From 1a66bfb2d663739cd48a654ddbef6b66f62aca5b Mon Sep 17 00:00:00 2001 From: Bob Pokorny Date: Wed, 22 Mar 2023 04:21:34 +0000 Subject: [PATCH 1/3] Created custom Configuration Property Parser so not to display or log passwords. --- CHANGELOG.md | 1 + IISU/ClientPSIIManager.cs | 6 +- IISU/ImplementedStoreTypes/Win/Inventory.cs | 2 +- IISU/ImplementedStoreTypes/Win/Management.cs | 8 +- .../ImplementedStoreTypes/WinIIS/Inventory.cs | 4 +- .../WinIIS/Management.cs | 2 +- IISU/JobConfigurationParser.cs | 165 ++++++++++++++++++ IISU/Models/JobProperties.cs | 8 + 8 files changed, 187 insertions(+), 9 deletions(-) create mode 100644 IISU/JobConfigurationParser.cs diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f3d48b..99060a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ * Added PAM registration/initialization documentation in README.md * Resolved Null HostName error * Added WinCert Cert Store Type +* Added custom property parser to not show any passwords 2.0.0 * Add support for reenrollment jobs (On Device Key Generation) with the ability to specify a cryptographic provider. Specification of cryptographic provider allows HSM (Hardware Security Module) use. diff --git a/IISU/ClientPSIIManager.cs b/IISU/ClientPSIIManager.cs index a322211..4b03965 100644 --- a/IISU/ClientPSIIManager.cs +++ b/IISU/ClientPSIIManager.cs @@ -50,8 +50,8 @@ internal class ClientPSIIManager private long JobHistoryID { get; set; } - private ILogger _logger; - private Runspace _runSpace; + private readonly ILogger _logger; + private readonly Runspace _runSpace; private PowerShell ps; @@ -119,7 +119,7 @@ public ClientPSIIManager(ManagementJobConfiguration config, string serverUsernam Port = config.JobProperties["Port"].ToString(); HostName = config.JobProperties["HostName"]?.ToString(); Protocol = config.JobProperties["Protocol"].ToString(); - SniFlag = config.JobProperties["SniFlag"].ToString()?.Substring(0, 1); + SniFlag = config.JobProperties["SniFlag"].ToString()?[..1]; IPAddress = config.JobProperties["IPAddress"].ToString(); PrivateKeyPassword = ""; // A reenrollment does not have a PFX Password diff --git a/IISU/ImplementedStoreTypes/Win/Inventory.cs b/IISU/ImplementedStoreTypes/Win/Inventory.cs index 44c0ef4..944ceb9 100644 --- a/IISU/ImplementedStoreTypes/Win/Inventory.cs +++ b/IISU/ImplementedStoreTypes/Win/Inventory.cs @@ -55,7 +55,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven { var inventoryItems = new List(); - _logger.LogTrace($"Job Configuration: {JsonConvert.SerializeObject(config)}"); + _logger.LogTrace(JobConfigurationParser.ParseInventoryJobConfiguration(config)); string serverUserName = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server UserName", config.ServerUsername); string serverPassword = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server Password", config.ServerPassword); diff --git a/IISU/ImplementedStoreTypes/Win/Management.cs b/IISU/ImplementedStoreTypes/Win/Management.cs index d7eddfa..3ed8203 100644 --- a/IISU/ImplementedStoreTypes/Win/Management.cs +++ b/IISU/ImplementedStoreTypes/Win/Management.cs @@ -47,11 +47,13 @@ public Management(IPAMSecretResolver resolver) public JobResult ProcessJob(ManagementJobConfiguration config) { - _logger = LogHandler.GetClassLogger(); - _logger.MethodEntry(); - try { + _logger = LogHandler.GetClassLogger(); + _logger.MethodEntry(); + + _logger.LogTrace(JobConfigurationParser.ParseManagementJobConfiguration(config)); + string serverUserName = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server UserName", config.ServerUsername); string serverPassword = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server Password", config.ServerPassword); diff --git a/IISU/ImplementedStoreTypes/WinIIS/Inventory.cs b/IISU/ImplementedStoreTypes/WinIIS/Inventory.cs index 8ea49e4..1b3613b 100644 --- a/IISU/ImplementedStoreTypes/WinIIS/Inventory.cs +++ b/IISU/ImplementedStoreTypes/WinIIS/Inventory.cs @@ -52,7 +52,9 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven { var inventoryItems = new List(); - _logger.LogTrace($"Job Configuration: {JsonConvert.SerializeObject(config)}"); + string myConfig = config.ToString(); + + _logger.LogTrace(JobConfigurationParser.ParseInventoryJobConfiguration(config)); string serverUserName = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server