttpRequestMessage @@ -151,7 +151,7 @@ public async Task EnablePoliciesAsync(params PolicyId[] policyIds) { var requestModel = new { - policyIds = policyIds, + policyIds, }; var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/policies/enable", requestModel, Constants.JsonSerializerOptions); @@ -176,7 +176,7 @@ public async Task DisablePoliciesAsync(params PolicyId[] policyIds) { var requestModel = new { - policyIds = policyIds, + policyIds, }; var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/policies/disable", requestModel, Constants.JsonSerializerOptions); diff --git a/src/Enclave.Sdk/Clients/UnapprovedSystemsClient.cs b/src/Enclave.Sdk/Clients/UnapprovedSystemsClient.cs index 4b567e1..3b9a5b6 100644 --- a/src/Enclave.Sdk/Clients/UnapprovedSystemsClient.cs +++ b/src/Enclave.Sdk/Clients/UnapprovedSystemsClient.cs @@ -48,7 +48,7 @@ public async Task DeclineSystems(params SystemId[] systemIds) { using var content = CreateJsonContent(new { - systemIds = systemIds, + systemIds, }); using var request = new HttpRequestMessage @@ -118,7 +118,7 @@ public async Task ApproveSystemsAsync(params SystemId[] systemIds) { var requestModel = new { - systemIds = systemIds, + systemIds, }; var result = await HttpClient.PutAsJsonAsync($"{_orgRoute}/unapproved-systems/approve", requestModel, Constants.JsonSerializerOptions); diff --git a/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs index 7e2565a..49e75d6 100644 --- a/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs +++ b/src/Enclave.Sdk/Data/Authority/CertificatePermittedUse.cs @@ -1,11 +1,42 @@ namespace Enclave.Sdk.Api.Data.Authority; +/// +/// Defines bit-flags indicating what a certificate can be used for. +/// [Flags] public enum CertificatePermittedUse : byte { + /// + /// No Permitted Uses. + /// None = 0x0, + + /// + /// For individual endpoints. + /// + /// + /// Certificate commonName is assigned by the root or intermediate, the public key owners identity is not validated. + /// Certificate may only be signed by an intermediate or root. issued to a primary key. + /// Certificate may not be used to signed by another. Certificates signed by endpoints are considered invalid. + /// Endpoint = 0x2, + + /// + /// Special class of endpoint certificate reserved for operational infrastructure, discovery service, relay services etc. + /// Infrastructure = 0x4, + + /// + /// For intermediate level certificates + /// =================================== + /// This class may only sign endpoints (class 0), and can only be signed by a root. + /// Intermediate = 0x8, - Root = 0x10 + + /// + /// For root level certificates + /// =========================== + /// This class may only be used to sign intermediates and must be signed with own public key. + /// + Root = 0x10, } diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs index 6a0895c..06b424a 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/AuthorityClientTests.cs @@ -19,7 +19,7 @@ public class AuthorityClientTests { private AuthorityClient _authorityClient; private WireMockServer _server; - private JsonSerializerOptions _serializerOptions = new() + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; @@ -34,8 +34,6 @@ public void Setup() BaseAddress = new Uri(_server.Urls[0]), }; - var organisationId = OrganisationId.New(); - _authorityClient = new AuthorityClient(httpClient); } @@ -53,7 +51,7 @@ public async Task Should_return_a_enrol_result_when_sending_a_valid_request() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _authorityClient.Enrol(new EnrolRequest + var result = await _authorityClient.EnrolAsync(new EnrolRequest { EnrolmentKey = "key", Nonce = "nonce", @@ -70,7 +68,7 @@ public async Task Should_throw_an_error_when_sending_a_null_request() // Arrange // Act - var result = await _authorityClient.Enrol(new EnrolRequest + var result = await _authorityClient.EnrolAsync(new EnrolRequest { EnrolmentKey = "key", Nonce = "nonce", @@ -78,6 +76,6 @@ public async Task Should_throw_an_error_when_sending_a_null_request() }); // Assert - Assert.ThrowsAsync(async () => await _authorityClient.Enrol(null)); + Assert.ThrowsAsync(async () => await _authorityClient.EnrolAsync(null)); } } diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/DnsClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/DnsClientTests.cs index a9188e8..bd884da 