xref: /openbmc/phosphor-webui/app/access-control/controllers/certificate-controller.js (revision bb3714ef39f16f9329aefdf88d12aab1621fabea) 
1afc8a799Smiramurali23/**
2afc8a799Smiramurali23 * Controller for Certificate Management
3afc8a799Smiramurali23 *
4afc8a799Smiramurali23 * @module app/access-control
5afc8a799Smiramurali23 * @exports certificateController
6afc8a799Smiramurali23 * @name certificateController
7afc8a799Smiramurali23 */
8afc8a799Smiramurali23
9afc8a799Smiramurali23window.angular && (function(angular) {
10afc8a799Smiramurali23  'use strict';
11afc8a799Smiramurali23
12afc8a799Smiramurali23  angular.module('app.accessControl').controller('certificateController', [
13afc8a799Smiramurali23    '$scope', 'APIUtils', '$q', 'Constants', 'toastService',
14afc8a799Smiramurali23    function($scope, APIUtils, $q, Constants, toastService) {
15afc8a799Smiramurali23      $scope.loading = false;
16afc8a799Smiramurali23      $scope.certificates = [];
17afc8a799Smiramurali23      $scope.availableCertificateTypes = [];
18afc8a799Smiramurali23      $scope.allCertificateTypes = Constants.CERTIFICATE_TYPES;
19afc8a799Smiramurali23      $scope.addCertificateModal = false;
20afc8a799Smiramurali23      $scope.addCSRModal = false;
21afc8a799Smiramurali23      $scope.newCertificate = {};
22afc8a799Smiramurali23      $scope.newCSR = {};
23afc8a799Smiramurali23      $scope.submitted = false;
24afc8a799Smiramurali23      $scope.csrSubmitted = false;
25afc8a799Smiramurali23      $scope.csrCode = '';
26afc8a799Smiramurali23      $scope.displayCSRCode = false;
27afc8a799Smiramurali23      $scope.keyBitLength = Constants.CERTIFICATE.KEY_BIT_LENGTH;
28afc8a799Smiramurali23      $scope.keyPairAlgorithm = Constants.CERTIFICATE.KEY_PAIR_ALGORITHM;
29afc8a799Smiramurali23      $scope.keyCurveId = Constants.CERTIFICATE.KEY_CURVE_ID;
30afc8a799Smiramurali23      $scope.countryList = Constants.COUNTRIES;
31afc8a799Smiramurali23
32afc8a799Smiramurali23
33afc8a799Smiramurali23      $scope.$on('$viewContentLoaded', () => {
34afc8a799Smiramurali23        getBmcTime();
35afc8a799Smiramurali23      })
36afc8a799Smiramurali23
37afc8a799Smiramurali23      $scope.loadCertificates = function() {
38afc8a799Smiramurali23        $scope.certificates = [];
39afc8a799Smiramurali23        $scope.availableCertificateTypes = Constants.CERTIFICATE_TYPES;
40afc8a799Smiramurali23        $scope.loading = true;
41afc8a799Smiramurali23        // Use Certificate Service to get the locations of all the certificates,
42afc8a799Smiramurali23        // then add a promise for fetching each certificate
43afc8a799Smiramurali23        APIUtils.getCertificateLocations().then(
44afc8a799Smiramurali23            function(data) {
45afc8a799Smiramurali23              var promises = [];
46afc8a799Smiramurali23              var locations = data.Links.Certificates;
47afc8a799Smiramurali23              for (var i in locations) {
48afc8a799Smiramurali23                var location = locations[i];
49afc8a799Smiramurali23                promises.push(getCertificatePromise(location['@odata.id']));
50afc8a799Smiramurali23              }
51afc8a799Smiramurali23              $q.all(promises)
52afc8a799Smiramurali23                  .catch(function(error) {
