GraceSolutions
bdec5aa6ec
Get-InfisicalCertificate and Search-InfisicalCertificate now expose every
filter accepted by POST /api/v1/projects/{projectId}/certificates/search:
ADDED parameters (both cmdlets)
- -Search free-text search across SAN/CN/cert id/serial
- -ProfileId profile id array filter (Get- only previously missing)
- -ApplicationId single application id (new on both)
- -ApplicationIds application id array (renamed from old -ApplicationId)
- -EnrollmentType api|est|acme|scep filter
- -ExtendedKeyUsage e.g. codeSigning, serverAuth
- -KeyAlgorithm e.g. RSA_2048, EC_prime256v1 (string[])
- -SignatureAlgorithm e.g. RSA-SHA256, ECDSA-SHA256
- -KeySize int[] key sizes in bits (e.g. 2048,4096)
- -Source issued|discovered|imported
- -FromDate / -ToDate created-at window
- -NotAfterFrom/-NotAfterTo/-NotBeforeFrom/-NotBeforeTo
- -Metadata <Hashtable> serialized as [{key,value}] entries
- -ForPkiSync switch -> forPkiSync=true
- -SortBy ValidateSet: notAfter, notBefore, createdAt,
commonName, keyAlgorithm, status
- -SortOrder ValidateSet: asc, desc
INTERNAL
- InfisicalCertificateSearchQuery gains ApplicationId, KeySizes, Metadata.
- InfisicalCertificateSearchRequestDto gains applicationId, keySizes,
metadata (new InfisicalCertificateSearchMetadataEntryDto with key/value).
- BuildSearchRequest maps the new fields; BuildMetadataEntries converts
Dictionary<string,string> into the API's [{key,value}] array shape.
BREAKING
- Search-InfisicalCertificate's -ApplicationId changed from string[] to
string. Callers passing an array must switch to -ApplicationIds.
TESTS
- PkiEndpointRegistryTests.GetInfisicalCertificate_Cmdlet_Exposes_List_Filter_Properties
extended to assert all 27 List-set parameters are present.
- 216/216 tests passing.
153 lines
7.1 KiB
C#
153 lines
7.1 KiB
C#
using System;
|
|
using System.Collections;
|
|
using System.Collections.Generic;
|
|
using System.Management.Automation;
|
|
using PSInfisicalAPI.Connections;
|
|
using PSInfisicalAPI.Models;
|
|
using PSInfisicalAPI.Pki;
|
|
|
|
namespace PSInfisicalAPI.Cmdlets
|
|
{
|
|
[Cmdlet(VerbsCommon.Get, "InfisicalCertificate", DefaultParameterSetName = "List")]
|
|
[OutputType(typeof(InfisicalCertificate))]
|
|
public sealed class GetInfisicalCertificateCmdlet : InfisicalCmdletBase
|
|
{
|
|
[Parameter(ParameterSetName = "Single", Mandatory = true, Position = 0, ValueFromPipelineByPropertyName = true)]
|
|
[Alias("Id", "Identifier")]
|
|
public string SerialNumber { get; set; }
|
|
|
|
[Parameter(ParameterSetName = "List")] public SwitchParameter List { get; set; }
|
|
[Parameter(ParameterSetName = "List", Mandatory = true)] public string ProjectId { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string CommonName { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string FriendlyName { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string Search { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string Status { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] CaId { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] ProfileId { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string ApplicationId { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] ApplicationIds { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] EnrollmentType { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string ExtendedKeyUsage { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] KeyAlgorithm { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string SignatureAlgorithm { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public int[] KeySize { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public string[] Source { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? FromDate { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? ToDate { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotAfterFrom { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotAfterTo { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotBeforeFrom { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public DateTimeOffset? NotBeforeTo { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public Hashtable Metadata { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public SwitchParameter ForPkiSync { get; set; }
