From 8e34a6c17c5f629a2632ca4149a807e205c9756c Mon Sep 17 00:00:00 2001 From: Ricardo Espinoza Date: Tue, 11 Oct 2022 08:55:49 -0400 Subject: [PATCH] feat(Citrix Node): add certificate install operation (#4308) :zap: Add install operation --- .../Citrix/ADC/CertificateDescription.ts | 149 +++++++++++++++++- .../nodes/Citrix/ADC/CitrixAdc.node.ts | 61 ++++++- 2 files changed, 204 insertions(+), 6 deletions(-) diff --git a/packages/nodes-base/nodes/Citrix/ADC/CertificateDescription.ts b/packages/nodes-base/nodes/Citrix/ADC/CertificateDescription.ts index fe17bfa73331d..74a46ec2283ad 100644 --- a/packages/nodes-base/nodes/Citrix/ADC/CertificateDescription.ts +++ b/packages/nodes-base/nodes/Citrix/ADC/CertificateDescription.ts @@ -12,6 +12,11 @@ export const certificateDescription: INodeProperties[] = [ value: 'create', action: 'Create a certificate', }, + { + name: 'Install', + value: 'install', + action: 'Install a certificate', + }, ], default: 'create', displayOptions: { @@ -20,6 +25,9 @@ export const certificateDescription: INodeProperties[] = [ }, }, }, + /* -------------------------------------------------------------------------- */ + /* certificate:create */ + /* -------------------------------------------------------------------------- */ { displayName: 'Certificate File Name', name: 'certificateFileName', @@ -221,7 +229,8 @@ export const certificateDescription: INodeProperties[] = [ }, }, default: '', - description: 'Serial number file maintained for the CA certificate. This file contains the serial number of the next certificate to be issued or signed by the CA.', + description: + 'Serial number file maintained for the CA certificate. This file contains the serial number of the next certificate to be issued or signed by the CA.', }, { displayName: 'Private Key Format', @@ -305,4 +314,142 @@ export const certificateDescription: INodeProperties[] = [ }, ], }, + /* -------------------------------------------------------------------------- */ + /* certificate:install */ + /* -------------------------------------------------------------------------- */ + { + displayName: 'Certificate-Key Pair Name', + name: 'certificateKeyPairName', + type: 'string', + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + }, + }, + default: '', + description: 'Name for the certificate and private-key pair', + }, + { + displayName: 'Certificate File Name', + name: 'certificateFileName', + type: 'string', + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + }, + }, + default: '', + description: 'Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. /nsconfig/ssl/ is the default path.', + }, + { + displayName: 'Private Key File Name', + name: 'privateKeyFileName', + type: 'string', + default: '', + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + }, + }, + description: 'Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. /nsconfig/ssl/ is the default path.', + }, + { + displayName: 'Certificate Format', + name: 'certificateFormat', + type: 'options', + options: [ + { + name: 'PEM', + value: 'PEM', + }, + { + name: 'DER', + value: 'DER', + }, + ], + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + }, + }, + default: 'PEM', + description: + 'Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange.', + }, + { + displayName: 'Password', + name: 'password', + type: 'string', + typeOptions: { + password: true, + }, + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + certificateFormat: ['PEM'], + }, + }, + default: '', + description: + 'Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange.', + }, + { + displayName: 'Notify When Expires', + name: 'notifyExpiration', + type: 'boolean', + required: true, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + }, + }, + default: false, + description: 'Whether to alert when the certificate is about to expire', + }, + { + displayName: 'Notification Period (Days)', + name: 'notificationPeriod', + type: 'number', + default: 10, + required: true, + typeOptions: { + minValue: 10, + maxValue: 100, + }, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + notifyExpiration: [true], + }, + }, + description: + 'Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire', + }, + { + displayName: 'Certificate Bundle', + name: 'certificateBundle', + type: 'boolean', + default: false, + displayOptions: { + show: { + resource: ['certificate'], + operation: ['install'], + certificateFormat: ['PEM'], + }, + }, + description: + "Whether to parse the certificate chain as a single file after linking the server certificate to its issuer's certificate within the file", + }, ]; diff --git a/packages/nodes-base/nodes/Citrix/ADC/CitrixAdc.node.ts b/packages/nodes-base/nodes/Citrix/ADC/CitrixAdc.node.ts index 6ae9bac31a9ff..b0fd71ee31116 100644 --- a/packages/nodes-base/nodes/Citrix/ADC/CitrixAdc.node.ts +++ b/packages/nodes-base/nodes/Citrix/ADC/CitrixAdc.node.ts @@ -172,12 +172,23 @@ export class CitrixAdc implements INodeType { ...body, keyfile: privateKeyFileName, }; - } else { - const caCertificateFileName = this.getNodeParameter('caCertificateFileName', i) as string; - const caCertificateFileFormat = this.getNodeParameter('caCertificateFileFormat', i) as string; - const caPrivateKeyFileFormat = this.getNodeParameter('caPrivateKeyFileFormat', i) as string; - const caPrivateKeyFileName = this.getNodeParameter('caPrivateKeyFileName', i) as string; + const caCertificateFileName = this.getNodeParameter( + 'caCertificateFileName', + i, + ) as string; + const caCertificateFileFormat = this.getNodeParameter( + 'caCertificateFileFormat', + i, + ) as string; + const caPrivateKeyFileFormat = this.getNodeParameter( + 'caPrivateKeyFileFormat', + i, + ) as string; + const caPrivateKeyFileName = this.getNodeParameter( + 'caPrivateKeyFileName', + i, + ) as string; const caSerialFileNumber = this.getNodeParameter('caSerialFileNumber', i) as string; body = { @@ -196,6 +207,46 @@ export class CitrixAdc implements INodeType { responseData = { success: true }; } + + if (operation === 'install') { + const certificateKeyPairName = this.getNodeParameter( + 'certificateKeyPairName', + i, + ) as string; + const certificateFileName = this.getNodeParameter('certificateFileName', i) as string; + const privateKeyFileName = this.getNodeParameter('privateKeyFileName', i) as string; + const certificateFormat = this.getNodeParameter('certificateFormat', i) as string; + const notifyExpiration = this.getNodeParameter('notifyExpiration', i) as boolean; + const body: IDataObject = { + cert: certificateFileName, + certkey: certificateKeyPairName, + key: privateKeyFileName, + inform: certificateFormat, + }; + + if (certificateFormat === 'PEM') { + const password = this.getNodeParameter('password', i) as string; + const certificateBundle = this.getNodeParameter('certificateBundle', i) as boolean; + Object.assign(body, { + passplain: password, + bundle: certificateBundle ? 'YES' : 'NO', + }); + } + + if (notifyExpiration) { + const notificationPeriod = this.getNodeParameter('notificationPeriod', i) as number; + Object.assign(body, { + expirymonitor: 'ENABLED', + notificationperiod: notificationPeriod, + }); + } + + const endpoint = `/config/sslcertkey`; + + await citrixADCApiRequest.call(this, 'POST', endpoint, { sslcertkey: body }); + + responseData = { success: true }; + } } returnData.push(