def test_cert_create_san_send_to_queue(self, https_upgrade):
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True,
https_upgrade=https_upgrade)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
if https_upgrade is True:
self.assertTrue(
'https upgrade notes' in responder['Akamai']['extra_info'])
else:
self.assertFalse(
'https upgrade notes' in responder['Akamai']['extra_info'])
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict()))
def test_create_ssl_certificate_sps_api_get_failure(self):
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com",
"secure.san2.poppycdn.com"]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (
controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=404,
# Mock an SPS request
text='SPS ID NOT FOUND'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
False
)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict())
)
def test_create_ssl_certificate_sps_api_get_failure(self):
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com",
"secure.san2.poppycdn.com"]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (
controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=404,
# Mock an SPS request
text='SPS ID NOT FOUND'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
False
)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict())
)
def execute(self,
providers_list_json,
cert_obj_json,
enqueue=True,
https_upgrade=False):
"""Create responder from provider list of certificate creation.
:param unicode providers_list_json: list of providers(list converted to json)
:param unicode cert_obj_json: dict of certificate(dict converted to json)
:param bool enqueue: allows to push the queue directly to zookeeper
:param bool https_upgrade: upgrade from http to https
:return: list of responders
:rtype: list[dict]
"""
service_controller = memoized_controllers.task_controllers('poppy')
# call provider create_ssl_certificate function
providers_list = json.loads(providers_list_json)
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
responders = []
# try to create all certificates from each provider
for provider in providers_list:
LOG.info('Starting to create ssl certificate: {0}'
'from {1}'.format(cert_obj.to_dict(), provider))
responder = service_controller.provider_wrapper.create_certificate(
service_controller._driver.providers[provider], cert_obj,
enqueue, https_upgrade)
responders.append(responder)
return responders
def test_cert_create_sni_exceeds_host_name_limit(self):
self.mock_num_hosts_alternate.return_value = 100
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=False
)
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action']
)
def test_create_sni_exception_enqueue_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!")
self.driver.mod_san_queue.enqueue_mod_san_request.side_effect = (
Exception("Mock -- Error sending object back to queue!"))
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... Provision '
'sni cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_sni_cert_get_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=404, text='Enrollment not found.')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_sni_cert_get_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=404,
text='Enrollment not found.'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=False
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action']
)
def test_delete_certificate_cps_api_failure(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500,
text='INTERNAL SERVER ERROR'
)
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Delete request for www.abc.com failed.',
responder['Akamai']['extra_info']['reason']
)
def test_delete_certificate_positive(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"change": "/cps/v2/enrollments/234/changes/100"
})
)
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertTrue('deleted_at' in responder['Akamai']['extra_info'])
self.assertEqual(
'deleted',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Delete request for www.abc.com succeeded.',
responder['Akamai']['extra_info']['reason']
)
def test_cert_create_domain_exists_on_sni_certs(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.return_value = [data["domain_name"]]
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Domain www.abc.com already exists on sni cert 0.',
responder['Akamai']['extra_info']['action']
)
def execute(self, project_id, cert_obj_json, status_change_to):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json))
cert_details = cert_obj.cert_details
if status_change_to != "":
cert_details['Akamai']['extra_info']['status'] = (
status_change_to)
cert_details['Akamai'] = json.dumps(cert_details['Akamai'])
self.storage_controller.update_cert_info(
cert_obj.domain_name, cert_obj.cert_type,
cert_obj.flavor_id, cert_details)
service_obj = (
self.storage_controller.get_service_details_by_domain_name(
cert_obj.domain_name))
# Update provider details
if service_obj is not None:
service_obj.provider_details['Akamai'].\
domains_certificate_status.\
set_domain_certificate_status(cert_obj.domain_name,
status_change_to)
self.storage_controller.update_provider_details(
project_id, service_obj.service_id,
service_obj.provider_details)
else:
pass
def test_cert_create_get_sans_by_host_name_exception(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!"
)
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'SNI cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
def test_create_sni_exception_enqueue_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!"
