summaryrefslogtreecommitdiffstats
path: root/redfish-core/include
diff options
context:
space:
mode:
authorMarri Devender Rao <devenrao@in.ibm.com>2019-02-20 01:05:22 -0600
committerEd Tanous <ed.tanous@intel.com>2019-07-03 16:24:11 +0000
commit37cce918ede6489ab980712c243b526a30396ca4 (patch)
tree5874c52f670e2c4dbf6d2e2a6f9601bd39c2a1a1 /redfish-core/include
parent6913228d184308c9e848a5cf60ce9b8d2cb44aee (diff)
downloadbmcweb-37cce918ede6489ab980712c243b526a30396ca4.tar.gz
bmcweb-37cce918ede6489ab980712c243b526a30396ca4.zip
Redfish: Add support to upload/replace/view LDAP Certificate
Implements CertificateCollection schema to upload/list existing LDAP certificates Implements Certificate schema to view existing LDAP certificate Implements ReplaceCertificate action to replace existing LDAP certificate. Tested: 1. Tested schema with validator and no issues 2. Privilege map for certificate service is not yet pubished 3. POST on /redfish/v1/AccountService/LDAP/Certificates curl -c cjar -b cjar -k -H "X-Auth-Token: $bmc_token" -H "Content-Type: application/octet-stream" -X POST -T testcert.pem https://${bmc}/redfish/v1/AccountServie/LDAP/Certificates { "@odata.context": "/redfish/v1/$metadata#Certificate.Certificate", "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1", "@odata.type": "#Certificate.v1_0_0.Certificate", "CertificateString": "-----BEGIN CERTIFICATE---------END CERTIFICATE-----\n", "Description": "LDAP Certificate", "Id": "1", "Issuer": { "City": "SomeCity", "CommonName": "www.company.com", "Country": "US", "Organization": "MyCompany", "State": "VA", "organizationUnit": "MyDivision" }, "KeyUsage": [ "KeyAgreement", "ServerAuthentication" ], "Name": "LDAP Certificate", "Subject": { "City": "SomeCity", "CommonName": "www.company.com", "Organization": "MyCompany", "State": "VA", "organizationUnit": "MyDivision" }, "ValidNotAfter": "2029-03-14T02:11:02+00:00", "ValidNotBefore": "2019-03-17T02:11:02+00:00" } 4. GET on /redfish/v1/AccountService/LDAP/Certificates/ { "@odata.context": "/redfish/v1/$metadata#CertificateCollection.CertificateCollection", "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates", "@odata.type": "#CertificateCollection.CertificatesCollection", "Description": "A Collection of LDAP certificate instances", "Members": [ { "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1" } ], "Members@odata.count": 1, "Name": "LDAP Certificate Collection" } 5.GET on /redfish/v1/CertificateService/CertificateLocations/ { "@odata.context": "/redfish/v1/$metadata#CertificateLocations.CertificateLocations", "@odata.id": "/redfish/v1/CertificateService/CertificateLocations", "@odata.type": "#CertificateLocations.v1_0_0.CertificateLocations", "Description": "Defines a resource that an administrator can use in order to locate all certificates installed on a given service", "Id": "CertificateLocations", "Links": { "Certificates": [ { "@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1" }, { "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1" } ], "Certificates@odata.count": 2 }, "Name": "Certificate Locations" } 6.GET on /redfish/v1/AccountService/LDAP/Certificates/1 { "@odata.context": "/redfish/v1/$metadata#Certificate.Certificate", "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1", "@odata.type": "#Certificate.v1_0_0.Certificate", "CertificateString": "-----BEGINCERTIFICATE-----\n ... -----ENDCERTIFICATE-----\n", "CertificateType": "PEM", "Description": "LDAP Certificate", "Id": "1", "Issuer": { "CommonName": "localhost", "Organization": "openbmc-project.xyz" }, "KeyUsage": [], "Name": "LDAP Certificate", "Subject": { "CommonName": "localhost" } 7.Replace certificate POST on /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate/ { "@odata.context": "/redfish/v1/$metadata#Certificate.Certificate", "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1", "@odata.type": "#Certificate.v1_0_0.Certificate", ... } 8.GET on AccountService curl -k -H "X-Auth-Token: $bmc_token" -X GET https://${bmc}/redfish/v1/AccountService { "@odata.context": "/redfish/v1/$metadata#AccountService.AccountService", "@odata.id": "/redfish/v1/AccountService", "@odata.type": "#AccountService.v1_4_0.AccountService", "Id": "AccountService", "LDAP": { "AccountProviderType": "LDAPService", "Certificates": { "@odata.id": "/redfish/v1/AccountService/LDAP/Certificates" }, Change-Id: I056a4cea8b0377e156b660984857cdfadbfe1b2c Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Diffstat (limited to 'redfish-core/include')
-rw-r--r--redfish-core/include/redfish.hpp2
1 files changed, 2 insertions, 0 deletions
diff --git a/redfish-core/include/redfish.hpp b/redfish-core/include/redfish.hpp
index 36546c6..8cb9e01 100644
--- a/redfish-core/include/redfish.hpp
+++ b/redfish-core/include/redfish.hpp
@@ -126,6 +126,8 @@ class RedfishService
nodes.emplace_back(std::make_unique<CertificateLocations>(app));
nodes.emplace_back(std::make_unique<HTTPSCertificateCollection>(app));
nodes.emplace_back(std::make_unique<HTTPSCertificate>(app));
+ nodes.emplace_back(std::make_unique<LDAPCertificateCollection>(app));
+ nodes.emplace_back(std::make_unique<LDAPCertificate>(app));
for (const auto& node : nodes)
{
node->initPrivileges();
OpenPOWER on IntegriCloud