mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Add factory function to create wsgi app - kills some duplicate code
This commit is contained in:
parent
4187b3064c
commit
f93ce70d6d
@ -7,7 +7,7 @@ import types
|
|||||||
import urllib.request
|
import urllib.request
|
||||||
import click
|
import click
|
||||||
from time import sleep
|
from time import sleep
|
||||||
from certidude.wrappers import Request, Certificate
|
from certidude.wrappers import Request, Certificate, CertificateAuthorityConfig
|
||||||
from certidude.auth import login_required
|
from certidude.auth import login_required
|
||||||
from certidude.mailer import Mailer
|
from certidude.mailer import Mailer
|
||||||
from pyasn1.codec.der import decoder
|
from pyasn1.codec.der import decoder
|
||||||
@ -356,3 +356,19 @@ class ApplicationConfigurationResource(CertificateAuthorityBase):
|
|||||||
resp.append_header("Content-Disposition", "attachment; filename=%s.ovpn" % cn)
|
resp.append_header("Content-Disposition", "attachment; filename=%s.ovpn" % cn)
|
||||||
resp.body = Template(open("/etc/openvpn/%s.template" % ca.slug).read()).render(ctx)
|
resp.body = Template(open("/etc/openvpn/%s.template" % ca.slug).read()).render(ctx)
|
||||||
|
|
||||||
|
|
||||||
|
def certidude_app():
|
||||||
|
config = CertificateAuthorityConfig()
|
||||||
|
|
||||||
|
app = falcon.API()
|
||||||
|
app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
|
||||||
|
app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
|
||||||
|
app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
|
||||||
|
app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
|
||||||
|
app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
|
||||||
|
app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
|
||||||
|
app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
|
||||||
|
app.add_route("/api/{ca}/request/", RequestListResource(config))
|
||||||
|
app.add_route("/api/{ca}/", IndexResource(config))
|
||||||
|
|
||||||
|
return app
|
||||||
|
@ -798,30 +798,16 @@ def certidude_serve(user, port, listen, enable_signature):
|
|||||||
|
|
||||||
click.echo("Serving API at %s:%d" % (listen, port))
|
click.echo("Serving API at %s:%d" % (listen, port))
|
||||||
import pwd
|
import pwd
|
||||||
import falcon
|
|
||||||
from wsgiref.simple_server import make_server, WSGIServer
|
from wsgiref.simple_server import make_server, WSGIServer
|
||||||
from socketserver import ThreadingMixIn
|
from socketserver import ThreadingMixIn
|
||||||
from certidude.api import CertificateAuthorityResource, \
|
from certidude.api import certidude_app
|
||||||
RequestDetailResource, RequestListResource, \
|
|
||||||
SignedCertificateDetailResource, SignedCertificateListResource, \
|
|
||||||
RevocationListResource, IndexResource, ApplicationConfigurationResource, \
|
|
||||||
CertificateStatusResource
|
|
||||||
|
|
||||||
class ThreadingWSGIServer(ThreadingMixIn, WSGIServer):
|
class ThreadingWSGIServer(ThreadingMixIn, WSGIServer):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
click.echo("Listening on %s:%d" % (listen, port))
|
click.echo("Listening on %s:%d" % (listen, port))
|
||||||
|
|
||||||
app = falcon.API()
|
app = certidude_app()
|
||||||
app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
|
|
||||||
app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
|
|
||||||
app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
|
|
||||||
app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
|
|
||||||
app.add_route("/api/{ca}/request/", RequestListResource(config))
|
|
||||||
app.add_route("/api/{ca}/", IndexResource(config))
|
|
||||||
|
|
||||||
app.add_sink(StaticResource(os.path.join(os.path.dirname(__file__), "static")))
|
app.add_sink(StaticResource(os.path.join(os.path.dirname(__file__), "static")))
|
||||||
httpd = make_server(listen, port, app, ThreadingWSGIServer)
|
httpd = make_server(listen, port, app, ThreadingWSGIServer)
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
|
"""
|
||||||
|
certidude.wsgi
|
||||||
|
~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Certidude web app factory for WSGI-compatible web servers
|
||||||
|
"""
|
||||||
import os
|
import os
|
||||||
import falcon
|
from certidude.api import certidude_app
|
||||||
from certidude.wrappers import CertificateAuthorityConfig
|
|
||||||
from certidude.api import CertificateAuthorityResource, \
|
|
||||||
RequestDetailResource, RequestListResource, \
|
|
||||||
SignedCertificateDetailResource, SignedCertificateListResource, \
|
|
||||||
RevocationListResource, IndexResource, ApplicationConfigurationResource, \
|
|
||||||
CertificateStatusResource
|
|
||||||
|
|
||||||
# TODO: deduplicate routing code
|
|
||||||
# TODO: set up /run/certidude/api paths and permissions
|
# TODO: set up /run/certidude/api paths and permissions
|
||||||
|
|
||||||
config = CertificateAuthorityConfig()
|
|
||||||
|
|
||||||
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
|
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
|
||||||
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"
|
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"
|
||||||
|
|
||||||
app = falcon.API()
|
app = certidude_app()
|
||||||
app.add_route("/api/{ca}/ocsp/", CertificateStatusResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/{cn}/openvpn", ApplicationConfigurationResource(config))
|
|
||||||
app.add_route("/api/{ca}/certificate/", CertificateAuthorityResource(config))
|
|
||||||
app.add_route("/api/{ca}/revoked/", RevocationListResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/{cn}/", SignedCertificateDetailResource(config))
|
|
||||||
app.add_route("/api/{ca}/signed/", SignedCertificateListResource(config))
|
|
||||||
app.add_route("/api/{ca}/request/{cn}/", RequestDetailResource(config))
|
|
||||||
app.add_route("/api/{ca}/request/", RequestListResource(config))
|
|
||||||
app.add_route("/api/{ca}/", IndexResource(config))
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user