初步实现CA enroll. blockchain-desktop#171

Signed-off-by: Yi DENG <[email protected]>
dengyi9 · Mar 19, 2019 · 38a2e50 · 38a2e50
1 parent d6fa2df
commit 38a2e50
Show file tree

Hide file tree

Showing 2 changed files with 132 additions and 1 deletion.
diff --git a/src/util/fabric.js b/src/util/fabric.js
@@ -3,6 +3,7 @@
 import { getConfigDBSingleton } from './createDB';
 
 const FabricClientSDK = require('fabric-client');
+const FabricCAClientSDK = require('fabric-ca-client');
 const path = require('path');
 const util = require('util');
 const fs = require('fs');
@@ -15,6 +16,7 @@ const db = getConfigDBSingleton();
 class FabricClient {
   constructor() {
     this.fabricClient = new FabricClientSDK();
+    this.fabricCAClient = null;
   }
 
   // 抽出空挡，插入配置文件，以便集成测试
@@ -54,6 +56,11 @@ class FabricClient {
           { pem: Buffer.from(this.orderersCert).toString(), 'ssl-target-name-override': config.ordererSSLTarget });
       }
 
+      // FIXME: CA also need to support TLS like peer/orderer above
+      if (config.caServerUrl) {
+        self.fabricCAClient = new FabricCAClientSDK(config.caServerUrl);
+      }
+
       logger.info('config:', config);
       const storePath = path.join(__dirname, '../../', config.path);
       logger.info(`Store path:${storePath}`);
@@ -762,6 +769,44 @@ class FabricClient {
     return this.fabricClient.newPeer(url, opts);
   }
 
+
+  /**
+   * 连接CA，获取用户证书私钥 - 参考 https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#enroll
+   * @param {EnrollmentRequest} req - 参考 https://fabric-sdk-node.github.io/release-1.4/global.html#EnrollmentRequest
+   * @return {Promise<Enrollment>} enrollment - 参考 https://fabric-sdk-node.github.io/release-1.4/global.html#Enrollment
+   */
+  enroll(req) {
+    return this.fabricCAClient.enroll(req);
+  }
+
+  /**
+   * 连接CA，注册用户 - 参考 https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#register
+   * @param {RegisterRequest} req - 参考 https://fabric-sdk-node.github.io/release-1.4/global.html#RegisterRequest
+   * @return {Promise<string>} secret
+   */
+  register(req) {
+    return Promise.reject('not implemented');
+  }
+
+  /**
+   * 连接CA，获取当前用户更新后的证书私钥 - 参考 https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#reenroll
+   * @param {Array.<AttributeRequest>} Optional - https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#reenroll
+   * @return {Promise<Object>} keyCert - Promise for an object with "key" for private key
+   *   and "certificate" for the signed certificate
+   */
+  reenroll(Optional) {
+    return Promise.reject('not implemented');
+  }
+
+  /**
+   * 连接CA，吊销用户证书 - 参考 https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#revoke
+   * @param {Object} req - 参考 https://fabric-sdk-node.github.io/release-1.4/FabricCAServices.html#revoke
+   * @return {Promise<>} result -
+   */
+  revoke(req) {
+    return Promise.reject('not implemented');
+  }
+
   // 关闭连接
   close() {
     this.peer.close();

diff --git a/test/util/fabric.test.js b/test/util/fabric.test.js
@@ -31,7 +31,7 @@ describe('fabric v1.1 basic-network', () => {
   }
 
   beforeAll(() => {
-    jest.setTimeout(15000);
+    jest.setTimeout(30000);
     initFabricNetwork();
   });
 
@@ -222,6 +222,92 @@ describe('fabric v1.1 basic-network', () => {
       });
     });
   });
+
+  // TODO: configDbForTest的持久化数据参数,包含admin证书登入过程。 目前由fabricClient类的外部维护，考虑是否内部维护。
+  describe('fabric CA management', () => {
+    it('enroll admin user', () => {
+      const req = {
+        enrollmentID: 'admin',
+        enrollmentSecret: 'adminpw',
+      };
+
+      return getFabricClientSingletonHelper(configDbForTest)
+        .then((client) => {
+          return client.enroll(req);
+        })
+        .then((enrollment) => {
+          logger.info('enroll user, get enrollment: ', enrollment);
+          expect(enrollment).not.toBeNull();
+        })
+        .catch((err) => {
+          throw err;
+        });
+    });
+
+    it('enroll to get a TLS certficate', () => {
+      const req = {
+        enrollmentID: 'admin',
+        enrollmentSecret: 'adminpw',
+        // profile: // TODO:
+      };
+
+      return getFabricClientSingletonHelper(configDbForTest)
+        .then((client) => {
+          return client.enroll(req);
+        })
+        .then((enrollment) => {
+          expect(enrollment).not.toBeNull();
+        })
+        .catch((err) => {
+          throw err;
+        });
+    });
+
+
+    it('register user', () => {
+      const userId = 'user1';
+
+      return getFabricClientSingletonHelper(configDbForTest)
+        .then((client) => {
+          const regReq = { enrollmentID: userId, affiliation: 'org1.department1', role: 'client' };
+          // 默认已登入admin用户，否则内部将报错
+          return client.register(regReq)
+            .then((secret) => {
+              logger.info('registering successfully, user secret: ', secret);
+              expect(secret).not.toBeNull();
+
+              const enrReq = {
+                enrollmenID: userId,
+                enrollmenSecret: secret,
+              };
+              return client.enroll(enrReq);
+            })
+            .then((enrollment) => {
+              expect(enrollment).not.toBeNull();
+            });
+        })
+        .catch((err) => {
+          throw err;
+        });
+    });
+
+    it('revoke user', () => {
+      const userId = 'user1';
+      return getFabricClientSingletonHelper(configDbForTest)
+        .then((client) => {
+          const req = {
+            enrollmentID: userId,
+          };
+          return client.revoke(req);
+        })
+        .then((result) => {
+          expect(result).not.toBeNull();
+        })
+        .catch((err) => {
+          throw err;
+        });
+    });
+  });
 });
 
 describe('fabric v1.3 fabric-ca network', () => {