|
|
|
|
[Parameter(ParameterSetName = "List")]
|
|
[ValidateSet("notAfter", "notBefore", "createdAt", "commonName", "keyAlgorithm", "status")]
|
|
public string SortBy { get; set; }
|
|
|
|
[Parameter(ParameterSetName = "List")]
|
|
[ValidateSet("asc", "desc")]
|
|
public string SortOrder { get; set; }
|
|
|
|
[Parameter(ParameterSetName = "List")] public int? Limit { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public int? Offset { get; set; }
|
|
[Parameter(ParameterSetName = "List")] public SwitchParameter NoAutoPage { get; set; }
|
|
|
|
protected override void ProcessRecord()
|
|
{
|
|
try
|
|
{
|
|
InfisicalConnection connection = InfisicalSessionManager.RequireCurrent();
|
|
InfisicalPkiClient client = new InfisicalPkiClient(HttpClient, Logger);
|
|
|
|
if (string.Equals(ParameterSetName, "Single", StringComparison.Ordinal))
|
|
{
|
|
InfisicalCertificate cert = client.RetrieveCertificate(connection, SerialNumber);
|
|
if (cert != null)
|
|
{
|
|
WriteObject(cert);
|
|
}
|
|
|
|
return;
|
|
}
|
|
|
|
InfisicalCertificateSearchQuery query = new InfisicalCertificateSearchQuery
|
|
{
|
|
ProjectId = ProjectId,
|
|
CommonName = CommonName,
|
|
FriendlyName = FriendlyName,
|
|
Search = Search,
|
|
Status = Status,
|
|
CaIds = CaId,
|
|
ProfileIds = ProfileId,
|
|
ApplicationId = ApplicationId,
|
|
ApplicationIds = ApplicationIds,
|
|
EnrollmentTypes = EnrollmentType,
|
|
ExtendedKeyUsage = ExtendedKeyUsage,
|
|
KeyAlgorithm = KeyAlgorithm,
|
|
SignatureAlgorithm = SignatureAlgorithm,
|
|
KeySizes = KeySize,
|
|
Source = Source,
|
|
FromDate = FromDate,
|
|
ToDate = ToDate,
|
|
NotAfterFrom = NotAfterFrom,
|
|
NotAfterTo = NotAfterTo,
|
|
NotBeforeFrom = NotBeforeFrom,
|
|
NotBeforeTo = NotBeforeTo,
|
|
Metadata = ToStringDictionary(Metadata),
|
|
SortBy = SortBy,
|
|
SortOrder = SortOrder,
|
|
ForPkiSync = ForPkiSync.IsPresent ? (bool?)true : null,
|
|
Limit = Limit ?? 100,
|
|
Offset = Offset ?? 0
|
|
};
|
|
|
|
int requestedLimit = query.Limit ?? 100;
|
|
int emitted = 0;
|
|
while (true)
|
|
{
|
|
InfisicalCertificateSearchResult page = client.SearchCertificates(connection, query);
|
|
if (page == null || page.Certificates == null || page.Certificates.Length == 0)
|
|
{
|
|
break;
|
|
}
|
|
|
|
foreach (InfisicalCertificate cert in page.Certificates)
|
|
{
|
|
WriteObject(cert);
|
|
emitted++;
|
|
}
|
|
|
|
if (NoAutoPage.IsPresent || page.Certificates.Length < requestedLimit)
|
|
{
|
|
break;
|
|
}
|
|
|
|
if (page.TotalCount > 0 && emitted >= page.TotalCount)
|
|
{
|
|
break;
|
|
}
|
|
|
|
query.Offset = (query.Offset ?? 0) + page.Certificates.Length;
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
ThrowTerminatingForException("GetInfisicalCertificateCmdlet", "GetCertificate", exception);
|
|
}
|
|
}
|
|
|
|
private static Dictionary<string, string> ToStringDictionary(Hashtable hashtable)
|
|
{
|
|
if (hashtable == null) { return null; }
|
|
Dictionary<string, string> result = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
|
|
foreach (DictionaryEntry entry in hashtable)
|
|
{
|
|
if (entry.Key == null) { continue; }
|
|
result[entry.Key.ToString()] = entry.Value != null ? entry.Value.ToString() : null;
|
|
}
|
|
return result;
|
|
}
|
|
}
|
|
}
|