diff --git a/acme/api/account.go b/acme/api/account.go index c7f3d11a..ae39d2f7 100644 --- a/acme/api/account.go +++ b/acme/api/account.go @@ -205,5 +205,4 @@ func (h *Handler) GetOrdersByAccountID(w http.ResponseWriter, r *http.Request) { api.JSON(w, orders) logOrdersByAccount(w, orders) - return } diff --git a/acme/api/handler.go b/acme/api/handler.go index 16deeaf8..4fb1a18a 100644 --- a/acme/api/handler.go +++ b/acme/api/handler.go @@ -142,10 +142,6 @@ func (d *Directory) ToLog() (interface{}, error) { return string(b), nil } -type directory struct { - prefix, dns string -} - // GetDirectory is the ACME resource for returning a directory configuration // for client configuration. func (h *Handler) GetDirectory(w http.ResponseWriter, r *http.Request) { diff --git a/acme/api/handler_test.go b/acme/api/handler_test.go index eb8b9f56..1ff08600 100644 --- a/acme/api/handler_test.go +++ b/acme/api/handler_test.go @@ -425,16 +425,6 @@ func TestHandler_GetCertificate(t *testing.T) { } } -func ch() acme.Challenge { - return acme.Challenge{ - Type: "http-01", - Status: "pending", - Token: "tok2", - URL: "https://ca.smallstep.com/acme/challenge/chID", - ID: "chID", - } -} - func TestHandler_GetChallenge(t *testing.T) { chiCtx := chi.NewRouteContext() chiCtx.URLParams.Add("chID", "chID") diff --git a/acme/api/order_test.go b/acme/api/order_test.go index 597ec018..506f0a0a 100644 --- a/acme/api/order_test.go +++ b/acme/api/order_test.go @@ -1570,7 +1570,7 @@ func TestHandler_FinalizeOrder(t *testing.T) { assert.FatalError(t, err) ro := new(acme.Order) - err = json.Unmarshal(body, ro) + assert.FatalError(t, json.Unmarshal(body, ro)) assert.Equals(t, bytes.TrimSpace(body), expB) assert.Equals(t, res.Header["Location"], []string{url}) diff --git a/acme/certificate_test.go b/acme/certificate_test.go deleted file mode 100644 index adbf8e00..00000000 --- a/acme/certificate_test.go +++ /dev/null @@ -1,240 +0,0 @@ -package acme - -/* -func defaultCertOps() (*CertOptions, error) { - crt, err := pemutil.ReadCertificate("../authority/testdata/certs/foo.crt") - if err != nil { - return nil, err - } - inter, err := pemutil.ReadCertificate("../authority/testdata/certs/intermediate_ca.crt") - if err != nil { - return nil, err - } - root, err := pemutil.ReadCertificate("../authority/testdata/certs/root_ca.crt") - if err != nil { - return nil, err - } - return &CertOptions{ - AccountID: "accID", - OrderID: "ordID", - Leaf: crt, - Intermediates: []*x509.Certificate{inter, root}, - }, nil -} - -func newcert() (*Certificate, error) { - ops, err := defaultCertOps() - if err != nil { - return nil, err - } - mockdb := &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - return nil, true, nil - }, - } - return newCert(mockdb, *ops) -} - -func TestNewCert(t *testing.T) { - type test struct { - db nosql.DB - ops CertOptions - err *Error - id *string - } - tests := map[string]func(t *testing.T) test{ - "fail/cmpAndSwap-error": func(t *testing.T) test { - ops, err := defaultCertOps() - assert.FatalError(t, err) - return test{ - ops: *ops, - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, old, nil) - return nil, false, errors.New("force") - }, - }, - err: ServerInternalErr(errors.Errorf("error storing certificate: force")), - } - }, - "fail/cmpAndSwap-false": func(t *testing.T) test { - ops, err := defaultCertOps() - assert.FatalError(t, err) - return test{ - ops: *ops, - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, old, nil) - return nil, false, nil - }, - }, - err: ServerInternalErr(errors.Errorf("error storing certificate; value has changed since last read")), - } - }, - "ok": func(t *testing.T) test { - ops, err := defaultCertOps() - assert.FatalError(t, err) - var _id string - id := &_id - return test{ - ops: *ops, - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, old, nil) - *id = string(key) - return nil, true, nil - }, - }, - id: id, - } - }, - } - for name, run := range tests { - t.Run(name, func(t *testing.T) { - tc := run(t) - if cert, err := newCert(tc.db, tc.ops); err != nil { - if assert.NotNil(t, tc.err) { - ae, ok := err.