public async Task <object> Execute(ArgumentSyntax syntax) { var(serverUri, key) = await ReadAccountKey(syntax, true, false); var orderUri = syntax.GetParameter <Uri>(OrderIdParam, true); var domain = syntax.GetParameter <string>(DomainParam, true); var azureCredentials = await ReadAzureCredentials(syntax); var resourceGroup = syntax.GetOption <string>(AzureResourceGroupOption, true); var appName = syntax.GetParameter <string>(AppNameParam, true); var appSlot = syntax.GetOption <string>(SlotOption, false); var privKey = await syntax.ReadKey(PrivateKeyOption, "CERTES_CERT_KEY", File, environment, true); var acme = ContextFactory.Invoke(serverUri, key); var orderCtx = acme.Order(orderUri); var order = await orderCtx.Resource(); if (order.Certificate == null) { throw new CertesCliException(string.Format(Strings.ErrorOrderIncompleted, orderCtx.Location)); } var cert = await orderCtx.Download(); var x509Cert = new X509Certificate2(cert.Certificate.ToDer()); var thumbprint = x509Cert.Thumbprint; using (var client = clientFactory.Invoke(azureCredentials)) { client.SubscriptionId = azureCredentials.DefaultSubscriptionId; var certUploaded = await FindCertificate(client, resourceGroup, thumbprint); if (certUploaded == null) { certUploaded = await UploadCertificate( client, resourceGroup, appName, appSlot, cert.ToPfx(privKey), thumbprint); } var hostNameBinding = new HostNameBindingInner { SslState = SslState.SniEnabled, Thumbprint = certUploaded.Thumbprint, }; var hostName = string.IsNullOrWhiteSpace(appSlot) ? await client.WebApps.CreateOrUpdateHostNameBindingAsync( resourceGroup, appName, domain, hostNameBinding) : await client.WebApps.CreateOrUpdateHostNameBindingSlotAsync( resourceGroup, appName, domain, hostNameBinding, appSlot); return(new { data = hostName }); } }
protected async Task <RestClient> CreateAzureRestClient(ArgumentSyntax syntax) { var azSettings = await UserSettings.GetAzureSettings(); var tenantId = syntax.GetOption <string>(AzureTenantIdOption) ?? azSettings.TenantId; var clientId = syntax.GetOption <string>(AzureClientIdOption) ?? azSettings.ClientId; var secret = syntax.GetOption <string>(AzureSecretOption) ?? azSettings.ClientSecret; var subscriptionId = syntax.GetOption <string>(AzureSubscriptionIdOption) ?? azSettings.SubscriptionId; ValidateOption(tenantId, AzureTenantIdOption); ValidateOption(clientId, AzureClientIdOption); ValidateOption(secret, AzureSecretOption); ValidateOption(subscriptionId, AzureSubscriptionIdOption); var loginInfo = new ServicePrincipalLoginInformation { ClientId = clientId, ClientSecret = secret, }; return(CreateRestClient(tenantId, subscriptionId, loginInfo)); }
public async Task <object> Execute(ArgumentSyntax syntax) { var talentId = syntax.GetOption <string>(AzureTalentIdOption); var clientId = syntax.GetOption <string>(AzureClientIdOption); var secret = syntax.GetOption <string>(AzureSecretOption); var subscriptionId = syntax.GetOption <string>(AzureSubscriptionIdOption); var loginInfo = new ServicePrincipalLoginInformation { ClientId = clientId, ClientSecret = secret, }; var credentials = new AzureCredentials( loginInfo, talentId, AzureEnvironment.AzureGlobalCloud) .WithDefaultSubscription(subscriptionId); var resourceGroups = await LoadResourceGroups(credentials); var azSettings = new AzureSettings { ClientId = clientId, TalentId = talentId, ClientSecret = secret, SubscriptionId = subscriptionId, }; await userSettings.SetAzureSettings(azSettings); return(new { resourceGroups }); }
