Save local changes

Author: efiocca

AxisIPCamera/Client/AxisHttpClient.cs

@@ -549,54 +549,50 @@ public void RemoveCACertificate(string alias)
                 throw new Exception(e.Message);
             }
         }
-        
+
         /// <summary>
         /// Removes a certificate with private key from the device.
         /// </summary>
         /// <param name="alias">Unique identifier of the CA certificate to be removed</param>
-        public void RemoveCertificate(string alias)
+        public HttpResult RemoveCertificate(string alias)
         {
             try
             {
                 Logger.MethodEntry();
 
+                var context = new HttpContext();
+                
                 var deleteCertResource = $"{Constants.RestApiEntryPoint}/certificates/{alias}";
                 var httpResponse = ExecuteHttp(deleteCertResource, Method.Delete);
 
                 // Decode the HTTP response if failed
                 if (httpResponse is { IsSuccessful: false })
                 {
-                    Logger.LogError($"HTTP Request unsuccessful - HTTP Response: {DecodeHttpStatus(httpResponse)}");
-                    throw new Exception($"HTTP Request unsuccessful.");
+                    var decodedStatus = DecodeHttpStatus(httpResponse);
+                    
+                    Logger.LogWarning($"HTTP Request unsuccessful - HTTP Response: {decodedStatus}");
+                    context.AddWarning(decodedStatus);
                 }
 
-                // Decode the API response when HTTP response is successful
+                // Decode the API response for more information
                 if (httpResponse != null && string.IsNullOrEmpty(httpResponse.Content))
                 {
-                    throw new Exception("No content returned from HTTP Response");
-                }
-
-                RestApiResponse apiResponse = JsonConvert.DeserializeObject<RestApiResponse>(httpResponse.Content);
-                if (apiResponse.Status == Constants.Status.Success)
-                {
-                    Logger.MethodExit();
+                    Logger.LogError("No content returned from HTTP Response");
+                    context.AddError($"No content returned from HTTP Response for {nameof(Method.Delete)} {deleteCertResource}");
                 }
                 else
                 {
-                    ErrorData error = JsonConvert.DeserializeObject<ErrorData>(httpResponse.Content);
-
-                    // Check for error code 5 - "Validation error: Certificate is in use" or "Validation error: Certificate is not deletable" --- 
-                    // This will capture all device ID certs, which we do not want to delete anyway
-                    if (error.ErrorInfo is { Code: 5, Message: "Validation error: Certificate is not deletable" or "Validation error: Certificate is in use"})
-                    {
-                        Logger.LogWarning($"API warning encountered - {error.ErrorInfo.Message} - (Code: {error.ErrorInfo.Code})");
-                    }
-                    else
+                    RestApiResponse apiResponse = JsonConvert.DeserializeObject<RestApiResponse>(httpResponse.Content);
+                    if (apiResponse.Status != Constants.Status.Success)
                     {
-                        throw new Exception(
-                            $"API error encountered - {error.ErrorInfo.Message} - (Code: {error.ErrorInfo.Code})");
+                        ErrorData error = JsonConvert.DeserializeObject<ErrorData>(httpResponse.Content);
+                        Logger.LogWarning($"API error encountered - {error.ErrorInfo.Message} - (Code: {error.ErrorInfo.Code})");
+                        context.AddWarning($"HTTP Request {nameof(Method.Delete)} {deleteCertResource}: API error encountered - {error.ErrorInfo.Message} - (Code: {error.ErrorInfo.Code})");
                     }
                 }
+
+                Logger.MethodExit();
+                return context.ToResult();
             }
             catch (Exception e)
             {

AxisIPCamera/Inventory.cs

@@ -62,8 +62,9 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd
                 _logger.LogTrace("Retrieve all client certificates");
                 CertificateData data2 = client.ListCertificates();
 
+                // TODO: Remove this if not using
                 // Get the default keystore
-                _logger.LogTrace("Retrieve the default keystore");
+                /*_logger.LogTrace("Retrieve the default keystore");
                 Constants.Keystore defaultKeystore = client.GetDefaultKeystore();
                 string defaultKeystoreString = defaultKeystore.ToString();
                 _logger.LogDebug($"Inventory - Default keystore: {defaultKeystoreString}");
@@ -78,7 +79,7 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd
                 foreach (var cert in data2.Certs.Where(cert => cert.Keystore == defaultKeystore))
                 {
                     data2DefKey.Certs.Add(cert);
-                }
+                }*/
 
