Merge pull request #3208 from hosseinsh/improved-logging
Improved issuer logging
This commit is contained in:
commit
2ea39a51e3
|
@ -360,7 +360,12 @@ def create(**kwargs):
|
||||||
try:
|
try:
|
||||||
cert_body, private_key, cert_chain, external_id, csr = mint(**kwargs)
|
cert_body, private_key, cert_chain, external_id, csr = mint(**kwargs)
|
||||||
except Exception:
|
except Exception:
|
||||||
current_app.logger.error("Exception minting certificate", exc_info=True)
|
log_data = {
|
||||||
|
"message": "Exception minting certificate",
|
||||||
|
"issuer": kwargs["authority"].name,
|
||||||
|
"cn": kwargs["common_name"],
|
||||||
|
}
|
||||||
|
current_app.logger.error(log_data, exc_info=True)
|
||||||
sentry.captureException()
|
sentry.captureException()
|
||||||
raise
|
raise
|
||||||
kwargs["body"] = cert_body
|
kwargs["body"] = cert_body
|
||||||
|
|
|
@ -37,7 +37,13 @@ def log_status_code(r, *args, **kwargs):
|
||||||
:param kwargs:
|
:param kwargs:
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
|
log_data = {
|
||||||
|
"reason": (r.reason if r.reason else ""),
|
||||||
|
"status_code": r.status_code,
|
||||||
|
"url": (r.url if r.url else ""),
|
||||||
|
}
|
||||||
metrics.send("digicert_status_code_{}".format(r.status_code), "counter", 1)
|
metrics.send("digicert_status_code_{}".format(r.status_code), "counter", 1)
|
||||||
|
current_app.logger.info(log_data)
|
||||||
|
|
||||||
|
|
||||||
def signature_hash(signing_algorithm):
|
def signature_hash(signing_algorithm):
|
||||||
|
@ -171,7 +177,7 @@ def map_cis_fields(options, csr):
|
||||||
"csr": csr,
|
"csr": csr,
|
||||||
"signature_hash": signature_hash(options.get("signing_algorithm")),
|
"signature_hash": signature_hash(options.get("signing_algorithm")),
|
||||||
"validity": {
|
"validity": {
|
||||||
"valid_to": validity_end.format("YYYY-MM-DDTHH:MM") + "Z"
|
"valid_to": validity_end.format("YYYY-MM-DDTHH:MM:SS") + "Z"
|
||||||
},
|
},
|
||||||
"organization": {
|
"organization": {
|
||||||
"name": options["organization"],
|
"name": options["organization"],
|
||||||
|
@ -204,7 +210,7 @@ def handle_response(response):
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
if response.status_code > 399:
|
if response.status_code > 399:
|
||||||
raise Exception(response.json()["errors"][0]["message"])
|
raise Exception("DigiCert rejected request with the error:" + response.json()["errors"][0]["message"])
|
||||||
|
|
||||||
return response.json()
|
return response.json()
|
||||||
|
|
||||||
|
@ -215,9 +221,16 @@ def handle_cis_response(response):
|
||||||
:param response:
|
:param response:
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
if response.status_code > 399:
|
if response.status_code == 404:
|
||||||
raise Exception(response.text)
|
raise Exception("DigiCert: order not in issued state")
|
||||||
|
elif response.status_code == 406:
|
||||||
|
raise Exception("DigiCert: wrong header request format")
|
||||||
|
elif response.status_code > 399:
|
||||||
|
raise Exception("DigiCert rejected request with the error:" + response.text)
|
||||||
|
|
||||||
|
if response.url.endswith("download"):
|
||||||
|
return response.content
|
||||||
|
else:
|
||||||
return response.json()
|
return response.json()
|
||||||
|
|
||||||
|
|
||||||
|
@ -238,11 +251,9 @@ def get_cis_certificate(session, base_url, order_id):
|
||||||
certificate_url = "{0}/platform/cis/certificate/{1}/download".format(base_url, order_id)
|
certificate_url = "{0}/platform/cis/certificate/{1}/download".format(base_url, order_id)
|
||||||
session.headers.update({"Accept": "application/x-pkcs7-certificates"})
|
session.headers.update({"Accept": "application/x-pkcs7-certificates"})
|
||||||
response = session.get(certificate_url)
|
response = session.get(certificate_url)
|
||||||
|
response_content = handle_cis_response(response)
|
||||||
|
|
||||||
if response.status_code == 404:
|
cert_chain_pem = convert_pkcs7_bytes_to_pem(response_content)
|
||||||
raise Exception("Order not in issued state.")
|
|
||||||
|
|
||||||
cert_chain_pem = convert_pkcs7_bytes_to_pem(response.content)
|
|
||||||
if len(cert_chain_pem) < 3:
|
if len(cert_chain_pem) < 3:
|
||||||
raise Exception("Missing the certificate chain")
|
raise Exception("Missing the certificate chain")
|
||||||
return cert_chain_pem
|
return cert_chain_pem
|
||||||
|
|
|
@ -123,7 +123,7 @@ def test_map_cis_fields_with_validity_years(mock_current_app, authority):
|
||||||
"signature_hash": "sha256",
|
"signature_hash": "sha256",
|
||||||
"organization": {"name": "Example, Inc."},
|
"organization": {"name": "Example, Inc."},
|
||||||
"validity": {
|
"validity": {
|
||||||
"valid_to": arrow.get(2018, 11, 3).format("YYYY-MM-DDTHH:MM") + "Z"
|
"valid_to": arrow.get(2018, 11, 3).format("YYYY-MM-DDTHH:MM:SS") + "Z"
|
||||||
},
|
},
|
||||||
"profile_name": None,
|
"profile_name": None,
|
||||||
}
|
}
|
||||||
|
@ -159,7 +159,7 @@ def test_map_cis_fields_with_validity_end_and_start(mock_current_app, app, autho
|
||||||
"signature_hash": "sha256",
|
"signature_hash": "sha256",
|
||||||
"organization": {"name": "Example, Inc."},
|
"organization": {"name": "Example, Inc."},
|
||||||
"validity": {
|
"validity": {
|
||||||
"valid_to": arrow.get(2017, 5, 7).format("YYYY-MM-DDTHH:MM") + "Z"
|
"valid_to": arrow.get(2017, 5, 7).format("YYYY-MM-DDTHH:MM:SS") + "Z"
|
||||||
},
|
},
|
||||||
"profile_name": None,
|
"profile_name": None,
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,7 +20,13 @@ def log_status_code(r, *args, **kwargs):
|
||||||
:param kwargs:
|
:param kwargs:
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
|
log_data = {
|
||||||
|
"reason": (r.reason if r.reason else ""),
|
||||||
|
"status_code": r.status_code,
|
||||||
|
"url": (r.url if r.url else ""),
|
||||||
|
}
|
||||||
metrics.send(f"entrust_status_code_{r.status_code}", "counter", 1)
|
metrics.send(f"entrust_status_code_{r.status_code}", "counter", 1)
|
||||||
|
current_app.logger.info(log_data)
|
||||||
|
|
||||||
|
|
||||||
def determine_end_date(end_date):
|
def determine_end_date(end_date):
|
||||||
|
|
Loading…
Reference in New Issue