gsadmin/PSInfisicalAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

Merge pull request 'feat!(certificates): expose full /certificates/search filter surface on Get/Search-InfisicalCertificate' (#6) from dev into main

Browse Source 
Reviewed-on: #6
This commit was merged in pull request #6.
This commit is contained in:
gsadmin
2026-06-05 02:37:43 +00:00
parent 621cb87943 f4afbb6af4
commit ceea76255b
21 changed files with 155 additions and 222 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+12
View File
@@ -6,6 +6,18 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) loos
## Unreleased
## 2026.06.05.0215
- Build produced from commit 82f99ea7d4a4.
## Unreleased (carried forward)
## 2026.06.05.0205
- Build produced from commit 86968c18cb15.
## Unreleased (carried forward)
## 2026.06.05.0117
- Build produced from commit cffda99591c9.
Module/PSInfisicalAPI/PSInfisicalAPI.psd1
+2 -3
View File
@@ -1,6 +1,6 @@
@{
RootModule = 'PSInfisicalAPI.psm1'
ModuleVersion = '2026.06.05.0117'
ModuleVersion = '2026.06.05.0215'
GUID = 'b8a2f3d4-7c51-4d2f-9e6a-1f0c8b3d4e51'
Author = 'Grace Solutions'
CompanyName = 'Grace Solutions'
@@ -40,7 +40,6 @@
'Get-InfisicalCertificateProfile',
'Get-InfisicalCertificatePolicy',
'Get-InfisicalCertificate',
'Search-InfisicalCertificate',
'Request-InfisicalCertificate',
'ConvertTo-InfisicalCertificate',
'Install-InfisicalCertificate',
@@ -63,7 +62,7 @@
LicenseUri = 'https://www.gnu.org/licenses/agpl-3.0.html'
ProjectUri = 'https://prod.git.gracesolution.info/gsadmin/PSInfisicalAPI'
ReleaseNotes = 'See CHANGELOG.md in the project repository for release history.'
CommitHash = 'cffda99591c9'
CommitHash = '82f99ea7d4a4'
}
}
}
Module/PSInfisicalAPI/bin/PSInfisicalAPI.dll
BIN
View File
Binary file not shown.
Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml
+1 -45
View File
@@ -1060,7 +1060,7 @@ $GetInfisicalCertificateAuthorityResult = Get-InfisicalCertificateAuthority @Get
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>For advanced filtering (validity window, key algorithm, extended key usage, etc.) use Search-InfisicalCertificate instead. Single mode returns metadata only; to obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate. Accepts pipeline input by property name on -SerialNumber.</maml:para>
<maml:para>Single mode returns metadata only; to obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate. Accepts pipeline input by property name on -SerialNumber.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
@@ -1219,50 +1219,6 @@ $GetInfisicalCertificatePolicyResult = Get-InfisicalCertificatePolicy @GetInfisi
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Search-InfisicalCertificate</command:name>
<maml:description><maml:para>Searches Infisical certificates with advanced filters and automatic paging.</maml:para></maml:description>
<command:verb>Search</command:verb>
<command:noun>InfisicalCertificate</command:noun>
</command:details>
<maml:description>
<maml:para>Performs a server-side search across certificates with filters for friendly name, common name, free-text search, status, CA/profile/application/enrollment scope, key/signature algorithm, source, and validity window (-NotBeforeFrom/-NotBeforeTo/-NotAfterFrom/-NotAfterTo). Results are paged automatically unless -NoAutoPage is supplied. -ProjectId is required.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Use -SortBy together with -SortOrder ('asc'/'desc') to control result ordering. Pair with Get-InfisicalCertificate or Export-InfisicalCertificate to drill into specific hits.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>Search-InfisicalCertificate -Search $env:COMPUTERNAME -Status 'active'</dev:code>
<dev:remarks><maml:para>Finds active certificates whose searchable fields contain the local hostname.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
$SearchInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
$SearchInfisicalCertificateParameters.ProjectId = $ProjectId
$SearchInfisicalCertificateParameters.CommonName = $env:COMPUTERNAME
$SearchInfisicalCertificateParameters.Status = 'active'
$SearchInfisicalCertificateParameters.CaId = @($GetInfisicalCertificateAuthorityListResult.Id)
$SearchInfisicalCertificateParameters.KeyAlgorithm = @('RSA')
$SearchInfisicalCertificateParameters.NotAfterTo = (Get-Date).AddDays(30)
$SearchInfisicalCertificateParameters.SortBy = 'notAfter'
$SearchInfisicalCertificateParameters.SortOrder = 'asc'
$SearchInfisicalCertificateParameters.Limit = 100
$SearchInfisicalCertificateParameters.Verbose = $True
$SearchInfisicalCertificateResult = Search-InfisicalCertificate @SearchInfisicalCertificateParameters</dev:code>
<dev:remarks><maml:para>Searches for RSA certificates from a specific CA, scoped to the local hostname, that expire within the next 30 days, sorted soonest-first.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Request-InfisicalCertificate</command:name>
Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml
+1 -45
View File
@@ -1060,7 +1060,7 @@ $GetInfisicalCertificateAuthorityResult = Get-InfisicalCertificateAuthority @Get
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>For advanced filtering (validity window, key algorithm, extended key usage, etc.) use Search-InfisicalCertificate instead. Single mode returns metadata only; to obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate. Accepts pipeline input by property name on -SerialNumber.</maml:para>
<maml:para>Single mode returns metadata only; to obtain certificate and chain PEM material use ConvertTo-InfisicalCertificate or Export-InfisicalCertificate. Accepts pipeline input by property name on -SerialNumber.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
@@ -1219,50 +1219,6 @@ $GetInfisicalCertificatePolicyResult = Get-InfisicalCertificatePolicy @GetInfisi
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Search-InfisicalCertificate</command:name>
<maml:description><maml:para>Searches Infisical certificates with advanced filters and automatic paging.</maml:para></maml:description>
<command:verb>Search</command:verb>
<command:noun>InfisicalCertificate</command:noun>
</command:details>
<maml:description>
<maml:para>Performs a server-side search across certificates with filters for friendly name, common name, free-text search, status, CA/profile/application/enrollment scope, key/signature algorithm, source, and validity window (-NotBeforeFrom/-NotBeforeTo/-NotAfterFrom/-NotAfterTo). Results are paged automatically unless -NoAutoPage is supplied. -ProjectId is required.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Use -SortBy together with -SortOrder ('asc'/'desc') to control result ordering. Pair with Get-InfisicalCertificate or Export-InfisicalCertificate to drill into specific hits.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>Search-InfisicalCertificate -Search $env:COMPUTERNAME -Status 'active'</dev:code>
<dev:remarks><maml:para>Finds active certificates whose searchable fields contain the local hostname.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>$GetInfisicalCertificateAuthorityListResult = Get-InfisicalCertificateAuthority | Where-Object { $_.FriendlyName -eq 'Issuing CA - Platform' }
$SearchInfisicalCertificateParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
$SearchInfisicalCertificateParameters.ProjectId = $ProjectId
$SearchInfisicalCertificateParameters.CommonName = $env:COMPUTERNAME
$SearchInfisicalCertificateParameters.Status = 'active'
$SearchInfisicalCertificateParameters.CaId = @($GetInfisicalCertificateAuthorityListResult.Id)
$SearchInfisicalCertificateParameters.KeyAlgorithm = @('RSA')
$SearchInfisicalCertificateParameters.NotAfterTo = (Get-Date).AddDays(30)
$SearchInfisicalCertificateParameters.SortBy = 'notAfter'
$SearchInfisicalCertificateParameters.SortOrder = 'asc'
$SearchInfisicalCertificateParameters.Limit = 100
$SearchInfisicalCertificateParameters.Verbose = $True
$SearchInfisicalCertificateResult = Search-InfisicalCertificate @SearchInfisicalCertificateParameters</dev:code>
<dev:remarks><maml:para>Searches for RSA certificates from a specific CA, scoped to the local hostname, that expire within the next 30 days, sorted soonest-first.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Request-InfisicalCertificate</command:name>
README.md
-1
View File
@@ -90,7 +90,6 @@ The module exports 37 cmdlets. Discovery cmdlets (`Get-Infisical*`) use a `List`
| `Get-InfisicalCertificateAuthority` | Lists or retrieves Infisical internal Certificate Authorities. |
| `Get-InfisicalPkiSubscriber` | Lists or retrieves Infisical PKI subscribers in a project. |
| `Get-InfisicalCertificate` | Lists or retrieves Infisical certificates in a project, with optional filters and automatic paging. |
| `Search-InfisicalCertificate` | Searches Infisical certificates with advanced filters and automatic paging. |
| `Request-InfisicalCertificate` | Requests a new Infisical certificate (local CSR + sign) or reuses a still-valid existing one. |
| `ConvertTo-InfisicalCertificate` | Materializes an X509Certificate2 from an Infisical certificate record, bundle, or serial number. |
| `Install-InfisicalCertificate` | Installs an Infisical certificate (and optional chain) into a Windows certificate store. |
build.ps1
+1 -2
View File
@@ -134,7 +134,6 @@ function Write-Manifest {
'Get-InfisicalCertificateProfile',
'Get-InfisicalCertificatePolicy',
'Get-InfisicalCertificate',
'Search-InfisicalCertificate',
'Request-InfisicalCertificate',
'ConvertTo-InfisicalCertificate',
'Install-InfisicalCertificate',
@@ -210,7 +209,7 @@ if (`$cmds.Count -eq 0) {
throw "No cmdlets were exported by the PSInfisicalAPI module."
