Skip to content

Commit

Permalink
Errorfixes (#6)
Browse files Browse the repository at this point in the history 
* fixed error handling from Hydrant API changes
* Fixed Enrollment External Validation
  • Loading branch information
@bhillkeyfactor
bhillkeyfactor authored Oct 31, 2022
1 parent dc5df03 commit b67937d
Show file tree
Hide file tree
Showing 6 changed files with 86 additions and 51 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
v1.1.1
- Fixed error handing to match Hydrant new API Structure

v1.1.0
- Added Support for Meta Data In Keyfactor
- Put enroll on a timer to wait for request so Meta Data Could be Pulled down
Expand Down
4 changes: 2 additions & 2 deletions HydrantIdProxy/src/HydrantIdProxy/Client/HydrantIdClient.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,8 +192,8 @@ public async Task<Certificate> GetSubmitGetCertificateAsync(string certificateId
Logger.Error($"Error Occured in HydrantIdClient.GetSubmitGetCertificateAsync: {e.Message}");
throw;
}
}

}

public async Task<Certificate> GetSubmitGetCertificateByCsrAsync(string requestTrackingId)
{
try
Expand Down
4 changes: 2 additions & 2 deletions HydrantIdProxy/src/HydrantIdProxy/Client/Models/ErrorReturn.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ namespace Keyfactor.HydrantId.Client.Models
{
public class ErrorReturn : IErrorReturn
{
[JsonProperty("status", NullValueHandling = NullValueHandling.Ignore)] public int Status { get; set; }
[JsonProperty("error", NullValueHandling = NullValueHandling.Ignore)] public string Error { get; set; }
[JsonProperty("status", NullValueHandling = NullValueHandling.Ignore)] public string Status { get; set; }
[JsonProperty("message", NullValueHandling = NullValueHandling.Ignore)] public string Error { get; set; }
}
}
99 changes: 61 additions & 38 deletions HydrantIdProxy/src/HydrantIdProxy/HydrantIdProxy.cs
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Diagnostics;
using System.Diagnostics;
using System.Linq;
using System.Security.Cryptography.X509Certificates;
using System.Text;
Expand Down Expand Up @@ -117,7 +117,7 @@ public override void Synchronize(ICertificateDataReader certificateDataReader,
foreach (var cert in splitCerts)
try
{
var currentCert = new X509Certificate2(Encoding.ASCII.GetBytes(cert));
var currentCert = new X509Certificate2(Encoding.ASCII.GetBytes(cert));
var caReqId = $"{currentResponseItem.Id}-{currentCert.SerialNumber}";
Logger.Trace($"Split Cert Value: {cert}");
blockingBuffer.Add(new CAConnectorCertificate
Expand Down Expand Up @@ -195,10 +195,22 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
enrollmentResponse =
Task.Run(async () => await HydrantIdClient.GetSubmitEnrollmentAsync(enrollmentRequest))
.Result;
Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");

csrTrackingResponse = GetCertificateOnTimer(enrollmentResponse.RequestStatus.Id);

Logger.Trace($"Enrollment Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");

if (enrollmentResponse?.ErrorReturn?.Status != "Failure")
{
csrTrackingResponse = GetCertificateOnTimer(enrollmentResponse?.RequestStatus?.Id);
}
else
{
return new EnrollmentResult
{
Status = 30, //failure
StatusMessage = $"Enrollment Failed with error {enrollmentResponse?.ErrorReturn?.Error}"
};
}


Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug);

break;
Expand All @@ -223,41 +235,52 @@ public override EnrollmentResult Enroll(ICertificateDataReader certificateDataRe
Task.Run(async () =>
await HydrantIdClient.GetSubmitRenewalAsync(certificateId, renewalRequest))
.Result;
Logger.Trace($"Renew Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");


csrTrackingResponse = GetCertificateOnTimer(enrollmentResponse.RequestStatus.Id);

