From c9917f0f624497c3f9eea9ee898dd87b16d02311 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9E=D0=BB=D0=B5=D0=B3=20=D0=91=D0=BE=D1=80=D0=BE=D0=B4?=
 =?UTF-8?q?=D0=B8=D0=BD?= <onborodin@basistech.ru>
Date: Sat, 14 Sep 2024 07:55:43 +0200
Subject: [PATCH] update

---
 cmd/certmanagerctl/account.go |  82 ++++++++++++++++++
 cmd/certmanagerctl/grant.go   |  49 +++++++++++
 cmd/certmanagerctl/issuer.go  | 154 ++++++++++++++++++++++++++++++++++
 cmd/certmanagerctl/service.go | 154 ++++++++++++++++++++++++++++++++++
 4 files changed, 439 insertions(+)
 create mode 100644 cmd/certmanagerctl/account.go
 create mode 100644 cmd/certmanagerctl/grant.go
 create mode 100644 cmd/certmanagerctl/issuer.go
 create mode 100644 cmd/certmanagerctl/service.go

diff --git a/cmd/certmanagerctl/account.go b/cmd/certmanagerctl/account.go
new file mode 100644
index 0000000..797d15a
--- /dev/null
+++ b/cmd/certmanagerctl/account.go
@@ -0,0 +1,82 @@
+package main
+
+import (
+	"context"
+
+	"certmanager/pkg/client"
+	"certmanager/pkg/cmctl"
+)
+
+func (util *Util) CreateAccount(ctx context.Context) (*cmctl.CreateAccountResult, error) {
+	var err error
+	res := &cmctl.CreateAccountResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.CreateAccountParams{
+		Username: util.username,
+		Password: util.password,
+	}
+	res, err = cli.CreateAccount(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) DeleteAccount(ctx context.Context) (*cmctl.DeleteAccountResult, error) {
+	var err error
+	res := &cmctl.DeleteAccountResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.DeleteAccountParams{
+		Username:  util.username,
+		AccountID: util.accountID,
+	}
+	res, err = cli.DeleteAccount(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) ListAccounts(ctx context.Context) (*cmctl.ListAccountsResult, error) {
+	var err error
+	res := &cmctl.ListAccountsResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.ListAccountsParams{}
+	res, err = cli.ListAccounts(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) UpdateAccount(ctx context.Context) (*cmctl.UpdateAccountResult, error) {
+	var err error
+	res := &cmctl.UpdateAccountResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.UpdateAccountParams{
+		Username:    util.username,
+		AccountID:   util.accountID,
+		NewUsername: util.newUsername,
+		NewPassword: util.newPassword,
+	}
+	res, err = cli.UpdateAccount(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
diff --git a/cmd/certmanagerctl/grant.go b/cmd/certmanagerctl/grant.go
new file mode 100644
index 0000000..529bfa2
--- /dev/null
+++ b/cmd/certmanagerctl/grant.go
@@ -0,0 +1,49 @@
+package main
+
+import (
+	"context"
+
+	"certmanager/pkg/client"
+	"certmanager/pkg/cmctl"
+)
+
+func (util *Util) SetGrant(ctx context.Context) (*cmctl.SetGrantResult, error) {
+	var err error
+	res := &cmctl.SetGrantResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.SetGrantParams{
+		Username:  util.username,
+		AccountID: util.accountID,
+		Operation: util.operation,
+	}
+	res, err = cli.SetGrant(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) DeleteGrant(ctx context.Context) (*cmctl.DeleteGrantResult, error) {
+	var err error
+	res := &cmctl.DeleteGrantResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.DeleteGrantParams{
+		Username:  util.username,
+		AccountID: util.accountID,
+		Operation: util.operation,
+	}
+	res, err = cli.DeleteGrant(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
diff --git a/cmd/certmanagerctl/issuer.go b/cmd/certmanagerctl/issuer.go
new file mode 100644
index 0000000..7747877
--- /dev/null
+++ b/cmd/certmanagerctl/issuer.go
@@ -0,0 +1,154 @@
+package main
+
+import (
+	"context"
+	"encoding/base64"
+	"os"
+
+	"certmanager/pkg/client"
+	"certmanager/pkg/cmctl"