}
`$expectedCmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','Copy-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalCertificateAuthority','Get-InfisicalPkiSubscriber','Get-InfisicalCertificateProfile','Get-InfisicalCertificatePolicy','Get-InfisicalCertificate','Search-InfisicalCertificate','Request-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate','Get-InfisicalCertificateApplication','Get-InfisicalCertificateApplicationEnrollment','New-InfisicalScepDynamicChallenge','Get-InfisicalScepMdmProfile','Export-InfisicalScepMdmProfile','Write-InfisicalScepMdmProfileToWmi')
`$expectedCmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','Copy-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalCertificateAuthority','Get-InfisicalPkiSubscriber','Get-InfisicalCertificateProfile','Get-InfisicalCertificatePolicy','Get-InfisicalCertificate','Request-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate','Get-InfisicalCertificateApplication','Get-InfisicalCertificateApplicationEnrollment','New-InfisicalScepDynamicChallenge','Get-InfisicalScepMdmProfile','Export-InfisicalScepMdmProfile','Write-InfisicalScepMdmProfileToWmi')
foreach (`$expected in `$expectedCmds) {
if (-not (Get-Command -Name `$expected -Module PSInfisicalAPI -ErrorAction SilentlyContinue)) {
throw "Cmdlet not found: `$expected"
src/PSInfisicalAPI.Tests/PkiEndpointRegistryTests.cs
+21 -1
View File
@@ -61,11 +61,31 @@ namespace PSInfisicalAPI.Tests
Type cmdletType = ModuleAssembly.GetType("PSInfisicalAPI.Cmdlets.GetInfisicalCertificateCmdlet", true);
Assert.NotNull(cmdletType.GetProperty("CommonName"));
Assert.NotNull(cmdletType.GetProperty("FriendlyName"));
Assert.NotNull(cmdletType.GetProperty("Search"));
Assert.NotNull(cmdletType.GetProperty("Status"));
Assert.NotNull(cmdletType.GetProperty("CaId"));
Assert.NotNull(cmdletType.GetProperty("ProfileId"));
Assert.NotNull(cmdletType.GetProperty("ApplicationId"));
Assert.NotNull(cmdletType.GetProperty("ApplicationIds"));
Assert.NotNull(cmdletType.GetProperty("EnrollmentType"));
Assert.NotNull(cmdletType.GetProperty("ExtendedKeyUsage"));
Assert.NotNull(cmdletType.GetProperty("KeyAlgorithm"));
Assert.NotNull(cmdletType.GetProperty("SignatureAlgorithm"));
Assert.NotNull(cmdletType.GetProperty("KeySize"));
Assert.NotNull(cmdletType.GetProperty("Source"));
Assert.NotNull(cmdletType.GetProperty("FromDate"));
Assert.NotNull(cmdletType.GetProperty("ToDate"));
Assert.NotNull(cmdletType.GetProperty("NotAfterFrom"));
Assert.NotNull(cmdletType.GetProperty("NotAfterTo"));
Assert.NotNull(cmdletType.GetProperty("NotBeforeFrom"));
Assert.NotNull(cmdletType.GetProperty("NotBeforeTo"));
Assert.NotNull(cmdletType.GetProperty("Metadata"));
Assert.NotNull(cmdletType.GetProperty("ForPkiSync"));
Assert.NotNull(cmdletType.GetProperty("SortBy"));
Assert.NotNull(cmdletType.GetProperty("SortOrder"));
Assert.NotNull(cmdletType.GetProperty("Limit"));
Assert.NotNull(cmdletType.GetProperty("Offset"));
Assert.NotNull(cmdletType.GetProperty("NoAutoPage"));
Assert.NotNull(cmdletType.GetProperty("List"));
}
[Fact]
src/PSInfisicalAPI/Cmdlets/GetInfisicalCertificateCmdlet.cs
+61 -1
View File
@@ -1,4 +1,6 @@
using System;
using System.Collections;
using System.Collections.Generic;
using System.Management.Automation;
using PSInfisicalAPI.Connections;
using PSInfisicalAPI.Models;
@@ -14,12 +16,38 @@ namespace PSInfisicalAPI.Cmdlets
[Alias("Id", "Identifier")]
