summaryrefslogtreecommitdiffstats
path: root/checks/check-ra.py
diff options
context:
space:
mode:
Diffstat (limited to 'checks/check-ra.py')
-rwxr-xr-xchecks/check-ra.py133
1 files changed, 72 insertions, 61 deletions
diff --git a/checks/check-ra.py b/checks/check-ra.py
index c98314618..6b5e76083 100755
--- a/checks/check-ra.py
+++ b/checks/check-ra.py
@@ -14,87 +14,98 @@ server. I don't exactly remember the steps, so ping him for help.
from os import path
import sys
parent = path.dirname(path.dirname(path.abspath(__file__)))
-sys.path.append(parent)
+sys.path.insert(0, parent)
+verbose = True
from base64 import b64encode, b64decode
from ipalib import api
-# certificate with serial number 17
-cert = b64decode("""
-MIIC3zCCAcegAwIBAgIBETANBgkqhkiG9w0BAQUFADA7MRkwFwYDVQQKExBTamNSZWRoYXQgRG9tYW
-luMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwMTIyMjMzODA2WhcNMDkwNzIx
-MjMzODA2WjAUMRIwEAYKCZImiZPyLGQBARMCbGwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM
-id6i9ri9ldyAXaH4MJSPdUDjdc9+E10hwxw7crFE1K0uvr8YT2e1YotNqv7Q+Bk7KVRrLH6Y5UPlWY
-uSAP8G9t8yjn5Uo3iXU5AqsrRek+pxerD/WocwedF6yjJ/zlQyYyg93h0njJr1lStyVLTyp+VVqtk3
-FSDIwLCWQHOTejAgMBAAGjgZgwgZUwHwYDVR0jBBgwFoAUlz9JZxqVabh4QQOEkxyWt80pIQkwQwYI
-KwYBBQUHAQEENzA1MDMGCCsGAQUFBzABhidodHRwOi8vYS1mOC5zamMucmVkaGF0LmNvbTo5MTgwL2
-NhL29jc3AwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkq
-hkiG9w0BAQUFAAOCAQEAhU+oqPh+rlYFPm0D8HAJ0RIWw9gkNctHUfVGi+NeYTaUAEGWUOpXjLSQgP
-gq1fNBHd+IRLhycwp4uUsFCPE1n3eStmn/D6o9u1eNnTFPj74MLZVQQTXPE8+LBYeHgTUwFuKp2WyW
-9J/BDZ3pDWKYWWMawhD7ext7UhZkpIJODFEaDxiXCfB8GsAEbmfoYFk21znuGQQu3Wu1s6licyunLh
-/W3sxCFGIT9DHxS0GZKimm7M02IPGxK/0TZr0kVcLQx6XGKqiK1464rvl4u60mQjwJwfhawshs84YT
-xFnXZKkvsT3GjfIe/k687TMG3paTFtKkis+u7z0v6355uJzLpQ==
-""")
-
-csr = 'MIIBlDCB/gIBADBVMR0wGwYDVQQKExRVc2Vyc3lzUmVkaGF0LURvbWFpbjEQMA4GA1UECxMHcGtpLWlwYTEiMCAGA1UEAxMZSVBBLVN1YnN5c3RlbS1DZXJ0aWZpY2F0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3Qmpr81WxbnISmyyhc2ShiPzUvWIrCg5FgJ1QrBl7CRe62Wl/YYiV/DbuMoex1ec7zKfgfSFVFU9/2iwj7Du0sZdXYJNQPdj9yLdPk2tyxdgJuHLdxI0SNgaEFyvmIMP/X9vQN9H5w0/PyrJQscOxc6tbTcYL0ZSSylLQ+diaQECAwEAA'
+subject = u'CN=vm-070.idm.lab.bos.redhat.com'
+csr = '\
+MIIBZzCB0QIBADAoMSYwJAYDVQQDEx12bS0wNzAuaWRtLmxhYi5ib3MucmVkaGF0\n\
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAriTSlAG+/xkvtxliWMeO\n\
+Qu+vFQTz+/fgy7xWIg6WR2At6j/9eJ7LUYhqguqevOAQpuePxY4/FEfpmQ6PTgs/\n\
+LXKa0vhIkXzkmMjKynUIWHYeaZekcXxye1dV/PdNB6H801xs60YjbScOJj3Hexvm\n\
+hOKsdmwO1ukqTTEKDXrr3c8CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAG4pTLrE\n\
+cvrkQXVdMOjgAVJ6KZYl/caIOYhIlcJ3jhf95Bv/Zs3lpfHjXnM8jj4EWfyd0lZx\n\
+2EUytXXubKJUpjUCeBp4oaQ2Ahvdxo++oUcbXkKxtCOUB6Mw8XEIVYaldZlcHDHM\n\
+dysLdrZ3K9HOzoeSq2e0m+trQaWnBQG47O7F\n\
+'
+
+reference_decode = {
+ 'certificate' : b64decode
+}
+
+trial_decode = {
+ 'certificate' : b64decode
+}
api.bootstrap(
in_server=True,
enable_ra=True,