+)
+
+func (util *Util) CreateIssuerPair(ctx context.Context) (*cmctl.CreateIssuerPairResult, error) {
+	var err error
+	res := &cmctl.CreateIssuerPairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.CreateIssuerPairParams{
+		IssuerOrganizationName:       util.issuerOrganizationName,
+		IssuerOrganizationalUnitName: util.issuerOrganizationalUnitName,
+		IssuerCommonName:             util.issuerCommonName,
+		SignerID:                     util.signerID,
+		EncodingKey:                  util.encodingKey,
+	}
+	res, err = cli.CreateIssuerPair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	certPEM, err := base64.StdEncoding.DecodeString(res.Certificate)
+	if err != nil {
+		return res, err
+	}
+	res.Certificate = string(certPEM)
+	for i, cert := range res.SignerCertificates {
+		caPEM, err := base64.StdEncoding.DecodeString(cert)
+		if err != nil {
+			return res, err
+		}
+		res.SignerCertificates[i] = string(caPEM)
+	}
+	return res, err
+}
+
+func (util *Util) ImportIssuerPair(ctx context.Context) (*cmctl.ImportIssuerPairResult, error) {
+	var err error
+	res := &cmctl.ImportIssuerPairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	certBytes, err := os.ReadFile(util.certFilename)
+	if err != nil {
+		return res, err
+	}
+	cert := base64.StdEncoding.EncodeToString(certBytes)
+	keyBytes, err := os.ReadFile(util.certFilename)
+	if err != nil {
+		return res, err
+	}
+	key := base64.StdEncoding.EncodeToString(keyBytes)
+
+	params := &cmctl.ImportIssuerPairParams{
+		Certificate: cert,
+		Key:         key,
+	}
+	res, err = cli.ImportIssuerPair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) RevokeIssuerPair(ctx context.Context) (*cmctl.RevokeIssuerPairResult, error) {
+	var err error
+	res := &cmctl.RevokeIssuerPairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.RevokeIssuerPairParams{
+		IssuerID:   util.issuerID,
+		IssuerName: util.issuerName,
+	}
+	res, err = cli.RevokeIssuerPair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) UnrevokeIssuerPair(ctx context.Context) (*cmctl.UnrevokeIssuerPairResult, error) {
+	var err error
+	res := &cmctl.UnrevokeIssuerPairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.UnrevokeIssuerPairParams{
+		IssuerID:   util.issuerID,
+		IssuerName: util.issuerName,
+	}
+	res, err = cli.UnrevokeIssuerPair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) ListIssuerPairs(ctx context.Context) (*cmctl.ListIssuerPairsResult, error) {
+	var err error
+	res := &cmctl.ListIssuerPairsResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.ListIssuerPairsParams{}
+	res, err = cli.ListIssuerPairs(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) GetIssuerCertificate(ctx context.Context) (*cmctl.GetIssuerCertificateResult, error) {
+	var err error
+	res := &cmctl.GetIssuerCertificateResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.GetIssuerCertificateParams{
+		IssuerID:    util.issuerID,
+		IssuerName:  util.issuerName,
+		EncodingKey: util.encodingKey,
+	}
+	res, err = cli.GetIssuerCertificate(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	certPEM, err := base64.StdEncoding.DecodeString(res.Certificate)
+	if err != nil {
+		return res, err
+	}
+	res.Certificate = string(certPEM)
+	for i, cert := range res.SignerCertificates {
+		caPEM, err := base64.StdEncoding.DecodeString(cert)
+		if err != nil {
+			return res, err
+		}
+		res.SignerCertificates[i] = string(caPEM)
+	}
+	return res, err
+}
diff --git a/cmd/certmanagerctl/service.go b/cmd/certmanagerctl/service.go
new file mode 100644
index 0000000..ab3b6ff
--- /dev/null
+++ b/cmd/certmanagerctl/service.go
@@ -0,0 +1,154 @@
+package main
+
+import (
+	"context"
+	"encoding/base64"
+	"strings"
+
+	"certmanager/pkg/client"
+	"certmanager/pkg/cmctl"