public string SerialNumber { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
[Parameter(ParameterSetName = "List", Mandatory = true)] public string ProjectId { get; set; }
[Parameter(ParameterSetName = "List")] public string CommonName { get; set; }
[Parameter(ParameterSetName = "List")] public string FriendlyName { get; set; }
[Parameter(ParameterSetName = "List")] public string Search { get; set; }
[Parameter(ParameterSetName = "List")] public string Status { get; set; }
[Parameter(ParameterSetName = "List")] public string[] CaId { get; set; }
[Parameter(ParameterSetName = "List")] public string[] ProfileId { get; set; }
[Parameter(ParameterSetName = "List")] public string ApplicationId { get; set; }
[Parameter(ParameterSetName = "List")] public string[] ApplicationIds { get; set; }
[Parameter(ParameterSetName = "List")] public string[] EnrollmentType { get; set; }
[Parameter(ParameterSetName = "List")] public string ExtendedKeyUsage { get; set; }
[Parameter(ParameterSetName = "List")] public string[] KeyAlgorithm { get; set; }
[Parameter(ParameterSetName = "List")] public string SignatureAlgorithm { get; set; }
[Parameter(ParameterSetName = "List")] public int[] KeySize { get; set; }
[Parameter(ParameterSetName = "List")] public string[] Source { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? FromDate { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? ToDate { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotAfterFrom { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotAfterTo { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotBeforeFrom { get; set; }
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotBeforeTo { get; set; }
[Parameter(ParameterSetName = "List")] public Hashtable Metadata { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter ForPkiSync { get; set; }
[Parameter(ParameterSetName = "List")]
[ValidateSet("notAfter", "notBefore", "createdAt", "commonName", "keyAlgorithm", "status")]
public string SortBy { get; set; }
[Parameter(ParameterSetName = "List")]
[ValidateSet("asc", "desc")]
public string SortOrder { get; set; }
[Parameter(ParameterSetName = "List")] public int? Limit { get; set; }
[Parameter(ParameterSetName = "List")] public int? Offset { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter NoAutoPage { get; set; }
@@ -47,8 +75,28 @@ namespace PSInfisicalAPI.Cmdlets
ProjectId = ProjectId,
CommonName = CommonName,
FriendlyName = FriendlyName,
Search = Search,
Status = Status,
CaIds = CaId,
ProfileIds = ProfileId,
ApplicationId = ApplicationId,
ApplicationIds = ApplicationIds,
EnrollmentTypes = EnrollmentType,
ExtendedKeyUsage = ExtendedKeyUsage,
KeyAlgorithm = KeyAlgorithm,
SignatureAlgorithm = SignatureAlgorithm,
KeySizes = KeySize,
Source = Source,
FromDate = FromDate,
ToDate = ToDate,
NotAfterFrom = NotAfterFrom,
NotAfterTo = NotAfterTo,
NotBeforeFrom = NotBeforeFrom,
NotBeforeTo = NotBeforeTo,
Metadata = ToStringDictionary(Metadata),
SortBy = SortBy,
SortOrder = SortOrder,
ForPkiSync = ForPkiSync.IsPresent ? (bool?)true : null,
Limit = Limit ?? 100,
Offset = Offset ?? 0
};
@@ -87,5 +135,17 @@ namespace PSInfisicalAPI.Cmdlets
ThrowTerminatingForException("GetInfisicalCertificateCmdlet", "GetCertificate", exception);
}
}
private static Dictionary<string, string> ToStringDictionary(Hashtable hashtable)
{
if (hashtable == null) { return null; }
Dictionary<string, string> result = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
