pogpp/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity

Gandi DNS: add live test

Browse source
This commit is contained in:
Michael Cross 2016-03-24 21:58:45 +00:00
parent 8512faba3b
commit e99d2ee63f
1 changed files with 81 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
providers/dns/gandi/gandi_test.go
View file

@ -1,15 +1,41 @@
package gandi package gandi
import ( import (
"crypto"
"crypto/rand"
"crypto/rsa"
"io" "io"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"os"
"regexp" "regexp"
"strings" "strings"
"testing" "testing"
"github.com/xenolf/lego/acme"
) )
// stagingServer is the Let's Encrypt staging server used by the live test
const stagingServer = "https://acme-staging.api.letsencrypt.org/directory"
// user implements acme.User and is used by the live test
type user struct {
Email string
Registration *acme.RegistrationResource
key crypto.PrivateKey
}
func (u *user) GetEmail() string {
return u.Email
}
func (u *user) GetRegistration() *acme.RegistrationResource {
return u.Registration
}
func (u *user) GetPrivateKey() crypto.PrivateKey {
return u.key
}
// TestDNSProvider runs Present and CleanUp against a fake Gandi RPC // TestDNSProvider runs Present and CleanUp against a fake Gandi RPC
// Server, whose responses are predetermined for particular requests. // Server, whose responses are predetermined for particular requests.
func TestDNSProvider(t *testing.T) { func TestDNSProvider(t *testing.T) {
@ -62,6 +88,61 @@ func TestDNSProvider(t *testing.T) {
} }
} }
// TestDNSProviderLive performs a live test to obtain a certificate
// using the Let's Encrypt staging server. It runs provided that both
// the environment variables GANDI_API_KEY and GANDI_TEST_DOMAIN are
// set. Otherwise the test is skipped.
//
// To complete this test, go test must be run with the -timeout=40m
// flag, since the default timeout of 10m is insufficient.
func TestDNSProviderLive(t *testing.T) {
apiKey := os.Getenv("GANDI_API_KEY")
domain := os.Getenv("GANDI_TEST_DOMAIN")
if apiKey == "" || domain == "" {
t.Skip("skipping live test")
}
// create a user.
const rsaKeySize = 2048
privateKey, err := rsa.GenerateKey(rand.Reader, rsaKeySize)
if err != nil {
t.Fatal(err)
}
myUser := user{
Email: "test@example.com",
key: privateKey,
}
// create a client using staging server
client, err := acme.NewClient(stagingServer, &myUser, acme.RSA2048)
if err != nil {
t.Fatal(err)
}
provider, err := NewDNSProviderCredentials(apiKey)
if err != nil {
t.Fatal(err)
}
err = client.SetChallengeProvider(acme.DNS01, provider)
if err != nil {
t.Fatal(err)
}
client.ExcludeChallenges([]acme.Challenge{acme.HTTP01, acme.TLSSNI01})
// register and agree tos
reg, err := client.Register()
if err != nil {
t.Fatal(err)
}
myUser.Registration = reg
err = client.AgreeToTOS()
if err != nil {
t.Fatal(err)
}
// complete the challenge
bundle := false
_, failures := client.ObtainCertificate([]string{domain}, bundle, nil)
if len(failures) > 0 {
t.Fatal(failures)
}
}
// serverResponses is the XML-RPC Request->Response map used by the // serverResponses is the XML-RPC Request->Response map used by the
// fake RPC server. It was generated by recording a real RPC session // fake RPC server. It was generated by recording a real RPC session
// which resulted in the successful issue of a cert, and then // which resulted in the successful issue of a cert, and then