+)
+
+func (util *Util) CreateServicePair(ctx context.Context) (*cmctl.CreateServicePairResult, error) {
+	var err error
+	res := &cmctl.CreateServicePairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	inetAddresses := make([]string, 0)
+	hostnames := make([]string, 0)
+	if util.ipAdressesList != "" {
+		inetAddresses = strings.Split(util.ipAdressesList, ",")
+	}
+	if util.hostnameList != "" {
+		hostnames = strings.Split(util.hostnameList, ",")
+	}
+	params := &cmctl.CreateServicePairParams{
+		IssuerName:                    util.issuerName,
+		IssuerID:                      util.issuerID,
+		ServiceOrganizationName:       util.serviceOrganizationName,
+		ServiceOrganizationalUnitName: util.serviceOrganizationalUnitName,
+		ServiceCommonName:             util.serviceCommonName,
+		InetAddresses:                 inetAddresses,
+		Hostnames:                     hostnames,
+	}
+	res, err = cli.CreateServicePair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	certPEM, err := base64.StdEncoding.DecodeString(res.Certificate)
+	if err != nil {
+		return res, err
+	}
+	res.Certificate = string(certPEM)
+	keyPEM, err := base64.StdEncoding.DecodeString(res.Key)
+	if err != nil {
+		return res, err
+	}
+	res.Key = string(keyPEM)
+	caPEM, err := base64.StdEncoding.DecodeString(res.IssuerCertificate)
+	if err != nil {
+		return res, err
+	}
+	res.IssuerCertificate = string(caPEM)
+	for i, cert := range res.IssuerCertificates {
+		caPEM, err := base64.StdEncoding.DecodeString(cert)
+		if err != nil {
+			return res, err
+		}
+		res.IssuerCertificates[i] = string(caPEM)
+	}
+	return res, err
+}
+
+func (util *Util) RevokeServicePair(ctx context.Context) (*cmctl.RevokeServicePairResult, error) {
+	var err error
+	res := &cmctl.RevokeServicePairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.RevokeServicePairParams{
+		ServiceName: util.serviceName,
+		ServiceID:   util.serviceID,
+	}
+	res, err = cli.RevokeServicePair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) UnrevokeServicePair(ctx context.Context) (*cmctl.UnrevokeServicePairResult, error) {
+	var err error
+	res := &cmctl.UnrevokeServicePairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.UnrevokeServicePairParams{
+		ServiceName: util.serviceName,
+		ServiceID:   util.serviceID,
+	}
+	res, err = cli.UnrevokeServicePair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) ListServicePairs(ctx context.Context) (*cmctl.ListServicePairsResult, error) {
+	var err error
+	res := &cmctl.ListServicePairsResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.ListServicePairsParams{}
+	res, err = cli.ListServicePairs(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (util *Util) GetServicePair(ctx context.Context) (*cmctl.GetServicePairResult, error) {
+	var err error
+	res := &cmctl.GetServicePairResult{}
+	cli, err := client.NewClient(&util.access)
+	if err != nil {
+		return res, err
+	}
+	params := &cmctl.GetServicePairParams{
+		ServiceID:   util.serviceID,
+		ServiceName: util.serviceName,
+	}
+	res, err = cli.GetServicePair(ctx, params)
+	if err != nil {
+		return res, err
+	}
+	certPEM, err := base64.StdEncoding.DecodeString(res.Certificate)
+	if err != nil {
+		return res, err
+	}
+	res.Certificate = string(certPEM)
+	keyPEM, err := base64.StdEncoding.DecodeString(res.Key)
+	if err != nil {
+		return res, err
+	}
+	res.Key = string(keyPEM)
+	caPEM, err := base64.StdEncoding.DecodeString(res.IssuerCertificate)
+	if err != nil {
+		return res, err
+	}
+	res.IssuerCertificate = string(caPEM)
+	for i, cert := range res.IssuerCertificates {
+		caPEM, err := base64.StdEncoding.DecodeString(cert)
+		if err != nil {
+			return res, err
+		}
+		res.IssuerCertificates[i] = string(caPEM)
+	}
+	return res, err
+}