)
self.driver.mod_san_queue.enqueue_mod_san_request.side_effect = (
Exception("Mock -- Error sending object back to queue!")
)
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Waiting for action... Provision '
'sni cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action']
)
def execute(self, project_id, cert_obj_json, status_change_to):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json)
)
cert_details = cert_obj.cert_details
if status_change_to != "":
cert_details['Akamai']['extra_info']['status'] = (
status_change_to)
cert_details['Akamai'] = json.dumps(cert_details['Akamai'])
self.storage_controller.update_certificate(
cert_obj.domain_name,
cert_obj.cert_type,
cert_obj.flavor_id,
cert_details
)
service_obj = (
self.service_storage.
get_service_details_by_domain_name(cert_obj.domain_name)
)
# Update provider details
if service_obj is not None:
service_obj.provider_details['Akamai'].\
domains_certificate_status.\
set_domain_certificate_status(cert_obj.domain_name,
status_change_to)
self.service_storage.update_provider_details(
project_id,
service_obj.service_id,
service_obj.provider_details
)
else:
pass
def test_delete_certificate_positive(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=200,
text=json.dumps({"change": "/cps/v2/enrollments/234/changes/100"}))
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertTrue('deleted_at' in responder['Akamai']['extra_info'])
self.assertEqual('deleted',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com succeeded.',
responder['Akamai']['extra_info']['reason'])
def test_cert_create_sni_exceeds_host_name_limit(self):
self.mock_num_hosts_alternate.return_value = 100
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action'])
def test_delete_certificate_missing_provider_details(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500,
text='INTERNAL SERVER ERROR'
)
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Cert is missing details required for delete operation {}.',
responder['Akamai']['extra_info']['reason']
)
def test_cert_create_sni_cert_pending_changes(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": [
"example.com",
"test.example.com"
]
},
"pendingChanges": [
"/cps/v2/enrollments/234/changes/10000"
]
})
)
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500,
text='INTERNAL SERVER ERROR'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=False
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action']
)
def execute(self, project_id, cert_obj_json):
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
service_controller, self.storage_controller = \
memoized_controllers.task_controllers('poppy', 'storage')
try:
self.storage_controller.create_cert(project_id, cert_obj)
except ValueError as e:
LOG.exception(e)
def execute(self, project_id, cert_obj_json):
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
service_controller, self.storage_controller = \
memoized_controllers.task_controllers('poppy', 'storage')
try:
self.storage_controller.create_cert(project_id, cert_obj)
except ValueError as e:
LOG.exception(e)
def execute(self, cert_obj_json):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json))
latest_sps_id = cert_obj.cert_details['Akamai']['extra_info'].get(
'akamai_spsId')
current_status = cert_obj.cert_details['Akamai']['extra_info'].get(
'status')
if latest_sps_id is None:
return current_status
resp = self.akamai_driver.akamai_sps_api_client.get(
self.akamai_driver.akamai_sps_api_base_url.format(
spsId=latest_sps_id
)
)
if resp.status_code != 200:
raise RuntimeError('SPS API Request Failed'
'Exception: %s' % resp.text)
sps_request_info = json.loads(resp.text)['requestList'][0]
status = sps_request_info['status']
workFlowProgress = sps_request_info.get(
'workflowProgress')
# This SAN Cert is on pending status
if status == 'SPS Request Complete':
LOG.info("SPS completed for %s..." %
cert_obj.get_san_edge_name())
return "deployed"
elif status == 'edge host already created or pending':
if workFlowProgress is not None and \
'error' in workFlowProgress.lower():
LOG.info("SPS Pending with Error:" %
workFlowProgress)
return "failed"
else:
return "deployed"
elif status == 'CPS cancelled':
return "cancelled"
else:
LOG.info(
"SPS Not completed for {0}. "
"Returning certificate object to Queue.".format(
cert_obj.get_san_edge_name()
)
)
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
cert_obj_json
)
return ""
def test_cert_delete_sni_cert_positive(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = cert_obj.domain_name
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_enrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com", "www.abc.com"]
},
"networkConfiguration": {
"mustHaveCiphers": "ak-akamai-default",