                 _logger.LogTrace("Retrieve all certificate bindings for each possible certificate usage type");
                 // Lookup the certificate used for HTTPS, MQTT, IEEE802.X
@@ -88,7 +89,7 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd
 
                 // Set the binding on the client certificates object if the aliases found for each certificate usage match
                 _logger.LogTrace("Mark each client certificate with the appropriate certificate usage type");
-                foreach (Certificate c in data2DefKey.Certs)
+                foreach (Certificate c in data2.Certs)
                 {
                     if (c.Alias.Equals(httpAlias))
                     {
@@ -131,7 +132,7 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd
                     }).Where(item => item?.Certificates != null).ToList());
 
                 // Build the list of client certificates and add to the InventoryItems object that is sent back to Command
-                inventoryItems.AddRange(data2DefKey.Certs.Select(
+                inventoryItems.AddRange(data2.Certs.Select(
                     c =>
                     {
                         try

AxisIPCamera/Model/HttpResponse.cs

@@ -0,0 +1,68 @@
+// Copyright 2026 Keyfactor
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
+// and limitations under the License.
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+
+namespace Keyfactor.Extensions.Orchestrator.AxisIPCamera.Model
+{
+    public sealed class HttpContext
+    {
+        private readonly List<string> _warnings = new();
+        private readonly List<string> _errors = new();
+        
+        public IReadOnlyList<string> Warnings => _warnings;
+        public IReadOnlyList<string> Errors => _errors;
+
+        public void AddWarning(string message) =>
+            _warnings.Add(message);
+
+        public void AddError(string message) =>
+            _errors.Add(message);
+
+        public HttpResult ToResult()
+        {
+            if (_errors.Any())
+                return HttpResult.Error(FormatMessages(_errors));
+
+            if (_warnings.Any())
+                return HttpResult.Warning(FormatMessages(_warnings));
+
+            return HttpResult.Success();
+        }
+
+        private static string FormatMessages(IEnumerable<string> messages)
+        {
+            return string.Join(
+                Environment.NewLine,
+                messages.Select((message, index) =>
+                    $"({index + 1}) {message}")
+            );
+        }
+    }
+
+    public enum HttpStatus
+    {
+        Success,
+        Warning,
+        Error
+    }
+
+    public sealed record HttpResult(HttpStatus Status, string Message = null)
+    {
+        public static HttpResult Success()
+            => new(HttpStatus.Success);
+
+        public static HttpResult Warning(string message)
+            => new(HttpStatus.Warning, message);
+
+        public static HttpResult Error(string message)
+            => new(HttpStatus.Error, message);
+
+    }
+}

AxisIPCamera/Reenrollment.cs

@@ -7,6 +7,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Net;
 using System.Net.Http;
 using System.Text;
 using System.Text.RegularExpressions;
@@ -197,13 +198,21 @@ public JobResult ProcessJob(ReenrollmentJobConfiguration config, SubmitReenrollm
                 client.SetCertUsageBinding(newAlias,certUsageEnum);
 
                 // Perform unused certificate cleanup --- 
-                // 1) If a bound alias exists and there is a new alias to enroll, delete the bound alias
+                // 1) If a bound alias exists, delete the bound alias
+                HttpResult result;
                 if (oldCertExists)
                 {
                     _logger.LogTrace($"Removing certificate and private key associated with alias '{oldAlias}'");
-                    client.RemoveCertificate(oldAlias);
+                    result = client.RemoveCertificate(oldAlias);
+
+                    if (result.Status == HttpStatus.Warning)
+                    {
+                        return new JobResult() { Result = OrchestratorJobStatusJobResult.Warning, JobHistoryId = config.JobHistoryId, 
+                            FailureMessage = $"Reenrollment Job Had Warnings - Refer to logs for more detailed information." };
+                    }
                 }
 
+
                 // TESTING build chain functionality
                 /*using var aiaClient = new HttpClient();
                 var builder = new ChainBuilder(aiaClient);