security-development-lifecycle/MiniKms/src/main/java/ftn/security/minikms/controller/KeyManagementController.java at e5041e272d40f1466c8579e81aa60a3c76781cb9 · ftn-projects/security-development-lifecycle · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package ftn.security.minikms.controller;

import ftn.security.minikms.dto.KeyDTO;
import ftn.security.minikms.dto.KeyMapper;
import ftn.security.minikms.service.KeyManagementService;
import org.mapstruct.factory.Mappers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import java.security.GeneralSecurityException;
import java.security.InvalidParameterException;
import java.security.Principal;
import java.util.UUID;

@RestController
@RequestMapping(value = "/api/v1/keys")
public class KeyManagementController {
    private final KeyManagementService keyService;
    private final KeyMapper mapper;

    @Autowired
    public KeyManagementController(KeyManagementService keyService) {
        this.keyService = keyService;
        this.mapper = Mappers.getMapper(KeyMapper.class);
    }

    @PostMapping("/create")
    public ResponseEntity<?> createKey(@RequestBody KeyDTO dto, Principal principal) throws GeneralSecurityException {
        var username = principal.getName();

        try {
            var created = keyService.createKey(dto.getAlias(), dto.getKeyType(), dto.getAllowedOperations(), username);
            return ResponseEntity.status(HttpStatus.CREATED).body(mapper.toDto(created));
        } catch (InvalidParameterException e) {
            return ResponseEntity.badRequest().body(e.getMessage());
        }
    }

    @PostMapping("/rotate")
    public ResponseEntity<?> rotateKey(@RequestBody KeyDTO dto) throws GeneralSecurityException {
        try {
            var created = keyService.rotateKey(dto.getId());
            return ResponseEntity.status(HttpStatus.CREATED).body(mapper.toDto(created));
        } catch (InvalidParameterException e) {
            return ResponseEntity.badRequest().body(e.getMessage());
        }
    }

    @GetMapping
    public ResponseEntity<?> getKeyMetadata() {
        var keys = keyService.getAllKeys();
        return ResponseEntity.ok(keys.stream().map(mapper::toDto).toList());
    }

    @GetMapping("/{id}")
    public ResponseEntity<?> getKeyById(@PathVariable UUID id) {
        try {
            var key = keyService.getKeyById(id);
            return ResponseEntity.ok(mapper.toDto(key));
        } catch (InvalidParameterException e) {
            return ResponseEntity.badRequest().body(e.getMessage());
        }
    }

    @DeleteMapping("/{id}")
    public ResponseEntity<?> deleteKey(@PathVariable UUID id) {
        try {
            keyService.deleteKey(id);
            return ResponseEntity.noContent().build();
        } catch (InvalidParameterException e) {
            return ResponseEntity.badRequest().body(e.getMessage());
        }
    }
}