"networkType": "standard-worldwide",
"preferredCiphers": "ak-akamai-default",
"sni": {
"cloneDnsNames":
True,
"dnsNames":
["example.com", "test.example.com", "www.abc.com"]
}
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"enrollment":
"/cps/v2/enrollments/234",
"changes": ["/cps/v2/enrollments/234/changes/10001"]
}))
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('deleted',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com succeeded.',
responder['Akamai']['extra_info']['reason'])
def test_cert_create_sni_cert_modify_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": [
"example.com",
"test.example.com"
]
},
"pendingChanges": []
})
)
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500,
text='INTERNAL SERVER ERROR'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=False
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual(
'failed',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action']
)
def execute(self, project_id, cert_obj_json, responders):
service_controller, self.storage_controller = memoized_controllers.task_controllers("poppy", "storage")
cert_details = {}
for responder in responders:
for provider in responder:
cert_details[provider] = json.dumps(responder[provider])
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
self.storage_controller.update_cert_info(
cert_obj.domain_name, cert_obj.cert_type, cert_obj.flavor_id, cert_details
)
return
def test_cert_create_sni_send_to_queue(self, https_upgrade):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=True,
https_upgrade=https_upgrade
)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'SNI cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
if https_upgrade is True:
self.assertTrue(
'https upgrade notes' in responder['Akamai']['extra_info'])
else:
self.assertFalse(
'https upgrade notes' in responder['Akamai']['extra_info'])
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict())
)
def test_cert_create_sni_cert_positive(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"enrollment":
"/cps/v2/enrollments/234",
"changes": ["/cps/v2/enrollments/234/changes/10001"]
}))
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertEqual(self.sni_cert_cnames[0],
responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for customer domain validation for www.abc.com',
responder['Akamai']['extra_info']['action'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
def test_delete_certificate_unsupported_cert_type(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "san",
"project_id": "project_id"
})
controller = certificates.CertificateController(self.driver)
responder = controller.delete_certificate(cert_obj)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('ignored',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete cert type san not supported.',
responder['Akamai']['extra_info']['reason'])
def execute(self, project_id, cert_obj_json, responders):
service_controller, self.storage_controller = \
memoized_controllers.task_controllers('poppy', 'storage')
cert_details = {}
for responder in responders:
for provider in responder:
cert_details[provider] = json.dumps(responder[provider])
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
self.storage_controller.update_cert_info(cert_obj.domain_name,
cert_obj.cert_type,
cert_obj.flavor_id,
cert_details)
return
def execute(self, cert_obj_json):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json))
latest_sps_id = cert_obj.cert_details['Akamai']['extra_info'].get(
'akamai_spsId')
current_status = cert_obj.cert_details['Akamai']['extra_info'].get(
'status')
if latest_sps_id is None:
return current_status
resp = self.akamai_driver.akamai_sps_api_client.get(
self.akamai_driver.akamai_sps_api_base_url.format(
spsId=latest_sps_id))
if resp.status_code != 200:
raise RuntimeError('SPS API Request Failed'
'Exception: %s' % resp.text)
sps_request_info = json.loads(resp.text)['requestList'][0]
status = sps_request_info['status']
workFlowProgress = sps_request_info.get('workflowProgress')
# This SAN Cert is on pending status
if status == 'SPS Request Complete':
LOG.info("SPS completed for %s..." %
cert_obj.get_san_edge_name())
return "deployed"
elif status == 'edge host already created or pending':
if workFlowProgress is not None and \
'error' in workFlowProgress.lower():
LOG.info("SPS Pending with Error:" % workFlowProgress)
return "failed"
else:
return "deployed"
elif status == 'CPS cancelled':
return "cancelled"
else:
LOG.info("SPS Not completed for {0}. "
"Returning certificate object to Queue.".format(
cert_obj.get_san_edge_name()))
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
cert_obj_json)
return ""
def execute(self, project_id, cert_obj_json):
"""Create certificate if san rerun executed.
