Better branch handling for request API calls

2024-12-22 16:25:17 +00:00 · 2017-04-25 16:15:39 +03:00 · 2017-04-25 16:15:39 +03:00 · 4c9744308a
commit 4c9744308a
parent 7225726d66
3 changed files with 44 additions and 22 deletions
--- a/certidude/api/request.py
+++ b/certidude/api/request.py
@ -154,8 +154,15 @@ class RequestDetailResource(object):
        """
        Fetch certificate signing request as PEM
        """
+
+        try:
+            _, buf, _ = authority.get_request(cn)
+        except EnvironmentError:
+            logger.warning(u"Failed to serve non-existant request %s to %s",
+                cn, req.context.get("remote_addr"))
+            raise falcon.HTTPNotFound()
+
        resp.set_header("Content-Type", "application/pkcs10")
-        _, buf, _ = authority.get_request(cn)
        logger.debug(u"Signing request %s was downloaded by %s",
            cn, req.context.get("remote_addr"))

--- a/certidude/api/signed.py
+++ b/certidude/api/signed.py
@ -19,28 +19,28 @@ class SignedCertificateDetailResource(object):
            logger.warning(u"Failed to serve non-existant certificate %s to %s",
                cn, req.context.get("remote_addr"))
            raise falcon.HTTPNotFound()
+
+        if preferred_type == "application/x-pem-file":
+            resp.set_header("Content-Type", "application/x-pem-file")
+            resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn))
+            resp.body = buf
+            logger.debug(u"Served certificate %s to %s as application/x-pem-file",
+                cn, req.context.get("remote_addr"))
+        elif preferred_type == "application/json":
+            resp.set_header("Content-Type", "application/json")
+            resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
+            resp.body = json.dumps(dict(
+                common_name = cn,
+                serial_number = "%x" % cert.serial,
+                signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
+                expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
+                sha256sum = hashlib.sha256(buf).hexdigest()))
+            logger.debug(u"Served certificate %s to %s as application/json",
+                cn, req.context.get("remote_addr"))
        else:
-            if preferred_type == "application/x-pem-file":
-                resp.set_header("Content-Type", "application/x-pem-file")
-                resp.set_header("Content-Disposition", ("attachment; filename=%s.pem" % cn))
-                resp.body = buf
-                logger.debug(u"Served certificate %s to %s as application/x-pem-file",
-                    cn, req.context.get("remote_addr"))
-            elif preferred_type == "application/json":
-                resp.set_header("Content-Type", "application/json")
-                resp.set_header("Content-Disposition", ("attachment; filename=%s.json" % cn))
-                resp.body = json.dumps(dict(
-                    common_name = cn,
-                    serial_number = "%x" % cert.serial,
-                    signed = cert.not_valid_before.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
-                    expires = cert.not_valid_after.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z",
-                    sha256sum = hashlib.sha256(buf).hexdigest()))
-                logger.debug(u"Served certificate %s to %s as application/json",
-                    cn, req.context.get("remote_addr"))
-            else:
-                logger.debug("Client did not accept application/json or application/x-pem-file")
-                raise falcon.HTTPUnsupportedMediaType(
-                    "Client did not accept application/json or application/x-pem-file")
+            logger.debug("Client did not accept application/json or application/x-pem-file")
+            raise falcon.HTTPUnsupportedMediaType(
+                "Client did not accept application/json or application/x-pem-file")

    @csrf_protection
    @login_required
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@ -87,6 +87,21 @@ def test_cli_setup_authority():
        headers={"content-type":"application/pkcs10"})
    assert r.status_code == 409 # duplicate cn, different keypair

+    r = client().simulate_get("/api/request/test/", headers={"Accept":"application/json"})
+    assert r.status_code == 200
+    assert r.headers.get('content-type') == "application/json"
+
+    r = client().simulate_get("/api/request/test/", headers={"Accept":"application/x-pem-file"})
+    assert r.status_code == 200
+    assert r.headers.get('content-type') == "application/x-pem-file"
+
+    r = client().simulate_get("/api/request/test/", headers={"Accept":"text/plain"})
+    assert r.status_code == 415
+
+    r = client().simulate_get("/api/request/nonexistant/", headers={"Accept":"application/json"})
+    assert r.status_code == 404
+
+
    # Test command line interface
    result = runner.invoke(cli, ['list', '-srv'])
    assert not result.exception