UserName", config.ServerUsername); string serverPassword = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server Password", config.ServerPassword); diff --git a/IISU/ImplementedStoreTypes/WinIIS/Management.cs b/IISU/ImplementedStoreTypes/WinIIS/Management.cs index b7bc699..89afcbd 100644 --- a/IISU/ImplementedStoreTypes/WinIIS/Management.cs +++ b/IISU/ImplementedStoreTypes/WinIIS/Management.cs @@ -47,7 +47,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config) _logger = LogHandler.GetClassLogger(); _logger.MethodEntry(); - _logger.LogTrace($"Job Configuration: {JsonConvert.SerializeObject(config)}"); + _logger.LogTrace(JobConfigurationParser.ParseManagementJobConfiguration(config)); string serverUserName = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server UserName", config.ServerUsername); string serverPassword = PAMUtilities.ResolvePAMField(_resolver, _logger, "Server Password", config.ServerPassword); diff --git a/IISU/JobConfigurationParser.cs b/IISU/JobConfigurationParser.cs new file mode 100644 index 0000000..ef97383 --- /dev/null +++ b/IISU/JobConfigurationParser.cs @@ -0,0 +1,165 @@ +using Keyfactor.Orchestrators.Extensions; +using Microsoft.PowerShell.Commands; +using Newtonsoft.Json; +using System; +using System.Collections.Generic; +using System.Diagnostics.Contracts; +using System.Linq; +using System.Net; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class JobConfigurationParser + { + public static string ParseManagementJobConfiguration(ManagementJobConfiguration config, bool IncludePreviousInventory = true) + { + StringBuilder output = new StringBuilder(); + + if (IncludePreviousInventory && config.LastInventory.Count() > 0) + { + output.AppendLine("Previous Inventory Items:"); + foreach (PreviousInventoryItem item in config.LastInventory) + { + output.AppendLine($"Alias: {item.Alias}"); + output.AppendLine($"Alias: {item.PrivateKeyEntry}"); + foreach (string thumbprint in item.Thumbprints) + { + output.AppendLine($"Thumbprint: {thumbprint}"); + } + + output.AppendLine(); // Blank line + } + } + + // Certificate Store Properties + output.AppendLine("Certificate Store Properties:"); + output.AppendLine($"Type: {config.CertificateStoreDetails.Type}"); + output.AppendLine($"Client Machine: {config.CertificateStoreDetails.ClientMachine}"); + output.AppendLine($"Store Path: {config.CertificateStoreDetails.StorePath}"); + output.AppendLine($"Store Password: **************"); + + output.AppendLine(); // Blank line + + output.AppendLine($"Operation Type: {config.OperationType}"); + output.AppendLine($"Overwrite: {config.Overwrite}"); + + output.AppendLine(); // Blank line + + output.AppendLine("Certificate Store Properties:"); + output.AppendLine($"Thumbprint: {config.JobCertificate.Thumbprint}"); + output.AppendLine($"Contents: {config.JobCertificate.Contents}"); + output.AppendLine($"Alias: {config.JobCertificate.Alias}"); + output.AppendLine($"PrivateKeyPassword: {config.JobCertificate.PrivateKeyPassword}"); + + output.AppendLine(); // Blank line + + JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + output.AppendLine("Cert Store Job Properties (Contains IIS and non-IIS Properties)"); + output.AppendLine($"SPN With Port: {jobProperties.SpnPortFlag}"); + output.AppendLine($"WinRm Protocol: {jobProperties.WinRmProtocol}"); + output.AppendLine($"WinRm Port: {jobProperties.WinRmPort}"); + output.AppendLine($"Server Username: {jobProperties.ServerUsername}"); + output.AppendLine($"Server Username: ***************"); + output.AppendLine($"Server Use SSL: {jobProperties.ServerUseSsl}"); + + output.AppendLine(); // Blank line + + output.AppendLine("Job Configuration Properties:"); + output.AppendLine($"Job Cancelled: {config.JobCancelled}"); + output.AppendLine($"ServerError: {config.ServerError}"); + output.AppendLine($"Job History ID: {config.JobHistoryId}"); + output.AppendLine($"Request Status: {config.RequestStatus}"); + output.AppendLine($"Server Username: {config.ServerUsername}"); + output.AppendLine($"Server Username: ***************"); + output.AppendLine($"Use SSL: {config.UseSSL}"); + output.AppendLine($"Job Type ID: {config.JobTypeId}"); + output.AppendLine($"Job ID: {config.JobId}"); + output.AppendLine($"Capability: {config.Capability}"); + + bool isEmpty = (config.JobProperties.Count == 0); // Check if the dictionary is empty or not + if (!isEmpty) + { + output.AppendLine(); // Blank line + output.AppendLine($"JSON Job Properties:"); + output.AppendLine($"Site Name: {config.JobProperties["SiteName"].ToString()}"); + output.AppendLine($"Port: {config.JobProperties["Port"].ToString()}"); + output.AppendLine($"Host Name: {config.JobProperties["HostName"]?.ToString()}"); + output.AppendLine($"Protocol: {config.JobProperties["Protocol"].ToString()}"); + output.AppendLine($"SniFlag: {config.JobProperties["SniFlag"].ToString()?