When san rerun executed, create the certificate information at cassandra.
:param unicode project_id: project id of the user
:param unicode cert_obj_json: dict of certificate(dict converted to json)
"""
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
service_controller, self.ssl_certificate_manager = \
memoized_controllers.task_controllers('poppy', 'ssl_certificate')
self.storage_controller = self.ssl_certificate_manager.storage
try:
self.storage_controller.create_certificate(project_id, cert_obj)
except ValueError as e:
LOG.exception(e)
def test_cert_delete_domain_exists_on_sni_certs(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = []
controller = certificates.CertificateController(self.driver)
responder = controller.delete_certificate(cert_obj)
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Domain does not exist on any certificate ',
responder['Akamai']['extra_info']['reason'])
def execute(self, providers_list_json, cert_obj_json):
service_controller = memoized_controllers.task_controllers("poppy")
# call provider create_ssl_certificate function
providers_list = json.loads(providers_list_json)
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
responders = []
# try to create all service from each provider
for provider in providers_list:
LOG.info("Starting to create ssl certificate: {0}".format(cert_obj.to_dict()))
LOG.info("from {0}".format(provider))
responder = service_controller.provider_wrapper.create_certificate(
service_controller._driver.providers[provider], cert_obj
)
responders.append(responder)
return responders
def execute(self, providers_list_json, cert_obj_json):
service_controller = memoized_controllers.task_controllers('poppy')
# call provider create_ssl_certificate function
providers_list = json.loads(providers_list_json)
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
responders = []
# try to create all service from each provider
for provider in providers_list:
LOG.info('Starting to create ssl certificate: {0}'.format(
cert_obj.to_dict()))
LOG.info('from {0}'.format(provider))
responder = service_controller.provider_wrapper.create_certificate(
service_controller._driver.providers[provider], cert_obj)
responders.append(responder)
return responders
def post(self):
ssl_certificate_controller = (
self._driver.manager.ssl_certificate_controller)
certificate_info_dict = json.loads(pecan.request.body.decode('utf-8'))
try:
cert_obj = ssl_certificate.load_from_json(certificate_info_dict)
ssl_certificate_controller.create_ssl_certificate(self.project_id,
cert_obj)
except LookupError as e:
pecan.abort(400, detail='Provisioning ssl certificate failed. '
'Reason: %s' % str(e))
except ValueError as e:
pecan.abort(400, detail='Provisioning ssl certificate failed. '
'Reason: %s' % str(e))
return pecan.Response(None, 202)
def test_cert_create_sni_cert_pending_changes(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": ["/cps/v2/enrollments/234/changes/10000"]
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertTrue('created_at' in responder['Akamai']['extra_info'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual(
'No available sni cert for www.abc.com right now, or no '
'sni cert info available. Support:Please write down the '
'domain and keep an eye on next available freed-up SNI certs. '
'More provisioning might be needed',
responder['Akamai']['extra_info']['action'])
def execute(self, providers_list_json, cert_obj_json):
service_controller = memoized_controllers.task_controllers('poppy')
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
providers_list = json.loads(providers_list_json)
responders = []
# try to delete all certificates from each provider
for provider in providers_list:
LOG.info(
'Starting to delete ssl certificate: {0} from {1}.'.format(
cert_obj.to_dict(), provider))
responder = service_controller.provider_wrapper.delete_certificate(
service_controller._driver.providers[provider],
cert_obj,
)
responders.append(responder)
return responders
def test_cert_create_domain_exists_on_sni_certs(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.return_value = [data["domain_name"]]
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Domain www.abc.com already exists on sni cert 0.',
responder['Akamai']['extra_info']['action'])
def test_cert_create_get_sans_by_host_name_exception(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
self.mock_sans_alternate.side_effect = Exception(
"Mock -- Error getting sans by host name!")
