lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

SDK: Add ca extension when issue CA certificates (#2277)

Browse Source 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2025-02-13 14:16:29 +02:00
committed by GitHub
parent c31c832b23
commit 653df8acdd
2 changed files with 42 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java
View File

@@ -62,7 +62,7 @@ public class AuthenticationSetupHelper {
CA ddiCA = tenant.getDdiCA();
if (ddiCA == null) {
final CA ddiRootCA = new CA();
ddiCA = new CA(ddiRootCA.issue(CA.DEFAULT_INTERMEDIATE_CA_DN, null, null));
ddiCA = ddiRootCA.issueCA(CA.DEFAULT_INTERMEDIATE_CA_DN, null, null);
tenant.setDdiCA(ddiCA);
}
if (!Boolean.TRUE.equals(Objects.requireNonNull(mgmtTenantManagementRestApi
@@ -104,18 +104,16 @@ public class AuthenticationSetupHelper {
.getBody()).getValue()))) {
mgmtTenantManagementRestApi.updateTenantConfiguration(Map.of(AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_ENABLED, true));
}
if (!gatewayToken.equals(
Objects.requireNonNull(mgmtTenantManagementRestApi
.getTenantConfigurationValue(AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_KEY)
.getBody()).getValue())) {
if (!gatewayToken.equals(Objects.requireNonNull(mgmtTenantManagementRestApi
.getTenantConfigurationValue(AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_KEY)
.getBody()).getValue())) {
mgmtTenantManagementRestApi.updateTenantConfiguration(Map.of(AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_KEY, gatewayToken));
}
}
// if gateway token is configured then the gateway auth is enabled key is set
// so all devices use gateway token authentication
// otherwise target token authentication is enabled. Then all devices shall be registered
// and the target token shall be set to the one from the DDI controller instance
// if gateway token is configured then the gateway auth is enabled, so all devices use gateway token authentication.
// otherwise, target token authentication is enabled - then all devices shall be registered and the target token shall be set to the one from
// the DDI controller instance
public void setupTargetAuthentication() {
final String gatewayToken = tenant.getGatewayToken();
if (ObjectUtils.isEmpty(gatewayToken)) {