def test_should_return_ca_unavailable_for_request(self):
retry_msec = 123
status_msg = 'Test status'
self.result.status = (
cert_man.CertificateStatus.CA_UNAVAILABLE_FOR_REQUEST)
self.result.retry_msec = retry_msec
self.result.status_message = status_msg
order_ref = hrefs.convert_order_to_href(self.order.id)
cert_res.issue_certificate_request(self.order,
self.project,
self.result_follow_on)
self._verify_issue_certificate_plugins_called()
epm = self.cert_event_plugin_patcher.target._EVENT_PLUGIN_MANAGER
epm.notify_ca_is_unavailable.assert_called_once_with(
self.project.id,
order_ref,
status_msg,
retry_msec
)
self._verify_issue_certificate_plugins_called()
self.assertEqual(
common.RetryTasks.INVOKE_SAME_TASK,
self.result_follow_on.retry_task)
self.assertEqual(
cert_res.ORDER_STATUS_CA_UNAVAIL_FOR_ISSUE.id,
self.result_follow_on.status)
self.assertEqual(
cert_res.ORDER_STATUS_CA_UNAVAIL_FOR_ISSUE.message,
self.result_follow_on.status_message)
def test_should_return_ca_unavailable_for_request(self):
self.result.status = cert_man.CertificateStatus.\
CA_UNAVAILABLE_FOR_REQUEST
cert_res.issue_certificate_request(self.order_model, self.repos)
self._verify_issue_certificate_plugins_called()
def test_should_return_certificate_generated(self):
self.result.status = cert_man.CertificateStatus.CERTIFICATE_GENERATED
cert_res.issue_certificate_request(self.order_model,
self.tenant_model,
self.repos)
self._verify_issue_certificate_plugins_called()
def test_should_return_waiting_for_ca(self):
self.result.status = cert_man.CertificateStatus.WAITING_FOR_CA
cert_res.issue_certificate_request(self.order_model,
self.tenant_model,
self.repos)
self._verify_issue_certificate_plugins_called()
def handle_order(self, order):
"""Handle secret creation using meta info.
If type is key
create secret
if type is asymmetric
create secrets
create containers
if type is certificate
TBD
:param order: Order to process.
:return: None if no follow on processing is needed for this task,
otherwise a :class:`FollowOnProcessingStatusDTO` instance
with information on how to process this task into the future.
"""
result_follow_on = common.FollowOnProcessingStatusDTO()
order_info = order.to_dict_fields()
order_type = order_info.get('type')
meta_info = order_info.get('meta')
if order_info.get('creator_id'):
meta_info.setdefault('creator_id', order_info.get('creator_id'))
# Retrieve the project.
project = self.project_repo.get(order.project_id)
if order_type == models.OrderType.KEY:
# Create Secret
new_secret = plugin.generate_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
project
)
order.secret_id = new_secret.id
LOG.debug("...done creating keys order's secret.")
elif order_type == models.OrderType.ASYMMETRIC:
# Create asymmetric Secret
new_container = plugin.generate_asymmetric_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
project)
order.container_id = new_container.id
LOG.debug("...done creating asymmetric order's secret.")
elif order_type == models.OrderType.CERTIFICATE:
# Request a certificate
new_container = cert.issue_certificate_request(
order, project, result_follow_on)
if new_container:
order.container_id = new_container.id
LOG.debug("...done requesting a certificate.")
else:
raise NotImplementedError(
u._('Order type "{order_type}" not implemented.').format(
order_type=order_type))
return result_follow_on
def test_should_return_for_pyopenssl_stored_key_with_extensions(self):
self.order_meta.update(self.stored_key_meta)
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
self.private_key_value = base64.b64encode(
crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
self.store_plugin.get_secret.side_effect = self.stored_key_side_effect
self.order_meta['extensions'] = 'my ASN.1 extensions structure here'
# TODO(alee-3) Add real extensions data here
self.result.status = cert_man.CertificateStatus.WAITING_FOR_CA
cert_res.issue_certificate_request(self.order, self.project,
self.result_follow_on)
self._verify_issue_certificate_plugins_called()
self.assertIsNotNone(self.order.order_barbican_meta['generated_csr'])
def test_should_return_for_pyopenssl_stored_key_with_extensions(self):
self.order_meta.update(self.stored_key_meta)
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
self.private_key_value = base64.b64encode(crypto.dump_privatekey(
crypto.FILETYPE_PEM, pkey))
self.store_plugin.get_secret.side_effect = self.stored_key_side_effect
self.order_meta['extensions'] = 'my ASN.1 extensions structure here'
# TODO(alee-3) Add real extensions data here
self.result.status = cert_man.CertificateStatus.WAITING_FOR_CA
cert_res.issue_certificate_request(self.order,
self.project,
self.result_follow_on)
self._verify_issue_certificate_plugins_called()
self.assertIsNotNone(self.order.order_barbican_meta['generated_csr'])
def handle_order(self, order):
"""Handle secret creation using meta info.