53afc8a799Smiramurali23                    toastService.error('Failed to load certificates.');
54afc8a799Smiramurali23                    console.log(JSON.stringify(error));
55afc8a799Smiramurali23                  })
56afc8a799Smiramurali23                  .finally(function() {
57afc8a799Smiramurali23                    $scope.loading = false;
58afc8a799Smiramurali23                  });
59afc8a799Smiramurali23            },
60afc8a799Smiramurali23            function(error) {
61afc8a799Smiramurali23              $scope.loading = false;
62afc8a799Smiramurali23              $scope.availableCertificateTypes = [];
63afc8a799Smiramurali23              toastService.error('Failed to load certificates.');
64afc8a799Smiramurali23              console.log(JSON.stringify(error));
65afc8a799Smiramurali23            });
66afc8a799Smiramurali23      };
67afc8a799Smiramurali23
68afc8a799Smiramurali23      $scope.uploadCertificate = function() {
69afc8a799Smiramurali23        if ($scope.newCertificate.file.name.split('.').pop() !== 'pem') {
70afc8a799Smiramurali23          toastService.error('Certificate must be a .pem file.');
71afc8a799Smiramurali23          return;
72afc8a799Smiramurali23        }
73afc8a799Smiramurali23        $scope.addCertificateModal = false;
74afc8a799Smiramurali23        APIUtils
75afc8a799Smiramurali23            .addNewCertificate(
76afc8a799Smiramurali23                $scope.newCertificate.file, $scope.newCertificate.selectedType)
77afc8a799Smiramurali23            .then(
78afc8a799Smiramurali23                function(data) {
79afc8a799Smiramurali23                  toastService.success(
80afc8a799Smiramurali23                      $scope.newCertificate.selectedType.name +
81afc8a799Smiramurali23                      ' was uploaded.');
82afc8a799Smiramurali23                  $scope.newCertificate = {};
83afc8a799Smiramurali23                  $scope.loadCertificates();
84afc8a799Smiramurali23                },
85afc8a799Smiramurali23                function(error) {
86afc8a799Smiramurali23                  toastService.error(
87afc8a799Smiramurali23                      $scope.newCertificate.selectedType.name +
88afc8a799Smiramurali23                      ' failed upload.');
89afc8a799Smiramurali23                  console.log(JSON.stringify(error));
90afc8a799Smiramurali23                });
91afc8a799Smiramurali23      };
92afc8a799Smiramurali23
93afc8a799Smiramurali23      var getCertificatePromise = function(url) {
94afc8a799Smiramurali23        var promise = APIUtils.getCertificate(url).then(function(data) {
95afc8a799Smiramurali23          var certificate = data;
96afc8a799Smiramurali23          isExpiring(certificate);
97afc8a799Smiramurali23          updateAvailableTypes(certificate);
98afc8a799Smiramurali23          $scope.certificates.push(certificate);
99afc8a799Smiramurali23        });
100afc8a799Smiramurali23        return promise;
101afc8a799Smiramurali23      };
102afc8a799Smiramurali23
103afc8a799Smiramurali23      var isExpiring = function(certificate) {
104afc8a799Smiramurali23        // convert certificate time to epoch time
105afc8a799Smiramurali23        // if ValidNotAfter is less than or equal to 30 days from bmc time
106afc8a799Smiramurali23        // (2592000000), isExpiring. If less than or equal to 0, is expired.
