def test_generate_cert_signing_key_signing_key_password(self):
self.patch_object(cert, 'serialization')
self.patch_object(cert, 'rsa')
self.patch_object(cert, 'cryptography')
cert.generate_cert(
'unit_test.ci.local',
signing_key='signing_key',
signing_key_password='******',
)
self.assertTrue(self.serialization.NoEncryption.called)
self.serialization.load_pem_private_key.assert_called_with(
'signing_key',
password='******',
backend=self.cryptography.hazmat.backends.default_backend(),
)
self.cryptography.x509.NameAttribute.assert_called_with(
self.cryptography.x509.oid.NameOID.COMMON_NAME,
'unit_test.ci.local',
)
self.cryptography.x509.SubjectAlternativeName.assert_called_with(
[
self.cryptography.x509.DNSName('unit_test.ci.local'),
]
)
self.cryptography.x509.BasicConstraints.assert_called_with(
ca=False, path_length=None
)
def test_generate_cert_issuer_name(self):
self.patch_object(cert, 'serialization')
self.patch_object(cert, 'rsa')
self.patch_object(cert, 'cryptography')
cert.generate_cert('unit_test.ci.local', issuer_name='issuer')
self.cryptography.x509.NameAttribute.assert_called_with(
self.cryptography.x509.oid.NameOID.COMMON_NAME,
'issuer',
)
self.cryptography.x509.BasicConstraints.assert_called_with(
ca=False, path_length=None)
def test_generate_cert(self):
self.patch_object(cert, 'serialization')
self.patch_object(cert, 'rsa')
self.patch_object(cert, 'cryptography')
cert.generate_cert('unit_test.ci.local')
self.assertTrue(self.serialization.NoEncryption.called)
self.cryptography.x509.NameAttribute.assert_called_with(
self.cryptography.x509.oid.NameOID.COMMON_NAME,
'unit_test.ci.local',
)
self.cryptography.x509.SubjectAlternativeName.assert_called_with([
self.cryptography.x509.DNSName('unit_test.ci.local'),
])
self.cryptography.x509.BasicConstraints.assert_called_with(
ca=False, path_length=None)
def attach_saml_resources(application="keystone-saml-mellon"):
"""Attach resource to the Keystone SAML Mellon charm."""
test_idp_metadata_xml = "samltest.xml"
idp_metadata_xml_file = os.path.join(charm_lifecycle_utils.BUNDLE_DIR,
test_idp_metadata_xml)
idp_metadata_name = "idp-metadata"
sp_private_key_name = "sp-private-key"
sp_signing_keyinfo_name = "sp-signing-keyinfo"
zaza.model.attach_resource(application, idp_metadata_name,
idp_metadata_xml_file)
(key, cert) = cert_utils.generate_cert('SP Signing Key')
with tempfile.NamedTemporaryFile(mode='w', suffix='.pem') as fp:
fp.write(key.decode())
fp.flush()
zaza.model.attach_resource(application, sp_private_key_name, fp.name)
with tempfile.NamedTemporaryFile(mode='w', suffix='.xml') as fp:
fp.write(SP_SIGNING_KEY_INFO_XML_TEMPLATE.format(key.decode()))
fp.flush()
zaza.model.attach_resource(application, sp_signing_keyinfo_name,
fp.name)