If type is key
create secret
if type is asymmetric
create secrets
create containers
if type is certificate
TBD
:param order: Order to process.
:return: None if no follow on processing is needed for this task,
otherwise a :class:`FollowOnProcessingStatusDTO` instance
with information on how to process this task into the future.
"""
result_follow_on = common.FollowOnProcessingStatusDTO()
order_info = order.to_dict_fields()
order_type = order_info.get('type')
meta_info = order_info.get('meta')
if order_info.get('creator_id'):
meta_info.setdefault('creator_id', order_info.get('creator_id'))
# Retrieve the project.
project = self.project_repo.get(order.project_id)
if order_type == models.OrderType.KEY:
# Create Secret
new_secret = plugin.generate_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'), project)
order.secret_id = new_secret.id
LOG.debug(u._("...done creating keys order's secret."))
elif order_type == models.OrderType.ASYMMETRIC:
# Create asymmetric Secret
new_container = plugin.generate_asymmetric_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'), project)
order.container_id = new_container.id
LOG.debug(u._("...done creating asymmetric order's secret."))
elif order_type == models.OrderType.CERTIFICATE:
# Request a certificate
new_container = cert.issue_certificate_request(
order, project, result_follow_on)
if new_container:
order.container_id = new_container.id
LOG.debug(u._("...done requesting a certificate."))
else:
raise NotImplementedError(
u._('Order type "{order_type}" not implemented.').format(
order_type=order_type))
return result_follow_on
def handle_order(self, order):
"""Handle secret creation using meta info.
If type is key
create secret
if type is asymmetric
create secrets
create containers
if type is certificate
TBD
:param order: Order to process.
"""
order_info = order.to_dict_fields()
order_type = order_info.get('type')
meta_info = order_info.get('meta')
# Retrieve the tenant.
tenant = self.repos.tenant_repo.get(order.tenant_id)
if order_type == models.OrderType.KEY:
# Create Secret
new_secret = plugin.\
generate_secret(meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
tenant, self.repos)
order.secret_id = new_secret.id
LOG.debug("...done creating keys order's secret.")
elif order_type == models.OrderType.ASYMMETRIC:
# Create asymmetric Secret
new_container = plugin.generate_asymmetric_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
tenant, self.repos)
order.container_id = new_container.id
LOG.debug("...done creating asymmetric order's secret.")
elif order_type == models.OrderType.CERTIFICATE:
# Request a certificate
cert.issue_certificate_request(order, self.repos)
LOG.debug("...done requesting a certificate.")
def test_should_return_ca_unavailable_for_request(self):
retry_msec = 123
status_msg = 'Test status'
self.result.status = (
cert_man.CertificateStatus.CA_UNAVAILABLE_FOR_REQUEST)
self.result.retry_msec = retry_msec
self.result.status_message = status_msg
order_ref = hrefs.convert_order_to_href(self.order_id)
cert_res.issue_certificate_request(self.order_model,
self.tenant_model,
self.repos)
self._verify_issue_certificate_plugins_called()
epm = self.cert_event_plugin_patcher.target.EVENT_PLUGIN_MANAGER
epm.notify_ca_is_unavailable.assert_called_once_with(
self.project_id,
order_ref,
status_msg,
retry_msec
)
def handle_order(self, order):
"""Handle secret creation using meta info.
If type is key
create secret
if type is asymmetric
create secrets
create containers
if type is certificate
TBD
:param order: Order to process.
"""
order_info = order.to_dict_fields()
order_type = order_info.get('type')
meta_info = order_info.get('meta')
# Retrieve the project.
project = self.repos.project_repo.get(order.project_id)
if order_type == models.OrderType.KEY:
# Create Secret
new_secret = plugin.generate_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
project,
self.repos
)
order.secret_id = new_secret.id
LOG.debug("...done creating keys order's secret.")
elif order_type == models.OrderType.ASYMMETRIC:
# Create asymmetric Secret
new_container = plugin.generate_asymmetric_secret(
meta_info,
meta_info.get('payload_content_type',
'application/octet-stream'),
project, self.repos)
order.container_id = new_container.id
LOG.debug("...done creating asymmetric order's secret.")
elif order_type == models.OrderType.CERTIFICATE:
# Request a certificate
new_container = cert.issue_certificate_request(
order, project, self.repos)
if new_container:
order.container_id = new_container.id
LOG.debug("...done requesting a certificate.")
else:
raise NotImplementedError(
u._('Order type "{order_type}" not implemented.').format(
order_type=order_type))
def test_should_return_client_data_issue_seen(self):
self.result.status = cert_man.CertificateStatus.CLIENT_DATA_ISSUE_SEEN
cert_res.issue_certificate_request(self.order_model, self.repos)
self._verify_issue_certificate_plugins_called()