foreach (DictionaryEntry entry in hashtable)
{
if (entry.Key == null) { continue; }
result[entry.Key.ToString()] = entry.Value != null ? entry.Value.ToString() : null;
}
return result;
}
}
}
src/PSInfisicalAPI/Cmdlets/GetInfisicalEnvironmentCmdlet.cs
-2
View File
@@ -16,8 +16,6 @@ namespace PSInfisicalAPI.Cmdlets
[Parameter(Mandatory = true)] public string ProjectId { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
protected override void ProcessRecord()
{
try
src/PSInfisicalAPI/Cmdlets/GetInfisicalFolderCmdlet.cs
-2
View File
@@ -18,8 +18,6 @@ namespace PSInfisicalAPI.Cmdlets
[Parameter(Mandatory = true)] public string Environment { get; set; }
[Parameter] public string Path { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
protected override void ProcessRecord()
{
try
src/PSInfisicalAPI/Cmdlets/GetInfisicalProjectCmdlet.cs
-2
View File
@@ -14,8 +14,6 @@ namespace PSInfisicalAPI.Cmdlets
[Alias("Id")]
public string ProjectId { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
[Parameter(ParameterSetName = "List")]
[ValidateSet("secret-manager", "cert-manager", "kms", "ssh", "secret-scanning", "pam", "ai")]
public string Type { get; set; }
src/PSInfisicalAPI/Cmdlets/GetInfisicalSecretCmdlet.cs
-1
View File
@@ -26,7 +26,6 @@ namespace PSInfisicalAPI.Cmdlets
[Parameter(ParameterSetName = "Single")] public int? Version { get; set; }
[Parameter(ParameterSetName = "Single")] public InfisicalSecretType Type { get; set; } = InfisicalSecretType.Shared;
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter Recursive { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter IncludePersonalOverrides { get; set; }
[Parameter(ParameterSetName = "List")] public Hashtable MetadataFilter { get; set; }
src/PSInfisicalAPI/Cmdlets/GetInfisicalTagCmdlet.cs
-2
View File
@@ -16,8 +16,6 @@ namespace PSInfisicalAPI.Cmdlets
[Parameter(Mandatory = true)] public string ProjectId { get; set; }
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
protected override void ProcessRecord()
{
try
src/PSInfisicalAPI/Cmdlets/SearchInfisicalCertificateCmdlet.cs
-111
View File
@@ -1,111 +0,0 @@
using System;
using System.Collections.Generic;
using System.Management.Automation;
using PSInfisicalAPI.Connections;
using PSInfisicalAPI.Models;
using PSInfisicalAPI.Pki;
namespace PSInfisicalAPI.Cmdlets
{
[Cmdlet(VerbsCommon.Search, "InfisicalCertificate")]
[OutputType(typeof(InfisicalCertificate))]
public sealed class SearchInfisicalCertificateCmdlet : InfisicalCmdletBase
{
[Parameter(Mandatory = true)] public string ProjectId { get; set; }
[Parameter] public string FriendlyName { get; set; }
[Parameter] public string CommonName { get; set; }
[Parameter] public string Search { get; set; }
[Parameter] public string Status { get; set; }
[Parameter] public string[] CaId { get; set; }
[Parameter] public string[] ProfileId { get; set; }
[Parameter] public string[] ApplicationId { get; set; }
[Parameter] public string[] EnrollmentType { get; set; }
[Parameter] public string ExtendedKeyUsage { get; set; }
[Parameter] public string[] KeyAlgorithm { get; set; }
[Parameter] public string SignatureAlgorithm { get; set; }
[Parameter] public string[] Source { get; set; }
[Parameter] public DateTimeOffset? NotAfterFrom { get; set; }
[Parameter] public DateTimeOffset? NotAfterTo { get; set; }
[Parameter] public DateTimeOffset? NotBeforeFrom { get; set; }
[Parameter] public DateTimeOffset? NotBeforeTo { get; set; }
