Merge 1f0ae06 into 33d52cc

Author: joevanwanzeeleKF

CHANGELOG.md

@@ -1,3 +1,6 @@
+## 1.0.2
+* bug fix: _certDataReader is now initialized in the Initialize method
+
 ## 1.0.1
 * added retrieval of roles associated with enrolled certificates via metadata for Vault Enterprise users
 

hashicorp-vault-cagateway/APIProxy/CertResponse.cs

@@ -16,7 +16,10 @@ public class CertResponse
         public string Certificate { get; set; }
 
         [JsonPropertyName("revocation_time_rfc3339")]
-        public DateTime? RevocationTime { get; set; }
+        public string RevocationTime { get; set; }
+
+        [JsonPropertyName("revocation_time")]
+        public int? RevocationTimestamp { get; set; }
 
         [JsonPropertyName("issuer_id")]
         public string IssuerId { get; set; }

hashicorp-vault-cagateway/APIProxy/WrappedResponse.cs

@@ -12,6 +12,9 @@ namespace Keyfactor.Extensions.CAPlugin.HashicorpVault.APIProxy
 {
     public class WrappedResponse<T>
     {
+        [JsonPropertyName("request_id")]
+        public string RequestId { get; set; }
+
         [JsonPropertyName("lease_id")]
         public string LeaseId { get; set; }
 
@@ -30,6 +33,9 @@ public class WrappedResponse<T>
         [JsonPropertyName("mount_point")]
         public string MountPoint { get; set; }
 
+        [JsonPropertyName("mount_type")]
+        public string MountType { get; set; }
+
         [JsonPropertyName("mount_running_plugin_version")]
         public string PluginVersion { get; set; }
 

hashicorp-vault-cagateway/Client/HashicorpVaultClient.cs

@@ -131,9 +131,15 @@ public async Task<CertResponse> GetCertificate(string certSerial)
 
             try
             {
-                var response = await _vaultHttp.GetAsync<CertResponse>($"cert/{certSerial}");
+                var response = await _vaultHttp.GetAsync<WrappedResponse<CertResponse>>($"cert/{certSerial}");
+                
                 logger.LogTrace($"successfully received a response for certificate with serial number: {certSerial}");
-                return response;
+                logger.LogTrace($"--response data--");
+                logger.LogTrace($"cert string: {response.Data?.Certificate}");
+                logger.LogTrace($"revocation time: {response.Data?.RevocationTime}");
+                
+
+                return response.Data;
             }
             catch (Exception ex)
             {
@@ -152,9 +158,9 @@ public async Task<RevokeResponse> RevokeCertificate(string serial)
             logger.LogTrace($"making request to revoke cert with serial: {serial}");
             try
             {                
-                var response = await _vaultHttp.PostAsync<RevokeResponse>("revoke", new RevokeRequest(serial));
-                logger.LogTrace($"successfully revoked cert with serial {serial}, revocation time:  {response.RevocationTime}");
-                return response;
+                var response = await _vaultHttp.PostAsync<WrappedResponse<RevokeResponse>>("revoke", new RevokeRequest(serial));
+                logger.LogTrace($"successfully revoked cert with serial {serial}, revocation time:  {response.Data.RevocationTime}");
+                return response.Data;
             }
             catch (Exception ex)
             {
@@ -189,7 +195,7 @@ public async Task<bool> PingServer()
         }
 
         /// <summary>
-        /// Retreives all serial numbers for issued certificates 
+        /// Retrieves all serial numbers for issued certificates 
         /// </summary>
         /// <returns>a list of the certificate serial number strings</returns>
         public async Task<List<string>> GetAllCertSerialNumbers()
@@ -199,7 +205,7 @@ public async Task<List<string>> GetAllCertSerialNumbers()
             try
             {
                 var res = await _vaultHttp.GetAsync<WrappedResponse<KeyedList>>("certs/?list=true");
-                return res.Data.Entries;
+                return res.Data?.Entries;
             }
             catch (Exception ex)
             {
@@ -215,8 +221,8 @@ private async Task<List<string>> GetRevokedSerialNumbers()
             var keys = new List<string>();
             try
             {
-                var res = await _vaultHttp.GetAsync<KeyedList>("certs/revoked");
-                keys = res.Entries;
+                var res = await _vaultHttp.GetAsync<WrappedResponse<KeyedList>>("certs/revoked");
+                keys = res.Data?.Entries;
             }
             catch (Exception ex)
             {
@@ -247,7 +253,7 @@ public async Task<List<string>> GetRoleNamesAsync()
         }
 
