def test_cert_create_sni_exceeds_host_name_limit(self):
self.mock_num_hosts_alternate.return_value = 100
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action'])
def test_cert_create_sni_cert_get_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=404, text='Enrollment not found.')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_san_send_to_queue(self, https_upgrade):
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True,
https_upgrade=https_upgrade)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
if https_upgrade is True:
self.assertTrue(
'https upgrade notes' in responder['Akamai']['extra_info'])
else:
self.assertFalse(
'https upgrade notes' in responder['Akamai']['extra_info'])
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict()))
def test_create_sni_exception_enqueue_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!")
self.driver.mod_san_queue.enqueue_mod_san_request.side_effect = (
Exception("Mock -- Error sending object back to queue!"))
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... Provision '
'sni cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def test_delete_certificate_positive(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=200,
text=json.dumps({"change": "/cps/v2/enrollments/234/changes/100"}))
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertTrue('deleted_at' in responder['Akamai']['extra_info'])
self.assertEqual('deleted',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com succeeded.',
responder['Akamai']['extra_info']['reason'])
def setUp(self):
super(TestCertificates, self).setUp()
self.driver = mock.Mock()
self.driver.provider_name = 'Akamai'
self.san_cert_cnames = [str(x) for x in range(7)]
self.driver.san_cert_cnames = self.san_cert_cnames
self.sni_cert_cnames = [str(x) for x in range(7)]
self.driver.sni_cert_cnames = self.sni_cert_cnames
self.driver.akamai_https_access_url_suffix = ('example.net')
self.driver.akamai_conf.policy_api_base_url = 'https://aka-base.com/'
sans_alternate_patcher = mock.patch(
'poppy.provider.akamai.utils.get_sans_by_host_alternate')
self.mock_sans_alternate = sans_alternate_patcher.start()
self.addCleanup(sans_alternate_patcher.stop)
num_hosts_alternate_patcher = mock.patch(
'poppy.provider.akamai.utils.get_ssl_number_of_hosts_alternate')
self.mock_num_hosts_alternate = num_hosts_alternate_patcher.start()
self.addCleanup(num_hosts_alternate_patcher.stop)
self.mock_sans_alternate.return_value = []
self.mock_num_hosts_alternate.return_value = 10
self.controller = certificates.CertificateController(self.driver)
def test_create_ssl_certificate_cert_type_not_implemented(self):
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com",
"secure.san2.poppycdn.com"]
controller = certificates.CertificateController(self.driver)
ssl_cert = mock.Mock()
type(ssl_cert).cert_type = mock.PropertyMock(
return_value='unsupported-type'
)
responder = controller.create_certificate(
ssl_cert,
False
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
"Cert type : unsupported-type hasn't been implemented",
responder['Akamai']['extra_info']['reason']
)
def setUp(self):
super(TestCertificates, self).setUp()
self.driver = mock.Mock()
self.driver.provider_name = 'Akamai'
self.san_cert_cnames = [str(x) for x in range(7)]
self.driver.san_cert_cnames = self.san_cert_cnames
self.controller = certificates.CertificateController(self.driver)
def test_create_ssl_certificate_sps_api_get_failure(self):
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com",
"secure.san2.poppycdn.com"]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (
controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=404,
# Mock an SPS request
text='SPS ID NOT FOUND'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
False
)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict())
)
def test_cert_delete_sni_cert_positive(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = cert_obj.domain_name
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_enrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com", "www.abc.com"]
},
"networkConfiguration": {
"mustHaveCiphers": "ak-akamai-default",
"networkType": "standard-worldwide",
"preferredCiphers": "ak-akamai-default",
"sni": {
"cloneDnsNames":
True,
"dnsNames":
["example.com", "test.example.com", "www.abc.com"]
}
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"enrollment":
"/cps/v2/enrollments/234",
"changes": ["/cps/v2/enrollments/234/changes/10001"]
}))
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('deleted',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com succeeded.',
responder['Akamai']['extra_info']['reason'])
def test_cert_create_sni_cert_positive(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"enrollment":
"/cps/v2/enrollments/234",
"changes": ["/cps/v2/enrollments/234/changes/10001"]
