mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Better branch handling for request API calls
This commit is contained in:
parent
7225726d66
commit
4c9744308a
@ -154,8 +154,15 @@ class RequestDetailResource(object):
|
|||||||
"""
|
"""
|
||||||
Fetch certificate signing request as PEM
|
Fetch certificate signing request as PEM
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
try:
|
||||||
|
_, buf, _ = authority.get_request(cn)
|
||||||
|
except EnvironmentError:
|
||||||
|
logger.warning(u"Failed to serve non-existant request %s to %s",
|
||||||
|
cn, req.context.get("remote_addr"))
|
||||||
|
raise falcon.HTTPNotFound()
|
||||||
|
|
||||||
resp.set_header("Content-Type", "application/pkcs10")
|
resp.set_header("Content-Type", "application/pkcs10")
|
||||||
_, buf, _ = authority.get_request(cn)
|
|
||||||
logger.debug(u"Signing request %s was downloaded by %s",
|
logger.debug(u"Signing request %s was downloaded by %s",
|
||||||
cn, req.context.get("remote_addr"))
|
cn, req.context.get("remote_addr"))
|
||||||
|
|
||||||
|
@ -19,28 +19,28 @@ class SignedCertificateDetailResource(object):
|
|||||||
logger.warning(u"Failed to serve non-existant certificate %s to %s",
|
logger.warning(u"Failed to serve non-existant certificate %s to %s",
|
||||||
cn, req.context.get("remote_addr"))
|
cn, req.context.get("remote_addr"))
|
||||||
raise falcon.HTTPNotFound()
|
raise falcon.HTTPNotFound()
|
||||||
|
|
||||||
|
if preferred_type == "application/x-pem-file":
|
||||||
|
resp.set_header("Content-Type", "application/x-pem-file")
|
||||||
|
resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn))
|
||||||
|
resp.body = buf
|
||||||
|
logger.debug(u"Served certificate %s to %s as application/x-pem-file",
|
||||||
|
cn, req.context.get("remote_addr"))
|
||||||
|
elif preferred_type == "application/json":
|
||||||
|
resp.set_header("Content-Type", "application/json")
|
||||||
|
resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
|
||||||
|
resp.body = json.dumps(dict(
|
||||||
|
common_name = cn,
|
||||||
|
serial_number = "%x" % cert.serial,
|
||||||
|
signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
|
||||||
|
expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
|
||||||
|
sha256sum = hashlib.sha256(buf).hexdigest()))
|
||||||
|
logger.debug(u"Served certificate %s to %s as application/json",
|
||||||
|
cn, req.context.get("remote_addr"))
|
||||||
else:
|
else:
|
||||||
if preferred_type == "application/x-pem-file":
|
logger.debug("Client did not accept application/json or application/x-pem-file")
|
||||||
resp.set_header("Content-Type", "application/x-pem-file")
|
raise falcon.HTTPUnsupportedMediaType(
|
||||||
resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn))
|
"Client did not accept application/json or application/x-pem-file")
|
||||||
resp.body = buf
|
|
||||||
logger.debug(u"Served certificate %s to %s as application/x-pem-file",
|
|
||||||
cn, req.context.get("remote_addr"))
|
|
||||||
elif preferred_type == "application/json":
|
|
||||||
resp.set_header("Content-Type", "application/json")
|
|
||||||
resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
|
|
||||||
resp.body = json.dumps(dict(
|
|
||||||
common_name = cn,
|
|
||||||
serial_number = "%x" % cert.serial,
|
|
||||||
signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
|
|
||||||
expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
|
|
||||||
sha256sum = hashlib.sha256(buf).hexdigest()))
|
|
||||||
logger.debug(u"Served certificate %s to %s as application/json",
|
|
||||||
cn, req.context.get("remote_addr"))
|
|
||||||
else:
|
|
||||||
logger.debug("Client did not accept application/json or application/x-pem-file")
|
|
||||||
raise falcon.HTTPUnsupportedMediaType(
|
|
||||||
"Client did not accept application/json or application/x-pem-file")
|
|
||||||
|
|
||||||
@csrf_protection
|
@csrf_protection
|
||||||
@login_required
|
@login_required
|
||||||
|
@ -87,6 +87,21 @@ def test_cli_setup_authority():
|
|||||||
headers={"content-type":"application/pkcs10"})
|
headers={"content-type":"application/pkcs10"})
|
||||||
assert r.status_code == 409 # duplicate cn, different keypair
|
assert r.status_code == 409 # duplicate cn, different keypair
|
||||||
|
|
||||||
|
r = client().simulate_get("/api/request/test/", headers={"Accept":"application/json"})
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.headers.get('content-type') == "application/json"
|
||||||
|
|
||||||
|
r = client().simulate_get("/api/request/test/", headers={"Accept":"application/x-pem-file"})
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.headers.get('content-type') == "application/x-pem-file"
|
||||||
|
|
||||||
|
r = client().simulate_get("/api/request/test/", headers={"Accept":"text/plain"})
|
||||||
|
assert r.status_code == 415
|
||||||
|
|
||||||
|
r = client().simulate_get("/api/request/nonexistant/", headers={"Accept":"application/json"})
|
||||||
|
assert r.status_code == 404
|
||||||
|
|
||||||
|
|
||||||
# Test command line interface
|
# Test command line interface
|
||||||
result = runner.invoke(cli, ['list', '-srv'])
|
result = runner.invoke(cli, ['list', '-srv'])
|
||||||
assert not result.exception
|
assert not result.exception
|
||||||
|
Loading…
Reference in New Issue
Block a user