public override int GetHashCode()
{
int hash = 1;
if (CertificateId.Length != 0)
{
hash ^= CertificateId.GetHashCode();
}
hash ^= certificateChain_.GetHashCode();
if (PrivateKey.Length != 0)
{
hash ^= PrivateKey.GetHashCode();
}
if (_unknownFields != null)
{
hash ^= _unknownFields.GetHashCode();
}
return(hash);
}
public override int GetHashCode()
{
int hash = 1;
if (CertificateId.Length != 0)
{
hash ^= CertificateId.GetHashCode();
}
if (SslManagementType != global::Google.Cloud.AppEngine.V1.SslSettings.Types.SslManagementType.Unspecified)
{
hash ^= SslManagementType.GetHashCode();
}
if (PendingManagedCertificateId.Length != 0)
{
hash ^= PendingManagedCertificateId.GetHashCode();
}
if (_unknownFields != null)
{
hash ^= _unknownFields.GetHashCode();
}
return(hash);
}
public override void ExecuteApiManagementCmdlet()
{
var backendCredentials = new PsApiManagementBackendCredential();
if (CertificateId != null && CertificateId.Any())
{
backendCredentials.Certificate = CertificateId;
}
else if (CertificateThumbprint != null && CertificateThumbprint.Any())
{
backendCredentials.Certificate = CertificateThumbprint;
}
if (Header != null && Header.Count > 0)
{
backendCredentials.Header = Header;
}
if (Query != null && Query.Count > 0)
{
backendCredentials.Query = Query;
}
if (!string.IsNullOrEmpty(AuthorizationHeaderParameter) && !string.IsNullOrEmpty(AuthorizationHeaderScheme))
{
var authorization = new PsApiManagementAuthorizationHeaderCredential()
{
Scheme = AuthorizationHeaderScheme,
Parameter = AuthorizationHeaderParameter
};
backendCredentials.Authorization = authorization;
}
WriteObject(backendCredentials);
}
private static void SetBinding(Binding binding, dynamic obj)
{
string protocol = DynamicHelper.Value(obj.protocol);
string bindingInformation = DynamicHelper.Value(obj.binding_information);
bool? requireSni = DynamicHelper.To <bool>(obj.require_sni);
if (protocol == null)
{
throw new ApiArgumentException("binding.protocol");
}
binding.Protocol = protocol;
bool isHttp = protocol.Equals("http") || protocol.Equals("https");
if (isHttp)
{
//
// HTTP Binding information provides port, ip address, and hostname
UInt16 port;
string hostname;
IPAddress ipAddress = null;
if (bindingInformation == null)
{
var ip = DynamicHelper.Value(obj.ip_address);
if (ip == "*")
{
ipAddress = IPAddress.Any;
}
else if (!IPAddress.TryParse(ip, out ipAddress))
{
throw new ApiArgumentException("binding.ip_address");
}
UInt16?p = (UInt16?)DynamicHelper.To(obj.port, 1, UInt16.MaxValue);
if (p == null)
{
throw new ApiArgumentException("binding.port");
}
port = p.Value;
hostname = DynamicHelper.Value(obj.hostname) ?? string.Empty;
}
else
{
var parts = bindingInformation.Split(':');
if (parts.Length != 3)
{
throw new ApiArgumentException("binding.binding_information");
}
if (parts[0] == "*")
{
ipAddress = IPAddress.Any;
}
else if (!IPAddress.TryParse(parts[0], out ipAddress))
{
throw new ApiArgumentException("binding.binding_information");
}
if (!UInt16.TryParse(parts[1], out port))
{
throw new ApiArgumentException("binding.binding_information");
}
hostname = parts[2];
}
binding.Protocol = protocol;
// HTTPS
if (protocol.Equals("https"))
{
if (string.IsNullOrEmpty(hostname) && requireSni.HasValue && requireSni.Value)
{
throw new ApiArgumentException("binding.require_sni");
}
if (obj.certificate == null || !(obj.certificate is JObject))
{
