def process_request(options):
keypair = options.get('keypair', None)
csr = options.get('csr', None)
user = options.get('user', None)
domain = options.get('domain', None)
approver_email = options.get('approver_email', None)
price = options.get('price')
coupon_code = options.get('coupon_code')
# TODO: Consume nonce and regurgitate on exception
result = check_csr(csr)
if result['isWildcardCSR']:
raise WildCardCSRError()
if domain is None:
# this was a CSR request so we need to find out the domain
if 'DominName' in result:
domain = result['DominName']
else:
domain = result['DomainName']
if coupon_code is not None:
s = URLSafeSerializer(
current_app.config.get('SECRET_KEY'), salt='SSL_COUPON_USD')
# Load the coupon
try:
options['coupon'] = coupon = s.loads(coupon_code)
# coupon should contain price, domain
if 'domain' in coupon and coupon['domain'] != '':
if domain is not None and domain != coupon['domain']:
raise DomainCouponMismatchError(domain, coupon['domain'])
if 'price' in coupon:
options['amount'] = coupon['price']
options['coupon_message'] = 'Coupon applied'
except BadPayload, e:
options['coupon_code'] = None
options['error'] = 'The coupon entered is not valid'
except BadSignature, e:
options['coupon_code'] = None
options['error'] = 'This coupon has been tampered with'
def verify_csr():
csr = request.args.get("csr", "")
if csr == "":
return jsonify(status="ERROR", msg="You haven't entered anything")
try:
result = check_csr(csr)
if result["isWildcardCSR"]:
return jsonify(status="ERROR", msg="This CSR is for a wildcard certificate")
if "DominName" in result:
domain = result["DominName"]
else:
domain = result["DomainName"]
emails = _get_approver_emails(domain)
data = {"emails": emails, "domain": domain}
return jsonify(status="SUCCESS", data=data)
except:
logging.exception("Uncaught CSR Error")
msg = "This isn't a valid CSR. If you are sure it is " + "then contact support."
return jsonify(status="ERROR", msg=msg)
def verify_csr():
csr = request.args.get("csr", '')
if csr == '':
return jsonify(status='ERROR', msg="You haven't entered anything")
try:
result = check_csr(csr)
if result['isWildcardCSR']:
return jsonify(
status='ERROR',
msg="This CSR is for a wildcard certificate"
)
if 'DominName' in result:
domain = result['DominName']
else:
domain = result['DomainName']
emails = _get_approver_emails(domain)
data = {'emails': emails, 'domain': domain}
return jsonify(status='SUCCESS', data=data)
except:
logging.exception("Uncaught CSR Error")
msg = "This isn't a valid CSR. If you are sure it is " + \
"then contact support."
return jsonify(status='ERROR', msg=msg)
def process_request(options):
keypair = options.get('keypair', None)
csr = options.get('csr', 'NO_CSR')
user = options.get('user', None)
domain = options.get('domain', None)
approver_email = options.get('approver_email', None)
price = options.get('price')
# TODO: Consume nonce and regurgitate on exception
try:
result = check_csr(csr)
if result['isWildcardCSR']:
raise WildCardCSRError()
except:
raise
# Now let's authorise a stripe payment
card = options.get('credit_card', None)
customer = user.stripe_id
amount = 3500
description = "SSL certificate for %s" % domain
if options.get('promotion') == 'academic':
amount = 1500
if amount != int(price) * 100:
do_error('Price sanity check failed, expected %s but got %s'
% (amount/100, price))
# TODO: BQ and datastore
try:
charge = stripe.Charge.create(
amount=amount,
currency="gbp",
card=card,
customer=customer,
description=description,
capture=False
)
except:
raise
if charge.card.cvc_check == "fail":
raise CVCCheckFailedError()
# Payment authorised, now let's get this certificate!
ssl_certificate = create_certificate(
parent=user.key,
csr=csr,
keypair=keypair,
domain=domain,
charge_id=charge.id,
provider="sslstore",
status="created"
)
ssl_certificate.put()
result = create_dv_ssl_order(
csr,
domain,
approver_email
)
ssl_certificate.order_id = result['TheSSLStoreOrderID']
ssl_certificate.status = "pending"
if 'VendorOrderID' in result:
ssl_certificate.vendor_id = result['VendorOrderID']
ssl_certificate.put()
# Now actually charge the credit card
# TODO: If this fails (which it should never do since the bank has issued
# an authorization which is essentially a promise that it can do the
# payment then we should automatically lock the SSL certificate)
#
# Also this can be wrapped in a deferred to benefit from automatic
# retrying.
charge.capture()
return ssl_certificate
