Orphaned certificates (#406)

* Fixing whitespace. * Fixing syncing. * Fixing tests
2016-07-28 13:08:24 -07:00
parent a644f45625
commit 29a330b1f4
13 changed files with 199 additions and 174 deletions
--- a/lemur/common/defaults.py
+++ b/lemur/common/defaults.py
@ -1,17 +1,8 @@
-import sys
-from flask import current_app
 from cryptography import x509
-from cryptography.hazmat.backends import default_backend
+from flask import current_app
 from lemur.constants import SAN_NAMING_TEMPLATE, DEFAULT_NAMING_TEMPLATE


-def parse_certificate(body):
-    if sys.version_info >= (3, 0):
-        return x509.load_pem_x509_certificate(body, default_backend())
-    else:
-        return x509.load_pem_x509_certificate(bytes(body), default_backend())
-
-
 def certificate_name(common_name, issuer, not_before, not_after, san):
    """
    Create a name for our certificate. A naming standard
--- a/lemur/common/utils.py
+++ b/lemur/common/utils.py
@ -6,15 +6,22 @@

 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
+import sys
 import string
 import random
-from functools import wraps

-from flask import current_app
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend

-from flask.ext.restful import marshal
 from flask.ext.restful.reqparse import RequestParser
-from flask.ext.sqlalchemy import Pagination
+
+paginated_parser = RequestParser()
+
+paginated_parser.add_argument('count', type=int, default=10, location='args')
+paginated_parser.add_argument('page', type=int, default=1, location='args')
+paginated_parser.add_argument('sortDir', type=str, dest='sort_dir', location='args')
+paginated_parser.add_argument('sortBy', type=str, dest='sort_by', location='args')
+paginated_parser.add_argument('filter', type=str, location='args')


 def get_psuedo_random_string():
@ -28,51 +35,9 @@ def get_psuedo_random_string():
    return challenge


-class marshal_items(object):
-    def __init__(self, fields, envelope=None):
-        self.fields = fields
-        self.envelop = envelope
-
-    def __call__(self, f):
-        def _filter_items(items):
-            filtered_items = []
-            for item in items:
-                filtered_items.append(marshal(item, self.fields))
-            return filtered_items
-
-        @wraps(f)
-        def wrapper(*args, **kwargs):
-            try:
-                resp = f(*args, **kwargs)
-
-                # this is a bit weird way to handle non standard error codes returned from the marshaled function
-                if isinstance(resp, tuple):
-                    return resp[0], resp[1]
-
-                if isinstance(resp, Pagination):
-                    return {'items': _filter_items(resp.items), 'total': resp.total}
-
-                if isinstance(resp, list):
-                    return {'items': _filter_items(resp), 'total': len(resp)}
-
-                return marshal(resp, self.fields)
-            except Exception as e:
-                current_app.logger.exception(e)
-                # this is a little weird hack to respect flask restful parsing errors on marshaled functions
-                if hasattr(e, 'code'):
-                    if hasattr(e, 'data'):
-                        return {'message': e.data['message']}, 400
-                    else:
-                        return {'message': {'exception': 'unknown'}}, 400
-                else:
-                    return {'message': {'exception': str(e)}}, 400
-        return wrapper
-
-
-paginated_parser = RequestParser()
-
-paginated_parser.add_argument('count', type=int, default=10, location='args')
-paginated_parser.add_argument('page', type=int, default=1, location='args')
-paginated_parser.add_argument('sortDir', type=str, dest='sort_dir', location='args')
-paginated_parser.add_argument('sortBy', type=str, dest='sort_by', location='args')
-paginated_parser.add_argument('filter', type=str, location='args')
+def parse_certificate(body):
+    if sys.version_info >= (3, 0):
+        if isinstance(body, bytes):
+            return x509.load_pem_x509_certificate(body, default_backend())
+        return x509.load_pem_x509_certificate(bytes(body, 'utf8'), default_backend())
+    return x509.load_pem_x509_certificate(body, default_backend())
--- a/lemur/common/validators.py
+++ b/lemur/common/validators.py
@ -6,6 +6,7 @@ from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization

+from lemur.common.utils import parse_certificate
 from lemur.domains import service as domain_service
 from lemur.auth.permissions import SensitiveDomainPermission

@ -18,7 +19,7 @@ def public_certificate(body):
    :return:
    """
    try:
-        x509.load_pem_x509_certificate(bytes(body), default_backend())
+        parse_certificate(body)
    except Exception:
        raise ValidationError('Public certificate presented is not valid.')