[..1]}"); + output.AppendLine($"IP Address: {config.JobProperties["IPAddress"].ToString()}"); + output.AppendLine($"SAN: {config.JobProperties["SAN"]?.ToString()}"); + } + + return output.ToString(); + } + + public static string ParseInventoryJobConfiguration(InventoryJobConfiguration config, bool IncludePreviousInventory = true) + { + StringBuilder output = new StringBuilder(); + + if (IncludePreviousInventory && config.LastInventory.Count() > 0) + { + output.AppendLine("Previous Inventory Items:"); + foreach (PreviousInventoryItem item in config.LastInventory) + { + output.AppendLine($"Alias: {item.Alias}"); + output.AppendLine($"Alias: {item.PrivateKeyEntry}"); + foreach (string thumbprint in item.Thumbprints) + { + output.AppendLine($"Thumbprint: {thumbprint}"); + } + + output.AppendLine(); // Blank line + } + } + + // Certificate Store Properties + output.AppendLine("Certificate Store Properties:"); + output.AppendLine($"Type: {config.CertificateStoreDetails.Type}"); + output.AppendLine($"Client Machine: {config.CertificateStoreDetails.ClientMachine}"); + output.AppendLine($"Store Path: {config.CertificateStoreDetails.StorePath}"); + output.AppendLine($"Store Password: **************"); + + output.AppendLine(); // Blank line + + JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + output.AppendLine("Cert Store Job Properties (Contains IIS and non-IIS Properties)"); + output.AppendLine($"SPN With Port: {jobProperties.SpnPortFlag}"); + output.AppendLine($"WinRm Protocol: {jobProperties.WinRmProtocol}"); + output.AppendLine($"WinRm Port: {jobProperties.WinRmPort}"); + output.AppendLine($"Server Username: {jobProperties.ServerUsername}"); + output.AppendLine($"Server Username: ***************"); + output.AppendLine($"Server Use SSL: {jobProperties.ServerUseSsl}"); + + output.AppendLine(); // Blank line + + output.AppendLine("Job Configuration Properties:"); + output.AppendLine($"Job Cancelled: {config.JobCancelled}"); + output.AppendLine($"ServerError: {config.ServerError}"); + output.AppendLine($"Job History ID: {config.JobHistoryId}"); + output.AppendLine($"Request Status: {config.RequestStatus}"); + output.AppendLine($"Server Username: {config.ServerUsername}"); + output.AppendLine($"Server Username: ***************"); + output.AppendLine($"Use SSL: {config.UseSSL}"); + output.AppendLine($"Job Type ID: {config.JobTypeId}"); + output.AppendLine($"Job ID: {config.JobId}"); + output.AppendLine($"Capability: {config.Capability}"); + + if (config.JobProperties != null) + { + output.AppendLine(); // Blank line + output.AppendLine($"JSON Job Properties:"); + output.AppendLine($"Site Name: {config.JobProperties["SiteName"].ToString()}"); + output.AppendLine($"Port: {config.JobProperties["Port"].ToString()}"); + output.AppendLine($"Host Name: {config.JobProperties["HostName"]?.ToString()}"); + output.AppendLine($"Protocol: {config.JobProperties["Protocol"].ToString()}"); + output.AppendLine($"SniFlag: {config.JobProperties["SniFlag"].ToString()?[..1]}"); + output.AppendLine($"IP Address: {config.JobProperties["IPAddress"].ToString()}"); + output.AppendLine($"SAN: {config.JobProperties["SAN"]?.ToString()}"); + } + + return output.ToString(); + } + } +} diff --git a/IISU/Models/JobProperties.cs b/IISU/Models/JobProperties.cs index 7e8926c..a5cad1f 100644 --- a/IISU/Models/JobProperties.cs +++ b/IISU/Models/JobProperties.cs @@ -13,6 +13,7 @@ // limitations under the License. using System.ComponentModel; +using System.Reflection.Metadata.Ecma335; using Newtonsoft.Json; namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore @@ -36,6 +37,13 @@ public JobProperties() [DefaultValue("5985")] public string WinRmPort { get; set; } + [JsonProperty("ServerUsername")] + public string ServerUsername { get; set; } + + [JsonProperty("ServerUseSsl")] + [DefaultValue(true)] + public bool ServerUseSsl { get; set; } + [JsonProperty("sniflag")] [DefaultValue(SniFlag.None)] public SniFlag SniFlag { get; set; } From 42fd2db1408036bbcdc7e07d666522467b9b6bd6 Mon Sep 17 00:00:00 2001 From: Bob Pokorny Date: Wed, 22 Mar 2023 13:31:11 +0000 Subject: [PATCH 2/3] Masked Private Ket Password --- IISU/JobConfigurationParser.