def test_only_return_existing_reg():
client = chisel2.uninitialized_client()
email = "*****@*****.**"
client.new_account(messages.NewRegistration.from_data(email=email,
terms_of_service_agreed=True))
client = chisel2.uninitialized_client(key=client.net.key)
class extendedAcct(dict):
def json_dumps(self, indent=None):
return json.dumps(self)
acct = extendedAcct({
"termsOfServiceAgreed": True,
"contact": [email],
"onlyReturnExisting": True
})
resp = client.net.post(client.directory['newAccount'], acct, acme_version=2)
if resp.status_code != 200:
raise Exception("incorrect response returned for onlyReturnExisting")
other_client = chisel2.uninitialized_client()
newAcct = extendedAcct({
"termsOfServiceAgreed": True,
"contact": [email],
"onlyReturnExisting": True
})
chisel2.expect_problem("urn:ietf:params:acme:error:accountDoesNotExist",
lambda: other_client.net.post(other_client.directory['newAccount'], newAcct, acme_version=2))
def test_only_return_existing_reg():
client = chisel2.uninitialized_client()
email = "*****@*****.**"
client.new_account(
messages.NewRegistration.from_data(email=email,
terms_of_service_agreed=True))
client = chisel2.uninitialized_client(key=client.net.key)
class extendedAcct(dict):
def json_dumps(self, indent=None):
return json.dumps(self)
acct = extendedAcct({
"termsOfServiceAgreed": True,
"contact": [email],
"onlyReturnExisting": True
})
resp = client.net.post(client.directory['newAccount'],
acct,
acme_version=2)
if resp.status_code != 200:
raise Exception("incorrect response returned for onlyReturnExisting")
other_client = chisel2.uninitialized_client()
newAcct = extendedAcct({
"termsOfServiceAgreed": True,
"contact": [email],
"onlyReturnExisting": True
})
chisel2.expect_problem(
"urn:ietf:params:acme:error:accountDoesNotExist",
lambda: other_client.net.post(
other_client.directory['newAccount'], newAcct, acme_version=2))
def test_blocked_key_account():
# Only config-next has a blocked keys file configured.
if not CONFIG_NEXT:
return
with open("test/test-ca.key", "rb") as key_file:
key = serialization.load_pem_private_key(key_file.read(),
password=None,
backend=default_backend())
# Create a client with the JWK set to a blocked private key
jwk = josepy.JWKRSA(key=key)
client = chisel2.uninitialized_client(jwk)
email = "*****@*****.**"
# Try to create an account
testPass = False
try:
client.new_account(
messages.NewRegistration.from_data(email=email,
terms_of_service_agreed=True))
except acme_errors.Error as e:
if e.typ != "urn:ietf:params:acme:error:badPublicKey":
raise Exception(
"problem did not have correct error type, had {0}".format(
e.typ))
if e.detail != "public key is forbidden":
raise Exception(
"problem did not have correct error detail, had {0}".format(
e.detail))
testPass = True
if testPass is False:
raise Exception(
"expected account creation to fail with Error when using blocked key"
)
