/// <summary>
/// Create controller with service.
/// </summary>
/// <param name="certificateRequest"></param>
/// <param name="servicesConfig"></param>
public CertificateRequestController(
ICertificateRequest certificateRequest,
IServicesConfig servicesConfig)
{
_certificateRequest = certificateRequest;
_servicesConfig = servicesConfig;
}
/// <inheritdoc/>
public async Task DeleteApplicationAsync(string applicationId, bool force)
{
Guid appId = ToGuidAndVerify(applicationId);
var application = await _applications.GetAsync(appId);
if (!force &&
application.ApplicationState < ApplicationState.Unregistered)
{
throw new ResourceInvalidStateException("The record is not in a valid state for this operation.");
}
if (_scope != null)
{
ICertificateRequest certificateRequestsService = _scope.Resolve <ICertificateRequest>();
// mark all requests as deleted
ReadRequestResultModel[] certificateRequests;
string nextPageLink = null;
do
{
(nextPageLink, certificateRequests) = await certificateRequestsService.QueryPageAsync(appId.ToString(), null, nextPageLink);
foreach (var request in certificateRequests)
{
await certificateRequestsService.DeleteAsync(request.RequestId);
}
} while (nextPageLink != null);
}
await _applications.DeleteAsync(appId);
}
public MainServer(IApplicationsDatabase database, ICertificateRequest request, ICertificateGroup certificateGroup, bool autoApprove = true)
{
_database = database ?? throw new Exception("Please provide data storage information.");
_request = request;
_certificateGroup = certificateGroup;
_autoApprove = autoApprove;
_requestLock = new object();
_contexts = new Dictionary <uint, ImpersonationContext>();
}
public GlobalDiscoverySampleServer(
IApplicationsDatabase database,
ICertificateRequest request,
ICertificateGroup certificateGroup
)
{
m_database = database;
m_request = request;
m_certificateGroup = certificateGroup;
}
public GlobalDiscoverySampleServer(
IApplicationsDatabase database,
ICertificateRequest request,
ICertificateGroup certificateGroup,
bool autoApprove = true
)
{
m_database = database;
m_request = request;
m_certificateGroup = certificateGroup;
m_autoApprove = autoApprove;
}
public CertificateRequestTest(CertificateRequestTestFixture fixture, ITestOutputHelper log)
{
_fixture = fixture;
// fixture
fixture.SkipOnInvalidConfiguration();
_logger = SerilogTestLogger.Create <CertificateRequestTest>(log);
_applicationsDatabase = fixture.ApplicationsDatabase;
_certificateGroup = fixture.CertificateGroup;
_certificateRequest = fixture.CertificateRequest;
_applicationTestSet = fixture.ApplicationTestSet;
_randomSource = new RandomSource(10815);
}
public WarmStartDatabase(
IDocumentDBRepository repository,
ICertificateRequest certificateRequest,
IApplicationsDatabase applicationDatabase,
ILogger logger
)
{
_repository = repository;
_certificateRequest = certificateRequest;
_applicationDatabase = applicationDatabase;
_logger = logger;
}
public OpcVaultGlobalDiscoveryServer(
IApplicationsDatabase database,
ICertificateRequest request,
ICertificateGroup certificateGroup,
bool autoApprove = true
)
{
_database = database;
_request = request;
_certificateGroup = certificateGroup;
_autoApprove = autoApprove;
}
public CertificateRequestTestFixture()
{
RandomGenerator = new ApplicationTestDataGenerator(_randomStart);
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("testsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile("testsettings.Development.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables();
IConfigurationRoot configuration = builder.Build();
configuration.Bind("OpcVault", _serviceConfig);
configuration.Bind("Auth", _clientConfig);
_logger = SerilogTestLogger.Create <CertificateRequestTestFixture>();
if (!InvalidConfiguration())
{
_documentDBRepository = new OpcVaultDocumentDbRepository(_serviceConfig);
ApplicationsDatabase = CosmosDBApplicationsDatabaseFactory.Create(null, _serviceConfig, _documentDBRepository, _logger);
var timeid = (DateTime.UtcNow.ToFileTimeUtc() / 1000) % 10000;
_groupId = "CertReqIssuerCA" + timeid.ToString();
_configId = "CertReqConfig" + timeid.ToString();
var keyVaultServiceClient = KeyVaultServiceClient.Get(_configId, _serviceConfig, _clientConfig, _logger);
_keyVaultCertificateGroup = new KeyVaultCertificateGroup(keyVaultServiceClient, _serviceConfig, _clientConfig, _logger);
_keyVaultCertificateGroup.PurgeAsync(_configId, _groupId).Wait();
CertificateGroup = _keyVaultCertificateGroup;
CertificateGroup = new KeyVaultCertificateGroup(keyVaultServiceClient, _serviceConfig, _clientConfig, _logger);
CertificateGroup.CreateCertificateGroupConfiguration(_groupId, "CN=OPC Vault Cert Request Test CA, O=Microsoft, OU=Azure IoT", null).Wait();
CertificateRequest = CosmosDBCertificateRequestFactory.Create(ApplicationsDatabase, CertificateGroup, _serviceConfig, _documentDBRepository, _logger);
// create test set
ApplicationTestSet = new List <ApplicationTestData>();
for (int i = 0; i < _testSetSize; i++)
{
var randomApp = RandomGenerator.RandomApplicationTestData();
ApplicationTestSet.Add(randomApp);
}
// try initialize DB
ApplicationsDatabase.Initialize().Wait();
}
RegistrationOk = false;
}
/// <summary>
/// Initializes the node manager.
