summaryrefslogtreecommitdiffstats
path: root/application/controllers/ChainController.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--application/controllers/ChainController.php77
1 files changed, 77 insertions, 0 deletions
diff --git a/application/controllers/ChainController.php b/application/controllers/ChainController.php
new file mode 100644
index 0000000..5408526
--- /dev/null
+++ b/application/controllers/ChainController.php
@@ -0,0 +1,77 @@
+<?php
+
+// Icinga Web 2 X.509 Module | (c) 2018 Icinga GmbH | GPLv2
+
+namespace Icinga\Module\X509\Controllers;
+
+use Icinga\Exception\ConfigurationError;
+use Icinga\Module\X509\ChainDetails;
+use Icinga\Module\X509\Common\Database;
+use Icinga\Module\X509\Controller;
+use Icinga\Module\X509\Model\X509Certificate;
+use Icinga\Module\X509\Model\X509CertificateChain;
+use ipl\Html\Html;
+use ipl\Html\HtmlDocument;
+use ipl\Stdlib\Filter;
+
+class ChainController extends Controller
+{
+ public function indexAction()
+ {
+ $this->addTitleTab($this->translate('X.509 Certificate Chain'));
+ $this->getTabs()->disableLegacyExtensions();
+
+ $id = $this->params->getRequired('id');
+
+ try {
+ $conn = Database::get();
+ } catch (ConfigurationError $_) {
+ $this->render('missing-resource', null, true);
+ return;
+ }
+
+ /** @var ?X509CertificateChain $chain */
+ $chain = X509CertificateChain::on($conn)
+ ->with(['target'])
+ ->filter(Filter::equal('id', $id))
+ ->first();
+
+ if (! $chain) {
+ $this->httpNotFound($this->translate('Certificate not found.'));
+ }
+
+ $chainInfo = Html::tag('div');
+ $chainInfo->add(Html::tag('dl', [
+ Html::tag('dt', $this->translate('Host')),
+ Html::tag('dd', $chain->target->hostname),
+ Html::tag('dt', $this->translate('IP')),
+ Html::tag('dd', $chain->target->ip),
+ Html::tag('dt', $this->translate('Port')),
+ Html::tag('dd', $chain->target->port)
+ ]));
+
+ $valid = Html::tag('div', ['class' => 'cert-chain']);
+
+ if ($chain['valid']) {
+ $valid->getAttributes()->add('class', '-valid');
+ $valid->add(Html::tag('p', $this->translate('Certificate chain is valid.')));
+ } else {
+ $valid->getAttributes()->add('class', '-invalid');
+ $valid->add(Html::tag('p', sprintf(
+ $this->translate('Certificate chain is invalid: %s.'),
+ $chain['invalid_reason']
+ )));
+ }
+
+ $certs = X509Certificate::on($conn)->with(['chain']);
+ $certs
+ ->filter(Filter::equal('chain.id', $id))
+ ->getSelectBase()
+ ->orderBy('certificate_link.order');
+
+ $this->view->chain = (new HtmlDocument())
+ ->add($chainInfo)
+ ->add($valid)
+ ->add((new ChainDetails())->setData($certs));
+ }
+}