(*Error) - assert.True(t, ok) - assert.HasPrefix(t, ae.Error(), tc.err.Error()) - assert.Equals(t, ae.StatusCode(), tc.err.StatusCode()) - assert.Equals(t, ae.Type, tc.err.Type) - } - } else { - if assert.Nil(t, tc.err) { - assert.Equals(t, cert.ID, *tc.id) - assert.Equals(t, cert.AccountID, tc.ops.AccountID) - assert.Equals(t, cert.OrderID, tc.ops.OrderID) - - leaf := pem.EncodeToMemory(&pem.Block{ - Type: "CERTIFICATE", - Bytes: tc.ops.Leaf.Raw, - }) - var intermediates []byte - for _, cert := range tc.ops.Intermediates { - intermediates = append(intermediates, pem.EncodeToMemory(&pem.Block{ - Type: "CERTIFICATE", - Bytes: cert.Raw, - })...) - } - assert.Equals(t, cert.Leaf, leaf) - assert.Equals(t, cert.Intermediates, intermediates) - - assert.True(t, cert.Created.Before(time.Now().Add(time.Minute))) - assert.True(t, cert.Created.After(time.Now().Add(-time.Minute))) - } - } - }) - } -} - -func TestGetCert(t *testing.T) { - type test struct { - id string - db nosql.DB - cert *certificate - err *Error - } - tests := map[string]func(t *testing.T) test{ - "fail/not-found": func(t *testing.T) test { - cert, err := newcert() - assert.FatalError(t, err) - return test{ - cert: cert, - id: cert.ID, - db: &db.MockNoSQLDB{ - MGet: func(bucket, key []byte) ([]byte, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, key, []byte(cert.ID)) - return nil, database.ErrNotFound - }, - }, - err: MalformedErr(errors.Errorf("certificate %s not found: not found", cert.ID)), - } - }, - "fail/db-error": func(t *testing.T) test { - cert, err := newcert() - assert.FatalError(t, err) - return test{ - cert: cert, - id: cert.ID, - db: &db.MockNoSQLDB{ - MGet: func(bucket, key []byte) ([]byte, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, key, []byte(cert.ID)) - return nil, errors.New("force") - }, - }, - err: ServerInternalErr(errors.New("error loading certificate: force")), - } - }, - "fail/unmarshal-error": func(t *testing.T) test { - cert, err := newcert() - assert.FatalError(t, err) - return test{ - cert: cert, - id: cert.ID, - db: &db.MockNoSQLDB{ - MGet: func(bucket, key []byte) ([]byte, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, key, []byte(cert.ID)) - return nil, nil - }, - }, - err: ServerInternalErr(errors.New("error unmarshaling certificate: unexpected end of JSON input")), - } - }, - "ok": func(t *testing.T) test { - cert, err := newcert() - assert.FatalError(t, err) - b, err := json.Marshal(cert) - assert.FatalError(t, err) - return test{ - cert: cert, - id: cert.ID, - db: &db.MockNoSQLDB{ - MGet: func(bucket, key []byte) ([]byte, error) { - assert.Equals(t, bucket, certTable) - assert.Equals(t, key, []byte(cert.ID)) - return b, nil - }, - }, - } - }, - } - for name, run := range tests { - t.Run(name, func(t *testing.T) { - tc := run(t) - if cert, err := getCert(tc.db, tc.id); err != nil { - if assert.NotNil(t, tc.err) { - ae, ok := err.(*Error) - assert.True(t, ok) - assert.HasPrefix(t, ae.Error(), tc.err.Error()) - assert.Equals(t, ae.StatusCode(), tc.err.StatusCode()) - assert.Equals(t, ae.Type, tc.err.Type) - } - } else { - if assert.Nil(t, tc.err) { - assert.Equals(t, tc.cert.ID, cert.ID) - assert.Equals(t, tc.cert.AccountID, cert.AccountID) - assert.Equals(t, tc.cert.OrderID, cert.OrderID) - assert.Equals(t, tc.cert.Created, cert.Created) - assert.Equals(t, tc.cert.Leaf, cert.Leaf) - assert.Equals(t, tc.cert.Intermediates, cert.Intermediates) - } - } - }) - } -} - -func TestCertificateToACME(t *testing.T) { - cert, err := newcert() - assert.FatalError(t, err) - acmeCert, err := cert.toACME(nil, nil) - assert.FatalError(t, err) - assert.Equals(t, append(cert.Leaf, cert.Intermediates...), acmeCert) -} -*/ diff --git a/acme/db/nosql/authz.go b/acme/db/nosql/authz.go index 449a9276..c3283603 100644 --- a/acme/db/nosql/authz.go +++ b/acme/db/nosql/authz.go @@ -10,8 +10,6 @@ import ( "github.com/smallstep/nosql" ) -var defaultExpiryDuration = time.Hour * 24 - // dbAuthz is the base authz type that others build from. type dbAuthz struct { ID string `json:"id"` diff --git a/acme/db/nosql/nonce_test.go b/acme/db/nosql/nonce_test.go index 1159ec00..131438f6 100644 --- a/acme/db/nosql/nonce_test.go +++ b/acme/db/nosql/nonce_test.go @@ -16,10 +16,9 @@ import ( func TestDB_CreateNonce(t *testing.T) { type test struct { - db nosql.DB - nonce *acme.Nonce - err error - _id *string + db nosql.DB + err error + _id *string } var tests = map[string]func(t *testing.T) test{ "fail/cmpAndSwap-error": func(t *testing.T) test { diff --git a/acme/db/nosql/nosql_test.go b/acme/db/nosql/nosql_test.go index 7fd21c50..4396acc8 100644 --- a/acme/db/nosql/nosql_test.go +++ b/acme/db/nosql/nosql_test.go @@ -16,7 +16,7 @@ func TestNew(t *testing.T) { err error } var tests = map[string]test{ - "fail/db.CreateTable-error": test{ + "fail/db.CreateTable-error": { db: &db.MockNoSQLDB{ MCreateTable: func(bucket []byte) error { assert.Equals(t, string(bucket), string(accountTable)) @@ -25,7 +25,7 @@ func TestNew(t *testing.T) { }, err: errors.Errorf("error creating table %s: force", string(accountTable)), }, - "ok": test{ + "ok": { db: &db.MockNoSQLDB{ MCreateTable: func(bucket []byte) error { return nil @@ -60,16 +60,16 @@ func TestDB_save(t *testing.T) { err error } var tests = map[string]test{ - "fail/error-marshaling-new": test{ + "fail/error-marshaling-new": { nu: errorThrower("foo"), err: errors.New("error marshaling acme type: challenge"), }, - "fail/error-marshaling-old": test{ + "fail/error-marshaling-old": { nu: "new", old: errorThrower("foo"), err: errors.New("error marshaling acme type: challenge"), }, - "fail/db.CmpAndSwap-error": test{ + "fail/db.CmpAndSwap-error": { nu: "new", old: "old", db: &db.MockNoSQLDB{ @@ -83,7 +83,7 @@ func TestDB_save(t *testing.T) { }, err: errors.New("error saving acme challenge: force"), }, - "fail/db.CmpAndSwap-false-marshaling-old": test{ + "fail/db.CmpAndSwap-false-marshaling-old": { nu: "new", old: "old", db: &db.MockNoSQLDB{ @@ -97,7 +97,7 @@ func TestDB_save(t *testing.T) { }, err: errors.New("error saving acme challenge; changed since last read"), }, - "ok": test{ + "ok": { nu: "new", old: "old", db: &db.MockNoSQLDB{ @@ -110,7 +110,7 @@ func TestDB_save(t *testing.T) { }, }, }, - "ok/nils": test{ + "ok/nils": { nu: nil, old: nil, db: &db.MockNoSQLDB{ diff --git a/acme/db/nosql/order.go b/acme/db/nosql/order.go index c8fe53e1..8eb578a9 100644 --- a/acme/db/nosql/order.go +++ b/acme/db/nosql/order.go @@ -120,8 +120,6 @@ func (db *DB) UpdateOrder(ctx context.Context, o *acme.Order) error { return db.save(ctx, old.ID, nu, old, "order", orderTable) } -type orderIDsByAccount struct{} - func (db *DB) updateAddOrderIDs(ctx context.Context, accID string, addOids ...string) ([]string, error) { ordersByAccountMux.Lock() defer ordersByAccountMux.Unlock() diff --git a/acme/errors.go b/acme/errors.go index 54182ec2..c4309599 100644 --- a/acme/errors.go +++ b/acme/errors.go @@ -128,7 +128,6 @@ type errorMetadata struct { var ( officialACMEPrefix = "urn:ietf:params:acme:error:" - stepACMEPrefix = "urn:step:acme:error:" errorServerInternalMetadata = errorMetadata{ typ: officialACMEPrefix + ErrorServerInternalType.String(), details: "The server experienced an internal error", diff --git a/acme/nonce_test.go b/acme/nonce_test.go deleted file mode 100644 index 2088d39b..00000000 --- a/acme/nonce_test.go +++ /dev/null @@ -1,154 +0,0 @@ -package acme - -/* -func