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/DnsClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/DnsClientTests.cs @@ -19,7 +19,7 @@ public class DnsClientTests private DnsClient _dnsClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new() + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/EnrolledSystemClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/EnrolledSystemClientTests.cs index f2cb524..855c6b5 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/EnrolledSystemClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/EnrolledSystemClientTests.cs @@ -21,7 +21,7 @@ public class EnrolledSystemClientTests private EnrolledSystemsClient _enrolledSystemsClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new() + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/EnrolmentKeyClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/EnrolmentKeyClientTests.cs index 6869ca0..6d3757e 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/EnrolmentKeyClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/EnrolmentKeyClientTests.cs @@ -20,7 +20,7 @@ public class EnrolmentKeyClientTests private EnrolmentKeysClient _enrolmentKeysClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new() + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/LogsClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/LogsClientTests.cs index 50f3344..6a49f13 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/LogsClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/LogsClientTests.cs @@ -17,7 +17,7 @@ public class LogsClientTests private LogsClient _logsClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new JsonSerializerOptions + private readonly JsonSerializerOptions _serializerOptions = new JsonSerializerOptions { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/OrganisationClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/OrganisationClientTests.cs index 7a00c6b..4921197 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/OrganisationClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/OrganisationClientTests.cs @@ -18,7 +18,7 @@ public class OrganisationClientTests private OrganisationClient _organisationClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new JsonSerializerOptions + private readonly JsonSerializerOptions _serializerOptions = new JsonSerializerOptions { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/PoliciesClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/PoliciesClientTests.cs index 02e3d14..678be1f 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/PoliciesClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/PoliciesClientTests.cs @@ -20,7 +20,7 @@ public class PoliciesClientTests private PoliciesClient _policiesClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new() + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/TagClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/TagClientTests.cs index 8366a33..e78339d 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/TagClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/TagClientTests.cs @@ -17,7 +17,7 @@ public class TagClientTests private TagsClient _tagClient; private WireMockServer _server; private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new JsonSerializerOptions + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; @@ -90,7 +90,7 @@ public async Task Should_make_call_to_api_with_search_queryString() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _tagClient.GetAsync(searchTerm: searchTerm); + await _tagClient.GetAsync(searchTerm: searchTerm); // Assert _server.Should().HaveReceivedACall().AtAbsoluteUrl($"{_server.Urls[0]}{_orgRoute}/tags?search={searchTerm}"); @@ -117,7 +117,7 @@ public async Task Should_make_call_to_api_with_sort_queryString() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _tagClient.GetAsync(sortOrder: sortEnum); + await _tagClient.GetAsync(sortOrder: sortEnum); // Assert _server.Should().HaveReceivedACall().AtAbsoluteUrl($"{_server.Urls[0]}{_orgRoute}/tags?sort={sortEnum}"); @@ -144,7 +144,7 @@ public async Task Should_make_call_to_api_with_page_queryString() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _tagClient.GetAsync(pageNumber: pageNumber); + await _tagClient.GetAsync(pageNumber: pageNumber); // Assert _server.Should().HaveReceivedACall().AtAbsoluteUrl($"{_server.Urls[0]}{_orgRoute}/tags?page={pageNumber}"); @@ -171,7 +171,7 @@ public async Task Should_make_call_to_api_with_per_page_queryString() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _tagClient.GetAsync(perPage: perPage); + await _tagClient.GetAsync(perPage: perPage); // Assert _server.Should().HaveReceivedACall().AtAbsoluteUrl($"{_server.Urls[0]}{_orgRoute}/tags?per_page={perPage}"); @@ -201,7 +201,7 @@ public async Task Should_make_call_to_api_with_all_queryStrings() .WithBody(JsonSerializer.Serialize(responseModel, _serializerOptions))); // Act - var result = await _tagClient.GetAsync(searchTerm: searchTerm, sortOrder: sortEnum, pageNumber: pageNumber, perPage: perPage); + await _tagClient.GetAsync(searchTerm: searchTerm, sortOrder: sortEnum, pageNumber: pageNumber, perPage: perPage); // Assert _server.Should().HaveReceivedACall() diff --git a/tests/Enclave.Sdk.Api.Tests/Clients/UnapprovedSystemsClientTests.cs b/tests/Enclave.Sdk.Api.Tests/Clients/UnapprovedSystemsClientTests.cs index 2ce0eb6..0cbd1ee 100644 --- a/tests/Enclave.Sdk.Api.Tests/Clients/UnapprovedSystemsClientTests.cs +++ b/tests/Enclave.Sdk.Api.Tests/Clients/UnapprovedSystemsClientTests.cs @@ -17,10 +17,10 @@ namespace Enclave.Sdk.Api.Tests.Clients; public class UnapprovedSystemsClientTests { - private UnapprovedSystemsClient _unapprovedSystemsClient; - private WireMockServer _server; - private string _orgRoute; - private JsonSerializerOptions _serializerOptions = new() + private readonly UnapprovedSystemsClient _unapprovedSystemsClient; + private readonly WireMockServer _server; + private readonly string _orgRoute; + private readonly JsonSerializerOptions _serializerOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.CamelCase, }; From b3832143ac02dc05d80c58b63812d063eb64a2df Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 10:31:59 +0000 Subject: [PATCH 05/13] added step to push to nuget.org --- .github/workflows/sdk-api-build.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index 0af8a75..af51504 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -25,15 +25,15 @@ jobs: - name: Determine Version id: gitversion uses: gittools/actions/gitversion/execute@v0.9.7 - + - name: Setup .NET 6 (SDK) uses: actions/setup-dotnet@v1 with: - dotnet-version: 6.0.x + dotnet-version: 6.0.x source-url: https://nuget.pkg.github.com/enclave-networks/index.json env: NUGET_AUTH_TOKEN: ${{github.token}} - + - name: Build run: dotnet build Enclave.Sdk.Api.sln -c Release /p:Version=${{ steps.gitversion.outputs.SemVer }} @@ -45,7 +45,11 @@ jobs: if: github.event_name == 'push' run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true - - name: Create Release + - name: Push To nuget.org + if: github.event_name == 'push' && (github.ref == 'refs/heads/master') + run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols true + + - name: Create Release if: github.event_name == 'push' && github.ref == 'refs/heads/main' uses: actions/create-release@v1 env: From b45ba4916dfbd40ff0d2a1f0ef2af6a09ec2ec4e Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 10:32:26 +0000 Subject: [PATCH 06/13] remove if condition for now --- .github/workflows/sdk-api-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index af51504..a023325 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -46,7 +46,7 @@ jobs: run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true - name: Push To nuget.org - if: github.event_name == 'push' && (github.ref == 'refs/heads/master') + if: github.event_name == 'push' run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols true - name: Create Release From a315b5dd2674a9fb621bae6ca1f9fa7eb7eff20b Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 10:34:32 +0000 Subject: [PATCH 07/13] trigger a build --- .github/workflows/sdk-api-build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index a023325..a409524 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -8,7 +8,6 @@ on: jobs: build: - runs-on: ubuntu-latest steps: From b66cf6692234ee9e417b14d2197743bd2579f255 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 10:40:30 +0000 Subject: [PATCH 08/13] remove if condition properly --- .github/workflows/sdk-api-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index a409524..c0450a3 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -45,7 +45,7 @@ jobs: run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true - name: