[FAB-9896] MSP Client: Identity Management

Change-Id: I9431eb7a4e14cf11a88f9ce8c1383a1c8b2027c0
Signed-off-by: Sandra Vrtikapa <sandra.vrtikapa@securekey.com>

Author: sandrask

internal/github.com/hyperledger/fabric-ca/lib/client.go

@@ -38,6 +38,7 @@ import (
 	cfsslapi "github.com/cloudflare/cfssl/api"
 	"github.com/cloudflare/cfssl/csr"
 	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/api"
+	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/lib/streamer"
 	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/lib/tls"
 	log "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/sdkpatch/logbridge"
 	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util"
@@ -287,6 +288,45 @@ func (c *Client) NewIdentity(key core.Key, cert []byte) (*Identity, error) {
 	return newIdentity(c, name, key, cert), nil
 }
 
+// newGet create a new GET request
+func (c *Client) newGet(endpoint string) (*http.Request, error) {
+	curl, err := c.getURL(endpoint)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("GET", curl, bytes.NewReader([]byte{}))
+	if err != nil {
+		return nil, errors.Wrapf(err, "Failed creating GET request for %s", curl)
+	}
+	return req, nil
+}
+
+// newPut create a new PUT request
+func (c *Client) newPut(endpoint string, reqBody []byte) (*http.Request, error) {
+	curl, err := c.getURL(endpoint)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("PUT", curl, bytes.NewReader(reqBody))
+	if err != nil {
+		return nil, errors.Wrapf(err, "Failed creating PUT request for %s", curl)
+	}
+	return req, nil
+}
+
+// newDelete create a new DELETE request
+func (c *Client) newDelete(endpoint string) (*http.Request, error) {
+	curl, err := c.getURL(endpoint)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("DELETE", curl, bytes.NewReader([]byte{}))
+	if err != nil {
+		return nil, errors.Wrapf(err, "Failed creating DELETE request for %s", curl)
+	}
+	return req, nil
+}
+
 // NewPost create a new post request
 func (c *Client) newPost(endpoint string, reqBody []byte) (*http.Request, error) {
 	curl, err := c.getURL(endpoint)
@@ -366,6 +406,32 @@ func (c *Client) SendReq(req *http.Request, result interface{}) (err error) {
 	return nil
 }
 
+// StreamResponse reads the response as it comes back from the server
+func (c *Client) StreamResponse(req *http.Request, stream string, cb func(*json.Decoder) error) (err error) {
+
+	reqStr := util.HTTPRequestToString(req)
+	log.Debugf("Sending request\n%s", reqStr)
+
+	err = c.Init()
+	if err != nil {
+		return err
+	}
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return errors.Wrapf(err, "%s failure of request: %s", req.Method, reqStr)
+	}
+	defer resp.Body.Close()
+
+	dec := json.NewDecoder(resp.Body)
+	err = streamer.StreamJSONArray(dec, stream, cb)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (c *Client) getURL(endpoint string) (string, error) {
 	nurl, err := NormalizeURL(c.Config.URL)
 	if err != nil {

internal/github.com/hyperledger/fabric-ca/lib/identity.go

@@ -21,7 +21,10 @@ Please review third_party pinning scripts and patches for more details.
 package lib
 
 import (
+	"encoding/json"
+	"fmt"
 	"net/http"
+	"strconv"
 
 	"github.com/pkg/errors"
 
@@ -141,6 +144,166 @@ func (i *Identity) Revoke(req *api.RevocationRequest) (*api.RevocationResponse,
 	return &api.RevocationResponse{RevokedCerts: result.RevokedCerts, CRL: crl}, nil
 }
 