107afc8a799Smiramurali23        // dividing bmc time by 1000 converts epoch milliseconds to seconds
108afc8a799Smiramurali23        var difference = (new Date(certificate.ValidNotAfter).getTime()) -
109afc8a799Smiramurali23            ($scope.bmcTime) / 1000;
110afc8a799Smiramurali23        if (difference <= 0) {
111afc8a799Smiramurali23          certificate.isExpired = true;
112afc8a799Smiramurali23        } else if (difference <= 2592000000) {
113afc8a799Smiramurali23          certificate.isExpiring = true;
114afc8a799Smiramurali23        } else {
115afc8a799Smiramurali23          certificate.isExpired = false;
116afc8a799Smiramurali23          certificate.isExpiring = false;
117afc8a799Smiramurali23        }
118afc8a799Smiramurali23      };
119afc8a799Smiramurali23
120afc8a799Smiramurali23      // add optional name
121afc8a799Smiramurali23      $scope.names = [];
122afc8a799Smiramurali23      $scope.addOptionalRow = function() {
123afc8a799Smiramurali23        $scope.names.push({Value: ''})
124afc8a799Smiramurali23      };
125afc8a799Smiramurali23
126afc8a799Smiramurali23      // remove optional name row
127afc8a799Smiramurali23      $scope.deleteOptionalRow = function(index) {
128afc8a799Smiramurali23        $scope.names.splice(index, 1);
129afc8a799Smiramurali23        if ($scope.names.length == 0) {
130afc8a799Smiramurali23          $scope.names = [];
131afc8a799Smiramurali23        }
132afc8a799Smiramurali23      };
133afc8a799Smiramurali23
134afc8a799Smiramurali23
135afc8a799Smiramurali23      // create a CSR object to send to the backend
136afc8a799Smiramurali23      $scope.getCSRCode = function() {
137afc8a799Smiramurali23        var addCSR = {};
138afc8a799Smiramurali23        let alternativeNames = $scope.names.map(name => name.Value);
139afc8a799Smiramurali23
140afc8a799Smiramurali23        // if user provided a first alternative name then push to alternative
141afc8a799Smiramurali23        // names array
142afc8a799Smiramurali23        $scope.newCSR.firstAlternativeName ?
143afc8a799Smiramurali23            alternativeNames.push($scope.newCSR.firstAlternativeName) :
144afc8a799Smiramurali23            $scope.newCSR.firstAlternativeName = '';
145afc8a799Smiramurali23
146afc8a799Smiramurali23
147afc8a799Smiramurali23        addCSR.CertificateCollection = {
148afc8a799Smiramurali23          '@odata.id': $scope.newCSR.certificateCollection.location
149afc8a799Smiramurali23        };
150afc8a799Smiramurali23        addCSR.CommonName = $scope.newCSR.commonName;
151afc8a799Smiramurali23        addCSR.ContactPerson = $scope.newCSR.contactPerson || '';
152afc8a799Smiramurali23        addCSR.City = $scope.newCSR.city;
153afc8a799Smiramurali23        addCSR.AlternativeNames = alternativeNames || [];
154afc8a799Smiramurali23        addCSR.ChallengePassword = $scope.newCSR.challengePassword || '';
155afc8a799Smiramurali23        addCSR.Email = $scope.newCSR.emailAddress || '';
156afc8a799Smiramurali23        addCSR.Country = $scope.newCSR.countryCode.code;
157afc8a799Smiramurali23        addCSR.Organization = $scope.newCSR.organization;
158afc8a799Smiramurali23        addCSR.OrganizationalUnit = $scope.newCSR.companyUnit;
159afc8a799Smiramurali23        addCSR.KeyCurveId = $scope.newCSR.keyCurveId || '';
160afc8a799Smiramurali23        addCSR.KeyBitLength = $scope.newCSR.keyBitLength
161afc8a799Smiramurali23        addCSR.KeyPairAlgorithm = $scope.newCSR.keyPairAlgorithm || '';
162afc8a799Smiramurali23        addCSR.State = $scope.newCSR.state;
163afc8a799Smiramurali23
164afc8a799Smiramurali23        APIUtils.createCSRCertificate(addCSR).then(
165afc8a799Smiramurali23            function(data) {
166afc8a799Smiramurali23              $scope.displayCSRCode = true;
167afc8a799Smiramurali23              $scope.csrCode = data;
168afc8a799Smiramurali23            },
169afc8a799Smiramurali23            function(error) {
170afc8a799Smiramurali23              $scope.addCSRModal = false;
