Add AJAX handler for receiving the CSR

• How to create Custom RESTful API in Drupal 8
• How to receive JSON data in controller with Drupal 8?
• How to set required POST parameters for routes
• Create a public custom Drupal 8 REST webservice
• How to create Custom Rest Resources for POST methods in Drupal 8
• RESTful Web Services API overview

Drupal Console should get us going with drupal generate:plugin:rest:resource.

We may also need to write a plug-in using the Authentication API as "basic authentication" definitely won't cut it, and "cookies" may not either, but needs testing. Or if we can't use cookies, maybe we can find an existing contrib module.

emboss wrote:

Yes, POST is good. The payload is JSON in the form { csr: <String>, profile: <String> }. This needs to be proxied to the CA API (also POST). The JSON response from the CA API has the form { certificate: <String>, ca_certificates: [ <String>, <String>, ...] }. Proxy the response to the JS caller.

For now, we're just going to use the "cookie" authentication provider. This is user-account access, but we'll allow anonymous users as per the Permissions at https://www.drupal.org/docs/8/api/restful-web-services-api/restful-web-s..., and then do our own authentication via PKIRACertificateSigningRequestProcessor::requestIsAuthenticated() at the start of the post() method in the resource class.

Later, we can come up with an Authentication Provider using drupal generate:authentication:provider along with these guides:

• How to create an Authentication Provider in Drupal 8
• Writing a custom authenticator in Drupal 8

Could also create a new contrib module for it and publish at Using other authentication protocols.