def test_barbican_cert_text(self):
# Certificate data
self.certificate = six.text_type(sample.X509_CERT)
self.intermediates = six.text_type(sample.X509_IMDS_LIST)
self.private_key = six.text_type(sample.X509_CERT_KEY_ENCRYPTED)
self.private_key_passphrase = six.text_type(
sample.X509_CERT_KEY_PASSPHRASE)
self._prepare()
container = containers.CertificateContainer(
api=mock.MagicMock(),
certificate=self.certificate_secret,
intermediates=self.intermediates_secret,
private_key=self.private_key_secret,
private_key_passphrase=self.private_key_passphrase_secret)
# Create a cert
cert = barbican_common.BarbicanCert(cert_container=container)
# Validate the cert functions
self.assertEqual(cert.get_certificate(),
six.b(six.text_type(sample.X509_CERT)))
self.assertEqual(cert.get_intermediates(), sample.X509_IMDS_LIST)
self.assertEqual(cert.get_private_key(),
six.b(six.text_type(sample.X509_CERT_KEY_ENCRYPTED)))
self.assertEqual(cert.get_private_key_passphrase(),
six.b(sample.X509_CERT_KEY_PASSPHRASE))
def get_cert(cert_ref,
resource_ref=None,
check_only=False,
service_name='Octavia'):
"""Retrieves the specified cert and registers as a consumer.
:param cert_ref: the UUID of the cert to retrieve
:param resource_ref: Full HATEOAS reference to the consuming resource
:param check_only: Read Certificate data without registering
:param service_name: Friendly name for the consuming service
:return: octavia.certificates.common.Cert representation of the
certificate data
:raises Exception: if certificate retrieval fails
"""
connection = barbican_common.BarbicanAuth.get_barbican_client()
LOG.info(
_LI("Loading certificate container {0} from Barbican.").format(
cert_ref))
try:
if check_only:
cert_container = connection.containers.get(
container_ref=cert_ref)
else:
cert_container = connection.containers.register_consumer(
container_ref=cert_ref,
name=service_name,
url=resource_ref)
return barbican_common.BarbicanCert(cert_container)
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(
_LE("Error getting {0}: {1}").format(cert_ref, str(e)))
def get_cert(self,
context,
cert_ref,
resource_ref=None,
check_only=False,
service_name=None):
"""Retrieves the specified cert and registers as a consumer.
:param context: Oslo context of the request
:param cert_ref: the UUID of the cert to retrieve
:param resource_ref: Full HATEOAS reference to the consuming resource
:param check_only: Read Certificate data without registering
:param service_name: Friendly name for the consuming service
:return: octavia.certificates.common.Cert representation of the
certificate data
:raises Exception: if certificate retrieval fails
"""
connection = self.auth.get_barbican_client(context.project_id)
LOG.info('Loading certificate container %s from Barbican.', cert_ref)
try:
if check_only:
cert_container = connection.containers.get(
container_ref=cert_ref)
else:
cert_container = connection.containers.register_consumer(
container_ref=cert_ref,
name=service_name,
url=resource_ref)
return barbican_common.BarbicanCert(cert_container)
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error('Error getting %s: %s', cert_ref, e)
def test_barbican_cert(self):
container = barbican_client.containers.CertificateContainer(
api=mock.MagicMock(),
certificate=self.certificate_secret,
intermediates=self.intermediates_secret,
private_key=self.private_key_secret,
private_key_passphrase=self.private_key_passphrase_secret)
# Create a cert
cert = barbican_common.BarbicanCert(cert_container=container)
# Validate the cert functions
self.assertEqual(cert.get_certificate(), self.certificate)
self.assertEqual(cert.get_intermediates(), self.intermediates)
self.assertEqual(cert.get_private_key(), self.private_key)
self.assertEqual(cert.get_private_key_passphrase(),
self.private_key_passphrase)