controller = certificates.CertificateController(self.driver)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=True)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('SNI cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
def test_delete_certificate_unsupported_cert_type(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "san",
"project_id": "project_id",
"cert_details": {}
})
controller = certificates.CertificateController(self.driver)
responder = controller.delete_certificate(cert_obj)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'ignored',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Delete cert type san not supported.',
responder['Akamai']['extra_info']['reason']
)
def test_cert_create_sni_cert_modify_enrollment_failure(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": []
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), enqueue=False)
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertIsNone(responder['Akamai']['extra_info']['sni_cert'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Waiting for action... CPS API provision '
'DV SNI cert failed for www.abc.com failed.',
responder['Akamai']['extra_info']['action'])
def execute(self, providers_list_json, cert_obj_json, enqueue=True,
https_upgrade=False):
service_controller = memoized_controllers.task_controllers('poppy')
# call provider create_ssl_certificate function
providers_list = json.loads(providers_list_json)
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
responders = []
# try to create all certificates from each provider
for provider in providers_list:
LOG.info('Starting to create ssl certificate: {0}'
'from {1}'.format(cert_obj.to_dict(), provider))
responder = service_controller.provider_wrapper.create_certificate(
service_controller._driver.providers[provider],
cert_obj,
enqueue,
https_upgrade
)
responders.append(responder)
return responders
def test_cert_delete_sni_cert_pending_changes(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id"
})
self.mock_sans_alternate.return_value = cert_obj.domain_name
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_enrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": ["example.com", "test.example.com"]
},
"pendingChanges": ["/cps/v2/enrollments/234/changes/10000"]
}))
controller.cps_api_client.put.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed due to pending changes',
responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com failed',
responder['Akamai']['extra_info']['reason'])
def execute(self, project_id, cert_obj_json, responders):
"""Update certificate information to cassandra.
:param unicode project_id: project id of the user
:param unicode cert_obj_json: dict of certificate(dict converted to json)
:param list[dict] responders: list of responder
"""
service_controller, self.ssl_certificate_manager = \
memoized_controllers.task_controllers('poppy', 'ssl_certificate')
self.storage_controller = self.ssl_certificate_manager.storage
cert_details = {}
for responder in responders:
for provider in responder:
cert_details[provider] = json.dumps(responder[provider])
cert_obj = ssl_certificate.load_from_json(json.loads(cert_obj_json))
self.storage_controller.update_certificate(cert_obj.domain_name,
cert_obj.cert_type,
cert_obj.flavor_id,
cert_details)
return
def test_delete_certificate_missing_provider_details(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual(
'Cert is missing details required for delete operation {}.',
responder['Akamai']['extra_info']['reason'])
def test_delete_certificate_cps_api_failure(self):
cert_obj = ssl_certificate.load_from_json({
"flavor_id": "flavor_id",
"domain_name": "www.abc.com",
"cert_type": "sni",
"project_id": "project_id",
"cert_details": {
'Akamai': {
'extra_info': {
'change_url': "/cps/v2/enrollments/234/changes/100"
}
}
}
})
controller = certificates.CertificateController(self.driver)
controller.cps_api_client.delete.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.delete_certificate(cert_obj)
self.assertEqual('www.abc.com', responder['Akamai']['cert_domain'])
self.assertEqual('failed', responder['Akamai']['extra_info']['status'])
self.assertEqual('Delete request for www.abc.com failed.',
