mirror of
https://github.com/dyzulk/trustlab-api.git
synced 2026-01-26 05:15:35 +07:00
180 lines
7.1 KiB
PHP
180 lines
7.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\CaCertificate;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Storage;
|
|
|
|
class PublicCaController extends Controller
|
|
{
|
|
/**
|
|
* Display a listing of public CA certificates.
|
|
*
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function index()
|
|
{
|
|
$caTypes = ['root', 'intermediate_2048', 'intermediate_4096'];
|
|
|
|
$certificates = CaCertificate::whereIn('ca_type', $caTypes)
|
|
->where('is_latest', true)
|
|
->get(['common_name', 'ca_type', 'serial_number', 'valid_to', 'cert_content', 'cert_path', 'der_path', 'bat_path', 'mac_path', 'linux_path', 'last_synced_at', 'family_id'])
|
|
->map(function ($cert) {
|
|
return [
|
|
'name' => $cert->common_name,
|
|
'type' => $cert->ca_type,
|
|
'serial' => $cert->serial_number,
|
|
'family_id' => $cert->family_id,
|
|
'expires_at' => $cert->valid_to->toIso8601String(),
|
|
'last_synced_at' => $cert->last_synced_at ? $cert->last_synced_at->toIso8601String() : null,
|
|
'cdn_url' => $cert->cert_path ? Storage::disk('r2-public')->url($cert->cert_path) : null,
|
|
'der_cdn_url' => $cert->der_path ? Storage::disk('r2-public')->url($cert->der_path) : null,
|
|
'bat_cdn_url' => $cert->bat_path ? Storage::disk('r2-public')->url($cert->bat_path) : null,
|
|
'mac_cdn_url' => $cert->mac_path ? Storage::disk('r2-public')->url($cert->mac_path) : null,
|
|
'linux_cdn_url' => $cert->linux_path ? Storage::disk('r2-public')->url($cert->linux_path) : null,
|
|
];
|
|
});
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'data' => $certificates,
|
|
'bundle_urls' => [
|
|
'linux' => Storage::disk('r2-public')->url('ca/bundles/trustlab-all.sh'),
|
|
'windows' => Storage::disk('r2-public')->url('ca/bundles/trustlab-all.bat'),
|
|
'macos' => Storage::disk('r2-public')->url('ca/bundles/trustlab-all.mobileconfig'),
|
|
]
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Download certificate in various formats.
|
|
*/
|
|
public function download(Request $request, $serial)
|
|
{
|
|
$cert = CaCertificate::where('serial_number', $serial)->firstOrFail();
|
|
$cert->increment('download_count');
|
|
$cert->update(['last_downloaded_at' => now()]);
|
|
$format = $request->query('format', 'pem');
|
|
|
|
// Redirect to CDN if path exists and format is PEM
|
|
if ($format === 'pem' && $cert->cert_path) {
|
|
return redirect()->away(Storage::disk('r2-public')->url($cert->cert_path));
|
|
}
|
|
|
|
if ($format === 'der') {
|
|
// Redirect to CDN if path exists and format is DER
|
|
if ($cert->der_path) {
|
|
return redirect()->away(Storage::disk('r2-public')->url($cert->der_path));
|
|
}
|
|
|
|
// Convert PEM to DER (Base64 decode the body)
|
|
$pem = $cert->cert_content;
|
|
$lines = explode("\n", trim($pem));
|
|
$payload = '';
|
|
foreach ($lines as $line) {
|
|
if (!str_starts_with($line, '-----')) {
|
|
$payload .= trim($line);
|
|
}
|
|
}
|
|
$der = base64_decode($payload);
|
|
|
|
return response($der)
|
|
->header('Content-Type', 'application/x-x509-ca-cert')
|
|
->header('Content-Disposition', 'attachment; filename="' . $cert->common_name . '.der"');
|
|
}
|
|
|
|
// Default PEM
|
|
return response($cert->cert_content)
|
|