- ca_host='a-f8.sjc.redhat.com',
+ ra_plugin='dogtag',
+ ca_host='vm-070.idm.lab.bos.redhat.com',
debug=True,
in_tree=True,
)
api.finalize()
ra = api.Backend.ra
-def assert_equal(*vals):
- val0 = vals[0]
- for val in vals[1:]:
- assert val == val0, '%r != %r' % (val, val0)
+def assert_equal(trial, reference):
+ keys = reference.keys()
+ keys.sort()
+ for key in keys:
+ reference_val = reference[key]
+ trial_val = trial[key]
+ if reference_decode.has_key(key):
+ reference_val = reference_decode[key](reference_val)
-api.log.info('******** Testing ra.check_request_status() ********')
-assert_equal(
- ra.check_request_status('35'),
- dict(
- status='0',
- serial_number='17',
- request_status='complete',
- request_id='35',
- )
-)
+ if trial_decode.has_key(key):
+ trial_val = trial_decode[key](trial_val)
+
+ assert reference_val == trial_val, \
+ '%s: not equal\n\nreference_val:\n%r\ntrial_val:\n%r' % \
+ (key, reference[key], trial[key])
-api.log.info('******** Testing ra.get_certificate() ********')
-assert_equal(
- ra.get_certificate('17'),
- dict(
- status='0',
- certificate=b64encode(cert),
- )
-)
api.log.info('******** Testing ra.request_certificate() ********')
-assert_equal(
- ra.request_certificate(csr),
- dict(
- status='1',
- )
-)
+request_result = ra.request_certificate(csr)
+if verbose: print "request_result=\n%s" % request_result
+assert_equal(request_result,
+ {'subject' : subject,
+ })
+
+api.log.info('******** Testing ra.check_request_status() ********')
+status_result = ra.check_request_status(request_result['request_id'])
+if verbose: print "status_result=\n%s" % status_result
+assert_equal(status_result,
+ {'serial_number' : request_result['serial_number'],
+ 'request_id' : request_result['request_id'],
+ 'cert_request_status' : u'complete',
+ })
+
+api.log.info('******** Testing ra.get_certificate() ********')
+get_result = ra.get_certificate(request_result['serial_number'])
+if verbose: print "get_result=\n%s" % get_result
+assert_equal(get_result,
+ {'serial_number' : request_result['serial_number'],
+ 'certificate' : request_result['certificate'],
+ })
api.log.info('******** Testing ra.revoke_certificate() ********')
-assert_equal(
- ra.revoke_certificate('17', revocation_reason=6), # Put on hold
- dict(
- status='0',
- revoked=True,
- )
-)
+revoke_result = ra.revoke_certificate(request_result['serial_number'],
+ revocation_reason=6) # Put on hold
+if verbose: print "revoke_result=\n%s" % revoke_result
+assert_equal(revoke_result,
+ {'revoked' : True
+ })
+
api.log.info('******** Testing ra.take_certificate_off_hold() ********')
-assert_equal(
- ra.take_certificate_off_hold('17'),
- dict(
- taken_off_hold=True,
- )
-)
+unrevoke_result = ra.take_certificate_off_hold(request_result['serial_number'])
+if verbose: print "unrevoke_result=\n%s" % unrevoke_result
+assert_equal(unrevoke_result,
+ {'unrevoked' : True
+ })
+