feat: Added reenroll to openapi.

Signed-off-by: Ivan Chvets <ivan.chvets@kinarasystems.com>
Merge pull request #418 from Telecominfraproject/WIFI-14953-add-entire-trust-chain-for-rtty
2025-11-04 04:37:46 +00:00 · 2025-08-14 11:45:36 -04:00 · 2025-08-06 11:00:04 -04:00 · 2025-08-06 09:13:04 -04:00 · 2025-08-05 11:15:51 -04:00 · 2025-08-05 10:46:45 -04:00
5 changed files with 54 additions and 8 deletions
--- a/openapi/owgw.yaml
+++ b/openapi/owgw.yaml
@@ -1576,6 +1576,15 @@ components:
          format: base64
          description: This is a base64 encoded string of the certificate bundle (the current bundle .tar.gz file from the PKI portal)

+    ReenrollRequest:
+      type: object
+      properties:
+        serialNumber:
+          type: string
+        when:
+          type: integer
+          format: int64
+
    PowerCycleRequest:
      type: object
      properties:
@@ -3056,6 +3065,32 @@ paths:
        404:
          $ref: '#/components/responses/NotFound'

+  /device/{serialNumber}/reenroll:
+    post:
+      tags:
+        - Commands
+      summary: Reenroll operational certificate for the device.
+      operationId: reenrollCertificate
+      parameters:
+        - in: path
+          name: serialNumber
+          schema:
+            type: string
+          required: true
+      requestBody:
+        description: Reenroll operational certificate for the device
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ReenrollRequest'
+      responses:
+        200:
+          $ref: '#/components/responses/Success'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
  /device/{serialNumber}/powercycle:
    post:
      tags:
--- a/src/AP_WS_Server.cpp
+++ b/src/AP_WS_Server.cpp
@@ -795,4 +795,4 @@ namespace OpenWifi {
 		return false;
 	}

-} // namespace OpenWifi
+} // namespace OpenWifi
--- a/src/framework/ConfigurationValidator.cpp
+++ b/src/framework/ConfigurationValidator.cpp
@@ -3952,8 +3952,10 @@ static std::string DefaultAPSchema = R"foo(
                            "inactive-deauth",
                            "key-mismatch",
                            "beacon-report",
-                            "radar-detected"
-                        ]
+                            "radar-detected",
+                            "ft-finish",
+                            "sta-authorized"
+			 ]
                    }
                }
            }
@@ -7920,7 +7922,9 @@ static std::string DefaultSWITCHSchema = R"foo(
                            "inactive-deauth",
                            "key-mismatch",
                            "beacon-report",
-                            "radar-detected"
+                            "radar-detected",
+                            "ft-finish",
+                            "sta-authorized"
                        ]
                    }
                }
--- a/src/framework/ow_constants.h
+++ b/src/framework/ow_constants.h
@@ -583,7 +583,7 @@ namespace OpenWifi::RESTAPI::Protocol {

 	static const char *FIXEDCONFIG = "fixedconfig";
 	static const char *CABLEDIAGNOSTICS = "cable-diagnostics";
-	static const char *REENROLL = "re-enroll";
+	static const char *REENROLL = "reenroll";
 } // namespace OpenWifi::RESTAPI::Protocol

 namespace OpenWifi::uCentralProtocol {
@@ -699,7 +699,7 @@ namespace OpenWifi::uCentralProtocol {

 	static const char *FIXEDCONFIG = "fixedconfig";
 	static const char *CABLEDIAGNOSTICS = "cable-diagnostics";
-	static const char *REENROLL = "re-enroll";
+	static const char *REENROLL = "reenroll";


 } // namespace OpenWifi::uCentralProtocol
--- a/src/rttys/RTTYS_server.cpp
+++ b/src/rttys/RTTYS_server.cpp
@@ -14,6 +14,7 @@
 #include "nlohmann/json.hpp"

