|
|
@ -149,6 +149,10 @@ func TestFinalizeRequestValidate(t *testing.T) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func TestHandler_GetOrder(t *testing.T) {
|
|
|
|
func TestHandler_GetOrder(t *testing.T) {
|
|
|
|
|
|
|
|
prov := newProv()
|
|
|
|
|
|
|
|
escProvName := url.PathEscape(prov.GetName())
|
|
|
|
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
|
|
|
|
|
|
|
|
now := clock.Now()
|
|
|
|
now := clock.Now()
|
|
|
|
nbf := now
|
|
|
|
nbf := now
|
|
|
|
naf := now.Add(24 * time.Hour)
|
|
|
|
naf := now.Add(24 * time.Hour)
|
|
|
@ -171,21 +175,18 @@ func TestHandler_GetOrder(t *testing.T) {
|
|
|
|
Status: acme.StatusInvalid,
|
|
|
|
Status: acme.StatusInvalid,
|
|
|
|
Error: acme.NewError(acme.ErrorMalformedType, "order has expired"),
|
|
|
|
Error: acme.NewError(acme.ErrorMalformedType, "order has expired"),
|
|
|
|
AuthorizationURLs: []string{
|
|
|
|
AuthorizationURLs: []string{
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/foo",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/foo", baseURL.String(), escProvName),
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/bar",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/bar", baseURL.String(), escProvName),
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/baz",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/baz", baseURL.String(), escProvName),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
FinalizeURL: "https://test.ca.smallstep.com/acme/test@acme-provisioner.com/order/orderID/finalize",
|
|
|
|
FinalizeURL: fmt.Sprintf("%s/acme/%s/order/orderID/finalize", baseURL.String(), escProvName),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Request with chi context
|
|
|
|
// Request with chi context
|
|
|
|
chiCtx := chi.NewRouteContext()
|
|
|
|
chiCtx := chi.NewRouteContext()
|
|
|
|
chiCtx.URLParams.Add("ordID", o.ID)
|
|
|
|
chiCtx.URLParams.Add("ordID", o.ID)
|
|
|
|
prov := newProv()
|
|
|
|
|
|
|
|
provName := url.PathEscape(prov.GetName())
|
|
|
|
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/%s",
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/%s",
|
|
|
|
baseURL.String(), provName, o.ID)
|
|
|
|
baseURL.String(), escProvName, o.ID)
|
|
|
|
|
|
|
|
|
|
|
|
type test struct {
|
|
|
|
type test struct {
|
|
|
|
db acme.DB
|
|
|
|
db acme.DB
|
|
|
@ -285,7 +286,7 @@ func TestHandler_GetOrder(t *testing.T) {
|
|
|
|
MockGetOrder: func(ctx context.Context, id string) (*acme.Order, error) {
|
|
|
|
MockGetOrder: func(ctx context.Context, id string) (*acme.Order, error) {
|
|
|
|
return &acme.Order{
|
|
|
|
return &acme.Order{
|
|
|
|
AccountID: "accountID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
ProvisionerID: "acme/test@acme-provisioner.com",
|
|
|
|
ProvisionerID: fmt.Sprintf("acme/%s", prov.GetName()),
|
|
|
|
ExpiresAt: clock.Now().Add(-time.Hour),
|
|
|
|
ExpiresAt: clock.Now().Add(-time.Hour),
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
}, nil
|
|
|
|
}, nil
|
|
|
@ -311,7 +312,7 @@ func TestHandler_GetOrder(t *testing.T) {
|
|
|
|
return &acme.Order{
|
|
|
|
return &acme.Order{
|
|
|
|
ID: "orderID",
|
|
|
|
ID: "orderID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
ProvisionerID: "acme/test@acme-provisioner.com",
|
|
|
|
ProvisionerID: fmt.Sprintf("acme/%s", prov.GetName()),
|
|
|
|
ExpiresAt: expiry,
|
|
|
|
ExpiresAt: expiry,
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
AuthorizationIDs: []string{"foo", "bar", "baz"},
|
|
|
|
AuthorizationIDs: []string{"foo", "bar", "baz"},
|
|
|
@ -581,10 +582,10 @@ func TestHandler_newAuthorization(t *testing.T) {
|
|
|
|
func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
// Request with chi context
|
|
|
|
// Request with chi context
|
|
|
|
prov := newProv()
|
|
|
|
prov := newProv()
|
|
|
|
provName := url.PathEscape(prov.GetName())
|
|
|
|
escProvName := url.PathEscape(prov.GetName())
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/ordID",
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/ordID",
|
|
|
|
baseURL.String(), provName)
|
|
|
|
baseURL.String(), escProvName)
|
|
|
|
|
|
|
|
|
|
|
|
type test struct {
|
|
|
|
type test struct {
|
|
|
|
db acme.DB
|
|
|
|
db acme.DB
|
|
|
@ -877,8 +878,8 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/az1ID", baseURL.String(), escProvName),
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az2ID",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/az2ID", baseURL.String(), escProvName),
|
|
|
|
})
|
|
|
|
})
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
@ -968,7 +969,7 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID"})
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{fmt.Sprintf("%s/acme/%s/authz/az1ID", baseURL.String(), escProvName)})
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
@ -1059,7 +1060,7 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID"})
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{fmt.Sprintf("%s/acme/%s/authz/az1ID", baseURL.String(), escProvName)})