/// </summary>
public GlobalDiscoveryServiceNodeManager(IServerInternal server, ApplicationConfiguration applicationConfiguration,
IApplicationsDatabase database, ICertificateRequest request, ICertificateGroup certificateGroup, bool autoApprove = false)
: base(server, applicationConfiguration)
{
NamespaceUris = new List <string> {
$"http://{Dns.GetHostName()}/GDS/Default", Namespaces.OpcUaGds
};
_nextNodeId = 0;
SystemContext.NodeIdFactory = this;
_defaultSubjectNameContext = "CN=" + applicationConfiguration.ApplicationName + ", DC=" + Dns.GetHostName();
_certificateGroupConfigurationCollection = new CertificateGroupConfigurationCollection();
//Authorities Certificates Store Path
string directoryName = Path.GetDirectoryName(Assembly.GetEntryAssembly()?.Location);
if (string.IsNullOrEmpty(directoryName))
{
return;
}
string authoritiesStorePathDirectory = Path.Combine(directoryName, "pki\\authoritie");
if (!Directory.Exists(authoritiesStorePathDirectory))
{
Directory.CreateDirectory(authoritiesStorePathDirectory);
}
_authoritiesStorePath = authoritiesStorePathDirectory;
//Application Certificates Store Path
string applicationCertificatesStorePathDirectory = Path.Combine(directoryName, "pki\\applications");
if (!Directory.Exists(applicationCertificatesStorePathDirectory))
{
Directory.CreateDirectory(applicationCertificatesStorePathDirectory);
}
_applicationCertificatesStorePath = applicationCertificatesStorePathDirectory;
//Base Certificates Store Path
string baseCertificateGroupStorePathDirectory = Path.Combine(directoryName, "pki\\CA\\default");
if (!Directory.Exists(baseCertificateGroupStorePathDirectory))
{
Directory.CreateDirectory(baseCertificateGroupStorePathDirectory);
}
_certificateGroupConfigurationCollection.Add(new CertificateGroupConfiguration {
Id = "Default",
CertificateType = "RsaSha256ApplicationCertificateType",
SubjectName = _defaultSubjectNameContext,
BaseStorePath = baseCertificateGroupStorePathDirectory,
DefaultCertificateLifetime = 12,
DefaultCertificateKeySize = 2048,
DefaultCertificateHashSize = 256,
CACertificateLifetime = 60,
CACertificateKeySize = 2048,
CACertificateHashSize = 256
});
_knownHostNames = new StringCollection();
_defaultApplicationGroupId = ExpandedNodeId.ToNodeId(ObjectIds.Directory_CertificateGroups_DefaultApplicationGroup, Server.NamespaceUris);
_defaultHttpsGroupId = ExpandedNodeId.ToNodeId(ObjectIds.Directory_CertificateGroups_DefaultHttpsGroup, Server.NamespaceUris);
_defaultUserTokenGroupId = ExpandedNodeId.ToNodeId(ObjectIds.Directory_CertificateGroups_DefaultUserTokenGroup, Server.NamespaceUris);
_autoApprove = autoApprove;
_database = database;
_request = request;
_certificateGroupFactory = certificateGroup;
_certificateGroups = new Dictionary <NodeId, CertificateGroup>();
try
{
ServerOnNetwork[] results = _database.QueryServers(0, 5, null, null, null, null, out DateTime _);
Utils.Trace($"QueryServers Returned: {results.Length} records");
foreach (ServerOnNetwork result in results)
{
Utils.Trace($"Server Found at {result.DiscoveryUrl}");
}
}
catch (Exception e)
{
Utils.Trace($"Could not connect to the Database! Exception:\r\n{e.InnerException}");
Utils.Trace("Initialize Database tables!");
_database.Initialize();
Utils.Trace("Database Initialized!");
}
Server.MessageContext.Factory.AddEncodeableTypes(typeof(ObjectIds).GetTypeInfo().Assembly);
}
/// <inheritdoc/>
public async Task <Application> UnregisterApplicationAsync(string applicationId)
{
Guid appId = ToGuidAndVerify(applicationId);
bool retryUpdate;
bool first = true;
Application record;
do
{
retryUpdate = false;
List <byte[]> certificates = new List <byte[]>();
record = await _applications.GetAsync(appId);
if (record == null)
{
throw new ResourceNotFoundException("A record with the specified application id does not exist.");
}
if (record.ApplicationState >= ApplicationState.Unregistered)
{
throw new ResourceInvalidStateException("The record is not in a valid state for this operation.");
}
if (first && _scope != null)
{
ICertificateRequest certificateRequestsService = _scope.Resolve <ICertificateRequest>();
// mark all requests as deleted
ReadRequestResultModel[] certificateRequests;
string nextPageLink = null;
do
{
(nextPageLink, certificateRequests) = await certificateRequestsService.QueryPageAsync(appId.ToString(), null, nextPageLink);
foreach (var request in certificateRequests)
{
if (request.State < CertificateRequestState.Deleted)
{
await certificateRequestsService.DeleteAsync(request.RequestId);
}
}
} while (nextPageLink != null);
}
first = false;
record.ApplicationState = ApplicationState.Unregistered;
record.DeleteTime = DateTime.UtcNow;
try
{
await _applications.UpdateAsync(appId, record, record.ETag);
}
catch (DocumentClientException dce)
{
if (dce.StatusCode == HttpStatusCode.PreconditionFailed)
{
retryUpdate = true;
}
}
} while (retryUpdate);
return(record);
}
