Revize d1c800c1
Přidáno uživatelem Stanislav Král před téměř 4 roky(ů)
| tests/integration_tests/rest_api/certificates_test.py | ||
|---|---|---|
| 2 | 2 |
# 1->10 |
| 3 | 3 |
# 2->3->4->5->6->7 |
| 4 | 4 |
# 2->8->9 |
| 5 |
import pytest |
|
| 6 |
|
|
| 5 | 7 |
from src.controllers.certificates_controller import E_IDENTITY_NAME_NOT_SPECIFIED, E_IDENTITY_PASSWORD_NOT_SPECIFIED, \ |
| 6 | 8 |
E_NO_CERTIFICATES_FOUND |
| 7 | 9 |
|
| 8 | 10 |
|
| 9 |
def make_root_ca(server, title="Root CA s.r.o."): |
|
| 11 |
def make_root_ca(server, title="Root CA s.r.o.", cc="CZ"):
|
|
| 10 | 12 |
return server.post("/api/certificates", content_type="application/json", json={
|
| 11 | 13 |
"subject": {
|
| 12 |
"C": "CZ",
|
|
| 14 |
"C": cc,
|
|
| 13 | 15 |
"CN": title, |
| 14 | 16 |
"L": "Pilsen", |
| 15 | 17 |
"O": title, |
| ... | ... | |
| 22 | 24 |
}) |
| 23 | 25 |
|
| 24 | 26 |
|
| 25 |
def make_inter_ca(server, parent, title="Intermediate CA s.r.o."): |
|
| 27 |
def make_inter_ca(server, parent, title="Intermediate CA s.r.o.", cc="CZ"):
|
|
| 26 | 28 |
return server.post("/api/certificates", content_type="application/json", json={
|
| 27 | 29 |
"CA": parent, |
| 28 | 30 |
"subject": {
|
| 29 |
"C": "CZ",
|
|
| 31 |
"C": cc,
|
|
| 30 | 32 |
"CN": title, |
| 31 | 33 |
"L": "Pilsen", |
| 32 | 34 |
"O": title, |
| ... | ... | |
| 39 | 41 |
}) |
| 40 | 42 |
|
| 41 | 43 |
|
| 42 |
def make_end_cert(server, parent, title="End certificate s.r.o.", usage=None): |
|
| 44 |
def make_end_cert(server, parent, title="End certificate s.r.o.", usage=None, cc="CZ"):
|
|
| 43 | 45 |
if usage is None: |
| 44 | 46 |
usage = ["SSL", "authentication", "digitalSignature"] |
| 45 | 47 |
|
| 46 | 48 |
return server.post("/api/certificates", content_type="application/json", json={
|
| 47 | 49 |
"CA": parent, |
| 48 | 50 |
"subject": {
|
| 49 |
"C": "CZ",
|
|
| 51 |
"C": cc,
|
|
| 50 | 52 |
"CN": title, |
| 51 | 53 |
"L": "Pilsen", |
| 52 | 54 |
"O": title, |
| ... | ... | |
| 1295 | 1297 |
json={"password": "foopass", "name": "Foo"})
|
| 1296 | 1298 |
assert identity_ret.status_code == 404 |
| 1297 | 1299 |
assert identity_ret.json == E_NO_CERTIFICATES_FOUND |
| 1300 |
|
|
| 1301 |
|
|
| 1302 |
@pytest.mark.parametrize( |
|
| 1303 |
"cc", |
|
| 1304 |
[ |
|
| 1305 |
pytest.param(""),
|
|
| 1306 |
pytest.param("C"),
|
|
| 1307 |
pytest.param("CCZ"),
|
|
| 1308 |
], |
|
| 1309 |
) |
|
| 1310 |
def test_invalid_subject_country_code(server, cc): |
|
| 1311 |
ret = make_root_ca(server, "Foo", cc) |
|
| 1312 |
|
|
| 1313 |
assert ret.status_code == 400 |
|
| 1314 |
|
|
| 1315 |
d = ret.json |
|
| 1316 |
|
|
| 1317 |
assert "data" in d |
|
| 1318 |
assert d["data"] == """Subject attribute "Country code" is invalid (reason: Must consist of exactly 2 letters).""" |
|
| 1319 |
assert "success" in d |
|
| 1320 |
assert not d["success"] |
|
| 1321 |
|
|
| 1322 |
|
|
| 1323 |
@pytest.mark.parametrize( |
|
| 1324 |
"cc", |
|
| 1325 |
[ |
|
| 1326 |
pytest.param(""),
|
|
| 1327 |
pytest.param("C"),
|
|
| 1328 |
pytest.param("CCZ"),
|
|
| 1329 |
], |
|
| 1330 |
) |
|
| 1331 |
def test_invalid_subject_country_code(server, cc): |
|
| 1332 |
root_ret = make_root_ca(server) |
|
| 1333 |
ret = make_inter_ca(server, root_ret.json["data"], "Foo", cc) |
|
| 1334 |
|
|
| 1335 |
assert ret.status_code == 400 |
|
| 1336 |
|
|
| 1337 |
d = ret.json |
|
| 1338 |
|
|
| 1339 |
assert "data" in d |
|
| 1340 |
assert d["data"] == """Subject attribute "Country code" is invalid (reason: Must consist of exactly 2 letters).""" |
|
| 1341 |
assert "success" in d |
|
| 1342 |
assert not d["success"] |
|
Také k dispozici: Unified diff
Added REST API tests covering whether specifying an invalid country code when making new certificate requests results in a Bad request HTTP status code and a particular response