Push To nuget.org - if: github.event_name == 'push' + # if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/develop') run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols true - name: Create Release From 4d90214d6f567e751037d3294a2d688de8ed08c1 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 11:08:35 +0000 Subject: [PATCH 09/13] add License to sln --- Enclave.Sdk.Api.sln | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Enclave.Sdk.Api.sln b/Enclave.Sdk.Api.sln index d5378fa..2d71b5e 100644 --- a/Enclave.Sdk.Api.sln +++ b/Enclave.Sdk.Api.sln @@ -17,7 +17,10 @@ EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{BD898880-875C-43EA-B22C-A7C801CFA607}" ProjectSection(SolutionItems) = preProject .editorconfig = .editorconfig + .gitignore = .gitignore GitVersion.yml = GitVersion.yml + LICENSE = LICENSE + README.md = README.md .github\workflows\sdk-api-build.yml = .github\workflows\sdk-api-build.yml EndProjectSection EndProject From 0660d85d37f3938203d71f160f959744b51e0d72 Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 11:24:57 +0000 Subject: [PATCH 10/13] add licence info and remove no symbols check --- .github/workflows/sdk-api-build.yml | 2 +- src/Enclave.Sdk/Enclave.Sdk.Api.csproj | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index c0450a3..69a9e6f 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -46,7 +46,7 @@ jobs: - name: Push To nuget.org # if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/develop') - run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols true + run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate - name: Create Release if: github.event_name == 'push' && github.ref == 'refs/heads/main' diff --git a/src/Enclave.Sdk/Enclave.Sdk.Api.csproj b/src/Enclave.Sdk/Enclave.Sdk.Api.csproj index cfeb246..aafe6e8 100644 --- a/src/Enclave.Sdk/Enclave.Sdk.Api.csproj +++ b/src/Enclave.Sdk/Enclave.Sdk.Api.csproj @@ -9,7 +9,11 @@ Enclave Networks Limited True True + MIT false + https://github.com/enclave-networks/enclave.sdk.api + git + https://github.com/enclave-networks/enclave.sdk.api README.md Provides a NuGet package that makes it easier to consume the Enclave Management APIs. From ce7e519b3ca5887db9ad118617e4bc9f2404096b Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 11:27:18 +0000 Subject: [PATCH 11/13] push to nuget restricted --- .github/workflows/sdk-api-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index 69a9e6f..ea77d6d 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -45,7 +45,7 @@ jobs: run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true - name: Push To nuget.org - # if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/develop') + if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate - name: Create Release From 6abb7fa845da55523c742d6116829ba7f9889fac Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 11:37:18 +0000 Subject: [PATCH 12/13] updated github nuget source so only dev packages are pushed --- .github/workflows/sdk-api-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sdk-api-build.yml b/.github/workflows/sdk-api-build.yml index ea77d6d..45689a8 100644 --- a/.github/workflows/sdk-api-build.yml +++ b/.github/workflows/sdk-api-build.yml @@ -41,8 +41,8 @@ jobs: run: dotnet test -c Release - name: Push Github Source Packages - if: github.event_name == 'push' - run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate --no-symbols true + if: github.event_name == 'push' && github.ref == 'refs/heads/develop' + run: dotnet nuget push src/**/*${{ steps.gitversion.outputs.SemVer }}.nupkg --api-key ${{github.token}} -s https://nuget.pkg.github.com/enclave-networks/index.json --skip-duplicate - name: Push To nuget.org if: github.event_name == 'push' && github.ref == 'refs/heads/main' From d7bb12bb4840c5d23a1bf901a26f8b6ea3beb4bc Mon Sep 17 00:00:00 2001 From: Thomas Soulard Date: Mon, 14 Mar 2022 15:09:10 +0000 Subject: [PATCH 13/13] Set next version --- GitVersion.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/GitVersion.yml b/GitVersion.yml index fc2356f..a6cd4aa 100644 --- a/GitVersion.yml +++ b/GitVersion.yml @@ -1,11 +1,11 @@ assembly-versioning-scheme: None mode: ContinuousDelivery -next-version: 0.0.1 +next-version: 1.0.0 branches: main: mode: ContinuousDelivery develop: - increment: Patch + increment: Patch ignore: sha: [] merge-message-formats: {}