From 5dc8931bba93ace3b552d3066c0057c1f13b455c Mon Sep 17 00:00:00 2001 From: Bret Harrison Date: Wed, 13 Jun 2018 16:28:35 -0400 Subject: [PATCH] FAB-10298 NodeSDK Client to return proper CA The Client.getCertificateAuthority() method returns the fabric-ca-client impl class which may be used to talk directly to the fabric CA. The connection profile has a class called CertificateAuthority which represents the configuration as defined in the connection profile. The names and useage of these two class is causing confusion. To avoid confusion and simplify usage the fabric-client will wrapper the actual runtime class and provide both functions, config and impl. The Client.getCertificateAuthority() will now return the fabric-client class CertificateAuthority allowing for other implemenations in the future without changing the API's. Change-Id: Id2d1fe37247dd4935bbdcc38b612fb0f79c90930 Signed-off-by: Bret Harrison --- fabric-ca-client/lib/FabricCAClientImpl.js | 5 ++ fabric-client/lib/CertificateAuthority.js | 84 +++++++++++++++++++++- fabric-client/lib/Client.js | 6 +- test/integration/network-config.js | 8 +-- test/unit/network-config.js | 2 +- 5 files changed, 96 insertions(+), 9 deletions(-) diff --git a/fabric-ca-client/lib/FabricCAClientImpl.js b/fabric-ca-client/lib/FabricCAClientImpl.js index 150597b845..d31b7e8fac 100644 --- a/fabric-ca-client/lib/FabricCAClientImpl.js +++ b/fabric-ca-client/lib/FabricCAClientImpl.js @@ -379,6 +379,11 @@ const FabricCAServices = class extends BaseClient { registrar.getSigningIdentity()); } + /** + * Create a new {@link CertificateService} instance + * + * @returns {CertificateService} object + */ newCertificateService() { return this._fabricCAClient.newCertificateService(); } diff --git a/fabric-client/lib/CertificateAuthority.js b/fabric-client/lib/CertificateAuthority.js index b568e34328..f69186c53b 100644 --- a/fabric-client/lib/CertificateAuthority.js +++ b/fabric-client/lib/CertificateAuthority.js @@ -11,7 +11,13 @@ var utils = require('./utils.js'); var logger = utils.getLogger('CertificateAuthority.js'); /** - * The CertificateAuthority class represents an Certificate Authority in the target blockchain network. + * The CertificateAuthority class represents a Certificate Authority configuration + * as defined in a Connection Profile. This class will wrapper a FabricCAClientImpl + * fabric-ca-client implementation as a FabricCAServices instance when this class + * is returned from the {@link Client#getCertificateAuthority} method. This class + * has all the same methods as the {@link FabricCAServices} so that this class + * may be used directly or use this class's {@link CertificateAuthority#getFabricCAServices} + * method to get the actual FabricCAServices instance. * * @class */ @@ -43,6 +49,8 @@ var CertificateAuthority = class { this._connection_options = connection_options; this._tlsCACerts = tlsCACerts; this._registrar = registrar; + + this.fabricCAServices = null; } /** @@ -99,6 +107,80 @@ var CertificateAuthority = class { return this._registrar; } + /** + * Set the FabricCAServices implementation + * + * @param {FabricCAServices} ca_services {@link FabricCAServices} + */ + setFabricCAServices(ca_services) { + this.fabricCAServices = ca_services; + } + + /** + * Get the FabricCAServices implementation + * + * @return {@link FabricCAServices} + */ + getFabricCAServices() { + return this.fabricCAServices; + } + + /** + * see {@link FabricCAServices#register} + */ + register(req, registrar) { + return this.fabricCAServices.register(req, registrar); + } + + /** + * see {@link FabricCAServices#enroll} + */ + enroll(req) { + return this.fabricCAServices.enroll(req); + } + + /** + * see {@link FabricCAServices#reenroll} + */ + reenroll(currentUser, attr_reqs) { + return this.fabricCAServices.reenroll(currentUser, attr_reqs); + } + + /** + * see {@link FabricCAServices#revoke} + */ + revoke(request, registrar) { + return this.fabricCAServices.revoke(request, registrar); + } + + /** + * see {@link FabricCAServices#generateCRL} + */ + generateCRL(request, registrar) { + return this.fabricCAServices.generateCRL(request, registrar); + } + + /** + * see {@link FabricCAServices#newCertificateService} + */ + newCertificateService() { + return this.fabricCAServices.newCertificateService(); + } + + /** + * see {@link FabricCAServices#newIdentityService} + */ + newIdentityService() { + return this.fabricCAServices.newIdentityService(); + } + + /** + * see {@link FabricCAServices#newAffiliationService} + */ + newAffiliationService() { + return this.fabricCAServices.newAffiliationService(); + } + /** * return a printable representation of this object */ diff --git a/fabric-client/lib/Client.js b/fabric-client/lib/Client.js index 696b8da048..3c1d51145b 100644 --- a/fabric-client/lib/Client.js +++ b/fabric-client/lib/Client.js @@ -454,7 +454,6 @@ const Client = class extends BaseClient { throw new Error('A crypto suite has not been assigned to this client'); } let ca_info = null; - let ca_service = null; if(name) { ca_info = this._network_config.getCertificateAuthority(name); @@ -472,12 +471,13 @@ const Client = class extends BaseClient { } if(ca_info) { - ca_service = this._buildCAfromConfig(ca_info); + const ca_service = this._buildCAfromConfig(ca_info); + ca_info.setFabricCAServices(ca_service); } else { throw new Error('Network configuration is missing this client\'s organization and certificate authority'); } - return ca_service; + return ca_info; } /* diff --git a/test/integration/network-config.js b/test/integration/network-config.js index d4151217ae..518ae13165 100644 --- a/test/integration/network-config.js +++ b/test/integration/network-config.js @@ -88,7 +88,7 @@ test('\n\n***** use the connection profile file *****\n\n', function(t) { // get the CA associated with this client's organization let caService = client_org1.getCertificateAuthority(); - t.equals(caService._fabricCAClient._caName,'ca-org1', 'checking that caname is correct after resetting the config'); + t.equals(caService.fabricCAServices._fabricCAClient._caName,'ca-org1', 'checking that caname is correct after resetting the config'); let request = { enrollmentID: 'admin', @@ -111,7 +111,7 @@ test('\n\n***** use the connection profile file *****\n\n', function(t) { // get the CA associated with this client's organization let caService = client_org2.getCertificateAuthority(); - t.equals(caService._fabricCAClient._caName,'ca-org2', 'checking that caname is correct after resetting the config'); + t.equals(caService.fabricCAServices._fabricCAClient._caName,'ca-org2', 'checking that caname is correct after resetting the config'); let request = { enrollmentID: 'admin', enrollmentSecret: 'adminpw', @@ -720,7 +720,7 @@ test('\n\n***** Enroll user and set user context using a specified caName *****\ t.pass('Successfully created the key value store and crypto store based on the config and network config'); let caService = client_org1.getCertificateAuthority(); - t.equals(caService._fabricCAClient._caName, ca_name, 'checking that caname is correct after resetting the config'); + t.equals(caService.fabricCAServices._fabricCAClient._caName, ca_name, 'checking that caname is correct after resetting the config'); const admin = await client_org1.setUserContext({username:'admin', password: 'adminpw'}); t.pass('Successfully set user context \'admin\' for ' + org_name); @@ -784,7 +784,7 @@ test('\n\n***** Enroll user and set user context using a bad caName *****\n\n', t.pass('Successfully created the key value store and crypto store based on the config and network config'); let caService = client_org1.getCertificateAuthority(); - t.equals(caService._fabricCAClient._caName, ca_name, 'checking that caname is correct after resetting the config'); + t.equals(caService.fabricCAServices._fabricCAClient._caName, ca_name, 'checking that caname is correct after resetting the config'); const admin = await client_org1.setUserContext({username:'admin', password: 'adminpw'}); t.pass('Successfully set user context \'admin\' for ' + org_name); diff --git a/test/unit/network-config.js b/test/unit/network-config.js index c0a8c3749f..33605925d0 100644 --- a/test/unit/network-config.js +++ b/test/unit/network-config.js @@ -163,7 +163,7 @@ test('\n\n ** configuration testing **\n\n', function (t) { delete client._network_config._network_config.certificateAuthorities['ca-org1'].httpOptions; client.setCryptoSuite({cryptoSuite : 'cryptoSuite'}); let certificate_authority = client.getCertificateAuthority(); - if(certificate_authority && certificate_authority._cryptoSuite && certificate_authority._cryptoSuite.cryptoSuite === 'cryptoSuite') { + if(certificate_authority && certificate_authority.fabricCAServices._cryptoSuite && certificate_authority.fabricCAServices._cryptoSuite.cryptoSuite === 'cryptoSuite') { t.pass('Successfully got the certificate_authority'); } else { t.fail('Failed to get the certificate_authority');