def process_request(options): keypair = options.get('keypair', None) csr = options.get('csr', None) user = options.get('user', None) domain = options.get('domain', None) approver_email = options.get('approver_email', None) price = options.get('price') coupon_code = options.get('coupon_code') # TODO: Consume nonce and regurgitate on exception result = check_csr(csr) if result['isWildcardCSR']: raise WildCardCSRError() if domain is None: # this was a CSR request so we need to find out the domain if 'DominName' in result: domain = result['DominName'] else: domain = result['DomainName'] if coupon_code is not None: s = URLSafeSerializer( current_app.config.get('SECRET_KEY'), salt='SSL_COUPON_USD') # Load the coupon try: options['coupon'] = coupon = s.loads(coupon_code) # coupon should contain price, domain if 'domain' in coupon and coupon['domain'] != '': if domain is not None and domain != coupon['domain']: raise DomainCouponMismatchError(domain, coupon['domain']) if 'price' in coupon: options['amount'] = coupon['price'] options['coupon_message'] = 'Coupon applied' except BadPayload, e: options['coupon_code'] = None options['error'] = 'The coupon entered is not valid' except BadSignature, e: options['coupon_code'] = None options['error'] = 'This coupon has been tampered with'
def verify_csr(): csr = request.args.get("csr", "") if csr == "": return jsonify(status="ERROR", msg="You haven't entered anything") try: result = check_csr(csr) if result["isWildcardCSR"]: return jsonify(status="ERROR", msg="This CSR is for a wildcard certificate") if "DominName" in result: domain = result["DominName"] else: domain = result["DomainName"] emails = _get_approver_emails(domain) data = {"emails": emails, "domain": domain} return jsonify(status="SUCCESS", data=data) except: logging.exception("Uncaught CSR Error") msg = "This isn't a valid CSR. If you are sure it is " + "then contact support." return jsonify(status="ERROR", msg=msg)
def verify_csr(): csr = request.args.get("csr", '') if csr == '': return jsonify(status='ERROR', msg="You haven't entered anything") try: result = check_csr(csr) if result['isWildcardCSR']: return jsonify( status='ERROR', msg="This CSR is for a wildcard certificate" ) if 'DominName' in result: domain = result['DominName'] else: domain = result['DomainName'] emails = _get_approver_emails(domain) data = {'emails': emails, 'domain': domain} return jsonify(status='SUCCESS', data=data) except: logging.exception("Uncaught CSR Error") msg = "This isn't a valid CSR. If you are sure it is " + \ "then contact support." return jsonify(status='ERROR', msg=msg)
def process_request(options): keypair = options.get('keypair', None) csr = options.get('csr', 'NO_CSR') user = options.get('user', None) domain = options.get('domain', None) approver_email = options.get('approver_email', None) price = options.get('price') # TODO: Consume nonce and regurgitate on exception try: result = check_csr(csr) if result['isWildcardCSR']: raise WildCardCSRError() except: raise # Now let's authorise a stripe payment card = options.get('credit_card', None) customer = user.stripe_id amount = 3500 description = "SSL certificate for %s" % domain if options.get('promotion') == 'academic': amount = 1500 if amount != int(price) * 100: do_error('Price sanity check failed, expected %s but got %s' % (amount/100, price)) # TODO: BQ and datastore try: charge = stripe.Charge.create( amount=amount, currency="gbp", card=card, customer=customer, description=description, capture=False ) except: raise if charge.card.cvc_check == "fail": raise CVCCheckFailedError() # Payment authorised, now let's get this certificate! ssl_certificate = create_certificate( parent=user.key, csr=csr, keypair=keypair, domain=domain, charge_id=charge.id, provider="sslstore", status="created" ) ssl_certificate.put() result = create_dv_ssl_order( csr, domain, approver_email ) ssl_certificate.order_id = result['TheSSLStoreOrderID'] ssl_certificate.status = "pending" if 'VendorOrderID' in result: ssl_certificate.vendor_id = result['VendorOrderID'] ssl_certificate.put() # Now actually charge the credit card # TODO: If this fails (which it should never do since the bank has issued # an authorization which is essentially a promise that it can do the # payment then we should automatically lock the SSL certificate) # # Also this can be wrapped in a deferred to benefit from automatic # retrying. charge.capture() return ssl_certificate