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
@ -1149,7 +1150,7 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID"})
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{fmt.Sprintf("%s/acme/%s/authz/az1ID", baseURL.String(), escProvName)})
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
@ -1240,7 +1241,7 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.ID, "ordID")
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Status, acme.StatusPending)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.Identifiers, nor.Identifiers)
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID"})
|
|
|
|
assert.Equals(t, o.AuthorizationURLs, []string{fmt.Sprintf("%s/acme/%s/authz/az1ID", baseURL.String(), escProvName)})
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(-testBufferDur).Before(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotBefore.Add(testBufferDur).After(expNbf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
|
assert.True(t, o.NotAfter.Add(-testBufferDur).Before(expNaf))
|
|
|
@ -1291,6 +1292,10 @@ func TestHandler_NewOrder(t *testing.T) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func TestHandler_FinalizeOrder(t *testing.T) {
|
|
|
|
func TestHandler_FinalizeOrder(t *testing.T) {
|
|
|
|
|
|
|
|
prov := newProv()
|
|
|
|
|
|
|
|
escProvName := url.PathEscape(prov.GetName())
|
|
|
|
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
|
|
|
|
|
|
|
|
now := clock.Now()
|
|
|
|
now := clock.Now()
|
|
|
|
nbf := now
|
|
|
|
nbf := now
|
|
|
|
naf := now.Add(24 * time.Hour)
|
|
|
|
naf := now.Add(24 * time.Hour)
|
|
|
@ -1311,22 +1316,19 @@ func TestHandler_FinalizeOrder(t *testing.T) {
|
|
|
|
ExpiresAt: naf,
|
|
|
|
ExpiresAt: naf,
|
|
|
|
Status: acme.StatusValid,
|
|
|
|
Status: acme.StatusValid,
|
|
|
|
AuthorizationURLs: []string{
|
|
|
|
AuthorizationURLs: []string{
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/foo",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/foo", baseURL.String(), escProvName),
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/bar",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/bar", baseURL.String(), escProvName),
|
|
|
|
"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/baz",
|
|
|
|
fmt.Sprintf("%s/acme/%s/authz/baz", baseURL.String(), escProvName),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
FinalizeURL: "https://test.ca.smallstep.com/acme/test@acme-provisioner.com/order/orderID/finalize",
|
|
|
|
FinalizeURL: fmt.Sprintf("%s/acme/%s/order/orderID/finalize", baseURL.String(), escProvName),
|
|
|
|
CertificateURL: "https://test.ca.smallstep.com/acme/test@acme-provisioner.com/certificate/certID",
|
|
|
|
CertificateURL: fmt.Sprintf("%s/acme/%s/certificate/certID", baseURL.String(), escProvName),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Request with chi context
|
|
|
|
// Request with chi context
|
|
|
|
chiCtx := chi.NewRouteContext()
|
|
|
|
chiCtx := chi.NewRouteContext()
|
|
|
|
chiCtx.URLParams.Add("ordID", o.ID)
|
|
|
|
chiCtx.URLParams.Add("ordID", o.ID)
|
|
|
|
prov := newProv()
|
|
|
|
|
|
|
|
provName := url.PathEscape(prov.GetName())
|
|
|
|
|
|
|
|
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
|
|
|
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/%s",
|
|
|
|
url := fmt.Sprintf("%s/acme/%s/order/%s",
|
|
|
|
baseURL.String(), provName, o.ID)
|
|
|
|
baseURL.String(), escProvName, o.ID)
|
|
|
|
|
|
|
|
|
|
|
|
_csr, err := pemutil.Read("../../authority/testdata/certs/foo.csr")
|
|
|
|
_csr, err := pemutil.Read("../../authority/testdata/certs/foo.csr")
|
|
|
|
assert.FatalError(t, err)
|
|
|
|
assert.FatalError(t, err)
|
|
|
@ -1488,7 +1490,7 @@ func TestHandler_FinalizeOrder(t *testing.T) {
|
|
|
|
MockGetOrder: func(ctx context.Context, id string) (*acme.Order, error) {
|
|
|
|
MockGetOrder: func(ctx context.Context, id string) (*acme.Order, error) {
|
|
|
|
return &acme.Order{
|
|
|
|
return &acme.Order{
|
|
|
|
AccountID: "accountID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
ProvisionerID: "acme/test@acme-provisioner.com",
|
|
|
|
ProvisionerID: fmt.Sprintf("acme/%s", prov.GetName()),
|
|
|
|
ExpiresAt: clock.Now().Add(-time.Hour),
|
|
|
|
ExpiresAt: clock.Now().Add(-time.Hour),
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
Status: acme.StatusReady,
|
|
|
|
}, nil
|
|
|
|
}, nil
|
|
|
@ -1515,7 +1517,7 @@ func TestHandler_FinalizeOrder(t *testing.T) {
|
|
|
|
return &acme.Order{
|
|
|
|
return &acme.Order{
|
|
|
|
ID: "orderID",
|
|
|
|
ID: "orderID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
AccountID: "accountID",
|
|
|
|
ProvisionerID: "acme/test@acme-provisioner.com",
|
|
|
|
ProvisionerID: fmt.Sprintf("acme/%s", prov.GetName()),
|
|
|
|
ExpiresAt: naf,
|
|
|
|
ExpiresAt: naf,
|
|
|
|
Status: acme.StatusValid,
|
|
|
|
Status: acme.StatusValid,
|
|
|
|
AuthorizationIDs: []string{"foo", "bar", "baz"},
|
|
|
|
AuthorizationIDs: []string{"foo", "bar", "baz"},
|
|
|
|