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/IISU/JobConfigurationParser.cs b/IISU/JobConfigurationParser.cs index ef97383..f6b8e8c 100644 --- a/IISU/JobConfigurationParser.cs +++ b/IISU/JobConfigurationParser.cs @@ -50,7 +50,7 @@ public static string ParseManagementJobConfiguration(ManagementJobConfiguration output.AppendLine($"Thumbprint: {config.JobCertificate.Thumbprint}"); output.AppendLine($"Contents: {config.JobCertificate.Contents}"); output.AppendLine($"Alias: {config.JobCertificate.Alias}"); - output.AppendLine($"PrivateKeyPassword: {config.JobCertificate.PrivateKeyPassword}"); + output.AppendLine($"Private Key Password: **************"); output.AppendLine(); // Blank line From 5ca2b513e360c3f683b5e10b45a1b00ddb3a5f45 Mon Sep 17 00:00:00 2001 From: Bob Pokorny Date: Thu, 23 Mar 2023 05:53:31 +0000 Subject: [PATCH 3/3] Modified logging to write out as JSON object --- IISU/ClientPSCertStoreManager.cs | 1 + .../ICertificateStoreDetailsBase.cs | 11 + IISU/Interfaces/IInventoryCertStoreDetails.cs | 7 + IISU/Interfaces/IInventoryJobLogger.cs | 10 + .../Interfaces/IJobConfigurationLoggerBase.cs | 24 +++ .../Interfaces/IManagementCertStoreDetails.cs | 12 ++ IISU/Interfaces/IManagementJobLogger.cs | 13 ++ IISU/JobConfigurationParser.cs | 204 +++++++----------- .../CertificateStoreDetailPropertiesDTO.cs | 18 ++ .../Models/DTOs/CertificateStoreDetailsDTO.cs | 14 ++ IISU/Models/DTOs/JobCertificateDTO.cs | 15 ++ IISU/Models/InventoryJobLogger.cs | 26 +++ IISU/Models/ManagementJobLogger.cs | 33 +++ 13 files changed, 257 insertions(+), 131 deletions(-) create mode 100644 IISU/Interfaces/ICertificateStoreDetailsBase.cs create mode 100644 IISU/Interfaces/IInventoryCertStoreDetails.cs create mode 100644 IISU/Interfaces/IInventoryJobLogger.cs create mode 100644 IISU/Interfaces/IJobConfigurationLoggerBase.cs create mode 100644 IISU/Interfaces/IManagementCertStoreDetails.cs create mode 100644 IISU/Interfaces/IManagementJobLogger.cs create mode 100644 IISU/Models/DTOs/CertificateStoreDetailPropertiesDTO.cs create mode 100644 IISU/Models/DTOs/CertificateStoreDetailsDTO.cs create mode 100644 IISU/Models/DTOs/JobCertificateDTO.cs create mode 100644 IISU/Models/InventoryJobLogger.cs create mode 100644 IISU/Models/ManagementJobLogger.cs diff --git a/IISU/ClientPSCertStoreManager.cs b/IISU/ClientPSCertStoreManager.cs index fdff0b6..ccb9696 100644 --- a/IISU/ClientPSCertStoreManager.cs +++ b/IISU/ClientPSCertStoreManager.cs @@ -78,6 +78,7 @@ function InstallPfxToMachineStore([byte[]]$bytes, [string]$password, [string]$st $certStore.Open(5) $cert = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $bytes, $password, 18 <# Persist, Machine #> $certStore.Add($cert) + $certStore.Close(); }"; diff --git a/IISU/Interfaces/ICertificateStoreDetailsBase.cs b/IISU/Interfaces/ICertificateStoreDetailsBase.cs new file mode 100644 index 0000000..302726a --- /dev/null +++ b/IISU/Interfaces/ICertificateStoreDetailsBase.cs @@ -0,0 +1,11 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface ICertificateStoreDetailsBase + { + public CertificateStoreDetailsDTO CertificateStoreDetails { get; set; } + } +} diff --git a/IISU/Interfaces/IInventoryCertStoreDetails.cs b/IISU/Interfaces/IInventoryCertStoreDetails.cs new file mode 100644 index 0000000..b20870b --- /dev/null +++ b/IISU/Interfaces/IInventoryCertStoreDetails.cs @@ -0,0 +1,7 @@ +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface IInventoryCertStoreDetails + { + public CertificateStoreDetailsDTO CertificateStoreDetails { get; set; } + } +} diff --git a/IISU/Interfaces/IInventoryJobLogger.cs b/IISU/Interfaces/IInventoryJobLogger.cs new file mode 100644 index 0000000..f8adf23 --- /dev/null +++ b/IISU/Interfaces/IInventoryJobLogger.cs @@ -0,0 +1,10 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface IInventoryJobLogger : IJobConfigurationLoggerBase, IInventoryCertStoreDetails + { + } +} diff --git a/IISU/Interfaces/IJobConfigurationLoggerBase.cs b/IISU/Interfaces/IJobConfigurationLoggerBase.cs new