alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add ACME EAB nosql tests

Browse source
This commit is contained in:
Herman Slatman 2021-10-09 01:02:00 +02:00
parent f34d68897a
commit c26041f835
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
3 changed files with 1021 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
acme/db/nosql/account.go
View file

@ -243,8 +243,7 @@ func (db *DB) DeleteExternalAccountKey(ctx context.Context, provisionerName stri
return errors.Wrapf(err, "error loading ACME EAB Key with Key ID %s", keyID) return errors.Wrapf(err, "error loading ACME EAB Key with Key ID %s", keyID)
} }
if dbeak.Provisioner != provisionerName { if dbeak.Provisioner != provisionerName {
// TODO: change these ACME error types; they don't make a lot of sense if used in the Admin APIs return errors.New("name of provisioner does not match provisioner for which the EAB key was created")
return acme.NewError(acme.ErrorUnauthorizedType, "name of provisioner does not match provisioner for which the EAB key was created")
} }
if dbeak.Reference != "" { if dbeak.Reference != "" {
err = db.db.Del(externalAccountKeysByReferenceTable, []byte(dbeak.Reference)) err = db.db.Del(externalAccountKeysByReferenceTable, []byte(dbeak.Reference))
@ -270,7 +269,7 @@ func (db *DB) GetExternalAccountKeys(ctx context.Context, provisionerName string
for _, entry := range entries { for _, entry := range entries {
dbeak := new(dbExternalAccountKey) dbeak := new(dbExternalAccountKey)
if err = json.Unmarshal(entry.Value, dbeak); err != nil { if err = json.Unmarshal(entry.Value, dbeak); err != nil {
return nil, errors.Wrapf(err, "error unmarshaling external account key %s into dbExternalAccountKey", string(entry.Key)) return nil, errors.Wrapf(err, "error unmarshaling external account key %s into ExternalAccountKey", string(entry.Key))
} }
if dbeak.Provisioner != provisionerName { if dbeak.Provisioner != provisionerName {
continue continue
@ -314,7 +313,7 @@ func (db *DB) UpdateExternalAccountKey(ctx context.Context, provisionerName stri
} }
if old.Provisioner != provisionerName { if old.Provisioner != provisionerName {
return acme.NewError(acme.ErrorUnauthorizedType, "name of provisioner does not match provisioner for which the EAB key was created") return errors.New("name of provisioner does not match provisioner for which the EAB key was created")
} }
nu := dbExternalAccountKey{ nu := dbExternalAccountKey{

1017
acme/db/nosql/account_test.go
View file

File diff suppressed because it is too large Load diff

8
authority/admin/api/acme.go
View file

@ -137,13 +137,7 @@ func (h *Handler) GetExternalAccountKeys(w http.ResponseWriter, r *http.Request)
prov := chi.URLParam(r, "prov") prov := chi.URLParam(r, "prov")
reference := chi.URLParam(r, "ref") reference := chi.URLParam(r, "ref")
// TODO: support paging properly? It'll probably leak to the DB layer, as we have to loop through all keys // TODO: support paging? It'll probably leak to the DB layer, as we have to loop through all keys
// cursor, limit, err := api.ParseCursor(r)
// if err != nil {
// api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err,
// "error parsing cursor and limit from query params"))
// return
// }
var ( var (
key *acme.ExternalAccountKey key *acme.ExternalAccountKey