Merge pull request #917 from smallstep/herman/scep-get
Add SCEP GET requests
This commit is contained in:
commit
d51913f62a
2 changed files with 116 additions and 3 deletions
|
@ -86,7 +86,7 @@ func (h *handler) Get(w http.ResponseWriter, r *http.Request) {
|
||||||
case opnGetCACaps:
|
case opnGetCACaps:
|
||||||
res, err = h.GetCACaps(ctx)
|
res, err = h.GetCACaps(ctx)
|
||||||
case opnPKIOperation:
|
case opnPKIOperation:
|
||||||
// TODO: implement the GET for PKI operation? Default CACAPS doesn't specify this is in use, though
|
res, err = h.PKIOperation(ctx, req)
|
||||||
default:
|
default:
|
||||||
err = fmt.Errorf("unknown operation: %s", req.Operation)
|
err = fmt.Errorf("unknown operation: %s", req.Operation)
|
||||||
}
|
}
|
||||||
|
@ -151,8 +151,8 @@ func decodeRequest(r *http.Request) (request, error) {
|
||||||
if _, ok := query["message"]; ok {
|
if _, ok := query["message"]; ok {
|
||||||
message = query.Get("message")
|
message = query.Get("message")
|
||||||
}
|
}
|
||||||
// TODO: verify this; it seems like it should be StdEncoding instead of URLEncoding
|
// TODO: verify this; right type of encoding? Needs additional transformations?
|
||||||
decodedMessage, err := base64.URLEncoding.DecodeString(message)
|
decodedMessage, err := base64.StdEncoding.DecodeString(message)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return request{}, err
|
return request{}, err
|
||||||
}
|
}
|
||||||
|
|
113
scep/api/api_test.go
Normal file
113
scep/api/api_test.go
Normal file
|
@ -0,0 +1,113 @@
|
||||||
|
// Package api implements a SCEP HTTP server.
|
||||||
|
package api
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"errors"
|
||||||
|
"net/http"
|
||||||
|
"net/http/httptest"
|
||||||
|
"reflect"
|
||||||
|
"testing"
|
||||||
|
"testing/iotest"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_decodeRequest(t *testing.T) {
|
||||||
|
type args struct {
|
||||||
|
r *http.Request
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
args args
|
||||||
|
want request
|
||||||
|
wantErr bool
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "fail/unsupported-method",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodPatch, "http://scep:8080/?operation=AnUnsupportOperation", nil),
|
||||||
|
},
|
||||||
|
want: request{},
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/get-unsupported-operation",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodGet, "http://scep:8080/?operation=AnUnsupportOperation", nil),
|
||||||
|
},
|
||||||
|
want: request{},
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/get-PKIOperation",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodGet, "http://scep:8080/?operation=PKIOperation&message='somewronginput'", nil),
|
||||||
|
},
|
||||||
|
want: request{},
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/post-PKIOperation",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodPost, "http://scep:8080/?operation=PKIOperation", iotest.ErrReader(errors.New("a read error"))),
|
||||||
|
},
|
||||||
|
want: request{},
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/get-GetCACert",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodGet, "http://scep:8080/?operation=GetCACert", nil),
|
||||||
|
},
|
||||||
|
want: request{
|
||||||
|
Operation: "GetCACert",
|
||||||
|
Message: []byte{},
|
||||||
|
},
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/get-GetCACaps",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodGet, "http://scep:8080/?operation=GetCACaps", nil),
|
||||||
|
},
|
||||||
|
want: request{
|
||||||
|
Operation: "GetCACaps",
|
||||||
|
Message: []byte{},
|
||||||
|
},
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/get-PKIOperation",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodGet, "http://scep:8080/?operation=PKIOperation&message=MTIzNA==", nil),
|
||||||
|
},
|
||||||
|
want: request{
|
||||||
|
Operation: "PKIOperation",
|
||||||
|
Message: []byte("1234"),
|
||||||
|
},
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/post-PKIOperation",
|
||||||
|
args: args{
|
||||||
|
r: httptest.NewRequest(http.MethodPost, "http://scep:8080/?operation=PKIOperation", bytes.NewBufferString("1234")),
|
||||||
|
},
|
||||||
|
want: request{
|
||||||
|
Operation: "PKIOperation",
|
||||||
|
Message: []byte("1234"),
|
||||||
|
},
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
got, err := decodeRequest(tt.args.r)
|
||||||
|
if (err != nil) != tt.wantErr {
|
||||||
|
t.Errorf("decodeRequest() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
|
t.Errorf("decodeRequest() = %v, want %v", got, tt.want)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue