Release 2.0.3. (#19)

* Added a switch to control syncing of fields deactivated in DigiCert.

* Updated readme_source.md with new config section.

Fixes ab#47725, ab#46882

Author: mkachk

CHANGELOG.md

@@ -1,3 +1,7 @@
+Version 2.0.3  
+
+    Added a setting to enable or disable syncing deactivated custom fields from DigiCert.
+
 Version 2.0.2
 
     Fixed issue with additional_emails field not syncing.

README.md

@@ -6,8 +6,6 @@ A tool to automatically synchronize metadata fields and their content from DigiC
 
 
 
-
-
 ## Support for Digicert Metadata Sync
 
 Digicert Metadata Sync is open source and there is **no SLA** for this tool/library/client. Keyfactor will address issues as resources become available. Keyfactor customers may request escalation by opening up a support ticket through their Keyfactor representative.
@@ -16,7 +14,6 @@ Digicert Metadata Sync is open source and there is **no SLA** for this tool/libr
 
 
 
-
 ## Overview
 This tool primarily sets up metadata fields in Keyfactor for the custom metadata fields in DigiCert, which are named as such, but can also setup metadata fields in Keyfactor for non-custom fields available in DigiCert and unavailable in Keyfactor by default,   such as the Digicert Cert ID and the Organization contact.  These fields are referred to as manual fields in the context of this tool. After setting up these fields, the tool proceeds to update the contents of these fields. This tool only adds metadata to certificates that have already been imported into Keyfactor. Additionally, this tool requires a properly installed and functioning AnyGateway configured to work with Keyfactor and Digicert.
 
@@ -44,6 +41,8 @@ This should include the common prefix all DigiCert certs have in your Keyfactor
 This setting enables the tool to import all of the custom metadata fields included in DigiCert and sync all of their data.
 - <b>ReplaceDigicertWhiteSpaceCharacterInName</b>  
 In case the ImportAllCustomDigicertFields setting is used, this is necessary to for metadata field label conversion. DigiCert supports spaces in labels and Keyfactor does not, so this replaces the spaces in the name with your character sequence of choice.
+- <b>ImportDataForDeactivatedDigiCertFields</b>  
+If this is enabled, custom metadata fields that were deactivated in DigiCert will also be synced, and the data stored in these fields in certificates will be too.
 
 ### manualfields.json settings
 This file is used to specify which metadata fields should be synced up.

digicert-metadata-sync/App.config

@@ -10,5 +10,6 @@
 		<add key="KeyfactorDigicertIssuedCertQueryTerm" value="DigiCert" />
 		<add key="ImportAllCustomDigicertFields" value="False" />
 		<add key="ReplaceDigicertWhiteSpaceCharacterInName" value="_-_" />
+		<add key="ImportDataForDeactivatedDigiCertFields" value="False" />
 	</appSettings>
 </configuration>

digicert-metadata-sync/GrabCustomFieldsFromDigiCert.cs

@@ -15,6 +15,7 @@
 using Keyfactor.Logging;
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
+using NLog.Time;
 using RestSharp;
 using RestSharp.Authenticators;
 
@@ -24,8 +25,9 @@ namespace DigicertMetadataSync;
 // It will only add new fields.
 partial class DigicertSync
 {
-    public static List<CustomDigicertMetadataInstance> GrabCustomFieldsFromDigiCert(string apikey)
+    public static List<CustomDigicertMetadataInstance> GrabCustomFieldsFromDigiCert(string apikey, bool importdeactivated)
     {
+        ILogger logger = LogHandler.GetClassLogger<DigicertSync>();
         var digicertclient = new RestClient();
         var customfieldsretrieval = "https://www.digicert.com/services/v2/account/metadata";
         var digicertrequest = new RestRequest(customfieldsretrieval);
@@ -36,8 +38,12 @@ public static List<CustomDigicertMetadataInstance> GrabCustomFieldsFromDigiCert(
         int lengthofresponse = trimmeddigicertresponse.Length;
         trimmeddigicertresponse = trimmeddigicertresponse.Remove(lengthofresponse - 1, 1);
         var fieldlist = JsonConvert.DeserializeObject<List<CustomDigicertMetadataInstance>>(trimmeddigicertresponse);
+        if (importdeactivated == false)
+        {
+            fieldlist.RemoveAll(unit => unit.is_active == false);
+        }
         Console.WriteLine("Obtained custom fields from DigiCert.");
-        _logger.Debug("Obtained custom fields from DigiCert.");
+        logger.LogDebug("Obtained custom fields from DigiCert.");
         return fieldlist;
     }
 }

digicert-metadata-sync/MetadataSync.cs

@@ -11,6 +11,7 @@
 using RestSharp;
 using RestSharp.Authenticators;
 using ConfigurationManager = System.Configuration.ConfigurationManager;
+//using Keyfactor.Logging;
 
 namespace DigicertMetadataSync;
 
