def complete_order():
"""
Complete order page, either takes a SSLCertificate ID as an arg or get's
the users most recent SSL certificate.
"""
user = get_current_user()
if not user:
# TODO: fix redirect path to include args
return redirect(url_for('auth.login', redirect=request.path))
order_id = request.args.get('order_id', None)
if order_id is None:
# Fetch User's last certificate
certs = get_user_certificates(limit=1)
if len(certs) == 0:
# Not sure how they got here, best log an error
logging.error("User has no certificates")
raise Exception("Certificate not found")
cert = certs[0]
else:
cert = get_certificate(order_id, user)
if cert is None:
logging.error('Certificate not found')
raise Exception("Certificate not found")
#if cert.status != 'pending':
# TODO: redirect to dashboard
#return "Already setup"
return render_template('ssl/complete', certificate=cert)
def order_status():
"""Checks the status of an order and returns a filtered object"""
order_id = request.args.get("order_id")
user = get_current_user()
"""Security:
Here we are fetching the certificate entity attached to this order_id
from the database, if this fails then either the order_id is wrong, in
which case the subsequent API call would fail, or it belongs to another
user. Without this an authenticated user could access other people's
order statuses.
"""
cert = get_certificate(order_id, user)
if not cert:
msg = "Order %s does not exist or belongs to another user." % order_id
return jsonify(status='ERROR', msg=msg)
if cert.status == 'active':
return jsonify(status='SUCCESS', data={'status': 'active'})
try:
result = get_order_status(order_id)
data = {}
status = result['OrderStatus']['MajorStatus']
if status == 'Pending':
data['status'] = 'pending'
elif status == 'Active':
cert.status = 'active'
cert.put()
data['status'] = 'active'
else:
logging.error("Unknown status %s" % status)
data['approver_email'] = result['ApproverEmail']
return jsonify(status='SUCCESS', data=data)
except:
logging.exception("Error checking order status")
return jsonify(
status='ERROR',
msg="An error occured checking the order status"
)
def download():
"""
Prepares the certificates for download (TODO: redirect to GS)
"""
user = get_current_user()
if not user:
# TODO: fix redirect path to include args
return redirect(url_for('auth.login', redirect=request.path))
order_id = request.args.get('order_id', None)
download_type = request.args.get('type', "appengine")
force = request.args.get('force', None)
if order_id is None:
# Fetch User's last certificate
certs = get_user_certificates(limit=1)
if len(certs) == 0:
# Not sure how they got here, best log an error
logging.error("User has no certificates")
raise Exception("Certificate not found")
cert = certs[0]
else:
cert = get_certificate(order_id, user)
if cert is None:
logging.error('Certificate not found')
raise Exception("Certificate not found")
cert_modified = False
if cert.certs is None or force:
certificates = get_certificates(order_id)
cert.certs = certificates['Certificates']
cert_modified = True
if cert.appengine_cert is None or force:
appengine_cert = ''
top = None
middle = None
bottom = None
for _cert in cert.certs:
logging.info(_cert)
if _cert['FileName'] == 'PositiveSSLCA2.crt':
middle = _cert['FileContent']
elif _cert['FileName'] == 'AddTrustExternalCARoot.crt':
bottom = _cert['FileContent']
else:
top = _cert['FileContent']
if top is not None and middle is not None and bottom is not None:
appengine_cert = top + middle + bottom
else:
logging.error("Predefined ssl merging rules failed")
for _cert in cert.certs:
appengine_cert += _cert['FileContent']
cert.appengine_cert = appengine_cert
cert_modified = True
if cert_modified:
cert.put()
output = StringIO()
z = zipfile.ZipFile(output, 'w')
if download_type == 'appengine':
z.writestr("certificate.crt", fix_unicode(cert.appengine_cert))
if download_type == 'unformatted':
for _cert in cert.certs:
z.writestr(
fix_unicode(_cert['FileName']),
fix_unicode(_cert['FileContent'])
)
if cert.keypair is not None:
z.writestr("privatekey.key", fix_unicode(cert.keypair))
z.close()
response = make_response(output.getvalue())
response.headers["Content-Type"] = "multipart/x-zip"
response.headers['Content-Disposition'] = "attachment; " + \
"filename=ssl_bundle.zip"
return response