+// GetIdentity returns information about the requested identity
+func (i *Identity) GetIdentity(id, caname string) (*api.GetIDResponse, error) {
+	log.Debugf("Entering identity.GetIdentity %s", id)
+	result := &api.GetIDResponse{}
+	err := i.Get(fmt.Sprintf("identities/%s", id), caname, result)
+	if err != nil {
+		return nil, err
+	}
+
+	log.Debugf("Successfully retrieved identity: %+v", result)
+	return result, nil
+}
+
+// GetAllIdentities returns all identities that the caller is authorized to see
+func (i *Identity) GetAllIdentities(caname string, cb func(*json.Decoder) error) error {
+	log.Debugf("Entering identity.GetAllIdentities")
+	err := i.GetStreamResponse("identities", caname, "result.identities", cb)
+	if err != nil {
+		return err
+	}
+	log.Debugf("Successfully retrieved identities")
+	return nil
+}
+
+// AddIdentity adds a new identity to the server
+func (i *Identity) AddIdentity(req *api.AddIdentityRequest) (*api.IdentityResponse, error) {
+	log.Debugf("Entering identity.AddIdentity with request: %+v", req)
+	if req.ID == "" {
+		return nil, errors.New("Adding identity with no 'ID' set")
+	}
+
+	reqBody, err := util.Marshal(req, "addIdentity")
+	if err != nil {
+		return nil, err
+	}
+
+	// Send a post to the "identities" endpoint with req as body
+	result := &api.IdentityResponse{}
+	err = i.Post("identities", reqBody, result, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	log.Debugf("Successfully added new identity '%s'", result.ID)
+	return result, nil
+}
+
+// ModifyIdentity modifies an existing identity on the server
+func (i *Identity) ModifyIdentity(req *api.ModifyIdentityRequest) (*api.IdentityResponse, error) {
+	log.Debugf("Entering identity.ModifyIdentity with request: %+v", req)
+	if req.ID == "" {
+		return nil, errors.New("Name of identity to be modified not specified")
+	}
+
+	reqBody, err := util.Marshal(req, "modifyIdentity")
+	if err != nil {
+		return nil, err
+	}
+
+	// Send a put to the "identities" endpoint with req as body
+	result := &api.IdentityResponse{}
+	err = i.Put(fmt.Sprintf("identities/%s", req.ID), reqBody, nil, result)
+	if err != nil {
+		return nil, err
+	}
+
+	log.Debugf("Successfully modified identity '%s'", result.ID)
+	return result, nil
+}
+
+// RemoveIdentity removes a new identity from the server
+func (i *Identity) RemoveIdentity(req *api.RemoveIdentityRequest) (*api.IdentityResponse, error) {
+	log.Debugf("Entering identity.RemoveIdentity with request: %+v", req)
+	id := req.ID
+	if id == "" {
+		return nil, errors.New("Name of the identity to removed is required")
+	}
+
+	// Send a delete to the "identities" endpoint id as a path parameter
+	result := &api.IdentityResponse{}
+	queryParam := make(map[string]string)
+	queryParam["force"] = strconv.FormatBool(req.Force)
+	queryParam["ca"] = req.CAName
+	err := i.Delete(fmt.Sprintf("identities/%s", id), result, queryParam)
+	if err != nil {
+		return nil, err
+	}
+
+	log.Debugf("Successfully removed identity: %s", id)
+	return result, nil
+}
+
+// Get sends a get request to an endpoint
+func (i *Identity) Get(endpoint, caname string, result interface{}) error {
+	req, err := i.client.newGet(endpoint)
+	if err != nil {
+		return err
+	}
+	if caname != "" {
+		addQueryParm(req, "ca", caname)
+	}
+	err = i.addTokenAuthHdr(req, nil)
+	if err != nil {
+		return err
+	}
+	return i.client.SendReq(req, result)
+}
+
+// GetStreamResponse sends a request to an endpoint and streams the response
+func (i *Identity) GetStreamResponse(endpoint, caname, stream string, cb func(*json.Decoder) error) error {
+	req, err := i.client.newGet(endpoint)
+	if err != nil {
+		return err
+	}
+	if caname != "" {
+		addQueryParm(req, "ca", caname)
+	}
+	err = i.addTokenAuthHdr(req, nil)
+	if err != nil {
+		return err
+	}
+	return i.client.StreamResponse(req, stream, cb)
+}
+
+// Put sends a put request to an endpoint
+func (i *Identity) Put(endpoint string, reqBody []byte, queryParam map[string]string, result interface{}) error {
+	req, err := i.client.newPut(endpoint, reqBody)
+	if err != nil {
+		return err
+	}
+	if queryParam != nil {
+		for key, value := range queryParam {
+			addQueryParm(req, key, value)
+		}
+	}
+	err = i.addTokenAuthHdr(req, reqBody)
+	if err != nil {
+		return err
+	}
+	return i.client.SendReq(req, result)
+}
+
+// Delete sends a delete request to an endpoint
+func (i *Identity) Delete(endpoint string, result interface{}, queryParam map[string]string) error {
+	req, err := i.client.newDelete(endpoint)
+	if err != nil {
+		return err
+	}
+	if queryParam != nil {
+		for key, value := range queryParam {
+			addQueryParm(req, key, value)
+		}
+	}
+	err = i.addTokenAuthHdr(req, nil)
+	if err != nil {
+		return err
+	}
+	return i.client.SendReq(req, result)
+}
+
 // Post sends arbitrary request body (reqBody) to an endpoint.
 // This adds an authorization header which contains the signature
 // of this identity over the body and non-signature part of the authorization header.