Add factory function to create wsgi app - kills some duplicate code

2025-10-31 09:29:13 +00:00 · 2015-09-01 11:02:00 +00:00
parent 4187b3064c
commit f93ce70d6d
3 changed files with 26 additions and 39 deletions
--- a/certidude/api.py
+++ b/certidude/api.py
@@ -7,7 +7,7 @@ import types
 import urllib.request
 import click
 from time import sleep
-from certidude.wrappers import Request, Certificate
+from certidude.wrappers import Request, Certificate, CertificateAuthorityConfig
 from certidude.auth import login_required
 from certidude.mailer import Mailer
 from pyasn1.codec.der import decoder
@@ -356,3 +356,19 @@ class ApplicationConfigurationResource(CertificateAuthorityBase):
        resp.append_header("Content-Disposition", "attachment; filename=%s.ovpn" % cn)
        resp.body = Template(open("/etc/openvpn/%s.template" % ca.slug).read()).render(ctx)
        
+
+def certidude_app():
+    config = CertificateAuthorityConfig()
+
+    app = falcon.API()
+    app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
+    app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
+    app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
+    app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
+    app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
+    app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
+    app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
+    app.add_route("/api/{ca}/request/", RequestListResource(config))
+    app.add_route("/api/{ca}/", IndexResource(config))
+
+    return app
--- a/certidude/cli.py
+++ b/certidude/cli.py
@@ -798,30 +798,16 @@ def certidude_serve(user, port, listen, enable_signature):

    click.echo("Serving API at %s:%d" % (listen, port))
    import pwd
-    import falcon
    from wsgiref.simple_server import make_server, WSGIServer
    from socketserver import ThreadingMixIn
-    from certidude.api import CertificateAuthorityResource, \
-        RequestDetailResource, RequestListResource, \
-        SignedCertificateDetailResource, SignedCertificateListResource, \
-        RevocationListResource, IndexResource, ApplicationConfigurationResource, \
-        CertificateStatusResource
+    from certidude.api import certidude_app

    class ThreadingWSGIServer(ThreadingMixIn, WSGIServer):
        pass

    click.echo("Listening on %s:%d" % (listen, port))

-    app = falcon.API()
-    app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
-    app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
-    app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
-    app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
-    app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
-    app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
-    app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
-    app.add_route("/api/{ca}/request/", RequestListResource(config))
-    app.add_route("/api/{ca}/", IndexResource(config))
+    app = certidude_app()

    app.add_sink(StaticResource(os.path.join(os.path.dirname(__file__), "static")))
    httpd = make_server(listen, port, app, ThreadingWSGIServer)
--- a/certidude/wsgi.py
+++ b/certidude/wsgi.py
@@ -1,29 +1,14 @@
+"""
+    certidude.wsgi
+    ~~~~~~~~~~~~~~

+    Certidude web app factory for WSGI-compatible web servers
+"""
 import os
-import falcon
-from certidude.wrappers import CertificateAuthorityConfig
-from certidude.api import CertificateAuthorityResource, \
-    RequestDetailResource, RequestListResource, \
-    SignedCertificateDetailResource, SignedCertificateListResource, \
-    RevocationListResource, IndexResource, ApplicationConfigurationResource, \
-    CertificateStatusResource
+from certidude.api import certidude_app

-# TODO: deduplicate routing code
 # TODO: set up /run/certidude/api paths and permissions
-
-config = CertificateAuthorityConfig()
-
 assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
 assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"

-app = falcon.API()
-app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
-app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
-app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
-app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
-app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
-app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
-app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
-app.add_route("/api/{ca}/request/", RequestListResource(config))
-app.add_route("/api/{ca}/", IndexResource(config))
-
+app = certidude_app()