Merge pull request #16 for release 2.0.1

doebrowsk · web-flow · commit 7dd3e56ae881 · 2025-01-23T16:10:49.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,2 +1,6 @@
 ### 2.0.0
 * Initial Public Release
+
+### 2.0.1
+* Add configuration fields to support sync filtering
+* Bug fixes around SAN processing
diff --git a/digicert-certcentral-caplugin/CertCentralCAPlugin.cs b/digicert-certcentral-caplugin/CertCentralCAPlugin.cs
@@ -58,6 +58,12 @@ public void Initialize(IAnyCAPluginConfigProvider configProvider, ICertificateDa
 		public async Task<EnrollmentResult> Enroll(string csr, string subject, Dictionary<string, string[]> san, EnrollmentProductInfo productInfo, RequestFormat requestFormat, EnrollmentType enrollmentType)
 		{
 			_logger.MethodEntry(LogLevel.Trace);
+			_logger.LogDebug($"Enrolling for certificate with subject {subject}");
+			foreach (var sanlist in san)
+			{
+				string sans = string.Join(",", sanlist.Value);
+				_logger.LogDebug($"SANs type \"{sanlist.Key}\": {sans}");
+			}
 			OrderResponse orderResponse = new OrderResponse();
 			CertCentralCertType certType = CertCentralCertType.GetAllTypes(_config).FirstOrDefault(x => x.ProductCode.Equals(productInfo.ProductID));
 			OrderRequest orderRequest = new OrderRequest(certType);
@@ -87,6 +93,10 @@ public async Task<EnrollmentResult> Enroll(string csr, string subject, Dictionar
 			{
 				dnsNames = new List<string>(san["Dns"]);
 			}
+			if (san.ContainsKey("dnsname"))
+			{
+				dnsNames = new List<string>(san["dnsname"]);
+			}
 
 			X509Name subjectParsed = null;
 			string commonName = null, organization = null, orgUnit = null;
@@ -356,6 +366,28 @@ public Dictionary<string, PropertyConfigInfo> GetCAConnectorAnnotations()
 					DefaultValue = false,
 					Type = "Boolean"
 				},
+
+				[CertCentralConstants.Config.SYNC_CA_FILTER] = new PropertyConfigInfo()
+				{
+					Comments = "If you list one or more CA IDs here (comma-separated), the sync process will only sync records from those CAs. If you want to sync all CA IDs, leave this field empty.",
+					Hidden = false,
+					DefaultValue = "",
+					Type = "String"
+				},
+				[CertCentralConstants.Config.FILTER_EXPIRED] = new PropertyConfigInfo()
+				{
+					Comments = "If set to 'true', syncing will apply a filter to not return orders that are expired for longer than specified in SyncExpirationDays.",
+					Hidden = false,
+					DefaultValue = false,
+					Type = "Boolean"
+				},
+				[CertCentralConstants.Config.SYNC_EXPIRATION_DAYS] = new PropertyConfigInfo()
+				{
+					Comments = "If FilterExpiredOrders is set to true, this setting determines how many days in the past to still return expired orders. For example, a value of 30 means the sync will return any certs that expired within the past 30 days. A value of 0 means the sync will not return any certs that expired before the current day. This value is ignored if FilterExpiredOrders is false.",
+					Hidden = false,
+					DefaultValue = 30,
+					Type = "Number"
+				},
 				[CertCentralConstants.Config.ENABLED] = new PropertyConfigInfo()
 				{
 					Comments = "Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available.",
@@ -618,9 +650,10 @@ public async Task Synchronize(BlockingCollection<AnyCAPluginCertificate> blockin
 			List<string> skippedOrders = new List<string>();
 			int certCount = 0;
 
-			string syncCAstring = string.Join(",", _config.SyncCAFilter ?? new List<string>());
+			string syncCAstring = _config.SyncCAFilter ?? string.Empty;
 			_logger.LogTrace($"Sync CAs: {syncCAstring}");
-			List<string> caList = _config.SyncCAFilter ?? new List<string>();
+			List<string> caList = _config.SyncCAs;
+
 			caList.ForEach(c => c.ToUpper());
 
 
diff --git a/digicert-certcentral-caplugin/CertCentralConfig.cs b/digicert-certcentral-caplugin/CertCentralConfig.cs
@@ -11,14 +11,30 @@ public class CertCentralConfig
 
 		public CertCentralConfig()
 		{
-			SyncCAFilter = new List<string>();
+
 		}
 		public string APIKey { get; set; }
 		public string Region { get; set; } = "US";
 		public int? DivisionId { get; set; }
 		public bool? RevokeCertificateOnly { get; set; }
 		public bool Enabled { get; set; } = true;
-		public List<string> SyncCAFilter { get; set; }
+
+		public string SyncCAFilter { get; set; }
+		public List<string> SyncCAs
+		{
+			get
+			{
+				if (!string.IsNullOrEmpty(SyncCAFilter))
+				{
+					return SyncCAFilter.Split(',').ToList();
+				}
+				else
+				{
+					return new List<string>();
+				}	
+			}
+		}
+
 		public bool? FilterExpiredOrders { get; set; }
 		public int? SyncExpirationDays { get; set; }
 	}
diff --git a/digicert-certcentral-caplugin/Constants.cs b/digicert-certcentral-caplugin/Constants.cs
@@ -27,6 +27,9 @@ public class Config
 			public const string RENEWAL_WINDOW = "RenewalWindowDays";
 			public const string REVOKE_CERT = "RevokeCertificateOnly";
 			public const string ENABLED = "Enabled";
+			public const string SYNC_CA_FILTER = "SyncCAFilter";
+			public const string FILTER_EXPIRED = "FilterExpiredOrders";
+			public const string SYNC_EXPIRATION_DAYS = "SyncExpirationDays";
 		}
 
 		public class RequestAttributes

Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,9 @@ public class Config`
`27`	`27`	`public const string RENEWAL_WINDOW = "RenewalWindowDays";`
`28`	`28`	`public const string REVOKE_CERT = "RevokeCertificateOnly";`
`29`	`29`	`public const string ENABLED = "Enabled";`
	`30`	`+ public const string SYNC_CA_FILTER = "SyncCAFilter";`
	`31`	`+ public const string FILTER_EXPIRED = "FilterExpiredOrders";`
	`32`	`+ public const string SYNC_EXPIRATION_DAYS = "SyncExpirationDays";`
`30`	`33`	`}`
`31`	`34`
`32`	`35`	`public class RequestAttributes`