adding verisign source

docs/administration/index.rst

@@ -215,6 +215,35 @@ Verisign/Symantec and CloudCA
         This is the path to the mutual SSL certificate used for communicating with Verisign
 
 
+.. data:: VERISIGN_FIRST_NAME
+    :noindex:
+
+        This is the first name to be used when requesting the certificate
+
+
+.. data:: VERISIGN_LAST_NAME
+    :noindex:
+
+        This is the last name to be used when requesting the certificate
+
+.. data:: VERISIGN_EMAIL
+    :noindex:
+
+        This is the email to be used when requesting the certificate
+
+
+.. data:: VERISIGN_INTERMEDIATE
+    :noindex:
+
+        This is the intermediate to be used for your CA chain
+
+
+.. data:: VERISIGN_ROOT
+    :noindex:
+
+        This is the root to be used for your CA chain
+
+
 .. data:: CLOUDCA_URL
     :noindex:
 
@@ -231,6 +260,7 @@ Verisign/Symantec and CloudCA
 
         This is the path to the CLOUDCA certificate bundle
 
+
 Authentication
 --------------
 Lemur currently supports Basic Authentication and Ping OAuth2 out of the box, additional flows can be added relatively easily

lemur/plugins/lemur_verisign/constants.py

@@ -1,57 +0,0 @@
-VERISIGN_INTERMEDIATE = """-----BEGIN CERTIFICATE-----
-MIIFFTCCA/2gAwIBAgIQKC4nkXkzkuQo8iGnTsk3rjANBgkqhkiG9w0BAQsFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMTk5OSBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzMwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQsw
-CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
-BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENs
-YXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJb
-A3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW
-9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzu
-s3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8T
-L9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVK
-Fpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBQDCCATwwHQYDVR0O
-BBYEFF9gz2GQVd+EQxSKYCqy9Xr0QxjvMBIGA1UdEwEB/wQIMAYBAf8CAQAwawYD
-VR0gBGQwYjBgBgpghkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cu
-c3ltYXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0
-aC5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9w
-Y2EzLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNV
-BAMTEVN5bWFudGVjUEtJLTEtNTM0MC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcw
-AYYSaHR0cDovL3Muc3ltY2QuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBbF1K+1lZ7
-9Pc0CUuWysf2IdBpgO/nmhnoJOJ/2S9h3RPrWmXk4WqQy04q6YoW51KN9kMbRwUN
-gKOomv4p07wdKNWlStRxPA91xQtzPwBIZXkNq2oeJQzAAt5mrL1LBmuaV4oqgX5n
-m7pSYHPEFfe7wVDJCKW6V0o6GxBzHOF7tpQDS65RsIJAOloknO4NWF2uuil6yjOe
-soHCL47BJ89A8AShP/U3wsr8rFNtqVNpT+F2ZAwlgak3A/I5czTSwXx4GByoaxbn
-5+CdKa/Y5Gk5eZVpuXtcXQGc1PfzSEUTZJXXCm5y2kMiJG8+WnDcwJLgLeVX+OQr
-J+71/xuzAYN6
------END CERTIFICATE-----
-"""
-
-VERISIGN_ROOT = """-----BEGIN CERTIFICATE-----
-MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
-cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
-LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
-aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
-VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
-bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
-IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
-N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
-KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
-kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
-CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
-Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
-imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
-2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
-DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
-/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
-F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
-TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
------END CERTIFICATE-----
-"""

lemur/plugins/lemur_verisign/plugin.py

@@ -13,9 +13,8 @@ import xmltodict
 
 from flask import current_app
 
-from lemur.plugins.bases import IssuerPlugin
+from lemur.plugins.bases import IssuerPlugin, SourcePlugin
 from lemur.plugins import lemur_verisign as verisign
-from lemur.plugins.lemur_verisign import constants
 from lemur.common.utils import get_psuedo_random_string
 
 
@@ -132,7 +131,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
     version = verisign.VERSION
 
     author = 'Kevin Glisson'
-    author_url = 'https://github.com/netflix/lemur'
+    author_url = 'https://github.com/netflix/lemur.git'
 
     def __init__(self, *args, **kwargs):
         self.session = requests.Session()
@@ -147,7 +146,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
         :param issuer_options:
         :return: :raise Exception:
         """
-        url = current_app.config.get("VERISIGN_URL") + '/enroll'
+        url = current_app.config.get('VERISIGN_URL') + 'rest/services/enroll'
 
         data = process_options(issuer_options)
         data['csr'] = csr
@@ -156,7 +155,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
 
         response = self.session.post(url, data=data)
         cert = handle_response(response.content)['Response']['Certificate']
-        return cert, constants.VERISIGN_INTERMEDIATE,
+        return cert, current_app.config.get('VERISIGN_INTERMEDIATE'),
 
