eduVPN /
vpn-server-api
| @@ 93-104 (lines=12) @@ | ||
| 90 | ||
| 91 | $service->post( |
|
| 92 | '/add_server_certificate', |
|
| 93 | function (Request $request, array $hookData) { |
|
| 94 | AuthUtils::requireUser($hookData, ['vpn-server-node']); |
|
| 95 | ||
| 96 | $commonName = InputValidation::serverCommonName($request->getPostParameter('common_name')); |
|
| 97 | ||
| 98 | $certInfo = $this->ca->serverCert($commonName); |
|
| 99 | // add TLS Auth |
|
| 100 | $certInfo['ta'] = $this->tlsAuth->get(); |
|
| 101 | $certInfo['ca'] = $this->ca->caCert(); |
|
| 102 | ||
| 103 | return new ApiResponse('add_server_certificate', $certInfo, 201); |
|
| 104 | } |
|
| 105 | ); |
|
| 106 | ||
| 107 | $service->post( |
|
| @@ 109-122 (lines=14) @@ | ||
| 106 | ||
| 107 | $service->post( |
|
| 108 | '/delete_client_certificate', |
|
| 109 | function (Request $request, array $hookData) { |
|
| 110 | AuthUtils::requireUser($hookData, ['vpn-user-portal']); |
|
| 111 | ||
| 112 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 113 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 114 | ||
| 115 | $this->storage->addUserMessage( |
|
| 116 | $certInfo['user_id'], |
|
| 117 | 'notification', |
|
| 118 | sprintf('certificate "%s" deleted by user', $certInfo['display_name']) |
|
| 119 | ); |
|
| 120 | ||
| 121 | return new ApiResponse('delete_client_certificate', $this->storage->deleteCertificate($commonName)); |
|
| 122 | } |
|
| 123 | ); |
|
| 124 | ||
| 125 | $service->post( |
|
| @@ 127-140 (lines=14) @@ | ||
| 124 | ||
| 125 | $service->post( |
|
| 126 | '/disable_client_certificate', |
|
| 127 | function (Request $request, array $hookData) { |
|
| 128 | AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']); |
|
| 129 | ||
| 130 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 131 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 132 | ||
| 133 | $this->storage->addUserMessage( |
|
| 134 | $certInfo['user_id'], |
|
| 135 | 'notification', |
|
| 136 | sprintf('certificate "%s" disabled by an administrator', $certInfo['display_name']) |
|
| 137 | ); |
|
| 138 | ||
| 139 | return new ApiResponse('disable_client_certificate', $this->storage->disableCertificate($commonName)); |
|
| 140 | } |
|
| 141 | ); |
|
| 142 | ||
| 143 | $service->post( |
|
| @@ 145-158 (lines=14) @@ | ||
| 142 | ||
| 143 | $service->post( |
|
| 144 | '/enable_client_certificate', |
|
| 145 | function (Request $request, array $hookData) { |
|
| 146 | AuthUtils::requireUser($hookData, ['vpn-admin-portal']); |
|
| 147 | ||
| 148 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 149 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 150 | ||
| 151 | $this->storage->addUserMessage( |
|
| 152 | $certInfo['user_id'], |
|
| 153 | 'notification', |
|
| 154 | sprintf('certificate "%s" enabled by an administrator', $certInfo['display_name']) |
|
| 155 | ); |
|
| 156 | ||
| 157 | return new ApiResponse('enable_client_certificate', $this->storage->enableCertificate($commonName)); |
|
| 158 | } |
|
| 159 | ); |
|
| 160 | ||
| 161 | $service->get( |
|
| @@ 147-157 (lines=11) @@ | ||
| 144 | ||
| 145 | $service->post( |
|
| 146 | '/delete_yubi_key_id', |
|
| 147 | function (Request $request, array $hookData) { |
|
| 148 | AuthUtils::requireUser($hookData, ['vpn-admin-portal']); |
|
| 149 | ||
| 150 | $userId = InputValidation::userId($request->getPostParameter('user_id')); |
|
| 151 | ||
| 152 | $yubiKeyId = $this->storage->getYubiKeyId($userId); |
|
| 153 | $this->storage->deleteYubiKeyId($userId); |
|
| 154 | $this->storage->addUserMessage($userId, 'notification', sprintf('YubiKey ID "%s" deleted', $yubiKeyId)); |
|
| 155 | ||
| 156 | return new ApiResponse('delete_yubi_key_id'); |
|
| 157 | } |
|
| 158 | ); |
|
| 159 | ||
| 160 | $service->post( |
|
