Re: [Pki-devel] [PATCH] 339-340 fixes for new Key REST logic

2016-11-22 Thread Ade Lee 
Acked by Endi.

Pushed to Master.

On Mon, 2016-11-21 at 18:33 -0500, Ade Lee wrote:
> Patch 340:
> commit 0e1c6e0634f5d3b3d4b8a3d7293b23f1953cf542
> Author: Ade Lee 
> Date:   Mon Nov 21 17:42:11 2016 -0500
> 
> Fix bug in getting secrets from approved request
> 
> When request was approved and retrieved through the rest
> interface, the corresponding volatile requests object was not
> created due to the new flow.  This makes sure the volatile
> request
> is created.
> 
> Patch 339:
> commit 2e37a2fe6173a9968fd76fb7ff93e7cc188aa700
> Author: Ade Lee 
> Date:   Mon Nov 21 12:01:09 2016 -0500
> 
> Add python-client code for key resource changes
> ___
> Pki-devel mailing list
> Pki-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel

___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

[Pki-devel] [PATCH] 339-340 fixes for new Key REST logic

2016-11-21 Thread Ade Lee 
Patch 340:
commit 0e1c6e0634f5d3b3d4b8a3d7293b23f1953cf542
Author: Ade Lee 
Date:   Mon Nov 21 17:42:11 2016 -0500

Fix bug in getting secrets from approved request

When request was approved and retrieved through the rest
interface, the corresponding volatile requests object was not
created due to the new flow.  This makes sure the volatile request
is created.

Patch 339:
commit 2e37a2fe6173a9968fd76fb7ff93e7cc188aa700
Author: Ade Lee 
Date:   Mon Nov 21 12:01:09 2016 -0500

Add python-client code for key resource changesFrom 0e1c6e0634f5d3b3d4b8a3d7293b23f1953cf542 Mon Sep 17 00:00:00 2001
From: Ade Lee 
Date: Mon, 21 Nov 2016 17:42:11 -0500
Subject: [PATCH 340/340] Fix bug in getting secrets from approved request

When request was approved and retrieved through the rest
interface, the corresponding volatile requests object was not
created due to the new flow.  This makes sure the volatile request
is created.
---
 .../org/dogtagpki/server/kra/rest/KeyService.java  | 35 +++---
 .../netscape/cms/servlet/key/KeyRequestDAO.java| 43 --
 2 files changed, 37 insertions(+), 41 deletions(-)

diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
index 1d67cbc7b18b83ba3b21c675d231c365d69ccdcc..d2c24c888c3a8835fe69cb087c6986887bf1ef41 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
@@ -197,7 +197,8 @@ public class KeyService extends PKIService implements KeyResource {
 
 KeyRequestDAO reqDAO = new KeyRequestDAO();
 try {
-request = reqDAO.createRecoveryRequest(data, uriInfo, getRequestor(), getAuthToken(), ephemeral);
+request = reqDAO.createRecoveryRequest(data, uriInfo, getRequestor(),
+getAuthToken(), ephemeral);
 } catch (EBaseException e) {
 throw new PKIException(e.getMessage(), e);
 }
@@ -270,6 +271,7 @@ public class KeyService extends PKIService implements KeyResource {
 String method = "KeyService.getKey:";
 auditInfo = method;
 KeyData keyData;
+KeyRequestDAO dao = new KeyRequestDAO();
 CMS.debug(method + "begins.");
 
 if (data == null) {
@@ -294,16 +296,9 @@ public class KeyService extends PKIService implements KeyResource {
 auditInfo += ";synchronous=" + Boolean.toString(synchronous);
 auditInfo += ";ephemeral=" + Boolean.toString(ephemeral);
 
-
-// get data from the KeyRecoveryRequest
-String transWrappedSessionKey   = data.getTransWrappedSessionKey();
-String sessionWrappedPassphrase = data.getSessionWrappedPassphrase();
-
 // get data from IRequest
-Hashtable requestParams = kra.getVolatileRequest(request.getRequestId());
-if(requestParams == null) {
-throw new PKIException("Can't obtain Volatile requestParams in getKey!");
-}
+Hashtable requestParams = dao.getTransientData(request);
+
 String sessWrappedKeyData = (String) requestParams.get(IRequest.SECURITY_DATA_SESS_WRAPPED_DATA);
 String passWrappedKeyData = (String) requestParams.get(IRequest.SECURITY_DATA_PASS_WRAPPED_DATA);
 String nonceData = (String) requestParams.get(IRequest.SECURITY_DATA_IV_STRING_OUT);
@@ -318,18 +313,7 @@ public class KeyService extends PKIService implements KeyResource {
 // the info now needed to process the recovery request.
 
 nonceData = data.getNonceData();
-
-if (sessionWrappedPassphrase != null) {
-requestParams.put(IRequest.SECURITY_DATA_SESS_PASS_PHRASE, sessionWrappedPassphrase);
-}
-
-if (transWrappedSessionKey != null) {
-requestParams.put(IRequest.SECURITY_DATA_TRANS_SESS_KEY, transWrappedSessionKey);
-}
-
-if (nonceData != null) {
-requestParams.put(IRequest.SECURITY_DATA_IV_STRING_IN, nonceData);
-}
+dao.setTransientData(data, request);
 
 try {
 if (!synchronous) {
@@ -682,6 +666,13 @@ public class KeyService extends PKIService implements KeyResource {
 throw new UnauthorizedException("Request not approved");
 }
 
+KeyRequestDAO dao = new KeyRequestDAO();
+try {
+dao.setTransientData(data, request);
+} catch(EBaseException e) {
+throw new PKIException("Cannot set transient data", e);
+}
+
 String passphrase = data.getPassphrase();
 byte pkcs12[] = null;
 try {
diff --git a/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java b/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java
index