[FAB-6628] 1. Support identities REST API

This change implements the different REST API
call to the identity endpoint on the fabric-ca
server.

Change-Id: Icab940228b2f25fcc93ec0b31887884905fe5290
Signed-off-by: zhaochy <[email protected]>

.gitignore

@@ -24,3 +24,5 @@ fabric-ca-client/.DS_Store
 test/fixtures/src/github.com/example_cc/junk.go
 *.csv
 *.heapsnapshot
+.vscode
+.idea

build/tasks/test.js

@@ -49,8 +49,10 @@ if (!/-snapshot/.test(release)) {
 	dockerImageTag += '-' + release;
 }
 
+// these environment variables would be read at test/fixtures/docker-compose.yaml
 process.env.DOCKER_IMG_TAG = dockerImageTag;
-
+process.env.V11_IDENTITIES_ALLOWREMOVE = '--cfg.identities.allowremove';
+process.env.V11_AFFILIATIONS_ALLOWREMOVE = '--cfg.affiliations.allowremove';
 
 gulp.task('pre-test', function() {
 	return gulp.src([
@@ -103,6 +105,7 @@ gulp.task('test', ['clean-up', 'lint', 'pre-test', 'docker-ready', 'ca'], functi
 		// channel: mychannel, chaincode: end2endnodesdk:v0/v1
 		'test/integration/e2e.js',
 		'test/integration/query.js',
+		'test/integration/fabric-ca-identity-service-tests.js',
 		'test/integration/fabric-ca-services-tests.js',
 		'test/integration/client.js',
 		'test/integration/orderer-channel-tests.js',
@@ -129,7 +132,6 @@ gulp.task('test', ['clean-up', 'lint', 'pre-test', 'docker-ready', 'ca'], functi
 		'test/integration/network-config.js',
 		// channel: mychannel, chaincode: e2enodecc:v0
 		'test/integration/nodechaincode/e2e.js'
-
 	]))
 	.pipe(addsrc.append(
 		'test/unit/logger.js' // put this to the last so the debugging levels are not mixed up

fabric-ca-client/lib/FabricCAClientImpl.js

@@ -25,6 +25,8 @@ var http = require('http');
 var https = require('https');
 var urlParser = require('url');
 var jsrsasign = require('jsrsasign');
+const IdentityService = require('./IdentityService');
+
 var x509 = jsrsasign.X509;
 var ASN1HEX = jsrsasign.ASN1HEX;
 
@@ -383,6 +385,15 @@ var FabricCAServices = class extends BaseClient {
 			registrar.getSigningIdentity());
 	}
 
+	/**
+	 * Creates a new {@link IdentityService} object
+	 *
+	 * @returns {IdentityService} object
+	 */
+	newIdentityService() {
+		return this._fabricCAClient.newIdentityService();
+	}
+
 	/**
 	 * @typedef {Object} HTTPEndpoint
 	 * @property {string} hostname
@@ -501,6 +512,8 @@ var FabricCAClient = class {
 	 * @typedef {Object} KeyValueAttribute
 	 * @property {string} name The key used to reference the attribute
 	 * @property {string} value The value of the attribute
+	 * @property {boolean} ecert Optional, A value of true indicates that this attribute
+	 *  should be included in an enrollment certificate by default
 	 */
 
 	/**
@@ -521,7 +534,6 @@ var FabricCAClient = class {
 	register(enrollmentID, enrollmentSecret, role, affiliation, maxEnrollments, attrs, signingIdentity) {
 
 		var self = this;
-		var numArgs = arguments.length;
 		//all arguments are required
 		if (!enrollmentID || !affiliation || !signingIdentity) {
 			throw new Error('Missing required parameters.  \'enrollmentID\', \'affiliation\', \
@@ -637,16 +649,44 @@ var FabricCAClient = class {
 		});
 	}
 
+	/**
+	 * Creates a new {@link IdentityService} object
+	 *
+	 * @param enrollmentID The enrollment ID associated for this identity
+	 * @returns {IdentityService} object
+	 */
+	newIdentityService() {
+		return new IdentityService(this);
+	}
+
 	post(api_method, requestObj, signingIdentity) {
-		requestObj.caName = this._caName;
+		return this.request('POST', api_method, signingIdentity, requestObj);
+	}
+
+	delete(api_method, signingIdentity) {
+		return this.request('DELETE', api_method, signingIdentity);
+	}
+
+	get(api_method, signingIdentity) {
+		return this.request('GET', api_method, signingIdentity);
+	}
+
+	put(api_method, requestObj, signingIdentity) {
+		return this.request('PUT', api_method, signingIdentity, requestObj);
+	}
+
+	request(http_method, api_method, signingIdentity, requestObj){
+		if (requestObj) {
+			requestObj.caName = this._caName;
+		}
 
 		var self = this;
 		return new Promise(function (resolve, reject) {
 			var requestOptions = {
 				hostname: self._hostname,
 				port: self._port,
 				path: self._baseAPI + api_method,
-				method: 'POST',
+				method: http_method,
 				headers: {
 					Authorization: self.generateAuthToken(requestObj, signingIdentity)
 				},
@@ -692,7 +732,9 @@ var FabricCAClient = class {
 				reject(new Error(util.format('Calling %s endpoint failed with error [%s]', api_method, err)));
 			});
 
-			request.write(JSON.stringify(requestObj));
+			if (requestObj) {
+				request.write(JSON.stringify(requestObj));
+			}
 			request.end();
 		});
 	}
@@ -703,14 +745,19 @@ var FabricCAClient = class {
 	generateAuthToken(reqBody, signingIdentity) {
 		// specific signing procedure is according to:
 		// https://github.com/hyperledger/fabric-ca/blob/master/util/util.go#L213
-		var cert = Buffer.from(signingIdentity._certificate).toString('base64');
-		var body = Buffer.from(JSON.stringify(reqBody)).toString('base64');
+		let cert = Buffer.from(signingIdentity._certificate).toString('base64');
+		let bodyAndcert;
+		if (reqBody) {
+			let body = Buffer.from(JSON.stringify(reqBody)).toString('base64');
+			bodyAndcert = body + '.' + cert;
+		} else {
+			bodyAndcert = '.' + cert;
+		}
 
-		var bodyAndcert = body + '.' + cert;
-		var sig = signingIdentity.sign(bodyAndcert, { hashFunction: this._cryptoPrimitives.hash.bind(this._cryptoPrimitives) });
+		let sig = signingIdentity.sign(bodyAndcert, { hashFunction: this._cryptoPrimitives.hash.bind(this._cryptoPrimitives) });
 		logger.debug(util.format('bodyAndcert: %s', bodyAndcert));
 
-		var b64Sign = Buffer.from(sig, 'hex').toString('base64');
+		let b64Sign = Buffer.from(sig, 'hex').toString('base64');
 		return cert + '.' + b64Sign;
 	}