file mode 100644 index 0000000..1ca6792 --- /dev/null +++ b/IISU/Interfaces/IJobConfigurationLoggerBase.cs @@ -0,0 +1,24 @@ +using Keyfactor.Orchestrators.Extensions; +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface IJobConfigurationLoggerBase + { + public bool JobCancelled { get; set; } + public ServerFault ServerError { get; set; } + public long JobHistoryID { get; set; } + public int RequestStatus { get; set; } + public string ServerUserName { get; set; } + public string ServerPassword { get; set; } + public JobProperties JobConfigurationProperties { get; set; } + public bool UseSSL { get; set; } + public Guid JobTypeID { get; set; } + public Guid JobID { get; set; } + public string Capability { get; set; } + + public IEnumerable LastInventory { get; set; } + } +} diff --git a/IISU/Interfaces/IManagementCertStoreDetails.cs b/IISU/Interfaces/IManagementCertStoreDetails.cs new file mode 100644 index 0000000..935065d --- /dev/null +++ b/IISU/Interfaces/IManagementCertStoreDetails.cs @@ -0,0 +1,12 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface IManagementCertStoreDetails + { + public CertificateStoreDetailsDTO CertificateStoreDetails { get; set; } + public CertificateStoreDetailPropertiesDTO CertificateStoreDetailProperties { get; set; } + } +} diff --git a/IISU/Interfaces/IManagementJobLogger.cs b/IISU/Interfaces/IManagementJobLogger.cs new file mode 100644 index 0000000..dd10eef --- /dev/null +++ b/IISU/Interfaces/IManagementJobLogger.cs @@ -0,0 +1,13 @@ +using Keyfactor.Orchestrators.Common.Enums; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal interface IManagementJobLogger : IJobConfigurationLoggerBase, IManagementCertStoreDetails + { + public CertStoreOperationType OperationType { get; set; } + public bool Overwrite { get; set; } + + public JobCertificateDTO JobCertificateProperties { get; set; } + + } +} diff --git a/IISU/JobConfigurationParser.cs b/IISU/JobConfigurationParser.cs index f6b8e8c..bd7889d 100644 --- a/IISU/JobConfigurationParser.cs +++ b/IISU/JobConfigurationParser.cs @@ -3,8 +3,10 @@ using Newtonsoft.Json; using System; using System.Collections.Generic; +using System.Configuration.Internal; using System.Diagnostics.Contracts; using System.Linq; +using System.Management.Automation.Remoting; using System.Net; using System.Text; @@ -12,154 +14,94 @@ namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore { internal class JobConfigurationParser { - public static string ParseManagementJobConfiguration(ManagementJobConfiguration config, bool IncludePreviousInventory = true) + public static string ParseManagementJobConfiguration(ManagementJobConfiguration config) { - StringBuilder output = new StringBuilder(); - if (IncludePreviousInventory && config.LastInventory.Count() > 0) - { - output.AppendLine("Previous Inventory Items:"); - foreach (PreviousInventoryItem item in config.LastInventory) - { - output.AppendLine($"Alias: {item.Alias}"); - output.AppendLine($"Alias: {item.PrivateKeyEntry}"); - foreach (string thumbprint in item.Thumbprints) - { - output.AppendLine($"Thumbprint: {thumbprint}"); - } - - output.AppendLine(); // Blank line - } - } - - // Certificate Store Properties - output.AppendLine("Certificate Store Properties:"); - output.AppendLine($"Type: {config.CertificateStoreDetails.Type}"); - output.AppendLine($"Client Machine: {config.CertificateStoreDetails.ClientMachine}"); - output.AppendLine($"Store Path: {config.CertificateStoreDetails.StorePath}"); - output.AppendLine($"Store Password: **************"); - - output.AppendLine(); // Blank line - - output.AppendLine($"Operation Type: {config.OperationType}"); - output.AppendLine($"Overwrite: {config.Overwrite}"); - - output.AppendLine(); // Blank line - - output.AppendLine("Certificate Store Properties:"); - output.AppendLine($"Thumbprint: {config.JobCertificate.Thumbprint}"); - output.AppendLine($"Contents: {config.JobCertificate.Contents}"); - output.AppendLine($"Alias: {config.JobCertificate.Alias}"); - output.AppendLine($"Private Key Password: **************"); + IManagementJobLogger managementParser = new ManagementJobLogger(); + + // JobConfiguration + managementParser.JobCancelled = config.JobCancelled; + managementParser.ServerError = config.ServerError; + managementParser.JobHistoryID = config.JobHistoryId; + managementParser.RequestStatus = config.RequestStatus; + managementParser.ServerUserName = config.ServerUsername; + managementParser.ServerPassword = "**********"; + managementParser.UseSSL = config.UseSSL; + managementParser.JobTypeID = config.JobTypeId; + managementParser.JobID = config.JobId; + managementParser.Capability = config.Capability; + + // JobProperties + JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + managementParser.JobConfigurationProperties = jobProperties; - output.AppendLine(); // Blank line + // PreviousInventoryItem + managementParser.LastInventory = config.LastInventory; - JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); - output.AppendLine("Cert Store Job Properties (Contains IIS and non-IIS Properties)"); - output.AppendLine($"SPN With Port: {jobProperties.SpnPortFlag}"); - output.AppendLine($"WinRm Protocol: {jobProperties.WinRmProtocol}"); - output.AppendLine($"WinRm Port: {jobProperties.WinRmPort}"); - output.AppendLine($"Server Username: {jobProperties.ServerUsername}"); - output.AppendLine($"Server Username: ***************"); - output.AppendLine($"Server Use SSL: {jobProperties.ServerUseSsl}"); - - output.AppendLine(); // Blank line - - output.AppendLine("Job Configuration Properties:"); - output.AppendLine($"Job Cancelled: {config.JobCancelled}"); - output.AppendLine($"ServerError: {config.ServerError}"); - output.AppendLine($"Job History ID: {config.JobHistoryId}"); - output.AppendLine($"Request Status: {config.RequestStatus}"); - output.AppendLine($"Server Username: {config.ServerUsername}"); - output.AppendLine($"Server Username: ***************"); - output.AppendLine($"Use SSL: {config.UseSSL}"); - output.AppendLine($"Job Type ID: {config.JobTypeId}"); - output.AppendLine($"Job ID: {config.JobId}"); - output.AppendLine($"Capability: {config.Capability}"); + //CertificateStore + managementParser.CertificateStoreDetails.ClientMachine = config.CertificateStoreDetails.ClientMachine; + managementParser.CertificateStoreDetails.StorePath = config.CertificateStoreDetails.StorePath; + managementParser.CertificateStoreDetails.StorePassword = "**********"; + managementParser.CertificateStoreDetails.Type = config.CertificateStoreDetails.Type; bool isEmpty = (config.JobProperties.Count == 0); // Check if the dictionary is empty or not if (!isEmpty) { - output.AppendLine(); // Blank line - output.AppendLine($"JSON Job Properties:"); - output.AppendLine($"Site Name: {config.JobProperties["SiteName"].ToString()}"); - output.AppendLine($"Port: {config.JobProperties["Port"].ToString()}"); - output.AppendLine($"Host Name: {config.JobProperties["HostName"]?.ToString()}"); - output.AppendLine($"Protocol: {config.JobProperties["Protocol"].ToString()}"); - output.AppendLine($"SniFlag: {config.JobProperties["SniFlag"].ToString()?[..1]}"); - output.AppendLine($"IP Address: {config.JobProperties["IPAddress"].ToString()}"); - output.AppendLine($"SAN: {config.JobProperties["SAN"]?.ToString()}"); + managementParser.CertificateStoreDetailProperties.SiteName = config.JobProperties["SiteName"].ToString(); + managementParser.CertificateStoreDetailProperties.Port = config.JobProperties["Port"].ToString(); + managementParser.CertificateStoreDetailProperties.HostName = config.JobProperties["HostName"]?.ToString(); + managementParser.CertificateStoreDetailProperties.Protocol = config.JobProperties["Protocol"].ToString(); + managementParser.CertificateStoreDetailProperties.SniFlag = config.JobProperties["SniFlag"].ToString()?[..1]; + managementParser.CertificateStoreDetailProperties.IPAddress = config.JobProperties["IPAddress"].ToString(); + managementParser.CertificateStoreDetailProperties.ProviderName = config.JobProperties["ProviderName"]?.ToString(); + managementParser.CertificateStoreDetailProperties.SAN = config.JobProperties["SAN"]?.ToString(); } - return output.ToString(); + // Management Base + managementParser.OperationType = config.OperationType; + managementParser.Overwrite = config.Overwrite; + + // JobCertificate + managementParser.JobCertificateProperties.Thumbprint = config.JobCertificate.Thumbprint; + managementParser.JobCertificateProperties.Contents = config.JobCertificate.Contents; + managementParser.JobCertificateProperties.Alias = config.JobCertificate.Alias; + managementParser.JobCertificateProperties.PrivateKeyPassword = "**********"; + + return