Features
1. Clean OOP Abstraction / Models
Very clean OOP object abstraction, including database and exception handling.
Clean hierarchical Implementation Code
Clean hierarchical Service Call Metadata
Example Implementation Code.
1import abc
2
3from microesb import microesb
4
5
6class Cert(microesb.ClassHandler, metaclass=abc.ABCMeta):
7
8 def __init__(self):
9 super().__init__()
10
11 @abc.abstractmethod
12 def _load_ref_cert_data(self):
13 """ Abstract _load_ref_cert_data() method.
14 """
15
16 @abc.abstractmethod
17 def _gen_openssl_cert(self):
18 """ Abstract _gen_openssl_cert() method.
19 """
20
21 @abc.abstractmethod
22 def _insert_cert_db_data(self):
23 """ Abstract _insert_cert_db_data() method.
24 """
25
26 def gen_cert(self):
27
28 self._load_ref_cert_data()
29
30 if getattr(self, 'Smartcard') is not None:
31 self._hsm_gen_keypair()
32 else:
33 self._gen_openssl_privkey()
34
35 self._gen_openssl_cert()
36 self._insert_cert_db_data()
37
38 def _gen_openssl_privkey(self):
39 print('Gen openssl private key.')
40
41 def _get_cert_dbdata_by_id(self):
42 print('Get cert data from db. Type: {}.'.format(self.type))
43
44 def _hsm_gen_keypair(self):
45 print('Smartcard container label:{}'.format(
46 self.Smartcard.SmartcardContainer.label)
47 )
48 self.Smartcard.gen_keypair()
49
50
51class CertCA(Cert):
52 def __init__(self):
53 self.type = 'ca'
54 super().__init__()
55
56 def _load_ref_cert_data(self):
57 pass
58
59 def _gen_openssl_cert(self):
60 print('Gen openssl cert type:{}.'.format(self.type))
61
62 def _insert_cert_db_data(self):
63 print('Insert cert data type:{} into db.'.format(self.type))
64
65
66class CertServer(Cert):
67 def __init__(self):
68 self.type = 'server'
69 super().__init__()
70
71 def _load_ref_cert_data(self):
72 self.CertCA._get_cert_dbdata_by_id()
73
74 def _gen_openssl_cert(self):
75 print('Gen openssl cert type:{}, rel to CA.'.format(self.type))
76
77 def _insert_cert_db_data(self):
78 print('Insert cert data type:{} into db.'.format(self.type))
79
80
81class CertClient(Cert):
82 def __init__(self):
83 self.type = 'client'
84 super().__init__()
85
86 def _load_ref_cert_data(self):
87 self.CertCA._get_cert_dbdata_by_id()
88 self.CertServer._get_cert_dbdata_by_id()
89
90 def _gen_openssl_cert(self):
91 print('Gen openssl cert type:{}, rel to cCA and cServer.'.format(self.type))
92
93 def _insert_cert_db_data(self):
94 print('Insert cert data type:{} into db.'.format(self.type))
95
96
97class Smartcard(microesb.ClassHandler):
98 def __init__(self):
99 super().__init__()
100
101 def gen_keypair(self):
102 print('Gen keypair on smartcard:{} with keypair label:{}'.format(
103 self.label,
104 self.SmartcardContainer.label
105 ))
106
107
108class SmartcardContainer(microesb.ClassHandler):
109 def __init__(self):
110 super().__init__()
2. Structured Service Call Metadata
call_JSON = {
'SYSServiceID': 'generateCertClient',
'data': [
{
'CertClient': {
'id': 'test-client1',
'CertCA': {
'id': 'test-ca1'
},
'CertServer': {
'id': 'test-server1'
},
'Smartcard': {
'label': 'smartcard_customer1',
'user_pin': 'pin2',
'SmartcardContainer': {
'label': 'testserver1_client1_keypair'
}
},
'country': 'DE',
'state': 'Berlin',
'locality': 'Berlin',
'org': 'WEBcodeX',
'org_unit': 'Security',
'common_name': 'testclient1@domain.com',
'email': 'pki@webcodex.de',
'valid_days': 365
}
}
]
}
Full example see 2. PKI Provisioning / Class Types.
3. Multi Object Abstraction
Process multiple hierarchical input metadata elements at once.
1service_metadata = {
2 'SYSServiceID': 'insertUserDomain',
3 'data': [
4 {
5 'User':
6 {
7 'SYSServiceMethod': 'init',
8 'name': 'testuser1',
9 'Domain': {
10 'SYSServiceMethod': 'add',
11 'name': 'testdomain1',
12 'ending': 'com',
13 'Host': [
14 {
15 'SYSServiceMethod': 'add',
16 'type': 'MX',
17 'value': 'mx01.mailserver.com',
18 'priority': 1
19 },
20 {
21 'SYSServiceMethod': 'add',
22 'name': 'host1',
23 'type': 'A',
24 'value': '5.44.111.165',
25 'ttl': 36000
26 }
27 ]
28 }
29 }
30 }
31 ]
32}
Full example see 1. Hosting Use Case.
4. Structured Service Property Definition
Define structured service call properties.
1service_properties = {
2 'SYSBackendMethods': [
3 ('gen_cert', 'on_recursion_finish')
4 ],
5 'Cert': {
6 'properties': {
7 'id': {
8 'type': 'str',
9 'default': None,
10 'required': True,
11 'description': 'Textual cert database id'
12 },
13 'country': {
14 'type': 'str',
15 'default': 'DE',
16 'required': True,
17 'description': 'Certificate country ref'
18 },
19 'state': {
20 'type': 'str',
21 'default': None,
22 'required': True,
23 'description': 'Certificate state ref'
24 },
25 'locality': {
26 'type': 'str',
27 'default': None,
28 'required': True,
29 'description': 'Certificate locality ref'
30 },
31 'org': {
32 'type': 'str',
33 'default': None,
34 'required': True,
35 'description': 'Certificate organization ref'
36 },
37 'org_unit': {
38 'type': 'str',
39 'default': None,
40 'required': True,
41 'description': 'Certificate organization unit ref'
42 },
43 'common_name': {
44 'type': 'str',
45 'default': None,
46 'required': True,
47 'description': 'Certificate common name'
48 },
49 'email': {
50 'type': 'str',
51 'default': None,
52 'required': True,
53 'description': 'Certificate email ref'
54 },
55 'valid_days': {
56 'type': 'int',
57 'default': 365,
58 'required': True,
59 'description': 'Certificate validity range in days'
60 }
61 },
62 'methods': ['gen_cert']
63 },
64 'Smartcard': {
65 'properties': {
66 'label': {
67 'type': 'str',
68 'default': None,
69 'required': True,
70 'description': 'Smartcard textual label'
71 },
72 'user_pin': {
73 'type': 'str',
74 'default': None,
75 'required': True,
76 'description': 'Smartcard pin'
77 }
78 }
79 },
80 'SmartcardContainer': {
81 'properties': {
82 'label': {
83 'type': 'str',
84 'default': None,
85 'required': True,
86 'description': 'Container object on smartcards textual label'
87 }
88 }
89 }
90}
Full example see 2. PKI Provisioning / Class Types.
5. Planned Features
Service Registry
Service Registry Management
Service Based AAA (HSM / Smartcard)
Automatic Service Interface Documentation Generation
x0 JavaScript Framework Integration