[Parameter] public string SortBy { get; set; }
[Parameter] [ValidateSet("asc", "desc")] public string SortOrder { get; set; }
[Parameter] public int? Limit { get; set; }
[Parameter] public int? Offset { get; set; }
[Parameter] public SwitchParameter NoAutoPage { get; set; }
protected override void ProcessRecord()
{
try
{
InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
InfisicalCertificateSearchQuery query = BuildQuery(ProjectId);
int requestedLimit = query.Limit ?? 100;
query.Limit = requestedLimit;
query.Offset = query.Offset ?? 0;
int emitted = 0;
while (true)
{
InfisicalCertificateSearchResult page = client.SearchCertificates(connection, query);
if (page == null || page.Certificates == null || page.Certificates.Length == 0)
{
break;
}
foreach (InfisicalCertificate cert in page.Certificates)
{
WriteObject(cert);
emitted++;
}
if (NoAutoPage.IsPresent || page.Certificates.Length < requestedLimit)
{
break;
}
if (page.TotalCount > 0 && emitted >= page.TotalCount)
{
break;
}
query.Offset = (query.Offset ?? 0) + page.Certificates.Length;
}
}
catch (Exception exception)
{
ThrowTerminatingForException("SearchInfisicalCertificateCmdlet", "SearchCertificates", exception);
}
}
private InfisicalCertificateSearchQuery BuildQuery(string projectId)
{
return new InfisicalCertificateSearchQuery
{
ProjectId = projectId,
FriendlyName = FriendlyName,
CommonName = CommonName,
Search = Search,
Status = Status,
CaIds = CaId,
ProfileIds = ProfileId,
ApplicationIds = ApplicationId,
EnrollmentTypes = EnrollmentType,
ExtendedKeyUsage = ExtendedKeyUsage,
KeyAlgorithm = KeyAlgorithm,
SignatureAlgorithm = SignatureAlgorithm,
Source = Source,
NotAfterFrom = NotAfterFrom,
NotAfterTo = NotAfterTo,
NotBeforeFrom = NotBeforeFrom,
NotBeforeTo = NotBeforeTo,
SortBy = SortBy,
SortOrder = SortOrder,
Limit = Limit,
Offset = Offset
};
}
}
}
src/PSInfisicalAPI/Models/InfisicalCertificatePolicy.cs
+1 -1
View File
@@ -8,7 +8,7 @@ namespace PSInfisicalAPI.Models
public string ProjectId { get; set; }
public string Name { get; set; }
public string Description { get; set; }
public InfisicalCertificatePolicySubject Subject { get; set; }
public InfisicalCertificatePolicySubject[] Subject { get; set; }
public InfisicalCertificatePolicySan[] Sans { get; set; }
public InfisicalCertificatePolicyUsages KeyUsages { get; set; }
public InfisicalCertificatePolicyUsages ExtendedKeyUsages { get; set; }
src/PSInfisicalAPI/Pki/InfisicalCertificateDtos.cs
+9
View File
@@ -70,11 +70,13 @@ namespace PSInfisicalAPI.Pki
[JsonProperty("limit", NullValueHandling = NullValueHandling.Ignore)] public int? Limit { get; set; }
[JsonProperty("caIds", NullValueHandling = NullValueHandling.Ignore)] public string[] CaIds { get; set; }
[JsonProperty("profileIds", NullValueHandling = NullValueHandling.Ignore)] public string[] ProfileIds { get; set; }
[JsonProperty("applicationId", NullValueHandling = NullValueHandling.Ignore)] public string ApplicationId { get; set; }
[JsonProperty("applicationIds", NullValueHandling = NullValueHandling.Ignore)] public string[] ApplicationIds { get; set; }
[JsonProperty("enrollmentTypes", NullValueHandling = NullValueHandling.Ignore)] public string[] EnrollmentTypes { get; set; }
[JsonProperty("extendedKeyUsage", NullValueHandling = NullValueHandling.Ignore)] public string ExtendedKeyUsage { get; set; }
[JsonProperty("keyAlgorithm", NullValueHandling = NullValueHandling.Ignore)] public string[] KeyAlgorithm { get; set; }
