Merge pull request #3179 from sirferl/entrust-plugin

Entrust plugin - Additional Test and fixes
2020-10-09 17:53:21 -07:00 · 2020-10-09 17:53:21 -07:00 · 1d18f061f2
parent b59c76d630 d4819440af
commit 1d18f061f2
3 changed files with 16 additions and 9 deletions
--- a/lemur/plugins/lemur_entrust/plugin.py
+++ b/lemur/plugins/lemur_entrust/plugin.py
@ -34,8 +34,7 @@ def determine_end_date(end_date):
    if not end_date:
        end_date = max_validity_end
-
+    elif end_date > max_validity_end:
    if end_date > max_validity_end:
        end_date = max_validity_end
    return end_date.format('YYYY-MM-DD')
--- a/lemur/plugins/lemur_entrust/tests/test_entrust.py
+++ b/lemur/plugins/lemur_entrust/tests/test_entrust.py
@ -3,6 +3,7 @@ from unittest.mock import patch, Mock
 import arrow
 from cryptography import x509
 from lemur.plugins.lemur_entrust import plugin
 from freezegun import freeze_time
 def config_mock(*args):
@ -21,11 +22,18 @@ def config_mock(*args):
    return values[args[0]]
@patch("lemur.plugins.lemur_digicert.plugin.current_app")
 def test_determine_end_date(mock_current_app):
    with freeze_time(time_to_freeze=arrow.get(2016, 11, 3).datetime):
        assert arrow.get(2017, 12, 3).format('YYYY-MM-DD') == plugin.determine_end_date(0)  # 1 year + 1 month
        assert arrow.get(2017, 3, 5).format('YYYY-MM-DD') == plugin.determine_end_date(arrow.get(2017, 3, 5))
        assert arrow.get(2017, 12, 3).format('YYYY-MM-DD') == plugin.determine_end_date(arrow.get(2020, 5, 7))
@patch("lemur.plugins.lemur_entrust.plugin.current_app")
 def test_process_options(mock_current_app, authority):
    mock_current_app.config.get = Mock(side_effect=config_mock)
-    plugin.determine_end_date = Mock(return_value=arrow.get(2020, 10, 7).format('YYYY-MM-DD'))
+    plugin.determine_end_date = Mock(return_value=arrow.get(2017, 11, 5).format('YYYY-MM-DD'))
    authority.name = "Entrust"
    names = [u"one.example.com", u"two.example.com", u"three.example.com"]
    options = {
@ -35,7 +43,7 @@ def test_process_options(mock_current_app, authority):
        "extensions": {"sub_alt_names": {"names": [x509.DNSName(x) for x in names]}},
        "organization": "Example, Inc.",
        "organizational_unit": "Example Org",
-        "validity_end": arrow.get(2020, 10, 7),
+        "validity_end": arrow.utcnow().shift(years=1, months=+1),
        "authority": authority,
    }
@ -43,7 +51,7 @@ def test_process_options(mock_current_app, authority):
        "signingAlg": "SHA-2",
        "eku": "SERVER_AND_CLIENT_AUTH",
        "certType": "ADVANTAGE_SSL",
-        "certExpiryDate": arrow.get(2020, 10, 7).format('YYYY-MM-DD'),
+        "certExpiryDate": arrow.get(2017, 11, 5).format('YYYY-MM-DD'),
        "tracking": {
            "requesterName": mock_current_app.config.get("ENTRUST_NAME"),
            "requesterEmail": mock_current_app.config.get("ENTRUST_EMAIL"),
--- a/lemur/tests/conf.py
+++ b/lemur/tests/conf.py
@ -37,9 +37,9 @@ LEMUR_ENCRYPTION_KEYS = base64.urlsafe_b64encode(get_random_secret(length=32).en
 # List of domain regular expressions that non-admin users can issue
 LEMUR_WHITELISTED_DOMAINS = [
-    "^[a-zA-Z0-9-]+\.example\.com$",
+    r"^[a-zA-Z0-9-]+\.example\.com$",
-    "^[a-zA-Z0-9-]+\.example\.org$",
+    r"^[a-zA-Z0-9-]+\.example\.org$",
-    "^example\d+\.long\.com$",
+    r"^example\d+\.long\.com$",
 ]
 # Mail Server