def test_with_broken_fixup(self):
"""Ensure broken fixups stop processing."""
self.sample_conf_ra["default_ra"]["fixups"] = {"broken": {}}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
mock_noop = mock.MagicMock()
mock_noop.name = "broken"
mock_noop.plugin.side_effects = Exception("BOOM")
jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance([mock_noop], "anchor.fixups")
with mock.patch.dict(config, data):
with self.assertRaises(webob.exc.WSGIHTTPException):
certificate_ops.fixup_csr("default_ra", self.csr, None)
def post(self):
ra_name = self.ra_name
logger.debug("processing signing request in registration authority %s",
ra_name)
try:
auth_result = auth.validate(ra_name,
pecan.request.POST.get('user'),
pecan.request.POST.get('secret'))
audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
auth_result)
except http_status.HTTPUnauthorized:
audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
None)
raise
try:
csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
pecan.request.POST.get('encoding'))
certificate_ops.validate_csr(ra_name, auth_result, csr,
pecan.request)
csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)
cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
audit.emit_signing_event(ra_name,
pecan.request.POST.get('user'),
auth_result,
fingerprint=fingerprint)
except Exception:
audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
auth_result)
raise
return cert
def post(self):
ra_name = self.ra_name
logger.debug("processing signing request in registration authority %s",
ra_name)
try:
auth_result = auth.validate(ra_name,
pecan.request.POST.get('user'),
pecan.request.POST.get('secret'))
audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
auth_result)
except http_status.HTTPUnauthorized:
audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
None)
raise
try:
csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
pecan.request.POST.get('encoding'))
certificate_ops.validate_csr(ra_name, auth_result, csr,
pecan.request)
csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)
cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
auth_result, fingerprint=fingerprint)
except Exception:
audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
auth_result)
raise
return cert
def test_with_noop(self):
"""Ensure single fixup is processed."""
self.sample_conf_ra["default_ra"]["fixups"] = {"noop": {}}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
mock_noop = mock.MagicMock()
mock_noop.name = "noop"
mock_noop.plugin.return_value = self.csr
jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance([mock_noop], "anchor.fixups")
with mock.patch.dict(config, data):
certificate_ops.fixup_csr("default_ra", self.csr, None)
mock_noop.plugin.assert_called_with(csr=self.csr, conf=self.sample_conf_ra["default_ra"], request=None)
def test_with_broken_fixup(self):
"""Ensure broken fixups stop processing."""
self.sample_conf_ra['default_ra']['fixups'] = {'broken': {}}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
mock_noop = mock.MagicMock()
mock_noop.name = "broken"
mock_noop.plugin.side_effects = Exception("BOOM")
jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance(
[mock_noop], 'anchor.fixups')
with mock.patch.dict(config, data):
with self.assertRaises(webob.exc.WSGIHTTPException):
certificate_ops.fixup_csr('default_ra', self.csr, None)
def test_with_no_fixups(self):
"""Ensure no fixups is ok."""
self.sample_conf_ra["default_ra"]["fixups"] = {}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
with mock.patch.dict(config, data):
res = certificate_ops.fixup_csr("default_ra", self.csr, None)
self.assertIs(res, self.csr)
def test_with_no_fixups(self):
"""Ensure no fixups is ok."""
self.sample_conf_ra['default_ra']['fixups'] = {}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
with mock.patch.dict(config, data):
res = certificate_ops.fixup_csr('default_ra', self.csr, None)
self.assertIs(res, self.csr)
def test_with_noop(self):
"""Ensure single fixup is processed."""
self.sample_conf_ra['default_ra']['fixups'] = {'noop': {}}
data = self.sample_conf
config = "anchor.jsonloader.conf._config"
mock_noop = mock.MagicMock()
mock_noop.name = "noop"
mock_noop.plugin.return_value = self.csr
jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance(
[mock_noop], 'anchor.fixups')
with mock.patch.dict(config, data):
certificate_ops.fixup_csr('default_ra', self.csr, None)
mock_noop.plugin.assert_called_with(
csr=self.csr, conf=self.sample_conf_ra['default_ra'], request=None)