From f93ce70d6d1025c24f73ed502ab4a4e10cdd939c Mon Sep 17 00:00:00 2001 From: Priit Laes Date: Tue, 1 Sep 2015 11:02:00 +0000 Subject: [PATCH] Add factory function to create wsgi app - kills some duplicate code --- certidude/api.py | 18 +++++++++++++++++- certidude/cli.py | 18 ++---------------- certidude/wsgi.py | 29 +++++++---------------------- 3 files changed, 26 insertions(+), 39 deletions(-) diff --git a/certidude/api.py b/certidude/api.py index 702d698..0d5bc25 100644 --- a/certidude/api.py +++ b/certidude/api.py @@ -7,7 +7,7 @@ import types import urllib.request import click from time import sleep -from certidude.wrappers import Request, Certificate +from certidude.wrappers import Request, Certificate, CertificateAuthorityConfig from certidude.auth import login_required from certidude.mailer import Mailer from pyasn1.codec.der import decoder @@ -356,3 +356,19 @@ class ApplicationConfigurationResource(CertificateAuthorityBase): resp.append_header("Content-Disposition", "attachment; filename=%s.ovpn" % cn) resp.body = Template(open("/etc/openvpn/%s.template" % ca.slug).read()).render(ctx) + +def certidude_app(): + config = CertificateAuthorityConfig() + + app = falcon.API() + app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config)) + app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config)) + app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config)) + app.add_route("/api/{ca}/revoked/", RevocationListResource(config)) + app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config)) + app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config)) + app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config)) + app.add_route("/api/{ca}/request/", RequestListResource(config)) + app.add_route("/api/{ca}/", IndexResource(config)) + + return app diff --git a/certidude/cli.py b/certidude/cli.py index 978eb98..7802bdb 100755 --- a/certidude/cli.py +++ b/certidude/cli.py @@ -798,30 +798,16 @@ def certidude_serve(user, port, listen, enable_signature): click.echo("Serving API at %s:%d" % (listen, port)) import pwd - import falcon from wsgiref.simple_server import make_server, WSGIServer from socketserver import ThreadingMixIn - from certidude.api import CertificateAuthorityResource, \ - RequestDetailResource, RequestListResource, \ - SignedCertificateDetailResource, SignedCertificateListResource, \ - RevocationListResource, IndexResource, ApplicationConfigurationResource, \ - CertificateStatusResource + from certidude.api import certidude_app class ThreadingWSGIServer(ThreadingMixIn, WSGIServer): pass click.echo("Listening on %s:%d" % (listen, port)) - app = falcon.API() - app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config)) - app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config)) - app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config)) - app.add_route("/api/{ca}/revoked/", RevocationListResource(config)) - app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config)) - app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config)) - app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config)) - app.add_route("/api/{ca}/request/", RequestListResource(config)) - app.add_route("/api/{ca}/", IndexResource(config)) + app = certidude_app() app.add_sink(StaticResource(os.path.join(os.path.dirname(__file__), "static"))) httpd = make_server(listen, port, app, ThreadingWSGIServer) diff --git a/certidude/wsgi.py b/certidude/wsgi.py index 241f6cd..5b546c4 100644 --- a/certidude/wsgi.py +++ b/certidude/wsgi.py @@ -1,29 +1,14 @@ +""" + certidude.wsgi + ~~~~~~~~~~~~~~ + Certidude web app factory for WSGI-compatible web servers +""" import os -import falcon -from certidude.wrappers import CertificateAuthorityConfig -from certidude.api import CertificateAuthorityResource, \ - RequestDetailResource, RequestListResource, \ - SignedCertificateDetailResource, SignedCertificateListResource, \ - RevocationListResource, IndexResource, ApplicationConfigurationResource, \ - CertificateStatusResource +from certidude.api import certidude_app -# TODO: deduplicate routing code # TODO: set up /run/certidude/api paths and permissions - -config = CertificateAuthorityConfig() - assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL" assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL" -app = falcon.API() -app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config)) -app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config)) -app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config)) -app.add_route("/api/{ca}/revoked/", RevocationListResource(config)) -app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config)) -app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config)) -app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config)) -app.add_route("/api/{ca}/request/", RequestListResource(config)) -app.add_route("/api/{ca}/", IndexResource(config)) - +app = certidude_app()