github.com/jiasir/deis@v1.12.2/controller/api/tests/test_certificate.py (about) 1 from __future__ import unicode_literals 2 3 import json 4 5 from django.contrib.auth.models import User 6 from django.test import TestCase 7 from rest_framework.authtoken.models import Token 8 9 from api.models import App, Certificate 10 11 12 class CertificateTest(TestCase): 13 14 """Tests creation of domain SSL certificates""" 15 16 fixtures = ['tests.json'] 17 18 def setUp(self): 19 self.user = User.objects.get(username='autotest') 20 self.token = Token.objects.get(user=self.user).key 21 self.user2 = User.objects.get(username='autotest2') 22 self.token2 = Token.objects.get(user=self.user).key 23 self.url = '/v1/certs' 24 self.app = App.objects.create(owner=self.user, id='test-app') 25 self.key = """-----BEGIN RSA PRIVATE KEY----- 26 MIIEogIBAAKCAQEAwyLIwjpUQkAmh/z6JvQMAtvNu/dBuCt+R8cnQMEw4VglglMw 27 YKAm2ZXA03LYWk5EO52YaDZKPAqjng+m4k+B0ble5XG4vFRTlBhln0cR3UAYlm7Z 28 tZp/6JR1STwph+9520DUsndPTOO3ApcMMuap5yLRYApHfOwbyoiaCCUuaE/XyZn6 29 FN/9Zj1V1IMcdu8//HtM2vbDkZ5yJbUzDSqUInHXZUp7OF+kUKwem0CN+SGk20ue 30 AQ3Loxg9RWcXwA8keZ1StQsNzmRzQTP/XGEvaTrJKgBkk9GHnxmC00L9q+zb0BaH 31 aZ5KXCKbwf0mCqOZngHuKTvKpD62TvPz46xE4wIDAQABAoIBABr5HO0UKP97ZJgZ 32 lO57f4mJnpej5vaxNGRxl/Bwg/QyPgUUwLQqjxQ2ig/waQ2akf33m9CT6JECG3nG 33 yhewS86UpBRtMs79jQwEj0+EAGkn6f4pVniu4Y1hsBCue0MqDBsNjBkbOt/y/iIi 34 hPIoRkYH3w86fIU9Ed5eIYSMtyx91wpGBwwpCh4ztfQ5jbBMZ0F5J+EnvzC41x2K 35 1o0bN6pr51epQBuyHz3SNAX0ce67f0jLhPSDl76nzsQsHem7rTPY4ZFTsRZE7lW0 36 lSA0S0z/sGpdoo1g0qvzg6T73/x8g0pdtf0N2ckbbafMvX1lba86Su9/KDRpS0RK 37 dymBkFkCgYEA6VQfKG2lZ1vEPq5JUQ8be1KbqzSEfvyqXd3Cb7iFcVVP3kNCRk6m 38 O04NJYUxDuF1LpWemGt5UCUUdLxcGFTYDW6gAKyfTuve87PPVvuHNsnJcJWW77aV 39 +yDhXgYUy9fCLMxtZwTwCCrqXEUtSgK5hvlwa8bYL/dE7YGhOa2ap/8CgYEA1hil 40 ezP8REe+Z+M8tSt2hoZsxrBuso2pZRAxuMqiO0/trA3d0w2M51vSm1/NxM2JpW2y 41 SPtE9CbngyGeHNdC/SvEkHOZxKacimoD2LUjAcVA+5r+shK+ssMqnniy9Qh13AGg 42 Pj3ba9j10T3zzAhItefpIu5E+swhqs1xmhTQwx0CgYBYVzY4y1K9kFv702cE3rBr 43 /7nal1a28ZjbUzPjsrwrTb6gi1yTXAHKIGIP257YYHpKefGDCeXzdyaIkCxaNf1b 44 EJBZ0QG8EsfmAyU0bKUkFEBFdQ2hksK0Qx2wyKKlDvqAlaGySIdMwFrdNn/QLrnp 45 pZVv6Og/OOKK/fJ58QXGJwKBgDOsmzRTZc3tKw3UEPEBXog1pceHChDalEoqUHXz 46 opiCQDFI34NzP9EPnpOV2gpoOZLOGTv4ObpcMYC6+ninlCmbCMR8wl5ugFYAJJGH 47 lr10qKyRymucjp6C8KRzKW5u7lN9qPmc4Hr1UM+CDnfuf+433VNrAwctgerBz2uL 48 HqAZAoGAYbrDiueIFxHDrkCkefSyAn4Wlo6KhPSUiSqvM9k5gBWZedcvJrjbvCmW 49 K1NefGc57cAb906Lwa3MpUmKEA5IYTGsO87iAFnDMcuu+w6RwiwV/DNY8xB6dtuz 50 r8G+so0UVAch6q1OBBSBaKC1Vn3fzT72zvS7/e5BZ0p5KrqCIZg= 51 -----END RSA PRIVATE KEY-----""" 52 self.autotest_example_com_cert = """-----BEGIN CERTIFICATE----- 53 MIID3jCCAsYCCQDg75CmAL+avjANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC 54 Q0ExGTAXBgNVBAgTEEJyaXRpc2gtQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZl 55 cjEtMCsGA1UEChMkRmlzaHdvcmtzIERldmVsb3BtZW50IGFuZCBDb25zdWx0aW5n 56 MR0wGwYDVQQDExRhdXRvdGVzdC5leGFtcGxlLmNvbTEkMCIGCSqGSIb3DQEJARYV 57 bWF0dGhld2ZAZmlzaHdvcmtzLmlvMB4XDTE1MDMwNjE3MTQyN1oXDTE2MDMwNTE3 58 MTQyN1owgbAxCzAJBgNVBAYTAkNBMRkwFwYDVQQIExBCcml0aXNoLUNvbHVtYmlh 59 MRIwEAYDVQQHEwlWYW5jb3V2ZXIxLTArBgNVBAoTJEZpc2h3b3JrcyBEZXZlbG9w 60 bWVudCBhbmQgQ29uc3VsdGluZzEdMBsGA1UEAxMUYXV0b3Rlc3QuZXhhbXBsZS5j 61 b20xJDAiBgkqhkiG9w0BCQEWFW1hdHRoZXdmQGZpc2h3b3Jrcy5pbzCCASIwDQYJ 62 KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMiyMI6VEJAJof8+ib0DALbzbv3Qbgr 63 fkfHJ0DBMOFYJYJTMGCgJtmVwNNy2FpORDudmGg2SjwKo54PpuJPgdG5XuVxuLxU 64 U5QYZZ9HEd1AGJZu2bWaf+iUdUk8KYfvedtA1LJ3T0zjtwKXDDLmqeci0WAKR3zs 65 G8qImgglLmhP18mZ+hTf/WY9VdSDHHbvP/x7TNr2w5GeciW1Mw0qlCJx12VKezhf 