responder['Akamai']['extra_info']['reason'])
def execute(self, cert_obj_json):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json))
if cert_obj.cert_type == 'san':
latest_sps_id = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'akamai_spsId')
current_status = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'status')
if latest_sps_id is None:
return current_status
resp = self.akamai_driver.akamai_sps_api_client.get(
self.akamai_driver.akamai_sps_api_base_url.format(
spsId=latest_sps_id
)
)
if resp.status_code != 200:
raise RuntimeError('SPS API Request Failed'
'Exception: %s' % resp.text)
sps_request_info = json.loads(resp.text)['requestList'][0]
status = sps_request_info['status']
workFlowProgress = sps_request_info.get(
'workflowProgress')
# This SAN Cert is on pending status
if status == 'SPS Request Complete':
LOG.info("SPS completed for %s..." %
cert_obj.get_edge_host_name())
return "deployed"
elif status == 'edge host already created or pending':
if workFlowProgress is not None and \
'error' in workFlowProgress.lower():
LOG.info("SPS Pending with Error:" %
workFlowProgress)
return "failed"
else:
return "deployed"
elif status == 'CPS cancelled':
return "cancelled"
else:
LOG.info(
"SPS Not completed for domain {0}, san_cert {1}. "
"Found status {2}. "
"Returning certificate object to Queue.".format(
cert_obj.domain_name,
cert_obj.get_edge_host_name(),
status
)
)
# convert cert_obj_json from unicode -> string
# before enqueue
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
json.dumps(cert_obj.to_dict()))
return ""
elif cert_obj.cert_type == 'sni':
change_url = cert_obj.cert_details['Akamai']['extra_info'].get(
'change_url')
current_status = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'status')
if change_url is None:
return current_status
enrollment_id = self.akamai_driver.cert_info_storage.\
get_cert_enrollment_id(cert_obj.get_edge_host_name())
headers = {
'Accept': (
'application/vnd.akamai.cps.enrollment.v1+json')
}
resp = self.akamai_driver.akamai_cps_api_client.get(
self.akamai_driver.akamai_cps_api_base_url.format(
enrollmentId=enrollment_id
),
headers=headers
)
if resp.status_code not in [200, 202]:
LOG.error(
"Unable to retrieve enrollment while attempting"
"to update cert status. Status {0} Body {1}".format(
resp.status_code,
resp.text
)
)
return current_status
resp_json = json.loads(resp.text)
pending_changes = resp_json["pendingChanges"]
dns_names = (
resp_json["networkConfiguration"]["sni"]["dnsNames"]
)
if change_url not in pending_changes:
if cert_obj.domain_name in dns_names:
return "deployed"
else:
return "failed"
else:
# the change url is still present under pending changes,
# return the item to the queue. another attempt to
# check and update the cert status should happen
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
json.dumps(cert_obj.to_dict()))
return current_status
def test_create_ssl_certificate_sps_api_post_failure(self):
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com",
"secure.san2.poppycdn.com"]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (
controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList":
[{"resourceUrl": "/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {"name": "createType", "value": "modSan"},
{"name": "csr.cn",
"value": "secure.san3.poppycdn.com"},
{"name": "add.sans",
"value": "www.abc.com"}],
"lastStatusChange": "2015-03-19T21:47:10Z",
"spsId": 1789,
"status": "SPS Request Complete",
"workflowProgress": "",
"jobId": 44306}]})
)
controller.sps_api_client.post.return_value = mock.Mock(
status_code=500,
text='INTERNAL SERVER ERROR'
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
False
)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action']
)
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict())
)
def test_cert_create_sni_cert_positive(self):
data = {
"cert_type": "sni",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
controller = certificates.CertificateController(self.driver)
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_entrollment_id.return_value = 1234
controller.cps_api_client.get.return_value = mock.Mock(
status_code=200,
text=json.dumps({
"csr": {
"cn": "www.example.com",
"c": "US",
