eduVPN /
vpn-server-api
| @@ 99-110 (lines=12) @@ | ||
| 96 | ||
| 97 | $service->post( |
|
| 98 | '/add_server_certificate', |
|
| 99 | function (Request $request, array $hookData) { |
|
| 100 | AuthUtils::requireUser($hookData, ['vpn-server-node']); |
|
| 101 | ||
| 102 | $commonName = InputValidation::serverCommonName($request->getPostParameter('common_name')); |
|
| 103 | ||
| 104 | $certInfo = $this->ca->serverCert($commonName); |
|
| 105 | // add TLS Auth |
|
| 106 | $certInfo['ta'] = $this->tlsAuth->get(); |
|
| 107 | $certInfo['ca'] = $this->ca->caCert(); |
|
| 108 | ||
| 109 | return new ApiResponse('add_server_certificate', $certInfo, 201); |
|
| 110 | } |
|
| 111 | ); |
|
| 112 | ||
| 113 | $service->post( |
|
| @@ 115-128 (lines=14) @@ | ||
| 112 | ||
| 113 | $service->post( |
|
| 114 | '/delete_client_certificate', |
|
| 115 | function (Request $request, array $hookData) { |
|
| 116 | AuthUtils::requireUser($hookData, ['vpn-user-portal']); |
|
| 117 | ||
| 118 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 119 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 120 | ||
| 121 | $this->storage->addUserMessage( |
|
| 122 | $certInfo['user_id'], |
|
| 123 | 'notification', |
|
| 124 | sprintf('certificate "%s" deleted by user', $certInfo['display_name']) |
|
| 125 | ); |
|
| 126 | ||
| 127 | return new ApiResponse('delete_client_certificate', $this->storage->deleteCertificate($commonName)); |
|
| 128 | } |
|
| 129 | ); |
|
| 130 | ||
| 131 | $service->post( |
|
| @@ 133-146 (lines=14) @@ | ||
| 130 | ||
| 131 | $service->post( |
|
| 132 | '/disable_client_certificate', |
|
| 133 | function (Request $request, array $hookData) { |
|
| 134 | AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']); |
|
| 135 | ||
| 136 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 137 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 138 | ||
| 139 | $this->storage->addUserMessage( |
|
| 140 | $certInfo['user_id'], |
|
| 141 | 'notification', |
|
| 142 | sprintf('certificate "%s" disabled by an administrator', $certInfo['display_name']) |
|
| 143 | ); |
|
| 144 | ||
| 145 | return new ApiResponse('disable_client_certificate', $this->storage->disableCertificate($commonName)); |
|
| 146 | } |
|
| 147 | ); |
|
| 148 | ||
| 149 | $service->post( |
|
| @@ 151-164 (lines=14) @@ | ||
| 148 | ||
| 149 | $service->post( |
|
| 150 | '/enable_client_certificate', |
|
| 151 | function (Request $request, array $hookData) { |
|
| 152 | AuthUtils::requireUser($hookData, ['vpn-admin-portal']); |
|
| 153 | ||
| 154 | $commonName = InputValidation::commonName($request->getPostParameter('common_name')); |
|
| 155 | $certInfo = $this->storage->getUserCertificateInfo($commonName); |
|
| 156 | ||
| 157 | $this->storage->addUserMessage( |
|
| 158 | $certInfo['user_id'], |
|
| 159 | 'notification', |
|
| 160 | sprintf('certificate "%s" enabled by an administrator', $certInfo['display_name']) |
|
| 161 | ); |
|
| 162 | ||
| 163 | return new ApiResponse('enable_client_certificate', $this->storage->enableCertificate($commonName)); |
|
| 164 | } |
|
| 165 | ); |
|
| 166 | ||
| 167 | $service->get( |
|
| @@ 139-149 (lines=11) @@ | ||
| 136 | ||
| 137 | $service->post( |
|
| 138 | '/delete_yubi_key_id', |
|
| 139 | function (Request $request, array $hookData) { |
|
| 140 | AuthUtils::requireUser($hookData, ['vpn-admin-portal']); |
|
| 141 | ||
| 142 | $userId = InputValidation::userId($request->getPostParameter('user_id')); |
|
| 143 | ||
| 144 | $yubiKeyId = $this->storage->getYubiKeyId($userId); |
|
| 145 | $this->storage->deleteYubiKeyId($userId); |
|
| 146 | $this->storage->addUserMessage($userId, 'notification', sprintf('YubiKey ID "%s" deleted', $yubiKeyId)); |
|
| 147 | ||
| 148 | return new ApiResponse('delete_yubi_key_id'); |
|
| 149 | } |
|
| 150 | ); |
|
| 151 | ||
| 152 | $service->post( |
|