protected async Task <AzureCredentials> ReadAzureCredentials(ArgumentSyntax syntax) { var azSettings = await UserSettings.GetAzureSettings(); var tenantId = syntax.GetOption <string>(AzureTenantIdOption) ?? azSettings.TenantId; var clientId = syntax.GetOption <string>(AzureClientIdOption) ?? azSettings.ClientId; var secret = syntax.GetOption <string>(AzureSecretOption) ?? azSettings.ClientSecret; var subscriptionId = syntax.GetOption <string>(AzureSubscriptionIdOption) ?? azSettings.SubscriptionId; ValidateOption(tenantId, AzureTenantIdOption); ValidateOption(clientId, AzureClientIdOption); ValidateOption(secret, AzureSecretOption); ValidateOption(subscriptionId, AzureSubscriptionIdOption); var loginInfo = new ServicePrincipalLoginInformation { ClientId = clientId, ClientSecret = secret, }; var credentials = new AzureCredentials( loginInfo, tenantId, AzureEnvironment.AzureGlobalCloud) .WithDefaultSubscription(subscriptionId); return(credentials); }
public async Task <object> Execute(ArgumentSyntax syntax) { var(serverUri, key) = await ReadAccountKey(syntax, true, false); var orderUri = syntax.GetParameter <Uri>(OrderIdParam, true); var distinguishedName = syntax.GetOption <string>(DnOption); var outPath = syntax.GetOption <string>(OutOption); var keyAlgorithmStr = syntax.GetOption <string>(KeyAlgorithmOption); var keyAlgorithm = keyAlgorithmStr == null ? KeyAlgorithm.ES256 : Enum.TryParse <KeyAlgorithm>(keyAlgorithmStr, out var alg) ? alg : throw new ArgumentSyntaxException(string.Format(Strings.ErrorInvalidkeyAlgorithm, keyAlgorithmStr)); var providedKey = await syntax.ReadKey(PrivateKeyOption, "CERTES_CERT_KEY", File, environment); var privKey = providedKey ?? KeyFactory.NewKey(keyAlgorithm); logger.Debug("Finalizing order from '{0}'.", serverUri); var acme = ContextFactory.Invoke(serverUri, key); var orderCtx = acme.Order(orderUri); var csr = await orderCtx.CreateCsr(privKey); if (!string.IsNullOrWhiteSpace(distinguishedName)) { csr.AddName(distinguishedName); } var order = await orderCtx.Finalize(csr.Generate()); // output private key only if it is generated and not being saved if (string.IsNullOrWhiteSpace(outPath) && providedKey == null) { return(new { location = orderCtx.Location, privateKey = privKey.ToDer(), resource = order, }); } else { if (providedKey == null) { await File.WriteAllText(outPath, privKey.ToPem()); } return(new { location = orderCtx.Location, resource = order, }); } }
public static async Task<IKey> ReadKey( this ArgumentSyntax syntax, string optionName, string environmentVariableName, IFileUtil file, IEnvironmentVariables environment, bool isRequired = false) { var keyPath = syntax.GetOption<string>(optionName); if (!string.IsNullOrWhiteSpace(keyPath)) { return KeyFactory.FromPem(await file.ReadAllText(keyPath)); } else { var keyData = environment.GetVar(environmentVariableName); if (!string.IsNullOrWhiteSpace(keyData)) { return KeyFactory.FromDer(Convert.FromBase64String(keyData)); } else if (isRequired) { throw new Exception(string.Format(Strings.ErrorOptionMissing, optionName)); } } return null; }
public async Task <object> Execute(ArgumentSyntax syntax) { var acct = await ReadAccountKey(syntax); logger.Debug("Creating new account on '{0}'.", acct.Server); var key = acct.Key ?? KeyFactory.NewKey(KeyAlgorithm.ES256); var email = syntax.GetParameter <string>(EmailParam, true); var acme = ContextFactory.Invoke(acct.Server, key); var acctCtx = await acme.NewAccount(email, true); var outPath = syntax.GetOption <string>(OutOption); if (!string.IsNullOrWhiteSpace(outPath)) { logger.Debug("Saving new account key to '{0}'.", outPath); var pem = key.ToPem(); await File.WriteAllText(outPath, pem); } else { logger.Debug("Saving new account key to user settings."); await UserSettings.SetAccountKey(acct.Server, key); } return(new { location = acctCtx.Location, resource = await acctCtx.Resource() }); }
