예제 #1
0
def complete_order():
    """
    Complete order page, either takes a SSLCertificate ID as an arg or get's
    the users most recent SSL certificate.
    """
    user = get_current_user()

    if not user:
        # TODO: fix redirect path to include args
        return redirect(url_for('auth.login', redirect=request.path))

    order_id = request.args.get('order_id', None)

    if order_id is None:
        # Fetch User's last certificate
        certs = get_user_certificates(limit=1)

        if len(certs) == 0:
            # Not sure how they got here, best log an error
            logging.error("User has no certificates")
            raise Exception("Certificate not found")

        cert = certs[0]
    else:
        cert = get_certificate(order_id, user)
        if cert is None:
            logging.error('Certificate not found')
            raise Exception("Certificate not found")

    #if cert.status != 'pending':
        # TODO: redirect to dashboard
        #return "Already setup"

    return render_template('ssl/complete', certificate=cert)
예제 #2
0
def order_status():
    """Checks the status of an order and returns a filtered object"""
    order_id = request.args.get("order_id")
    user = get_current_user()

    """Security:

    Here we are fetching the certificate entity attached to this order_id
    from the database, if this fails then either the order_id is wrong, in
    which case the subsequent API call would fail, or it belongs to another
    user. Without this an authenticated user could access other people's
    order statuses.
    """
    cert = get_certificate(order_id, user)
    if not cert:
        msg = "Order %s does not exist or belongs to another user." % order_id
        return jsonify(status='ERROR', msg=msg)
    if cert.status == 'active':
        return jsonify(status='SUCCESS', data={'status': 'active'})
    try:
        result = get_order_status(order_id)
        data = {}
        status = result['OrderStatus']['MajorStatus']
        if status == 'Pending':
            data['status'] = 'pending'
        elif status == 'Active':
            cert.status = 'active'
            cert.put()
            data['status'] = 'active'
        else:
            logging.error("Unknown status %s" % status)

        data['approver_email'] = result['ApproverEmail']

        return jsonify(status='SUCCESS', data=data)

    except:
        logging.exception("Error checking order status")
        return jsonify(
            status='ERROR',
            msg="An error occured checking the order status"
        )
예제 #3
0
def download():
    """
    Prepares the certificates for download (TODO: redirect to GS)
    """
    user = get_current_user()

    if not user:
        # TODO: fix redirect path to include args
        return redirect(url_for('auth.login', redirect=request.path))

    order_id = request.args.get('order_id', None)
    download_type = request.args.get('type', "appengine")
    force = request.args.get('force', None)

    if order_id is None:
        # Fetch User's last certificate
        certs = get_user_certificates(limit=1)

        if len(certs) == 0:
            # Not sure how they got here, best log an error
            logging.error("User has no certificates")
            raise Exception("Certificate not found")

        cert = certs[0]
    else:
        cert = get_certificate(order_id, user)
        if cert is None:
            logging.error('Certificate not found')
            raise Exception("Certificate not found")

    cert_modified = False

    if cert.certs is None or force:
        certificates = get_certificates(order_id)
        cert.certs = certificates['Certificates']
        cert_modified = True

    if cert.appengine_cert is None or force:
        appengine_cert = ''
        top = None
        middle = None
        bottom = None
        for _cert in cert.certs:
            logging.info(_cert)
            if _cert['FileName'] == 'PositiveSSLCA2.crt':
                middle = _cert['FileContent']
            elif _cert['FileName'] == 'AddTrustExternalCARoot.crt':
                bottom = _cert['FileContent']
            else:
                top = _cert['FileContent']

        if top is not None and middle is not None and bottom is not None:
            appengine_cert = top + middle + bottom
        else:
            logging.error("Predefined ssl merging rules failed")
            for _cert in cert.certs:
                appengine_cert += _cert['FileContent']
        cert.appengine_cert = appengine_cert
        cert_modified = True

    if cert_modified:
        cert.put()

    output = StringIO()
    z = zipfile.ZipFile(output, 'w')

    if download_type == 'appengine':
        z.writestr("certificate.crt", fix_unicode(cert.appengine_cert))

    if download_type == 'unformatted':
        for _cert in cert.certs:
            z.writestr(
                fix_unicode(_cert['FileName']),
                fix_unicode(_cert['FileContent'])
            )

    if cert.keypair is not None:
        z.writestr("privatekey.key", fix_unicode(cert.keypair))

    z.close()
    response = make_response(output.getvalue())
    response.headers["Content-Type"] = "multipart/x-zip"
    response.headers['Content-Disposition'] = "attachment; " + \
                                              "filename=ssl_bundle.zip"
    return response