[JsonProperty("signatureAlgorithm", NullValueHandling = NullValueHandling.Ignore)] public string SignatureAlgorithm { get; set; }
[JsonProperty("keySizes", NullValueHandling = NullValueHandling.Ignore)] public int[] KeySizes { get; set; }
[JsonProperty("source", NullValueHandling = NullValueHandling.Ignore)] public string[] Source { get; set; }
[JsonProperty("fromDate", NullValueHandling = NullValueHandling.Ignore)] public string FromDate { get; set; }
[JsonProperty("toDate", NullValueHandling = NullValueHandling.Ignore)] public string ToDate { get; set; }
@@ -82,11 +84,18 @@ namespace PSInfisicalAPI.Pki
[JsonProperty("notAfterTo", NullValueHandling = NullValueHandling.Ignore)] public string NotAfterTo { get; set; }
[JsonProperty("notBeforeFrom", NullValueHandling = NullValueHandling.Ignore)] public string NotBeforeFrom { get; set; }
[JsonProperty("notBeforeTo", NullValueHandling = NullValueHandling.Ignore)] public string NotBeforeTo { get; set; }
[JsonProperty("metadata", NullValueHandling = NullValueHandling.Ignore)] public InfisicalCertificateSearchMetadataEntryDto[] Metadata { get; set; }
[JsonProperty("sortBy", NullValueHandling = NullValueHandling.Ignore)] public string SortBy { get; set; }
[JsonProperty("sortOrder", NullValueHandling = NullValueHandling.Ignore)] public string SortOrder { get; set; }
[JsonProperty("forPkiSync", NullValueHandling = NullValueHandling.Ignore)] public bool? ForPkiSync { get; set; }
}
internal sealed class InfisicalCertificateSearchMetadataEntryDto
{
[JsonProperty("key")] public string Key { get; set; }
[JsonProperty("value", NullValueHandling = NullValueHandling.Ignore)] public string Value { get; set; }
}
internal sealed class InfisicalCertificateBundleResponseDto
{
[JsonProperty("serialNumber")] public string SerialNumber { get; set; }
src/PSInfisicalAPI/Pki/InfisicalCertificatePolicyDtos.cs
+1 -1
View File
@@ -10,7 +10,7 @@ namespace PSInfisicalAPI.Pki
[JsonProperty("projectId")] public string ProjectId { get; set; }
[JsonProperty("name")] public string Name { get; set; }
[JsonProperty("description")] public string Description { get; set; }
[JsonProperty("subject")] public InfisicalCertificatePolicySubjectDto Subject { get; set; }
[JsonProperty("subject")] public JToken SubjectRaw { get; set; }
[JsonProperty("sans")] public JToken SansRaw { get; set; }
[JsonProperty("keyUsages")] public InfisicalCertificatePolicyUsagesDto KeyUsages { get; set; }
[JsonProperty("extendedKeyUsages")] public InfisicalCertificatePolicyUsagesDto ExtendedKeyUsages { get; set; }
src/PSInfisicalAPI/Pki/InfisicalCertificatePolicyMapper.cs
+26 -2
View File
@@ -21,7 +21,7 @@ namespace PSInfisicalAPI.Pki
ProjectId = !string.IsNullOrEmpty(dto.ProjectId) ? dto.ProjectId : fallbackProjectId,
Name = dto.Name,
Description = dto.Description,
Subject = MapSubject(dto.Subject),
Subject = MapSubjects(dto.SubjectRaw),
Sans = MapSans(dto.SansRaw),
KeyUsages = MapUsages(dto.KeyUsages),
ExtendedKeyUsages = MapUsages(dto.ExtendedKeyUsages),
@@ -52,8 +52,32 @@ namespace PSInfisicalAPI.Pki
return results.ToArray();
}
private static InfisicalCertificatePolicySubject MapSubject(InfisicalCertificatePolicySubjectDto dto)
private static InfisicalCertificatePolicySubject[] MapSubjects(JToken token)
{
if (token == null || token.Type == JTokenType.Null) { return null; }
List<InfisicalCertificatePolicySubject> results = new List<InfisicalCertificatePolicySubject>();