     @staticmethod
     def create_authority(options):
@@ -168,7 +167,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
         :return:
         """
         role = {'username': '', 'password': '', 'name': 'verisign'}
-        return constants.VERISIGN_ROOT, "", [role]
+        return current_app.config.get('VERISIGN_ROOT'), "", [role]
 
     def get_available_units(self):
         """
@@ -177,6 +176,35 @@ class VerisignIssuerPlugin(IssuerPlugin):
 
         :return:
         """
-        url = current_app.config.get("VERISIGN_URL") + '/getTokens'
+        url = current_app.config.get("VERISIGN_URL") + 'rest/services/getTokens'
         response = self.session.post(url, headers={'content-type': 'application/x-www-form-urlencoded'})
         return handle_response(response.content)['Response']['Order']
+
+
+class VerisignSourcePlugin(SourcePlugin):
+    title = 'Verisign'
+    slug = 'verisign-source'
+    description = 'Allows for the polling of issued certificates from the VICE2.0 verisign API.'
+    version = verisign.VERSION
+
+    author = 'Kevin Glisson'
+    author_url = 'https://github.com/netflix/lemur.git'
+
+    def __init__(self, *args, **kwargs):
+        self.session = requests.Session()
+        self.session.cert = current_app.config.get('VERISIGN_PEM_PATH')
+        super(VerisignSourcePlugin, self).__init__(*args, **kwargs)
+
+    def get_certificates(self):
+        url = current_app.config.get('VERISIGN_URL') + '/reportingws'
+        end = arrow.now()
+        start = end.replace(years=-5)
+        data = {
+            'reportType': 'detail',
+            'startDate': start.format("MM/DD/YYYY"),
+            'endDate': end.format("MM/DD/YYYY"),
+            'structuredRecord': 'Y',
+            'certStatus': 'Valid',
+        }
+        current_app.logger.debug(data)
+        response = self.session.post(url, data=data)

lemur/plugins/lemur_verisign/tests/conftest.py

@@ -0,0 +1 @@
+from lemur.tests.conftest import *  # noqa

lemur/plugins/lemur_verisign/tests/test_verisign.py

@@ -0,0 +1,5 @@
+
+def test_get_certificates(app):
+    from lemur.plugins.base import plugins
+    p = plugins.get('verisign-source')
+    p.get_certificates()

lemur/tests/conftest.py

@@ -8,6 +8,7 @@ from lemur.roles import service as role_service
 
 
 def pytest_addoption(parser):
+    parser.addoption("--lemurconfig", help="override the default test config")
     parser.addoption("--runslow", action="store_true", help="run slow tests")
 
 
@@ -29,12 +30,15 @@ def pytest_runtest_makereport(item, call):
 
 
 @pytest.yield_fixture(scope="session")
-def app():
+def app(request):
     """
     Creates a new Flask application for a test duration.
     Uses application factory `create_app`.
     """
-    _app = create_app(os.path.dirname(os.path.realpath(__file__)) + '/conf.py')
+    if request.config.getoption('--lemurconfig'):
+        _app = create_app(request.config.getoption('--lemurconfig'))
+    else:
+        _app = create_app(os.path.dirname(os.path.realpath(__file__)) + '/conf.py')
     ctx = _app.app_context()
     ctx.push()
 

setup.py

@@ -135,6 +135,7 @@ setup(
         ],
         'lemur.plugins': [
             'verisign_issuer = lemur.plugins.lemur_verisign.plugin:VerisignIssuerPlugin',
+            'verisign_source = lemur.plugins.lemur_verisign.plugin:VerisignSourcePlugin',
             'cloudca_issuer = lemur.plugins.lemur_cloudca.plugin:CloudCAIssuerPlugin',
             'cloudca_source = lemur.plugins.lemur_cloudca.plugin:CloudCASourcePlugin',
             'aws_destination = lemur.plugins.lemur_aws.plugin:AWSDestinationPlugin',