@@ -26,6 +27,7 @@ public static void Main(string[] args)
         var digicertapikeytopperm = ConfigurationManager.AppSettings.Get("DigicertAPIKeyTopPerm");
         var keyfactorusername = ConfigurationManager.AppSettings.Get("KeyfactorDomainAndUser");
         var keyfactorpassword = ConfigurationManager.AppSettings.Get("KeyfactorPassword");
+        var importdeactivated = Convert.ToBoolean(ConfigurationManager.AppSettings.Get("ImportDataForDeactivatedDigiCertFields"));
         var replacementcharacter = ConfigurationManager.AppSettings.Get("ReplaceDigicertWhiteSpaceCharacterInName");
         var importallcustomdigicertfields =
             Convert.ToBoolean(ConfigurationManager.AppSettings.Get("ImportAllCustomDigicertFields"));
@@ -75,7 +77,7 @@ public static void Main(string[] args)
         _logger.Debug("Got list of custom fields from Keyfactor.");
 
         //Getting list of custom metadata fields on DigiCert
-        var customdigicertmetadatafieldlist = GrabCustomFieldsFromDigiCert(digicertapikey);
+        var customdigicertmetadatafieldlist = GrabCustomFieldsFromDigiCert(digicertapikey, importdeactivated);
 
         //Convert DigiCert custom fields to Keyfactor appropriate ones
         //This depends on whether the setting to import all fields was enabled or not
@@ -253,11 +255,11 @@ CURRENTLY REPLACING WITH "_-_" AS STAND IN FOR SPACE CHARACTER.
 
             // Grabbing the list again from digicert, populating ids for new ones 
             //Getting list of custom metadata fields on DigiCert
-            var updatedmetadatafieldlist = GrabCustomFieldsFromDigiCert(digicertapikey);
+            var updatedmetadatafieldlist = GrabCustomFieldsFromDigiCert(digicertapikey, importdeactivated);
             foreach (var subitem in updatedmetadatafieldlist)
-                foreach (var fulllistitem in fullcustomdgfieldlist)
-                    if (subitem.label == fulllistitem.label)
-                        fulllistitem.id = subitem.id;
+            foreach (var fulllistitem in fullcustomdgfieldlist)
+                if (subitem.label == fulllistitem.label)
+                    fulllistitem.id = subitem.id;
 
             var totalcertsprocessed = 0;
             var numcertsdatauploaded = 0;
@@ -389,9 +391,9 @@ CURRENTLY REPLACING WITH "_-_" AS STAND IN FOR SPACE CHARACTER.
                 //Find matching certificate via Keyfactor ID
                 var test = digicertcertinstance["certificate"]["serial_number"].ToString().ToUpper();
                 var query = from kfcertlocal in certlist
-                            where kfcertlocal.SerialNumber ==
-                                  digicertcertinstance["certificate"]["serial_number"].ToString().ToUpper()
-                            select kfcertlocal;
+                    where kfcertlocal.SerialNumber ==
+                          digicertcertinstance["certificate"]["serial_number"].ToString().ToUpper()
+                    select kfcertlocal;
                 var certificateid = query.FirstOrDefault().Id;
 
 
@@ -412,9 +414,9 @@ CURRENTLY REPLACING WITH "_-_" AS STAND IN FOR SPACE CHARACTER.
                         {
                             //Using custom names
                             var metadatanamequery = from customfieldinstance in kfcustomfields
-                                                    where customfieldinstance.DigicertFieldName ==
-                                                          metadatafieldinstance["label"]
-                                                    select customfieldinstance;
+                                where customfieldinstance.DigicertFieldName ==
+                                      metadatafieldinstance["label"]
+                                select customfieldinstance;
                             if (metadatanamequery.FirstOrDefault() != null)
                                 payloadforkf.Metadata[metadatanamequery.FirstOrDefault().DigicertFieldName] =
                                     metadatafieldinstance["value"];

readme_source.md

@@ -25,6 +25,8 @@ This should include the common prefix all DigiCert certs have in your Keyfactor
 This setting enables the tool to import all of the custom metadata fields included in DigiCert and sync all of their data.
 - <b>ReplaceDigicertWhiteSpaceCharacterInName</b>  
 In case the ImportAllCustomDigicertFields setting is used, this is necessary to for metadata field label conversion. DigiCert supports spaces in labels and Keyfactor does not, so this replaces the spaces in the name with your character sequence of choice.
+- <b>ImportDataForDeactivatedDigiCertFields</b>  
+If this is enabled, custom metadata fields that were deactivated in DigiCert will also be synced, and the data stored in these fields in certificates will be too.
 
 ### manualfields.json settings
 This file is used to specify which metadata fields should be synced up.