}))
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertEqual(self.sni_cert_cnames[0],
responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for customer domain validation for www.abc.com',
responder['Akamai']['extra_info']['action'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
def test_delete_certificate_unsupported_cert_type(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "san",
"project_id": "project_id"
})
controller = certificates.CertificateController(self.driver)
responder = controller.delete_certificate(cert_obj)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('ignored',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete cert type san not supported.',
responder['Akamai']['extra_info']['reason'])
def test_cert_delete_domain_exists_on_sni_certs(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = []
controller = certificates.CertificateController(self.driver)
responder = controller.delete_certificate(cert_obj)
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Domain does not exist on any certificate ',
responder['Akamai']['extra_info']['reason'])
def test_cert_create_sni_cert_pending_changes(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": ["/cps/v2/enrollments/234/changes/10000"]
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action'])
def test_cert_create_domain_exists_on_sni_certs(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.return_value = [data["domain_name"]]
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Domain www.abc.com already exists on sni cert 0.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_get_sans_by_host_name_exception(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!")
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('SNI cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_sni_cert_modify_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def test_cert_delete_sni_cert_pending_changes(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = cert_obj.domain_name
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_enrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": ["/cps/v2/enrollments/234/changes/10000"]
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed due to pending changes',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com failed',
responder['Akamai']['extra_info']['reason'])
def test_delete_certificate_missing_provider_details(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Cert is missing details required for delete operation {}.',
responder['Akamai']['extra_info']['reason'])
def test_delete_certificate_cps_api_failure(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com failed.',
responder['Akamai']['extra_info']['reason'])
def test_create_ssl_certificate_sps_api_post_failure(self):
self.driver.san_cert_cnames = [
"secure.san1.poppycdn.com", "secure.san2.poppycdn.com"
]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList": [{
"resourceUrl":
"/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {
"name": "createType",
"value": "modSan"
}, {
"name": "csr.cn",
"value": "secure.san3.poppycdn.com"
}, {
"name": "add.sans",
"value": "www.abc.com"
}],
"lastStatusChange":
"2015-03-19T21:47:10Z",
"spsId":
1789,
"status":
"SPS Request Complete",
"workflowProgress":
"",
"jobId":
44306
}]
}))
controller.sps_api_client.post.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), False)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict()))
def test_create_ssl_certificate_happy_path(
self, sps_status_workFlowProgress_tuple):
sps_status, workFlowProgress = sps_status_workFlowProgress_tuple
self.driver.san_cert_cnames = [
"secure.san1.poppycdn.com", "secure.san2.poppycdn.com"
]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
string_post_cert_info = '&'.join(
['%s=%s' % (k, v) for (k, v) in cert_info.items()])
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList": [{
"resourceUrl":
"/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {
"name": "createType",
"value": "modSan"
}, {
"name": "csr.cn",
"value": "secure.san3.poppycdn.com"
}, {
"name": "add.sans",
"value": "www.abc.com"
}],
"lastStatusChange":
"2015-03-19T21:47:10Z",
"spsId":
1789,
"status":
sps_status,
"workflowProgress":
workFlowProgress,
"jobId":
44306
}]
}))
controller.sps_api_client.post.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"spsId": 1789,
"resourceLocation":
"/config-secure-provisioning-service/v1/sps-requests/1856",
"Results": {
"size":
1,
"data": [{
"text": None,
"results": {
"type": "SUCCESS",
"jobID": 44434
}
}]
}
}))
controller.create_certificate(ssl_certificate.load_from_json(data),
False)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
controller.sps_api_client.post.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId),
data=string_post_cert_info.encode('utf-8'))
return