TestNewNonce(t *testing.T) { - type test struct { - db nosql.DB - err *Error - id *string - } - tests := map[string]func(t *testing.T) test{ - "fail/cmpAndSwap-error": func(t *testing.T) test { - return test{ - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, nonceTable) - assert.Equals(t, old, nil) - return nil, false, errors.New("force") - }, - }, - err: ServerInternalErr(errors.Errorf("error storing nonce: force")), - } - }, - "fail/cmpAndSwap-false": func(t *testing.T) test { - return test{ - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, nonceTable) - assert.Equals(t, old, nil) - return nil, false, nil - }, - }, - err: ServerInternalErr(errors.Errorf("error storing nonce; value has changed since last read")), - } - }, - "ok": func(t *testing.T) test { - var _id string - id := &_id - return test{ - db: &db.MockNoSQLDB{ - MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { - assert.Equals(t, bucket, nonceTable) - assert.Equals(t, old, nil) - *id = string(key) - return nil, true, nil - }, - }, - id: id, - } - }, - } - for name, run := range tests { - t.Run(name, func(t *testing.T) { - tc := run(t) - if n, err := newNonce(tc.db); err != nil { - if assert.NotNil(t, tc.err) { - ae, ok := err.(*Error) - assert.True(t, ok) - assert.HasPrefix(t, ae.Error(), tc.err.Error()) - assert.Equals(t, ae.StatusCode(), tc.err.StatusCode()) - assert.Equals(t, ae.Type, tc.err.Type) - } - } else { - if assert.Nil(t, tc.err) { - assert.Equals(t, n.ID, *tc.id) - - assert.True(t, n.Created.Before(time.Now().Add(time.Minute))) - assert.True(t, n.Created.After(time.Now().Add(-time.Minute))) - } - } - }) - } -} - -func TestUseNonce(t *testing.T) { - type test struct { - id string - db nosql.DB - err *Error - } - tests := map[string]func(t *testing.T) test{ - "fail/update-not-found": func(t *testing.T) test { - id := "foo" - return test{ - db: &db.MockNoSQLDB{ - MUpdate: func(tx *database.Tx) error { - assert.Equals(t, tx.Operations[0].Bucket, nonceTable) - assert.Equals(t, tx.Operations[0].Key, []byte(id)) - assert.Equals(t, tx.Operations[0].Cmd, database.Get) - - assert.Equals(t, tx.Operations[1].Bucket, nonceTable) - assert.Equals(t, tx.Operations[1].Key, []byte(id)) - assert.Equals(t, tx.Operations[1].Cmd, database.Delete) - return database.ErrNotFound - }, - }, - id: id, - err: BadNonceErr(nil), - } - }, - "fail/update-error": func(t *testing.T) test { - id := "foo" - return test{ - db: &db.MockNoSQLDB{ - MUpdate: func(tx *database.Tx) error { - assert.Equals(t, tx.Operations[0].Bucket, nonceTable) - assert.Equals(t, tx.Operations[0].Key, []byte(id)) - assert.Equals(t, tx.Operations[0].Cmd, database.Get) - - assert.Equals(t, tx.Operations[1].Bucket, nonceTable) - assert.Equals(t, tx.Operations[1].Key, []byte(id)) - assert.Equals(t, tx.Operations[1].Cmd, database.Delete) - return errors.New("force") - }, - }, - id: id, - err: ServerInternalErr(errors.Errorf("error deleting nonce %s: force", id)), - } - }, - "ok": func(t *testing.T) test { - id := "foo" - return test{ - db: &db.MockNoSQLDB{ - MUpdate: func(tx *database.Tx) error { - assert.Equals(t, tx.Operations[0].Bucket, nonceTable) - assert.Equals(t, tx.Operations[0].Key, []byte(id)) - assert.Equals(t, tx.Operations[0].Cmd, database.Get) - - assert.Equals(t, tx.Operations[1].Bucket, nonceTable) - assert.Equals(t, tx.Operations[1].Key, []byte(id)) - assert.Equals(t, tx.Operations[1].Cmd, database.Delete) - - return nil - }, - }, - id: id, - } - }, - } - for name, run := range tests { - t.Run(name, func(t *testing.T) { - tc := run(t) - if err := useNonce(tc.db, tc.id); err != nil { - if assert.NotNil(t, tc.err) { - ae, ok := err.(*Error) - assert.True(t, ok) - assert.HasPrefix(t, ae.Error(), tc.err.Error()) - assert.Equals(t, ae.StatusCode(), tc.err.StatusCode()) - assert.Equals(t, ae.Type, tc.err.Type) - } - } - }) - } -} -*/