openstack_sdk/api/network/v2/vpn/ipsecpolicy/

create.rs

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
//
// WARNING: This file is automatically generated from OpenAPI schema using
// `openstack-codegenerator`.

//! Creates an IP security (IPsec) policy.
//!
//! The IPsec policy specifies the authentication and encryption algorithms and
//! encapsulation mode to use for the established VPN connection.
//!
//! Normal response codes: 201
//!
//! Error response codes: 400, 401
//!
use derive_builder::Builder;
use http::{HeaderMap, HeaderName, HeaderValue};

use crate::api::rest_endpoint_prelude::*;

use serde::Deserialize;
use serde::Serialize;
use std::borrow::Cow;

#[derive(Debug, Deserialize, Clone, Serialize)]
pub enum AuthAlgorithm {
    #[serde(rename = "aes-cmac")]
    AesCmac,
    #[serde(rename = "aes-xcbc")]
    AesXcbc,
    #[serde(rename = "sha1")]
    Sha1,
    #[serde(rename = "sha256")]
    Sha256,
    #[serde(rename = "sha384")]
    Sha384,
    #[serde(rename = "sha512")]
    Sha512,
}

#[derive(Debug, Deserialize, Clone, Serialize)]
pub enum EncapsulationMode {
    #[serde(rename = "transport")]
    Transport,
    #[serde(rename = "tunnel")]
    Tunnel,
}

#[derive(Debug, Deserialize, Clone, Serialize)]
pub enum EncryptionAlgorithm {
    #[serde(rename = "3des")]
    _3des,
    #[serde(rename = "aes-128")]
    Aes128,
    #[serde(rename = "aes-128-ccm-12")]
    Aes128Ccm12,
    #[serde(rename = "aes-128-ccm-16")]
    Aes128Ccm16,
    #[serde(rename = "aes-128-ccm-8")]
    Aes128Ccm8,
    #[serde(rename = "aes-128-ctr")]
    Aes128Ctr,
    #[serde(rename = "aes-128-gcm-12")]
    Aes128Gcm12,
    #[serde(rename = "aes-128-gcm-16")]
    Aes128Gcm16,
    #[serde(rename = "aes-128-gcm-8")]
    Aes128Gcm8,
    #[serde(rename = "aes-192")]
    Aes192,
    #[serde(rename = "aes-192-ccm-12")]
    Aes192Ccm12,
    #[serde(rename = "aes-192-ccm-16")]
    Aes192Ccm16,
    #[serde(rename = "aes-192-ccm-8")]
    Aes192Ccm8,
    #[serde(rename = "aes-192-ctr")]
    Aes192Ctr,
    #[serde(rename = "aes-192-gcm-12")]
    Aes192Gcm12,
    #[serde(rename = "aes-192-gcm-16")]
    Aes192Gcm16,
    #[serde(rename = "aes-192-gcm-8")]
    Aes192Gcm8,
    #[serde(rename = "aes-256")]
    Aes256,
    #[serde(rename = "aes-256-ccm-12")]
    Aes256Ccm12,
    #[serde(rename = "aes-256-ccm-16")]
    Aes256Ccm16,
    #[serde(rename = "aes-256-ccm-8")]
    Aes256Ccm8,
    #[serde(rename = "aes-256-ctr")]
    Aes256Ctr,
    #[serde(rename = "aes-256-gcm-12")]
    Aes256Gcm12,
    #[serde(rename = "aes-256-gcm-16")]
    Aes256Gcm16,
    #[serde(rename = "aes-256-gcm-8")]
    Aes256Gcm8,
}

