def test_invalid_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
from lemur.pending_certificates.service import upload
cert = {"body": WILDCARD_CERT_STR, "chain": None, "external_id": None}
with pytest.raises(ValidationError) as err:
upload(pending_certificate_from_partial_chain_ca.id, **cert)
assert str(err.value).startswith(
"Incorrect chain certificate(s) provided: '*.wild.example.org' is not signed by 'LemurTrust Unittests Root CA 2018"
)
def test_invalid_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
from lemur.pending_certificates.service import upload
cert = {'body': WILDCARD_CERT_STR,
'chain': None,
'external_id': None
}
with pytest.raises(ValidationError) as err:
upload(pending_certificate_from_partial_chain_ca.id, **cert)
assert str(err.value).startswith(
'Incorrect chain certificate(s) provided: \'*.wild.example.org\' is not signed by \'LemurTrust Unittests Root CA 2018')
def test_pending_upload(pending_certificate_from_full_chain_ca):
from lemur.pending_certificates.service import upload
from lemur.certificates.service import get
cert = {"body": WILDCARD_CERT_STR, "chain": None, "external_id": None}
pending_cert = upload(pending_certificate_from_full_chain_ca.id, **cert)
assert pending_cert.resolved
assert get(pending_cert.resolved_cert_id)
def test_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
from lemur.pending_certificates.service import upload
from lemur.certificates.service import get
cert = {'body': WILDCARD_CERT_STR,
'chain': INTERMEDIATE_CERT_STR,
'external_id': None
}
pending_cert = upload(pending_certificate_from_partial_chain_ca.id, **cert)
assert pending_cert.resolved
assert get(pending_cert.resolved_cert_id)
def post(self, pending_certificate_id, data=None):
"""
.. http:post:: /pending_certificates/1/upload
Upload the body for a (signed) pending_certificate
**Example request**:
.. sourcecode:: http
POST /certificates/1/upload HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
{
"body": "-----BEGIN CERTIFICATE-----...",
"chain": "-----BEGIN CERTIFICATE-----...",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"status": null,
"cn": "*.test.example.net",
"chain": "",
"authority": {
"active": true,
"owner": "*****@*****.**",
"id": 1,
"description": "verisign test authority",
"name": "verisign"
},
"owner": "*****@*****.**",
"serial": "82311058732025924142789179368889309156",
"id": 2288,
"issuer": "SymantecCorporation",
"dateCreated": "2016-06-03T06:09:42.133769+00:00",
"notBefore": "2016-06-03T00:00:00+00:00",
"notAfter": "2018-01-12T23:59:59+00:00",
"destinations": [],
"bits": 2048,
"body": "-----BEGIN CERTIFICATE-----...",
"description": null,
"deleted": null,
"notifications": [{
"id": 1
}],
"signingAlgorithm": "sha256",
"user": {
"username": "******",
"active": true,
"email": "*****@*****.**",
"id": 2
},
"active": true,
"domains": [{
"sensitive": false,
"id": 1090,
"name": "*.test.example.net"
}],
"replaces": [],
"rotation": true,
"rotationPolicy": {"name": "default"},
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
"roles": [{
"id": 464,
"description": "This is a google group based role created by Lemur",
"name": "*****@*****.**"
}],
"san": null
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 403: unauthenticated
:statuscode 200: no error
"""
return service.upload(pending_certificate_id, **data)
def post(self, pending_certificate_id, data=None):
"""
.. http:post:: /pending_certificates/1/upload
Upload the body for a (signed) pending_certificate
**Example request**:
.. sourcecode:: http
POST /certificates/1/upload HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
{
"body": "-----BEGIN CERTIFICATE-----...",
"chain": "-----BEGIN CERTIFICATE-----...",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"status": null,
"cn": "*.test.example.net",
"chain": "",
"authority": {
"active": true,
"owner": "*****@*****.**",
"id": 1,
"description": "verisign test authority",
"name": "verisign"
},
"owner": "*****@*****.**",
"serial": "82311058732025924142789179368889309156",
"id": 2288,
"issuer": "SymantecCorporation",
"dateCreated": "2016-06-03T06:09:42.133769+00:00",
"notBefore": "2016-06-03T00:00:00+00:00",
"notAfter": "2018-01-12T23:59:59+00:00",
"destinations": [],
"bits": 2048,
"body": "-----BEGIN CERTIFICATE-----...",
"description": null,
"deleted": null,
"notifications": [{
"id": 1
}],
"signingAlgorithm": "sha256",
"user": {
"username": "******",
"active": true,
"email": "*****@*****.**",
"id": 2
},
"active": true,
"domains": [{
"sensitive": false,
"id": 1090,
"name": "*.test.example.net"
}],
"replaces": [],
"rotation": true,
"rotationPolicy": {"name": "default"},
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
"roles": [{
"id": 464,
"description": "This is a google group based role created by Lemur",
"name": "*****@*****.**"
}],
"san": null
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 403: unauthenticated
:statuscode 200: no error
"""
return service.upload(pending_certificate_id, **data)