throw new ApiArgumentException("certificate");
}
dynamic certificate = obj.certificate;
string uuid = DynamicHelper.Value(certificate.id);
if (string.IsNullOrEmpty(uuid))
{
throw new ApiArgumentException("certificate.id");
}
CertificateId id = new CertificateId(uuid);
List <byte> bytes = new List <byte>();
// Decode the hex string of the certificate hash into bytes
for (int i = 0; i < id.Thumbprint.Length; i += 2)
{
bytes.Add(Convert.ToByte(id.Thumbprint.Substring(i, 2), 16));
}
// The specified certificate must be in the store with a private key or else there will be an exception when we commit
binding.CertificateStoreName = Enum.GetName(typeof(StoreName), id.StoreName);
binding.CertificateHash = bytes.ToArray();
if (requireSni.HasValue && requireSni.Value && binding.Schema.HasAttribute(sslFlagsAttribute))
{
binding.SslFlags |= SslFlags.Sni;
}
}
var ipModel = ipAddress.Equals(IPAddress.Any) ? "*" : ipAddress.ToString();
binding.BindingInformation = $"{ipModel}:{port}:{hostname}";
}
else
{
//
// Custom protocol
if (string.IsNullOrEmpty(bindingInformation))
{
throw new ApiArgumentException("binding.binding_information");
}
binding.BindingInformation = bindingInformation;
}
}
private static Site SetSite(Site site, dynamic model)
{
Debug.Assert(site != null);
Debug.Assert((bool)(model != null));
DynamicHelper.If((object)model.name, v => { site.Name = v; });
site.ServerAutoStart = DynamicHelper.To <bool>(model.server_auto_start) ?? site.ServerAutoStart;
string physicalPath = DynamicHelper.Value(model.physical_path);
if (physicalPath != null)
{
if (!Directory.Exists(System.Environment.ExpandEnvironmentVariables(physicalPath)))
{
throw new ApiArgumentException("physical_path", "Directory does not exist.");
}
var rootApp = site.Applications["/"];
if (rootApp == null)
{
throw new ApiArgumentException("site/physical_path", "Root application does not exist.");
}
var rootVDir = rootApp.VirtualDirectories["/"];
if (rootVDir == null)
{
throw new ApiArgumentException("site/physical_path", "Root virtual directory does not exist.");
}
rootVDir.PhysicalPath = physicalPath.Replace('/', '\\');
}
string enabledProtocols = DynamicHelper.Value(model.enabled_protocols);
if (enabledProtocols != null)
{
var rootApp = site.Applications["/"];
if (rootApp != null)
{
rootApp.EnabledProtocols = enabledProtocols;
}
}
// Limits
if (model.limits != null)
{
dynamic limits = model.limits;
site.Limits.MaxBandwidth = DynamicHelper.To(limits.max_bandwidth, 0, uint.MaxValue) ?? site.Limits.MaxBandwidth;
site.Limits.MaxConnections = DynamicHelper.To(limits.max_connections, 0, uint.MaxValue) ?? site.Limits.MaxConnections;
if (site.Limits.Schema.HasAttribute(MaxUrlSegmentsAttribute))
{
site.Limits.MaxUrlSegments = DynamicHelper.To(limits.max_url_segments, 0, 16383) ?? site.Limits.MaxUrlSegments;
}
long?connectionTimeout = DynamicHelper.To(limits.connection_timeout, 0, ushort.MaxValue);
site.Limits.ConnectionTimeout = (connectionTimeout != null) ? TimeSpan.FromSeconds(connectionTimeout.Value) : site.Limits.ConnectionTimeout;
}
// Bindings
if (model.bindings != null)
{
IEnumerable <dynamic> bindings = (IEnumerable <dynamic>)model.bindings;
// If the user passes an object for the bindings property rather than an array we will hit an exception when we try to access any property in
// the foreach loop.
// This means that the bindings collection won't be deleted, so the bindings are safe from harm.