#[derive(Debug, Deserialize, Clone, Serialize)]
pub enum Pfs {
    #[serde(rename = "group14")]
    Group14,
    #[serde(rename = "group15")]
    Group15,
    #[serde(rename = "group16")]
    Group16,
    #[serde(rename = "group17")]
    Group17,
    #[serde(rename = "group18")]
    Group18,
    #[serde(rename = "group19")]
    Group19,
    #[serde(rename = "group2")]
    Group2,
    #[serde(rename = "group20")]
    Group20,
    #[serde(rename = "group21")]
    Group21,
    #[serde(rename = "group22")]
    Group22,
    #[serde(rename = "group23")]
    Group23,
    #[serde(rename = "group24")]
    Group24,
    #[serde(rename = "group25")]
    Group25,
    #[serde(rename = "group26")]
    Group26,
    #[serde(rename = "group27")]
    Group27,
    #[serde(rename = "group28")]
    Group28,
    #[serde(rename = "group29")]
    Group29,
    #[serde(rename = "group30")]
    Group30,
    #[serde(rename = "group31")]
    Group31,
    #[serde(rename = "group5")]
    Group5,
}

#[derive(Debug, Deserialize, Clone, Serialize)]
pub enum TransformProtocol {
    #[serde(rename = "ah")]
    Ah,
    #[serde(rename = "ah-esp")]
    AhEsp,
    #[serde(rename = "esp")]
    Esp,
}

/// An `ipsecpolicy` object.
#[derive(Builder, Debug, Deserialize, Clone, Serialize)]
#[builder(setter(strip_option))]
pub struct Ipsecpolicy<'a> {
    /// The authentication hash algorithm. Valid values are `sha1`, `sha256`,
    /// `sha384`, `sha512`, `aes-xcbc`, `aes-cmac`. The default is `sha1`.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default)]
    pub(crate) auth_algorithm: Option<AuthAlgorithm>,

    /// A human-readable description for the resource. Default is an empty
    /// string.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(into))]
    pub(crate) description: Option<Cow<'a, str>>,

    /// The encapsulation mode. A valid value is `tunnel` or `transport`.
    /// Default is `tunnel`.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default)]
    pub(crate) encapsulation_mode: Option<EncapsulationMode>,

    /// The encryption algorithm. A valid value is `3des`, `aes-128`,
    /// `aes-192`, `aes-256`, `aes-128-ctr`, `aes-192-ctr`, `aes-256-ctr`.
    /// Additional values for AES CCM and GCM modes are defined (e.g.
    /// `aes-256-ccm-16`, `aes-256-gcm-16`) for all combinations of key length
    /// 128, 192, 256 bits and ICV length 8, 12, 16 octets. Default is
    /// `aes-128`.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default)]
    pub(crate) encryption_algorithm: Option<EncryptionAlgorithm>,

    /// The lifetime of the security association. The lifetime consists of a
    /// unit and integer value. You can omit either the unit or value portion
    /// of the lifetime. Default unit is seconds and default value is 3600.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(into))]
    pub(crate) lifetime: Option<Cow<'a, str>>,

    /// Human-readable name of the resource. Default is an empty string.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(into))]
    pub(crate) name: Option<Cow<'a, str>>,

    /// Perfect forward secrecy (PFS). A valid value is `Group2`, `Group5`,
    /// `Group14` to `Group31`. Default is `Group5`.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default)]
    pub(crate) pfs: Option<Pfs>,

    /// The ID of the project.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(into))]
    pub(crate) tenant_id: Option<Cow<'a, str>>,

    /// The transform protocol. A valid value is `ESP`, `AH`, or `AH- ESP`.
    /// Default is `ESP`.
    #[serde(skip_serializing_if = "Option::is_none")]
    #[builder(default)]
    pub(crate) transform_protocol: Option<TransformProtocol>,
}

#[derive(Builder, Debug, Clone)]
#[builder(setter(strip_option))]
pub struct Request<'a> {
    /// An `ipsecpolicy` object.
    #[builder(setter(into))]
    pub(crate) ipsecpolicy: Ipsecpolicy<'a>,

    #[builder(setter(name = "_headers"), default, private)]
    _headers: Option<HeaderMap>,
}
impl<'a> Request<'a> {
    /// Create a builder for the endpoint.
    pub fn builder() -> RequestBuilder<'a> {
        RequestBuilder::default()
    }
}

impl<'a> RequestBuilder<'a> {
    /// Add a single header to the Ipsecpolicy.
    pub fn header<K, V>(&mut self, header_name: K, header_value: V) -> &mut Self
    where
        K: Into<HeaderName>,
        V: Into<HeaderValue>,
    {
        self._headers
            .get_or_insert(None)
            .get_or_insert_with(HeaderMap::new)
            .insert(header_name.into(), header_value.into());
        self
    }

