1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

Better branch handling for request API calls

This commit is contained in:
Lauri Võsandi 2017-04-25 16:15:39 +03:00
parent 7225726d66
commit 4c9744308a
3 changed files with 44 additions and 22 deletions

View File

@ -154,8 +154,15 @@ class RequestDetailResource(object):
""" """
Fetch certificate signing request as PEM Fetch certificate signing request as PEM
""" """
try:
_, buf, _ = authority.get_request(cn)
except EnvironmentError:
logger.warning(u"Failed to serve non-existant request %s to %s",
cn, req.context.get("remote_addr"))
raise falcon.HTTPNotFound()
resp.set_header("Content-Type", "application/pkcs10") resp.set_header("Content-Type", "application/pkcs10")
_, buf, _ = authority.get_request(cn)
logger.debug(u"Signing request %s was downloaded by %s", logger.debug(u"Signing request %s was downloaded by %s",
cn, req.context.get("remote_addr")) cn, req.context.get("remote_addr"))

View File

@ -19,28 +19,28 @@ class SignedCertificateDetailResource(object):
logger.warning(u"Failed to serve non-existant certificate %s to %s", logger.warning(u"Failed to serve non-existant certificate %s to %s",
cn, req.context.get("remote_addr")) cn, req.context.get("remote_addr"))
raise falcon.HTTPNotFound() raise falcon.HTTPNotFound()
if preferred_type == "application/x-pem-file":
resp.set_header("Content-Type", "application/x-pem-file")
resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn))
resp.body = buf
logger.debug(u"Served certificate %s to %s as application/x-pem-file",
cn, req.context.get("remote_addr"))
elif preferred_type == "application/json":
resp.set_header("Content-Type", "application/json")
resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
resp.body = json.dumps(dict(
common_name = cn,
serial_number = "%x" % cert.serial,
signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
sha256sum = hashlib.sha256(buf).hexdigest()))
logger.debug(u"Served certificate %s to %s as application/json",
cn, req.context.get("remote_addr"))
else: else:
if preferred_type == "application/x-pem-file": logger.debug("Client did not accept application/json or application/x-pem-file")
resp.set_header("Content-Type", "application/x-pem-file") raise falcon.HTTPUnsupportedMediaType(
resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn)) "Client did not accept application/json or application/x-pem-file")
resp.body = buf
logger.debug(u"Served certificate %s to %s as application/x-pem-file",
cn, req.context.get("remote_addr"))
elif preferred_type == "application/json":
resp.set_header("Content-Type", "application/json")
resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
resp.body = json.dumps(dict(
common_name = cn,
serial_number = "%x" % cert.serial,
signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
sha256sum = hashlib.sha256(buf).hexdigest()))
logger.debug(u"Served certificate %s to %s as application/json",
cn, req.context.get("remote_addr"))
else:
logger.debug("Client did not accept application/json or application/x-pem-file")
raise falcon.HTTPUnsupportedMediaType(
"Client did not accept application/json or application/x-pem-file")
@csrf_protection @csrf_protection
@login_required @login_required

View File

@ -87,6 +87,21 @@ def test_cli_setup_authority():
headers={"content-type":"application/pkcs10"}) headers={"content-type":"application/pkcs10"})
assert r.status_code == 409 # duplicate cn, different keypair assert r.status_code == 409 # duplicate cn, different keypair
r = client().simulate_get("/api/request/test/", headers={"Accept":"application/json"})
assert r.status_code == 200
assert r.headers.get('content-type') == "application/json"
r = client().simulate_get("/api/request/test/", headers={"Accept":"application/x-pem-file"})
assert r.status_code == 200
assert r.headers.get('content-type') == "application/x-pem-file"
r = client().simulate_get("/api/request/test/", headers={"Accept":"text/plain"})
assert r.status_code == 415
r = client().simulate_get("/api/request/nonexistant/", headers={"Accept":"application/json"})
assert r.status_code == 404
# Test command line interface # Test command line interface
result = runner.invoke(cli, ['list', '-srv']) result = runner.invoke(cli, ['list', '-srv'])
assert not result.exception assert not result.exception