List <Binding> newBindings = new List <Binding>();
// Iterate over the bindings to create a new binding list
foreach (dynamic binding in bindings)
{
// Extract data from binding
string ipAddress = DynamicHelper.Value(binding.ip_address);
long? port = DynamicHelper.To(binding.port, 1, 65535);
string hostname = DynamicHelper.Value(binding.hostname) ?? "";
bool? isHttps = DynamicHelper.To <bool>(binding.is_https);
string certificateHash = null;
string certificateStoreName = null;
byte[] hashBytes = null;
// Validate that data forms valid binding
if (ipAddress == null)
{
throw new ApiArgumentException("binding.ip_address");
}
else if (port == null)
{
throw new ApiArgumentException("binding.port");
}
else if (isHttps == null)
{
throw new ApiArgumentException("binding.is_https");
}
if (isHttps.Value)
{
if (binding.certificate == null || !(binding.certificate is JObject))
{
throw new ApiArgumentException("certificate");
}
dynamic certificate = binding.certificate;
string uuid = DynamicHelper.Value(certificate.id);
if (string.IsNullOrEmpty(uuid))
{
throw new ApiArgumentException("certificate.id");
}
CertificateId id = new CertificateId(uuid);
certificateHash = id.Thumbprint;
certificateStoreName = Enum.GetName(typeof(StoreName), id.StoreName);
List <byte> bytes = new List <byte>();
// Decode the hex string of the certificate hash into bytes
for (int i = 0; i < id.Thumbprint.Length; i += 2)
{
bytes.Add(Convert.ToByte(id.Thumbprint.Substring(i, 2), 16));
}
hashBytes = bytes.ToArray();
}
// Create binding
Binding newBinding = site.Bindings.CreateElement();
// If format of the information is incorrect throws ArgumentException but does not populate ParamName
newBinding.BindingInformation = $"{ipAddress}:{port}:{hostname}";
newBinding.Protocol = isHttps.Value ? "https" : "http";
// Attempting to get or set the certificate hash when the protocol is not https will raise an error -msdn
if (isHttps.Value)
{
// The specified certificate must be in the store with a private key or else there will be an exception when we commit
newBinding.CertificateHash = hashBytes;
newBinding.CertificateStoreName = certificateStoreName;
}
// Add to bindings list
newBindings.Add(newBinding);
}
// All bindings have been verified and added to the list
// Clear the old list, and add the new
site.Bindings.Clear();
newBindings.ForEach(binding => site.Bindings.Add(binding));
}
// Set the app pool
if (model.application_pool != null)
{
// Extract the uuid from the application_pool object provided in model
string appPoolUuid = DynamicHelper.Value(model.application_pool.id);
// It is an error to provide an application pool object without specifying its id property
if (appPoolUuid == null)
{
throw new ApiArgumentException("application_pool.id");
}
// Create application pool id object from uuid provided, use this to obtain the application pool
AppPools.AppPoolId appPoolId = AppPoolId.CreateFromUuid(appPoolUuid);
ApplicationPool pool = AppPoolHelper.GetAppPool(appPoolId.Name);
Application rootApp = site.Applications["/"];
if (rootApp == null)
{
throw new ApiArgumentException("application_pool", "Root application does not exist.");
}
// REVIEW: Should we create the root application if it doesn't exist and they specify an application pool?
// We decided not to do this for physical_path.