"st": "MA",
"l": "Cambridge",
"o": "Akamai",
"ou": "WebEx",
"sans": [
"example.com",
"test.example.com"
]
},
"pendingChanges": []
})
)
controller.cps_api_client.put.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"enrollment": "/cps/v2/enrollments/234",
"changes": [
"/cps/v2/enrollments/234/changes/10001"
]
})
)
responder = controller.create_certificate(
ssl_certificate.load_from_json(data),
enqueue=False
)
self.assertEqual(
self.sni_cert_cnames[0],
responder['Akamai']['cert_domain']
)
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
self.assertEqual(
'Waiting for customer domain validation for www.abc.com',
responder['Akamai']['extra_info']['action']
)
self.assertEqual(
'create_in_progress',
responder['Akamai']['extra_info']['status']
)
def test_create_ssl_certificate_negative_path(
self,
sps_status_workFlowProgress_tuple):
sps_status, workFlowProgress = sps_status_workFlowProgress_tuple
self.driver.san_cert_cnames = ["secure.san1.poppycdn.com"]
controller = services.ServiceController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (
controller.san_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.san_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.san_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList":
[{"resourceUrl": "/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {"name": "createType", "value": "modSan"},
{"name": "csr.cn",
"value": "secure.san3.poppycdn.com"},
{"name": "add.sans",
"value": "www.abc.com"}],
"lastStatusChange": "2015-03-19T21:47:10Z",
"spsId": 1789,
"status": sps_status,
"workflowProgress": workFlowProgress,
"jobId": 44306}]})
)
controller.sps_api_client.post.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"spsId": 1789,
"resourceLocation":
"/config-secure-provisioning-service/v1/sps-requests/1856",
"Results": {
"size": 1,
"data": [{
"text": None,
"results": {
"type": "SUCCESS",
"jobID": 44434}
}]}})
)
controller.create_certificate(ssl_certificate.load_from_json(data),
False)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertFalse(controller.sps_api_client.post.called)
return
def execute(self, cert_obj_json):
if cert_obj_json != "":
cert_obj = ssl_certificate.load_from_json(
json.loads(cert_obj_json))
if cert_obj.cert_type == 'san':
latest_sps_id = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'akamai_spsId')
current_status = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'status')
if latest_sps_id is None:
return current_status
resp = self.akamai_driver.akamai_sps_api_client.get(
self.akamai_driver.akamai_sps_api_base_url.format(
spsId=latest_sps_id
)
)
if resp.status_code != 200:
raise RuntimeError('SPS API Request Failed'
'Exception: %s' % resp.text)
sps_request_info = json.loads(resp.text)['requestList'][0]
status = sps_request_info['status']
workFlowProgress = sps_request_info.get(
'workflowProgress')
# This SAN Cert is on pending status
if status == 'SPS Request Complete':
LOG.info("SPS completed for %s..." %
cert_obj.get_edge_host_name())
return "deployed"
elif status == 'edge host already created or pending':
if workFlowProgress is not None and \
'error' in workFlowProgress.lower():
LOG.info("SPS Pending with Error:" %
workFlowProgress)
return "failed"
else:
return "deployed"
elif status == 'CPS cancelled':
return "cancelled"
else:
LOG.info(
"SPS Not completed for domain {0}, san_cert {1}. "
"Found status {2}. "
"Returning certificate object to Queue.".format(
cert_obj.domain_name,
cert_obj.get_edge_host_name(),
status
)
)
# convert cert_obj_json from unicode -> string
# before enqueue
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
json.dumps(cert_obj.to_dict()))
return ""
elif cert_obj.cert_type == 'sni':
change_url = cert_obj.cert_details['Akamai']['extra_info'].get(
'change_url')
current_status = cert_obj.\
cert_details['Akamai']['extra_info'].get(
'status')
if change_url is None:
return current_status
enrollment_id = self.akamai_driver.cert_info_storage.\
get_cert_enrollment_id(cert_obj.get_edge_host_name())
headers = {
'Accept': (
'application/vnd.akamai.cps.enrollment.v1+json')
}
resp = self.akamai_driver.akamai_cps_api_client.get(
self.akamai_driver.akamai_cps_api_base_url.format(
enrollmentId=enrollment_id
),
