Certificates API - Create endpoint

api/v1/certificates/certificate_model.php

@@ -0,0 +1,67 @@
+<?php
+
+// Variable assignment from POST (or: blank/from DB is updating)
+
+if (isset($_POST['certificate_name'])) {
+    $name = sanitizeInput($_POST['certificate_name']);
+} elseif ($certificate_row) {
+    $name = $certificate_row['certificate_name'];
+} else {
+    $name = '';
+}
+
+if (isset($_POST['certificate_description'])) {
+    $description = sanitizeInput($_POST['certificate_description']);
+} elseif ($certificate_row) {
+    $description = $certificate_row['certificate_description'];
+} else {
+    $description = '';
+}
+
+if (isset($_POST['certificate_domain'])) {
+    $domain = sanitizeInput($_POST['certificate_domain']);
+} elseif ($certificate_row) {
+    $domain = $certificate_row['certificate_domain'];
+} else {
+    $domain = '';
+}
+
+if (isset($_POST['certificate_issued_by'])) {
+    $issued_by = sanitizeInput($_POST['certificate_issued_by']);
+} elseif ($certificate_row) {
+    $issued_by = $certificate_row['certificate_issued_by'];
+} else {
+    $issued_by = '';
+}
+
+if (isset($_POST['certificate_expire'])) {
+    $expire = sanitizeInput($_POST['certificate_expire']);
+} elseif ($certificate_row) {
+    $expire = $certificate_row['certificate_expire'];
+} else {
+    $expire = '';
+}
+
+if (isset($_POST['certificate_public_key'])) {
+    $public_key = sanitizeInput($_POST['certificate_public_key']);
+} elseif ($certificate_row) {
+    $public_key = $certificate_row['certificate_public_key'];
+} else {
+    $public_key = '';
+}
+
+if (isset($_POST['certificate_notes'])) {
+    $notes = sanitizeInput($_POST['certificate_notes']);
+} elseif ($certificate_row) {
+    $notes = $certificate_row['certificate_notes'];
+} else {
+    $notes = '';
+}
+
+if (isset($_POST['certificate_domain_id'])) {
+    $domain_id = intval($_POST['certificate_domain_id']);
+} elseif ($certificate_row) {
+    $domain_id = intval($certificate_row['certificate_domain_id']);
+} else {
+    $domain_id = 0;
+}

api/v1/certificates/create.php

@@ -0,0 +1,58 @@
+<?php
+
+require_once '../validate_api_key.php';
+require_once '../require_post_method.php';
+
+// Parse Info
+require_once 'certificate_model.php';
+
+// Default
+$insert_id = false;
+
+// Require name and domain_name
+if (!empty($name) && !empty($domain) && !empty($client_id)) {
+
+    // TODO: Doesn't work. Making this work seems tricky. Think we need to be json-encoding the pubkey on POST and then decoding & parsing it here?
+    //   For now, just let the certificate refresher catch this
+    // Parse public key data if provided and expire/issued_by are missing
+    if (!empty($public_key) && (empty($expire) && empty($issued_by))) {
+        $public_key_obj = openssl_x509_parse($_POST['certificate_public_key']);
+        if ($public_key_obj) {
+            $expire = date('Y-m-d', $public_key_obj['validTo_time_t']);
+            $issued_by = sanitizeInput($public_key_obj['issuer']['O']);
+        }
+    }
+
+    // Normalize expire value
+    if (empty($expire)) {
+        $expire = "NULL";
+    } else {
+        $expire = "'" . $expire . "'";
+    }
+
+    // Insert certificate
+    $insert_sql = mysqli_query($mysqli, "
+        INSERT INTO certificates SET
+        certificate_name = '$name',
+        certificate_description = '$description',
+        certificate_domain = '$domain',
+        certificate_issued_by = '$issued_by',
+        certificate_expire = $expire,
+        certificate_public_key = '$public_key',
+        certificate_notes = '$notes',
+        certificate_domain_id = $domain_id,
+        certificate_client_id = $client_id
+    ");
+
+    // Check insert & get insert ID
+    if ($insert_sql) {
+        $insert_id = mysqli_insert_id($mysqli);
+
+        // Logging
+        logAction("Certificate", "Create", "$name via API ($api_key_name)", $client_id, $insert_id);
+        logAction("API", "Success", "Created certificate $name via API ($api_key_name)", $client_id, $insert_id);
+    }
+}
+
+// Output
+require_once '../create_output.php';