->header('Content-Type', 'application/x-pem-file')
|
|
->header('Content-Disposition', 'attachment; filename="' . $cert->common_name . '.crt"');
|
|
}
|
|
|
|
/**
|
|
* Download Windows One-Click Installer (.bat)
|
|
*/
|
|
public function downloadWindows($serial)
|
|
{
|
|
$cert = CaCertificate::where('serial_number', $serial)->firstOrFail();
|
|
$cert->increment('download_count');
|
|
$cert->update(['last_downloaded_at' => now()]);
|
|
|
|
if ($cert->bat_path) {
|
|
return redirect()->away(Storage::disk('r2-public')->url($cert->bat_path));
|
|
}
|
|
|
|
// Fallback: Generate via CaInstallerService
|
|
$installerService = app(\App\Services\CaInstallerService::class);
|
|
$content = $installerService->generateWindowsInstaller($cert, false);
|
|
$filename = 'install-trustlab-' . \Illuminate\Support\Str::slug($cert->common_name) . '.bat';
|
|
|
|
return response($content, 200, [
|
|
'Content-Type' => 'application/x-bat',
|
|
'Content-Disposition' => 'attachment; filename="' . $filename . '"',
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Download macOS Configuration Profile (.mobileconfig)
|
|
*/
|
|
public function downloadMac($serial)
|
|
{
|
|
$cert = CaCertificate::where('serial_number', $serial)->firstOrFail();
|
|
$cert->increment('download_count');
|
|
$cert->update(['last_downloaded_at' => now()]);
|
|
|
|
if ($cert->mac_path) {
|
|
return redirect()->away(Storage::disk('r2-public')->url($cert->mac_path));
|
|
}
|
|
|
|
// Fallback: Generate via CaInstallerService
|
|
$installerService = app(\App\Services\CaInstallerService::class);
|
|
$content = $installerService->generateMacInstaller($cert);
|
|
$filename = 'trustlab-' . \Illuminate\Support\Str::slug($cert->common_name) . '.mobileconfig';
|
|
|
|
return response($content, 200, [
|
|
'Content-Type' => 'application/x-apple-aspen-config',
|
|
'Content-Disposition' => 'attachment; filename="' . $filename . '"',
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Download Linux Installer (.sh)
|
|
*/
|
|
public function downloadLinux($serial)
|
|
{
|
|
$cert = CaCertificate::where('serial_number', $serial)->firstOrFail();
|
|
$cert->increment('download_count');
|
|
$cert->update(['last_downloaded_at' => now()]);
|
|
|
|
if ($cert->linux_path) {
|
|
return redirect()->away(Storage::disk('r2-public')->url($cert->linux_path));
|
|
}
|
|
|
|
// Fallback: Generate via CaInstallerService
|
|
$installerService = app(\App\Services\CaInstallerService::class);
|
|
$content = $installerService->generateLinuxInstaller($cert, false);
|
|
$filename = 'install-trustlab-' . \Illuminate\Support\Str::slug($cert->common_name) . '.sh';
|
|
|
|
return response($content, 200, [
|
|
'Content-Type' => 'application/x-sh',
|
|
'Content-Disposition' => 'attachment; filename="' . $filename . '"',
|
|
]);
|
|
}
|
|
/**
|
|
* Track download/installation count (Telemetry).
|
|
* Used by installer scripts to perform a "Ping" after successful installation.
|
|
*/
|
|
public function trackDownload($serial)
|
|
{
|
|
$cert = CaCertificate::where('serial_number', $serial)->firstOrFail();
|
|
$cert->increment('download_count');
|
|
$cert->update(['last_downloaded_at' => now()]);
|
|
|
|
return response()->json(['success' => true])
|
|
->header('Access-Control-Allow-Origin', '*')
|
|
->header('Access-Control-Allow-Methods', 'POST');
|
|
}
|
|
}
|