66 pFCsHptAjfkhpNtLngENy6MYPUVnF8APJHmdUrULDc5kc0Ez/1xhL2k6ySoAZJPR 67 h58ZgtNC/avs29AWh2meSlwim8H9JgqjmZ4B7ik7yqQ+tk7z8+OsROMCAwEAATAN 68 BgkqhkiG9w0BAQUFAAOCAQEAwYpXB8z4aOBedyHikbtVjDs1k0LEtWRAX/RXQY4I 69 BAYTnO+eGs/p7o+e3LGrIt/pX8kJ0RgD7TLITUJCZ69KkG9GzZaJ/CgQgqEa4Goh 70 JCI5u5a5nkTE6zZgAkkvpbA3Mj6WXGkGk7QEiO1e6e3y0jIBhDo1piD+DIppMWwM 71 OI0/r46FDlPHnm+y7UmTx+GZB4RAxnFaJE5L76w63oIPaRc/zkhS49AYiSmlawxj 72 thejiQz0ThCMBw7QMpVOiSvYAlQG0ATsRYwdTDqENIWKlerOLCSuxmbqe8XeDKhq 73 0ExzRJX9L9CjFIx9k+fIebIJWdv4Y4YUEtbLVmkKeghVJA== 74 -----END CERTIFICATE-----""" 75 76 def test_create_certificate_with_domain(self): 77 """Tests creating a certificate.""" 78 body = {'certificate': self.autotest_example_com_cert, 'key': self.key} 79 response = self.client.post(self.url, json.dumps(body), content_type='application/json', 80 HTTP_AUTHORIZATION='token {}'.format(self.token)) 81 self.assertEqual(response.status_code, 201) 82 83 def test_create_certificate_with_different_common_name(self): 84 """ 85 In some cases such as with SAN certificates, the certificate can cover more 86 than a single domain. In that case, we want to be able to specify the common 87 name for the certificate/key. 88 """ 89 body = {'certificate': self.autotest_example_com_cert, 90 'key': self.key, 91 'common_name': 'foo.example.com'} 92 response = self.client.post(self.url, json.dumps(body), content_type='application/json', 93 HTTP_AUTHORIZATION='token {}'.format(self.token)) 94 self.assertEqual(response.status_code, 201) 95 self.assertEqual(response.data['common_name'], 'foo.example.com') 96 97 def test_get_certificate_screens_data(self): 98 """ 99 When a user retrieves a certificate, only the common name and expiry date should be 100 displayed. 101 """ 102 body = {'certificate': self.autotest_example_com_cert, 'key': self.key} 103 self.client.post(self.url, json.dumps(body), content_type='application/json', 104 HTTP_AUTHORIZATION='token {}'.format(self.token)) 105 response = self.client.get('{}/{}'.format(self.url, 'autotest.example.com'), 106 HTTP_AUTHORIZATION='token {}'.format(self.token)) 107 expected = {'common_name': 'autotest.example.com', 108 'expires': '2016-03-05T17:14:27UTC'} 109 for key, value in expected.items(): 110 self.assertEqual(response.data[key], value) 111 112 def test_certficate_denied_requests(self): 113 """Disallow put/patch requests""" 114 response = self.client.put(self.url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 115 self.assertEqual(response.status_code, 405) 116 response = self.client.patch(self.url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 117 self.assertEqual(response.status_code, 405) 118 119 def test_delete_certificate(self): 120 """Destroying a certificate should generate a 204 response""" 121 Certificate.objects.create(owner=self.user, 122 common_name='autotest.example.com', 123 certificate=self.autotest_example_com_cert) 124 url = '/v1/certs/autotest.example.com' 125 response = self.client.delete(url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 126 self.assertEqual(response.status_code, 204) 127 # deleting a wildcard cert should work too (even though they're unsupported right now) 128 # https://github.com/deis/deis/issues/3533 129 Certificate.objects.create(owner=self.user, 130 common_name='*.example.com', 131 certificate=self.autotest_example_com_cert) 132 url = '/v1/certs/*.example.com' 133 response = self.client.delete(url, HTTP_AUTHORIZATION='token {}'.format(self.token)) 134 self.assertEqual(response.status_code, 204)