// Application pool for a site is extracted from the site's root application
rootApp.ApplicationPoolName = pool.Name;
}
return(site);
}
private static void SetBinding(Binding binding, dynamic obj)
{
string protocol = DynamicHelper.Value(obj.protocol);
string bindingInformation = DynamicHelper.Value(obj.binding_information);
bool? requireSni = DynamicHelper.To <bool>(obj.require_sni);
if (protocol == null)
{
throw new ApiArgumentException("binding.protocol");
}
binding.Protocol = protocol;
bool isHttp = protocol.Equals("http") || protocol.Equals("https");
if (isHttp)
{
//
// HTTP Binding information provides port, ip address, and hostname
UInt16 port;
string hostname;
IPAddress ipAddress = null;
if (bindingInformation == null)
{
var ip = DynamicHelper.Value(obj.ip_address);
if (ip == "*")
{
ipAddress = IPAddress.Any;
}
else if (!IPAddress.TryParse(ip, out ipAddress))
{
throw new ApiArgumentException("binding.ip_address");
}
UInt16?p = (UInt16?)DynamicHelper.To(obj.port, 1, UInt16.MaxValue);
if (p == null)
{
throw new ApiArgumentException("binding.port");
}
port = p.Value;
hostname = DynamicHelper.Value(obj.hostname) ?? string.Empty;
}
else
{
var parts = bindingInformation.Split(':');
if (parts.Length != 3)
{
throw new ApiArgumentException("binding.binding_information");
}
if (parts[0] == "*")
{
ipAddress = IPAddress.Any;
}
else if (!IPAddress.TryParse(parts[0], out ipAddress))
{
throw new ApiArgumentException("binding.binding_information");
}
if (!UInt16.TryParse(parts[1], out port))
{
throw new ApiArgumentException("binding.binding_information");
}
hostname = parts[2];
}
binding.Protocol = protocol;
// HTTPS
if (protocol.Equals("https"))
{
if (string.IsNullOrEmpty(hostname) && requireSni.HasValue && requireSni.Value)
{
throw new ApiArgumentException("binding.require_sni");
}
if (obj.certificate == null || !(obj.certificate is JObject))
{
throw new ApiArgumentException("binding.certificate");
}
dynamic certificate = obj.certificate;
string uuid = DynamicHelper.Value(certificate.id);
if (string.IsNullOrEmpty(uuid))
{
throw new ApiArgumentException("binding.certificate.id");
}
CertificateId id = new CertificateId(uuid);
ICertificateStore store = CertificateStoreProviderAccessor.Instance?.Stores
.FirstOrDefault(s => s.Name.Equals(id.StoreName, StringComparison.OrdinalIgnoreCase));
ICertificate cert = null;
if (store != null)
{
cert = store.GetCertificate(id.Id).Result;
}
if (cert == null)
{
throw new NotFoundException("binding.certificate");
}
if (!cert.Purposes.Contains("Server Authentication", StringComparer.OrdinalIgnoreCase))
{
throw new ApiArgumentException("binding.certificate", "Certificate does not support server authentication");
}
//
// Windows builtin store
if (store is IWindowsCertificateStore)
{
// The specified certificate must be in the store with a private key or else there will be an exception when we commit
if (cert == null)
{
throw new NotFoundException("binding.certificate");
}
if (!cert.HasPrivateKey)
{
throw new ApiArgumentException("binding.certificate", "Certificate must have a private key");
}
List <byte> bytes = new List <byte>();
// Decode the hex string of the certificate hash into bytes
for (int i = 0; i < id.Id.Length; i += 2)
{
bytes.Add(Convert.ToByte(id.Id.Substring(i, 2), 16));
}
binding.CertificateStoreName = id.StoreName;
binding.CertificateHash = bytes.ToArray();
}
//
// IIS Central Certificate store
else if (store is ICentralCertificateStore)
{
string name = Path.GetFileNameWithoutExtension(cert.Alias);
if (string.IsNullOrEmpty(hostname) || !hostname.Replace('*', '_').Equals(name))
{
throw new ApiArgumentException("binding.hostname", "Hostname must match certificate file name for central certificate store");
}
binding.SslFlags |= SslFlags.CentralCertStore;
}
if (requireSni.HasValue)
{
if (!binding.Schema.HasAttribute(sslFlagsAttribute))
{
// throw on IIS 7.5 which does not have SNI support
throw new ApiArgumentException("binding.require_sni", "SNI not supported on this machine");
}
if (requireSni.Value)
{
binding.SslFlags |= SslFlags.Sni;
}
else
{
binding.SslFlags &= ~SslFlags.Sni;
}
}
}
var ipModel = ipAddress.Equals(IPAddress.Any) ? "*" : ipAddress.ToString();
binding.BindingInformation = $"{ipModel}:{port}:{hostname}";
}
else
{
//
// Custom protocol
if (string.IsNullOrEmpty(bindingInformation))
{
throw new ApiArgumentException("binding.binding_information");
}
binding.BindingInformation = bindingInformation;
}
}
public X509Certificate2 ReadCertificate(CertificateId cert)
{
byte[] fileSelect = ((FileSelectCmdAttribute)cert.GetType().GetMember(cert.ToString())[0].GetCustomAttributes(typeof(FileSelectCmdAttribute), false)[0]).Cmd;
return new X509Certificate2(ReadRaw(fileSelect));
}