public async Task <object> Execute(ArgumentSyntax syntax) { var(location, cert) = await DownloadCertificate(syntax); var outPath = syntax.GetOption <string>(OutOption); if (string.IsNullOrWhiteSpace(outPath)) { return(new { location, resource = new { certificate = cert.Certificate.ToDer(), issuers = cert.Issuers.Select(i => i.ToDer()).ToArray(), }, }); } else { logger.Debug("Saving certificate to '{0}'.", outPath); await File.WriteAllText(outPath, cert.ToPem()); return(new { location, }); } }
public async Task <object> Execute(ArgumentSyntax syntax) { var keyPath = syntax.GetParameter <string>(PrivateKeyOption, true); var pwd = syntax.GetParameter <string>(PasswordParam, true); var(location, cert) = await DownloadCertificate(syntax); var pfxName = string.Format(CultureInfo.InvariantCulture, "[certes] {0:yyyyMMddhhmmss}", DateTime.UtcNow); var privKey = await syntax.ReadKey(PrivateKeyOption, "CERTES_CERT_KEY", File, environment, true); var pfx = cert.ToPfx(privKey).Build(pfxName, pwd); var outPath = syntax.GetOption <string>(OutOption); if (string.IsNullOrWhiteSpace(outPath)) { return(new { location, pfx, }); } else { logger.Debug("Saving certificate to '{0}'.", outPath); await File.WriteAllBytes(outPath, pfx); return(new { location, }); } }
public async Task <object> Execute(ArgumentSyntax syntax) { var(serverUri, key) = await ReadAccountKey(syntax, true, false); var orderUri = syntax.GetParameter <Uri>(OrderIdParam, true); var domain = syntax.GetParameter <string>(DomainParam, true); var azureCredentials = await ReadAzureCredentials(syntax); var resourceGroup = syntax.GetOption <string>(AzureResourceGroupOption, true); var acme = ContextFactory.Invoke(serverUri, key); var orderCtx = acme.Order(orderUri); var authzCtx = await orderCtx.Authorization(domain) ?? throw new Exception(string.Format(Strings.ErrorIdentifierNotAvailable, domain)); var challengeCtx = await authzCtx.Dns() ?? throw new Exception(string.Format(Strings.ErrorChallengeNotAvailable, "dns")); var authz = await authzCtx.Resource(); var dnsValue = acme.AccountKey.DnsTxt(challengeCtx.Token); using (var client = clientFactory.Invoke(azureCredentials)) { client.SubscriptionId = azureCredentials.DefaultSubscriptionId; var idValue = authz.Identifier.Value; var zone = await FindDnsZone(client, idValue); var name = zone.Name.Length == idValue.Length ? "_acme-challenge" : "_acme-challenge." + idValue.Substring(0, idValue.Length - zone.Name.Length - 1); logger.Debug("Adding TXT record '{0}' for '{1}' in '{2}' zone.", dnsValue, name, zone.Name); var recordSet = await client.RecordSets.CreateOrUpdateAsync( resourceGroup, zone.Name, name, RecordType.TXT, new RecordSetInner( name : name, tTL : 300, txtRecords : new[] { new TxtRecord(new[] { dnsValue }) })); return(new { data = recordSet }); } }
protected async Task <(Uri Location, CertificateChain Cert)> DownloadCertificate(ArgumentSyntax syntax) { var(serverUri, key) = await ReadAccountKey(syntax, true, true); var orderUri = syntax.GetParameter <Uri>(OrderIdParam, true); var preferredChain = syntax.GetOption <string>(PreferredChainOption); logger.Debug("Downloading certificate from '{0}'.", serverUri); var acme = ContextFactory.Invoke(serverUri, key); var orderCtx = acme.Order(orderUri); var order = await orderCtx.Resource(); if (order.Status != OrderStatus.Valid) { throw new CertesCliException( string.Format(Strings.ErrorExportInvalidOrder, order.Status)); } return(order.Certificate, await orderCtx.Download(preferredChain)); }
public static string GetKeyOption(this ArgumentSyntax syntax) => syntax.GetOption<string>(KeyOptionName);
public static Uri GetServerOption(this ArgumentSyntax syntax) => syntax.GetOption<Uri>(ServerOptionName);