if (token.Type == JTokenType.Array)
{
foreach (JToken child in (JArray)token)
{
InfisicalCertificatePolicySubject mapped = MapSubjectObject(child);
if (mapped != null) { results.Add(mapped); }
}
}
else if (token.Type == JTokenType.Object)
{
InfisicalCertificatePolicySubject mapped = MapSubjectObject(token);
if (mapped != null) { results.Add(mapped); }
}
return results.Count > 0 ? results.ToArray() : null;
}
private static InfisicalCertificatePolicySubject MapSubjectObject(JToken token)
{
if (token == null || token.Type != JTokenType.Object) { return null; }
InfisicalCertificatePolicySubjectDto dto = token.ToObject<InfisicalCertificatePolicySubjectDto>();
if (dto == null) { return null; }
return new InfisicalCertificatePolicySubject
{
src/PSInfisicalAPI/Pki/InfisicalCertificateSearchQuery.cs
+4
View File
@@ -1,4 +1,5 @@
using System;
using System.Collections.Generic;
namespace PSInfisicalAPI.Pki
{
@@ -13,11 +14,13 @@ namespace PSInfisicalAPI.Pki
public int? Limit { get; set; }
public string[] CaIds { get; set; }
public string[] ProfileIds { get; set; }
public string ApplicationId { get; set; }
public string[] ApplicationIds { get; set; }
public string[] EnrollmentTypes { get; set; }
public string ExtendedKeyUsage { get; set; }
public string[] KeyAlgorithm { get; set; }
public string SignatureAlgorithm { get; set; }
public int[] KeySizes { get; set; }
public string[] Source { get; set; }
public DateTimeOffset? FromDate { get; set; }
public DateTimeOffset? ToDate { get; set; }
@@ -25,6 +28,7 @@ namespace PSInfisicalAPI.Pki
public DateTimeOffset? NotAfterTo { get; set; }
public DateTimeOffset? NotBeforeFrom { get; set; }
public DateTimeOffset? NotBeforeTo { get; set; }
public IDictionary<string, string> Metadata { get; set; }
public string SortBy { get; set; }
public string SortOrder { get; set; }
public bool? ForPkiSync { get; set; }
src/PSInfisicalAPI/Pki/InfisicalPkiClient.cs
+15
View File
@@ -863,11 +863,13 @@ namespace PSInfisicalAPI.Pki
Limit = query.Limit,
CaIds = query.CaIds,
ProfileIds = query.ProfileIds,
ApplicationId = query.ApplicationId,
ApplicationIds = query.ApplicationIds,
EnrollmentTypes = query.EnrollmentTypes,
ExtendedKeyUsage = query.ExtendedKeyUsage,
KeyAlgorithm = query.KeyAlgorithm,
SignatureAlgorithm = query.SignatureAlgorithm,
KeySizes = query.KeySizes,
Source = query.Source,
FromDate = FormatTimestamp(query.FromDate),
ToDate = FormatTimestamp(query.ToDate),
@@ -875,12 +877,25 @@ namespace PSInfisicalAPI.Pki
NotAfterTo = FormatTimestamp(query.NotAfterTo),
NotBeforeFrom = FormatTimestamp(query.NotBeforeFrom),
NotBeforeTo = FormatTimestamp(query.NotBeforeTo),
Metadata = BuildMetadataEntries(query.Metadata),
SortBy = query.SortBy,
SortOrder = query.SortOrder,
ForPkiSync = query.ForPkiSync
};
}
private static InfisicalCertificateSearchMetadataEntryDto[] BuildMetadataEntries(IDictionary<string, string> source)
{
if (source == null || source.Count == 0) { return null; }
List<InfisicalCertificateSearchMetadataEntryDto> entries = new List<InfisicalCertificateSearchMetadataEntryDto>(source.Count);
foreach (KeyValuePair<string, string> pair in source)
{
if (string.IsNullOrEmpty(pair.Key)) { continue; }
entries.Add(new InfisicalCertificateSearchMetadataEntryDto { Key = pair.Key, Value = pair.Value });
}
return entries.Count == 0 ? null : entries.ToArray();
}
private static string FormatTimestamp(DateTimeOffset? value)
{
if (!value.HasValue) { return null; }