diff --git a/README.md b/README.md index abda15d..b4199b6 100644 --- a/README.md +++ b/README.md @@ -186,6 +186,10 @@ This is the number of seconds between retries when attempting to download a cert This is the username that will be used to connect to the GlobalSign API * ```Password``` This is the password that will be used to connect to the GlobalSign API +* ```SyncStartDate``` +OPTIONAL: If provided, full syncs will start at the specified date. +* ```SyncIntervalDays``` +OPTIONAL: Required if SyncStartDate is used. Specifies how to page the certificate sync. Should be a value such that no interval of that length contains > 500 certificate enrollments. ```json "CAConnection": { diff --git a/readme_source.md b/readme_source.md index 8a77d78..45fa403 100644 --- a/readme_source.md +++ b/readme_source.md @@ -144,6 +144,10 @@ This is the number of seconds between retries when attempting to download a cert This is the username that will be used to connect to the GlobalSign API * ```Password``` This is the password that will be used to connect to the GlobalSign API +* ```SyncStartDate``` +OPTIONAL: If provided, full syncs will start at the specified date. +* ```SyncIntervalDays``` +OPTIONAL: Required if SyncStartDate is used. Specifies how to page the certificate sync. Should be a value such that no interval of that length contains > 500 certificate enrollments. ```json "CAConnection": { diff --git a/src/GlobalSignCAProxy/Client/GlobalSignApiClient.cs b/src/GlobalSignCAProxy/Client/GlobalSignApiClient.cs index f84dbb0..3ded199 100644 --- a/src/GlobalSignCAProxy/Client/GlobalSignApiClient.cs +++ b/src/GlobalSignCAProxy/Client/GlobalSignApiClient.cs @@ -37,14 +37,39 @@ public GlobalSignApiClient(GlobalSignCAConfig config) OrderService = new ManagedSSLService() { Url = config.GetUrl(GlobalSignServiceType.ORDER) }; } - public List GetCertificatesForSync(bool fullSync, DateTime? lastSync) + public List GetCertificatesForSync(bool fullSync, DateTime? lastSync, DateTime startDate, int intervalDays) { Logger.MethodEntry(ILogExtensions.MethodLogLevel.Debug); using (this.QueryService) { if (fullSync) { - return GetCertificatesByDateRange(DateTime.MinValue, DateTime.UtcNow); + if (startDate > new DateTime(2000, 01, 01)) + { + DateTime finalStop = DateTime.UtcNow; + List certs = new List(); + DateTime endDate = startDate.AddDays(intervalDays); + if (endDate > finalStop) + { + endDate = finalStop; + } + certs.AddRange(GetCertificatesByDateRange(startDate, endDate)); + while (endDate < finalStop) + { + startDate = endDate.AddSeconds(1); + endDate = startDate.AddDays(intervalDays); + if (endDate > finalStop) + { + endDate = finalStop; + } + certs.AddRange(GetCertificatesByDateRange(startDate, endDate)); + } + return certs; + } + else + { + return GetCertificatesByDateRange(startDate, DateTime.UtcNow); + } } else //Incremental Sync { diff --git a/src/GlobalSignCAProxy/GlobalSignCAConfig.cs b/src/GlobalSignCAProxy/GlobalSignCAConfig.cs index 1e12136..247e9fb 100644 --- a/src/GlobalSignCAProxy/GlobalSignCAConfig.cs +++ b/src/GlobalSignCAProxy/GlobalSignCAConfig.cs @@ -10,6 +10,7 @@ using Newtonsoft.Json.Converters; using query = Keyfactor.Extensions.AnyGateway.GlobalSign.Services.Query; using order = Keyfactor.Extensions.AnyGateway.GlobalSign.Services.Order; +using System.Diagnostics.Contracts; namespace Keyfactor.Extensions.AnyGateway.GlobalSign { @@ -22,6 +23,9 @@ public class GlobalSignCAConfig public string Username { get; set; } public string Password { get; set; } + public string SyncStartDate { get; set; } + public int SyncIntervalDays { get; set; } + public string GetUrl(GlobalSignServiceType queryType) { switch (queryType) diff --git a/src/GlobalSignCAProxy/GlobalSignCAProxy.cs b/src/GlobalSignCAProxy/GlobalSignCAProxy.cs index 4c261d9..ddaaac6 100644 --- a/src/GlobalSignCAProxy/GlobalSignCAProxy.cs +++ b/src/GlobalSignCAProxy/GlobalSignCAProxy.cs @@ -25,6 +25,7 @@ using System.Collections.Concurrent; using System.Collections.Generic; using System.Linq; +using System.Security.Policy; using System.Text; using System.Threading; using System.Web.Services.Configuration; @@ -233,8 +234,14 @@ public override void Synchronize(ICertificateDataReader certificateDataReader, B { GlobalSignApiClient apiClient = new GlobalSignApiClient(Config); - DateTime? syncFrom = certificateAuthoritySyncInfo.DoFullSync ? new DateTime(2000, 01, 01) : certificateAuthoritySyncInfo.OverallLastSync; - var certs = apiClient.GetCertificatesForSync(certificateAuthoritySyncInfo.DoFullSync, syncFrom); + DateTime fullSyncFrom = new DateTime(2000, 01, 01); + if (!string.IsNullOrEmpty(Config.SyncStartDate)) + { + fullSyncFrom = DateTime.Parse(Config.SyncStartDate); + } + + DateTime? syncFrom = certificateAuthoritySyncInfo.DoFullSync ? fullSyncFrom : certificateAuthoritySyncInfo.OverallLastSync; + var certs = apiClient.GetCertificatesForSync(certificateAuthoritySyncInfo.DoFullSync, syncFrom, fullSyncFrom, Config.SyncIntervalDays); foreach (var c in certs) { @@ -332,6 +339,15 @@ public override void ValidateCAConnectionInfo(Dictionary connect var apiClient = new GlobalSignApiClient(validateConfig); apiClient.GetDomains().ForEach(x => Logger.Info($"Connection established for {x.DomainName}")); + + if (!string.IsNullOrEmpty(validateConfig.SyncStartDate)) + { + _ = DateTime.Parse(validateConfig.SyncStartDate); + if (validateConfig.SyncIntervalDays <= 0) + { + throw new Exception("SyncIntervalDays must be a value greater than 0 when using SyncStartDate"); + } + } Logger.MethodExit(ILogExtensions.MethodLogLevel.Debug); }