headers=headers
)
if resp.status_code not in [200, 202]:
LOG.error(
"Unable to retrieve enrollment while attempting"
"to update cert status. Status {0} Body {1}".format(
resp.status_code,
resp.text
)
)
return current_status
resp_json = json.loads(resp.text)
pending_changes = resp_json["pendingChanges"]
dns_names = (
resp_json["networkConfiguration"]["sni"]["dnsNames"]
)
if change_url not in pending_changes:
if cert_obj.domain_name in dns_names:
return "deployed"
else:
return "failed"
else:
# the change url is still present under pending changes,
# return the item to the queue. another attempt to
# check and update the cert status should happen
self.akamai_driver.san_mapping_queue.enqueue_san_mapping(
json.dumps(cert_obj.to_dict()))
return current_status
def test_create_ssl_certificate_sps_api_post_failure(self):
self.driver.san_cert_cnames = [
"secure.san1.poppycdn.com", "secure.san2.poppycdn.com"
]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList": [{
"resourceUrl":
"/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {
"name": "createType",
"value": "modSan"
}, {
"name": "csr.cn",
"value": "secure.san3.poppycdn.com"
}, {
"name": "add.sans",
"value": "www.abc.com"
}],
"lastStatusChange":
"2015-03-19T21:47:10Z",
"spsId":
1789,
"status":
"SPS Request Complete",
"workflowProgress":
"",
"jobId":
44306
}]
}))
controller.sps_api_client.post.return_value = mock.Mock(
status_code=500, text='INTERNAL SERVER ERROR')
responder = controller.create_certificate(
ssl_certificate.load_from_json(data), False)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
self.assertIsNone(responder['Akamai']['cert_domain'])
self.assertEqual('create_in_progress',
responder['Akamai']['extra_info']['status'])
self.assertEqual('San cert request for www.abc.com has been enqueued.',
responder['Akamai']['extra_info']['action'])
mod_san_q = self.driver.mod_san_queue
mod_san_q.enqueue_mod_san_request.assert_called_once_with(
json.dumps(ssl_certificate.load_from_json(data).to_dict()))
def test_create_ssl_certificate_happy_path(
self, sps_status_workFlowProgress_tuple):
sps_status, workFlowProgress = sps_status_workFlowProgress_tuple
self.driver.san_cert_cnames = [
"secure.san1.poppycdn.com", "secure.san2.poppycdn.com"
]
controller = certificates.CertificateController(self.driver)
data = {
"cert_type": "san",
"domain_name": "www.abc.com",
"flavor_id": "premium"
}
lastSpsId = (controller.cert_info_storage.get_cert_last_spsid(
"secure.san1.poppycdn.com"))
controller.cert_info_storage.get_cert_info.return_value = {
'cnameHostname': "secure.san1.poppycdn.com",
'jobId': "secure.san1.poppycdn.com",
'issuer': 1789,
'createType': 'modSan',
'ipVersion': 'ipv4',
'slot-deployment.class': 'esslType'
}
controller.cert_info_storage.get_san_cert_hostname_limit. \
return_value = 80
cert_info = controller.cert_info_storage.get_cert_info(
"secure.san1.poppycdn.com")
cert_info['add.sans'] = "www.abc.com"
string_post_cert_info = '&'.join(
['%s=%s' % (k, v) for (k, v) in cert_info.items()])
controller.sps_api_client.get.return_value = mock.Mock(
status_code=200,
# Mock an SPS request
text=json.dumps({
"requestList": [{
"resourceUrl":
"/config-secure-provisioning-service/"
"v1/sps-requests/1849",
"parameters": [{
"name": "cnameHostname",
"value": "secure.san1.poppycdn.com"
}, {
"name": "createType",
"value": "modSan"
}, {
"name": "csr.cn",
"value": "secure.san3.poppycdn.com"
}, {
"name": "add.sans",
"value": "www.abc.com"
}],
"lastStatusChange":
"2015-03-19T21:47:10Z",
"spsId":
1789,
"status":
sps_status,
"workflowProgress":
workFlowProgress,
"jobId":
44306
}]
}))
controller.sps_api_client.post.return_value = mock.Mock(
status_code=202,
text=json.dumps({
"spsId": 1789,
"resourceLocation":
"/config-secure-provisioning-service/v1/sps-requests/1856",
"Results": {
"size":
1,
"data": [{
"text": None,
"results": {
"type": "SUCCESS",
"jobID": 44434
}
}]
}
}))
controller.create_certificate(ssl_certificate.load_from_json(data),
False)
controller.sps_api_client.get.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId))
controller.sps_api_client.post.assert_called_once_with(
controller.sps_api_base_url.format(spsId=lastSpsId),
data=string_post_cert_info.encode('utf-8'))
return