Logger.Trace($"Renew Response JSON: {JsonConvert.SerializeObject(enrollmentResponse)}");

if (enrollmentResponse?.ErrorReturn?.Status != "Failure")
{
csrTrackingResponse = GetCertificateOnTimer(enrollmentResponse?.RequestStatus?.Id);
}
else
{
return new EnrollmentResult
{
Status = 30, //failure
StatusMessage = $"Enrollment Failed with error {enrollmentResponse?.ErrorReturn?.Error}"
};
}
break;
}

return _requestManager.GetEnrollmentResult(csrTrackingResponse);
}


var cert = GetSingleRecord(csrTrackingResponse.Id.ToString());
return _requestManager.GetEnrollmentResult(csrTrackingResponse,cert);
}

private Certificate GetCertificateOnTimer(string Id)
{
//Get the csr tracking response from the tracking Id returned from Enrollment
var stopwatch = new Stopwatch();
stopwatch.Start();

Certificate csrTrackingResponse = null;

while (stopwatch.Elapsed < TimeSpan.FromSeconds(60) && csrTrackingResponse == null)
{
try
{
csrTrackingResponse =
Task.Run(async () => await HydrantIdClient.GetSubmitGetCertificateByCsrAsync(Id))
.Result;
}
catch (System.AggregateException e)
{
Logger.Trace($"Enrollment Response Not Available Yet, try again {LogHandler.FlattenException(e)}.");
}
Thread.Sleep(1000);
}

return csrTrackingResponse;
private Certificate GetCertificateOnTimer(string Id)
{
//Get the csr tracking response from the tracking Id returned from Enrollment
var stopwatch = new Stopwatch();
stopwatch.Start();

Certificate csrTrackingResponse = null;

while (stopwatch.Elapsed < TimeSpan.FromSeconds(30) && csrTrackingResponse == null)
{
try
{
csrTrackingResponse =
Task.Run(async () => await HydrantIdClient.GetSubmitGetCertificateByCsrAsync(Id))
.Result;
}
catch (System.AggregateException e)
{
Logger.Trace($"Enrollment Response Not Available Yet, try again {LogHandler.FlattenException(e)}.");
}
Thread.Sleep(1000);
}

return csrTrackingResponse;
}

public override CAConnectorCertificate GetSingleRecord(string caRequestId)
Expand Down
2 changes: 1 addition & 1 deletion HydrantIdProxy/src/HydrantIdProxy/Interfaces/IErrorReturn.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
{
public interface IErrorReturn
{
int Status { get; set; }
string Status { get; set; }
string Error { get; set; }
}
}
25 changes: 17 additions & 8 deletions HydrantIdProxy/src/HydrantIdProxy/RequestManager.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,12 +224,12 @@ public CertRequestBodySubjectAltNames GetSansRequest(Dictionary<string, string[]

public EnrollmentResult
GetEnrollmentResult(
ICertificate enrollmentResult)
ICertificate enrollmentResult, CAConnectorCertificate cert)
{
try
{
Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
if (!enrollmentResult.Id.HasValue)
Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug);
if (enrollmentResult==null)
{
return new EnrollmentResult
{
Expand All @@ -238,14 +238,23 @@ public EnrollmentResult
};
}

if (enrollmentResult.Id.HasValue)
if (!enrollmentResult.Id.HasValue)
{
return new EnrollmentResult
{
Status = 13, //success
CARequestID = enrollmentResult.Id.ToString(),
StatusMessage =
$"Order Successfully Created With Order Number {enrollmentResult.Id.ToString()}"
Status = 30, //failure
StatusMessage = $"Enrollment Failed with could not get the certificate from the request tracking id"
};
}

if (enrollmentResult.Id.HasValue)
{
return new EnrollmentResult
{
Status = (int)PKIConstants.Microsoft.RequestDisposition.ISSUED, //success
CARequestID = enrollmentResult.Id.ToString(),
Certificate = cert.Certificate,
StatusMessage = $"Order Successfully Created With Product {cert.ProductID}"
};
}

Expand Down

0 comments on commit b67937d

Please sign in to comment.