171afc8a799Smiramurali23              toastService.error('Unable to generate CSR. Try again.');
172afc8a799Smiramurali23              console.log(JSON.stringify(error));
173afc8a799Smiramurali23            })
174afc8a799Smiramurali23      };
175afc8a799Smiramurali23
176afc8a799Smiramurali23      // resetting the modal when user clicks cancel/closes the
177afc8a799Smiramurali23      // modal
178afc8a799Smiramurali23      $scope.resetCSRModal = function() {
179afc8a799Smiramurali23        $scope.addCSRModal = false;
180afc8a799Smiramurali23        $scope.displayCSRCode = false;
181afc8a799Smiramurali23        $scope.newCSR.certificateCollection = $scope.selectOption;
182afc8a799Smiramurali23        $scope.newCSR.commonName = '';
183afc8a799Smiramurali23        $scope.newCSR.contactPerson = '';
184afc8a799Smiramurali23        $scope.newCSR.city = '';
185afc8a799Smiramurali23        $scope.names = [];
186afc8a799Smiramurali23        $scope.newCSR.challengePassword = '';
187afc8a799Smiramurali23        $scope.newCSR.emailAddress = '';
188afc8a799Smiramurali23        $scope.newCSR.countryCode = '';
189afc8a799Smiramurali23        $scope.newCSR.keyCurveId = '';
190afc8a799Smiramurali23        $scope.newCSR.firstAlternativeName = '';
191afc8a799Smiramurali23        $scope.newCSR.keyBitLength = $scope.selectOption;
192afc8a799Smiramurali23        $scope.newCSR.keyPairAlgorithm = $scope.selectOption;
193afc8a799Smiramurali23        $scope.newCSR.organization = '';
194afc8a799Smiramurali23        $scope.newCSR.companyUnit = '';
195afc8a799Smiramurali23        $scope.newCSR.state = '';
196afc8a799Smiramurali23      };
197afc8a799Smiramurali23
198afc8a799Smiramurali23      // copies the CSR code
199afc8a799Smiramurali23      $scope.copySuccess = function(event) {
200afc8a799Smiramurali23        $scope.copied = true;
201afc8a799Smiramurali23        $timeout(function() {
202afc8a799Smiramurali23          $scope.copied = false;
203afc8a799Smiramurali23        }, 5000);
204afc8a799Smiramurali23      };
205afc8a799Smiramurali23      $scope.copyFailed = function(err) {
206afc8a799Smiramurali23        console.log(JSON.stringify(err));
207afc8a799Smiramurali23      };
208afc8a799Smiramurali23
209afc8a799Smiramurali23
210afc8a799Smiramurali23      var getBmcTime = function() {
211afc8a799Smiramurali23        APIUtils.getBMCTime().then(function(data) {
212afc8a799Smiramurali23          $scope.bmcTime = data.data.Elapsed;
213afc8a799Smiramurali23        });
214afc8a799Smiramurali23
215afc8a799Smiramurali23        return $scope.bmcTime;
216afc8a799Smiramurali23      };
217afc8a799Smiramurali23
218afc8a799Smiramurali23      var updateAvailableTypes = function(certificate) {
219afc8a799Smiramurali23        $scope.availableCertificateTypes =
220afc8a799Smiramurali23            $scope.availableCertificateTypes.filter(function(type) {
221*bb3714efSZbigniew Kurzynski              if (type.Description == 'TrustStore Certificate') {
222*bb3714efSZbigniew Kurzynski                return true;
223*bb3714efSZbigniew Kurzynski              }
224afc8a799Smiramurali23              return type.Description !== certificate.Description;
225afc8a799Smiramurali23            });
226afc8a799Smiramurali23      };
227afc8a799Smiramurali23
228afc8a799Smiramurali23      $scope.getDays = function(endDate) {
229afc8a799Smiramurali23        // finds number of days until certificate expiration
230afc8a799Smiramurali23        // dividing bmc time by 1000 converts milliseconds to seconds
231afc8a799Smiramurali23        var ms = (new Date(endDate).getTime()) - ($scope.bmcTime) / 1000;
232afc8a799Smiramurali23        return Math.floor(ms / (24 * 60 * 60 * 1000));
233afc8a799Smiramurali23      };
234afc8a799Smiramurali23
235afc8a799Smiramurali23      $scope.loadCertificates();
236afc8a799Smiramurali23    }
237afc8a799Smiramurali23  ]);
238afc8a799Smiramurali23})(angular);
239