def test_get(self):
# Setup
user_manager = UserManager()
user = user_manager.find_by_login(login='******')
# Test
status, body = self.post('/v2/actions/login/')
# Verify
self.assertEqual(200, status)
certificate = Certificate(content=str(body))
cn = certificate.subject()['CN']
username, id = cert_generator.decode_admin_user(cn)
self.assertEqual(username, user['login'])
self.assertEqual(id, user['id'])
def test_generate_user_certificate(self):
# Setup
user_manager = UserManager()
# TODO: Fix this when UserManager can create users
admin_user = user_manager.create_user('test-admin')
principal.set_principal(admin_user) # pretend the user is logged in
# Test
cert = self.manager.generate_user_certificate()
# Verify
self.assertTrue(cert is not None)
certificate = Certificate(content=cert)
cn = certificate.subject()['CN']
username, id = cert_generator.decode_admin_user(cn)
self.assertEqual(username, admin_user['login'])
self.assertEqual(id, admin_user['id'])
def check_user_cert(cert_pem):
"""
Check a client ssl certificate.
Return None if the certificate is not valid
@type cert_pem: str
@param cert_pem: pem encoded ssl certificate
@rtype: L{pulp.server.db.model.User} instance or None
@return: user corresponding to the credentials
"""
cert = Certificate(content=cert_pem)
subject = cert.subject()
encoded_user = subject.get('CN', None)
if not encoded_user:
return None
if not verify_cert(cert_pem):
_log.error('Auth certificate with CN [%s] is signed by a foreign CA' %
encoded_user)
return None
try:
username, id = cert_generator.decode_admin_user(encoded_user)
except PulpException:
return None
return check_username_password(username)