         /// <summary>
-        /// Retreives the metadata for the certificate
+        /// Retrieves the metadata for the certificate
         /// </summary>
         /// <param name="certSerial"></param>
         /// <returns></returns>
@@ -275,7 +281,7 @@ public async Task<MetadataResponse> GetCertMetadata(string certSerial)
             }
             catch (Exception ex)
             { 
-                logger.LogError($"an error occurred when attempting to retreive the certificate metadata: {ex.Message}");
+                logger.LogError($"an error occurred when attempting to retrieve the certificate metadata: {ex.Message}");
                 throw;
             }            
             finally { logger.MethodExit(); }
@@ -317,5 +323,7 @@ private static string ConvertSerialToTrackingId(string serialNumber)
 
             return serialNumber.Replace(":", "-");
         }
+
+        
     }
 }

hashicorp-vault-cagateway/Client/VaultHttp.cs

@@ -14,6 +14,7 @@
 using System.Collections.Generic;
 using System.Text.Json;
 using System.Text.Json.Serialization;
+using System.Threading;
 using System.Threading.Tasks;
 
 namespace Keyfactor.Extensions.CAPlugin.HashicorpVault.Client
@@ -36,12 +37,12 @@ public VaultHttp(string host, string mountPoint, string authToken, string nameSp
             _serializerOptions = new()
             {
                 DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingDefault,
-                RespectNullableAnnotations = true,
                 PropertyNameCaseInsensitive = true,
-                PreferredObjectCreationHandling = JsonObjectCreationHandling.Replace,
+                RespectNullableAnnotations = true,                
+                PreferredObjectCreationHandling = JsonObjectCreationHandling.Replace
             };
 
-            var restClientOptions = new RestClientOptions($"{host.TrimEnd('/')}/v1") { ThrowOnAnyError = true };
+            var restClientOptions = new RestClientOptions($"{host.TrimEnd('/')}/v1") { ThrowOnAnyError = true  };
             _restClient = new RestClient(restClientOptions, configureSerialization: s => s.UseSystemTextJson(_serializerOptions));
 
             _mountPoint = mountPoint.TrimStart('/').TrimEnd('/'); // remove leading and trailing slashes
@@ -69,19 +70,32 @@ public VaultHttp(string host, string mountPoint, string authToken, string nameSp
         public async Task<T> GetAsync<T>(string path, Dictionary<string, string> parameters = null)
         {
             logger.MethodEntry();
-            logger.LogTrace($"preparing to send GET request to {path} with parameters {JsonSerializer.Serialize(parameters)}");
-            logger.LogTrace($"will attempt to deserialize the response into a {typeof(T)}");
+            logger.LogTrace($"preparing to send GET request to {_mountPoint}/{path} with parameters {JsonSerializer.Serialize(parameters)}");
+            
             try
             {
                 var request = new RestRequest($"{_mountPoint}/{path}", Method.Get);
-                if (parameters != null) { request.AddJsonBody(parameters); }
+                if (parameters != null && parameters.Keys.Count > 0) { request.AddJsonBody(parameters); }
+                var response = await _restClient.ExecuteGetAsync(request);
+                
+                logger.LogTrace($"raw response: {JsonSerializer.Serialize(response)}");
+
+                logger.LogTrace($"response content: {response.Content}");
+
+                logger.LogTrace($"response status: {response.StatusCode}");
 
-                var response = await _restClient.ExecuteGetAsync<T>(request);
-                logger.LogTrace($"raw response: {response.Content}");
+                logger.LogTrace($"response error msg: {response.ErrorMessage}");
 
                 response.ThrowIfError();
+                if (string.IsNullOrEmpty(response.Content)) throw new Exception(response.ErrorMessage ?? "no content returned from Vault");
 
-                return response.Data;
+                logger.LogTrace($"deserializing the response into a {typeof(T)}");                               
+
+                var deserialized = JsonSerializer.Deserialize<T>(response.Content, _serializerOptions);
+
+                logger.LogTrace($"successfully deserialized the response");
+                
+                return deserialized;
             }
             catch (Exception ex)
             {
@@ -108,8 +122,8 @@ public async Task<T> PostAsync<T>(string path, dynamic parameters = default)
                 var request = new RestRequest(resourcePath, Method.Post);
                 if (parameters != null)
                 {
-                    string serializedParams = JsonSerializer.Serialize(parameters, _serializerOptions);
-                    logger.LogTrace($"serialized parameters (from {parameters.GetType()?.Name}): {serializedParams}");
+                    string serializedParams = JsonSerializer.Serialize(parameters);
+                    logger.LogTrace($"deserialized parameters (from {parameters.GetType()?.Name}): {serializedParams}");
                     request.AddJsonBody(serializedParams);
                 }
 
@@ -127,7 +141,7 @@ public async Task<T> PostAsync<T>(string path, dynamic parameters = default)
 
                 if (response.StatusCode == System.Net.HttpStatusCode.BadRequest)
                 {
-                    errorResponse = JsonSerializer.Deserialize<ErrorResponse>(response.Content!);
+                    errorResponse = JsonSerializer.Deserialize<ErrorResponse>(response.Content ?? "no content");
                     string allErrors = "(Bad Request)";
                     if (errorResponse?.Errors.Count > 0)
                     {