JsonConvert.SerializeObject(managementParser); } - public static string ParseInventoryJobConfiguration(InventoryJobConfiguration config, bool IncludePreviousInventory = true) + public static string ParseInventoryJobConfiguration(InventoryJobConfiguration config) { - StringBuilder output = new StringBuilder(); - - if (IncludePreviousInventory && config.LastInventory.Count() > 0) - { - output.AppendLine("Previous Inventory Items:"); - foreach (PreviousInventoryItem item in config.LastInventory) - { - output.AppendLine($"Alias: {item.Alias}"); - output.AppendLine($"Alias: {item.PrivateKeyEntry}"); - foreach (string thumbprint in item.Thumbprints) - { - output.AppendLine($"Thumbprint: {thumbprint}"); - } - - output.AppendLine(); // Blank line - } - } + IInventoryJobLogger inventoryParser = new InventoryJobLogger(); + + // JobConfiguration + inventoryParser.JobCancelled = config.JobCancelled; + inventoryParser.ServerError = config.ServerError; + inventoryParser.JobHistoryID = config.JobHistoryId; + inventoryParser.RequestStatus = config.RequestStatus; + inventoryParser.ServerUserName = config.ServerUsername; + inventoryParser.ServerPassword = "**********"; + inventoryParser.UseSSL = config.UseSSL; + inventoryParser.JobTypeID = config.JobTypeId; + inventoryParser.JobID = config.JobId; + inventoryParser.Capability = config.Capability; + + // JobProperties + JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + inventoryParser.JobConfigurationProperties = jobProperties; - // Certificate Store Properties - output.AppendLine("Certificate Store Properties:"); - output.AppendLine($"Type: {config.CertificateStoreDetails.Type}"); - output.AppendLine($"Client Machine: {config.CertificateStoreDetails.ClientMachine}"); - output.AppendLine($"Store Path: {config.CertificateStoreDetails.StorePath}"); - output.AppendLine($"Store Password: **************"); + // PreviousInventoryItem + inventoryParser.LastInventory = config.LastInventory; - output.AppendLine(); // Blank line + //CertificateStore + + inventoryParser.CertificateStoreDetails.ClientMachine = config.CertificateStoreDetails.ClientMachine; + inventoryParser.CertificateStoreDetails.StorePath = config.CertificateStoreDetails.StorePath; + inventoryParser.CertificateStoreDetails.StorePassword = "**********"; + inventoryParser.CertificateStoreDetails.Type = config.CertificateStoreDetails.Type; - JobProperties jobProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); - output.AppendLine("Cert Store Job Properties (Contains IIS and non-IIS Properties)"); - output.AppendLine($"SPN With Port: {jobProperties.SpnPortFlag}"); - output.AppendLine($"WinRm Protocol: {jobProperties.WinRmProtocol}"); - output.AppendLine($"WinRm Port: {jobProperties.WinRmPort}"); - output.AppendLine($"Server Username: {jobProperties.ServerUsername}"); - output.AppendLine($"Server Username: ***************"); - output.AppendLine($"Server Use SSL: {jobProperties.ServerUseSsl}"); - - output.AppendLine(); // Blank line - - output.AppendLine("Job Configuration Properties:"); - output.AppendLine($"Job Cancelled: {config.JobCancelled}"); - output.AppendLine($"ServerError: {config.ServerError}"); - output.AppendLine($"Job History ID: {config.JobHistoryId}"); - output.AppendLine($"Request Status: {config.RequestStatus}"); - output.AppendLine($"Server Username: {config.ServerUsername}"); - output.AppendLine($"Server Username: ***************"); - output.AppendLine($"Use SSL: {config.UseSSL}"); - output.AppendLine($"Job Type ID: {config.JobTypeId}"); - output.AppendLine($"Job ID: {config.JobId}"); - output.AppendLine($"Capability: {config.Capability}"); - - if (config.JobProperties != null) - { - output.AppendLine(); // Blank line - output.AppendLine($"JSON Job Properties:"); - output.AppendLine($"Site Name: {config.JobProperties["SiteName"].ToString()}"); - output.AppendLine($"Port: {config.JobProperties["Port"].ToString()}"); - output.AppendLine($"Host Name: {config.JobProperties["HostName"]?.ToString()}"); - output.AppendLine($"Protocol: {config.JobProperties["Protocol"].ToString()}"); - output.AppendLine($"SniFlag: {config.JobProperties["SniFlag"].ToString()?