 #include "Poco/NObserver.h"
+#include <Poco/Net/Context.h>
 #include "Poco/Net/SocketNotification.h"
 #include "Poco/Net/NetException.h"
 #include "Poco/Net/WebSocketImpl.h"
@@ -71,6 +72,7 @@ namespace OpenWifi {
 				const auto &RootCas =
 					MicroServiceConfigPath("ucentral.websocket.host.0.rootca", "");
 				const auto &Cas = MicroServiceConfigPath("ucentral.websocket.host.0.cas", "");
+				const auto &ClientCasFile = MicroServiceConfigPath("ucentral.websocket.host.0.clientcas", "");

 				Poco::Net::Context::Params P;

@@ -86,6 +88,7 @@ namespace OpenWifi {
 				Poco::Crypto::X509Certificate Cert(CertFileName);
 				Poco::Crypto::X509Certificate Root(RootCaFileName);
 				Poco::Crypto::X509Certificate Issuing(IssuerFileName);
+                std::vector<Poco::Crypto::X509Certificate> ClientCasCerts;
 				Poco::Crypto::RSAKey Key("", KeyFileName, KeyPassword);

 				DeviceSecureContext->useCertificate(Cert);
@@ -93,7 +96,11 @@ namespace OpenWifi {
 				DeviceSecureContext->addCertificateAuthority(Root);
 				DeviceSecureContext->addChainCertificate(Issuing);
 				DeviceSecureContext->addCertificateAuthority(Issuing);
-				DeviceSecureContext->addCertificateAuthority(Root);
+                ClientCasCerts = Poco::Net::X509Certificate::readPEM(ClientCasFile);
+                for (const auto &cert : ClientCasCerts) {
+                    DeviceSecureContext->addChainCertificate(cert);
+                    DeviceSecureContext->addCertificateAuthority(cert);
+                }
 				DeviceSecureContext->enableSessionCache(true);
 				DeviceSecureContext->setSessionCacheSize(0);
 				DeviceSecureContext->setSessionTimeout(120);
@@ -1117,4 +1124,4 @@ namespace OpenWifi {
 	RTTYS_EndPoint::~RTTYS_EndPoint() {
 	}

-} // namespace OpenWifi
+} // namespace OpenWifi
Author	SHA1	Message	Date
Ivan Chvets	3b7a24ea30	feat: Added reenroll to openapi. Signed-off-by: Ivan Chvets <ivan.chvets@kinarasystems.com>	2025-08-14 11:45:36 -04:00
Carsten Schafer	438309714f	Merge pull request #418 from Telecominfraproject/WIFI-14953-add-entire-trust-chain-for-rtty WIFI-14953 Add entire trust chain for rtty use	2025-08-06 11:00:04 -04:00
Carsten Schafer	a9130eeb75	Read from proper client cas file Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>	2025-08-06 09:13:04 -04:00
Carsten Schafer	33068fca9e	Declare the variable Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>	2025-08-05 11:15:51 -04:00
Carsten Schafer	d329151f6c	Fix typo Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>	2025-08-05 10:46:45 -04:00
Carsten Schafer	ec846006bb	Add entire trust chain for rtty use Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>	2025-08-05 10:24:33 -04:00
i-chvets	242261de0a	Merge pull request #413 from Telecominfraproject/WIFI-14820-fix_wifi_frames_schema_update WIFI-14820: fix: Added new parameters to wifi-frames	2025-07-14 15:53:41 -04:00
Ivan Chvets	31a4edead5	fix: Added new parameters to wifi-frames https://telecominfraproject.atlassian.net/browse/WIFI-14820 Signed-off-by: Ivan Chvets <ivan.chvets@kinarasystems.com>	2025-07-14 14:00:47 -04:00
Carsten Schafer	f7b697f219	Merge pull request #412 from Telecominfraproject/PKI2-132_feat_ap_reenroll_command-fix fix: ucentral reenroll command is reenroll not re-enroll	2025-07-10 10:14:49 -04:00
Carsten Schafer	e020da75fc	fix: ucentral reenroll command is reenroll not re-enroll Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>	2025-07-10 09:50:45 -04:00
i-chvets	89702f56e0	Merge pull request #411 from Telecominfraproject/PKI2-132_feat_ap_reenroll_command feat: Added reneroll command handler.	2025-07-03 08:24:14 -04:00