    /// Add multiple headers.
    pub fn headers<I, T>(&mut self, iter: I) -> &mut Self
    where
        I: Iterator<Item = T>,
        T: Into<(Option<HeaderName>, HeaderValue)>,
    {
        self._headers
            .get_or_insert(None)
            .get_or_insert_with(HeaderMap::new)
            .extend(iter.map(Into::into));
        self
    }
}

impl RestEndpoint for Request<'_> {
    fn method(&self) -> http::Method {
        http::Method::POST
    }

    fn endpoint(&self) -> Cow<'static, str> {
        "vpn/ipsecpolicies".to_string().into()
    }

    fn parameters(&self) -> QueryParams<'_> {
        QueryParams::default()
    }

    fn body(&self) -> Result<Option<(&'static str, Vec<u8>)>, BodyError> {
        let mut params = JsonBodyParams::default();

        params.push("ipsecpolicy", serde_json::to_value(&self.ipsecpolicy)?);

        params.into_body()
    }

    fn service_type(&self) -> ServiceType {
        ServiceType::Network
    }

    fn response_key(&self) -> Option<Cow<'static, str>> {
        Some("ipsecpolicy".into())
    }

    /// Returns headers to be set into the request
    fn request_headers(&self) -> Option<&HeaderMap> {
        self._headers.as_ref()
    }

    /// Returns required API version
    fn api_version(&self) -> Option<ApiVersion> {
        Some(ApiVersion::new(2, 0))
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    #[cfg(feature = "sync")]
    use crate::api::Query;
    use crate::test::client::FakeOpenStackClient;
    use crate::types::ServiceType;
    use http::{HeaderName, HeaderValue};
    use httpmock::MockServer;
    use serde_json::json;

    #[test]
    fn test_service_type() {
        assert_eq!(
            Request::builder()
                .ipsecpolicy(IpsecpolicyBuilder::default().build().unwrap())
                .build()
                .unwrap()
                .service_type(),
            ServiceType::Network
        );
    }

    #[test]
    fn test_response_key() {
        assert_eq!(
            Request::builder()
                .ipsecpolicy(IpsecpolicyBuilder::default().build().unwrap())
                .build()
                .unwrap()
                .response_key()
                .unwrap(),
            "ipsecpolicy"
        );
    }

    #[cfg(feature = "sync")]
    #[test]
    fn endpoint() {
        let server = MockServer::start();
        let client = FakeOpenStackClient::new(server.base_url());
        let mock = server.mock(|when, then| {
            when.method(httpmock::Method::POST)
                .path("/vpn/ipsecpolicies".to_string());

            then.status(200)
                .header("content-type", "application/json")
                .json_body(json!({ "ipsecpolicy": {} }));
        });

        let endpoint = Request::builder()
            .ipsecpolicy(IpsecpolicyBuilder::default().build().unwrap())
            .build()
            .unwrap();
        let _: serde_json::Value = endpoint.query(&client).unwrap();
        mock.assert();
    }

    #[cfg(feature = "sync")]
    #[test]
    fn endpoint_headers() {
        let server = MockServer::start();
        let client = FakeOpenStackClient::new(server.base_url());
        let mock = server.mock(|when, then| {
            when.method(httpmock::Method::POST)
                .path("/vpn/ipsecpolicies".to_string())
                .header("foo", "bar")
                .header("not_foo", "not_bar");
            then.status(200)
                .header("content-type", "application/json")
                .json_body(json!({ "ipsecpolicy": {} }));
        });

        let endpoint = Request::builder()
            .ipsecpolicy(IpsecpolicyBuilder::default().build().unwrap())
            .headers(
                [(
                    Some(HeaderName::from_static("foo")),
                    HeaderValue::from_static("bar"),
                )]
                .into_iter(),
            )
            .header(
                HeaderName::from_static("not_foo"),
                HeaderValue::from_static("not_bar"),
            )
            .build()
            .unwrap();
        let _: serde_json::Value = endpoint.query(&client).unwrap();
        mock.assert();
    }
}