[..1]}"); - output.AppendLine($"IP Address: {config.JobProperties["IPAddress"].ToString()}"); - output.AppendLine($"SAN: {config.JobProperties["SAN"]?.ToString()}"); - } - return output.ToString(); + return JsonConvert.SerializeObject(inventoryParser); } } } diff --git a/IISU/Models/DTOs/CertificateStoreDetailPropertiesDTO.cs b/IISU/Models/DTOs/CertificateStoreDetailPropertiesDTO.cs new file mode 100644 index 0000000..422c91c --- /dev/null +++ b/IISU/Models/DTOs/CertificateStoreDetailPropertiesDTO.cs @@ -0,0 +1,18 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class CertificateStoreDetailPropertiesDTO + { + public string SiteName { get; set; } + public string Port { get; set; } + public string HostName { get; set; } + public string Protocol { get; set; } + public string SniFlag { get; set; } + public string IPAddress { get; set; } + public string ProviderName { get; set; } + public string SAN { get; set; } + } +} diff --git a/IISU/Models/DTOs/CertificateStoreDetailsDTO.cs b/IISU/Models/DTOs/CertificateStoreDetailsDTO.cs new file mode 100644 index 0000000..8f4a277 --- /dev/null +++ b/IISU/Models/DTOs/CertificateStoreDetailsDTO.cs @@ -0,0 +1,14 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class CertificateStoreDetailsDTO + { + public string ClientMachine { get; set; } + public string StorePath { get; set; } + public string StorePassword { get; set; } + public int Type { get; set; } + } +} diff --git a/IISU/Models/DTOs/JobCertificateDTO.cs b/IISU/Models/DTOs/JobCertificateDTO.cs new file mode 100644 index 0000000..77a04d6 --- /dev/null +++ b/IISU/Models/DTOs/JobCertificateDTO.cs @@ -0,0 +1,15 @@ +using Keyfactor.Orchestrators.Extensions; +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class JobCertificateDTO + { + public string Thumbprint { get; set; } + public string Contents { get; set; } + public string Alias { get; set; } + public string PrivateKeyPassword { get; set; } + } +} diff --git a/IISU/Models/InventoryJobLogger.cs b/IISU/Models/InventoryJobLogger.cs new file mode 100644 index 0000000..5659f94 --- /dev/null +++ b/IISU/Models/InventoryJobLogger.cs @@ -0,0 +1,26 @@ +using Keyfactor.Orchestrators.Extensions; +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class InventoryJobLogger : IInventoryJobLogger, IInventoryCertStoreDetails + { + public bool JobCancelled { get; set; } + public ServerFault ServerError { get; set; } = new ServerFault(); + public long JobHistoryID { get; set; } + public int RequestStatus { get; set; } + public string ServerUserName { get; set; } + public string ServerPassword { get; set; } + public JobProperties JobConfigurationProperties { get; set; } = new JobProperties(); + public bool UseSSL { get; set; } + public Guid JobTypeID { get; set; } + public Guid JobID { get; set; } + public string Capability { get; set; } + + public IEnumerable LastInventory { get; set; } = new List(); + public CertificateStoreDetailsDTO CertificateStoreDetails { get; set; } = new CertificateStoreDetailsDTO(); + + } +} diff --git a/IISU/Models/ManagementJobLogger.cs b/IISU/Models/ManagementJobLogger.cs new file mode 100644 index 0000000..a9caa0a --- /dev/null +++ b/IISU/Models/ManagementJobLogger.cs @@ -0,0 +1,33 @@ +using Keyfactor.Orchestrators.Common.Enums; +using Keyfactor.Orchestrators.Extensions; +using System; +using System.Collections.Generic; +using System.Text; + +namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore +{ + internal class ManagementJobLogger : IManagementJobLogger, IManagementCertStoreDetails + { + public bool JobCancelled { get; set; } + public ServerFault ServerError { get; set; } = new ServerFault(); + public long JobHistoryID { get; set; } + public int RequestStatus { get; set; } + public string ServerUserName { get; set; } + public string ServerPassword { get; set; } + public JobProperties JobConfigurationProperties { get; set; } = new JobProperties(); + public bool UseSSL { get; set; } + public Guid JobTypeID { get; set; } + public Guid JobID { get; set; } + public string Capability { get; set; } + + public IEnumerable LastInventory { get; set; } = new List(); + + public CertificateStoreDetailsDTO CertificateStoreDetails { get; set; } = new CertificateStoreDetailsDTO(); + public CertificateStoreDetailPropertiesDTO CertificateStoreDetailProperties { get; set; } = new CertificateStoreDetailPropertiesDTO(); + + public CertStoreOperationType OperationType { get; set; } + public bool Overwrite { get; set; } + + public JobCertificateDTO JobCertificateProperties { get; set; } = new JobCertificateDTO(); + } +}