commit
52e267468a
2
AUTHORS
2
AUTHORS
|
@ -1,2 +1,2 @@
|
||||||
- Kevin Glisson (kglisson@netflix.com)
|
- Kevin Glisson <kglisson@netflix.com>
|
||||||
- Jeremy Heffner <jheffner@netflix.com>
|
- Jeremy Heffner <jheffner@netflix.com>
|
||||||
|
|
|
@ -215,6 +215,35 @@ Verisign/Symantec and CloudCA
|
||||||
This is the path to the mutual SSL certificate used for communicating with Verisign
|
This is the path to the mutual SSL certificate used for communicating with Verisign
|
||||||
|
|
||||||
|
|
||||||
|
.. data:: VERISIGN_FIRST_NAME
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This is the first name to be used when requesting the certificate
|
||||||
|
|
||||||
|
|
||||||
|
.. data:: VERISIGN_LAST_NAME
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This is the last name to be used when requesting the certificate
|
||||||
|
|
||||||
|
.. data:: VERISIGN_EMAIL
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This is the email to be used when requesting the certificate
|
||||||
|
|
||||||
|
|
||||||
|
.. data:: VERISIGN_INTERMEDIATE
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This is the intermediate to be used for your CA chain
|
||||||
|
|
||||||
|
|
||||||
|
.. data:: VERISIGN_ROOT
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This is the root to be used for your CA chain
|
||||||
|
|
||||||
|
|
||||||
.. data:: CLOUDCA_URL
|
.. data:: CLOUDCA_URL
|
||||||
:noindex:
|
:noindex:
|
||||||
|
|
||||||
|
@ -231,6 +260,7 @@ Verisign/Symantec and CloudCA
|
||||||
|
|
||||||
This is the path to the CLOUDCA certificate bundle
|
This is the path to the CLOUDCA certificate bundle
|
||||||
|
|
||||||
|
|
||||||
Authentication
|
Authentication
|
||||||
--------------
|
--------------
|
||||||
Lemur currently supports Basic Authentication and Ping OAuth2 out of the box, additional flows can be added relatively easily
|
Lemur currently supports Basic Authentication and Ping OAuth2 out of the box, additional flows can be added relatively easily
|
||||||
|
|
|
@ -1,57 +0,0 @@
|
||||||
VERISIGN_INTERMEDIATE = """-----BEGIN CERTIFICATE-----
|
|
||||||
MIIFFTCCA/2gAwIBAgIQKC4nkXkzkuQo8iGnTsk3rjANBgkqhkiG9w0BAQsFADCB
|
|
||||||
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
|
|
||||||
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMTk5OSBWZXJp
|
|
||||||
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
|
|
||||||
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
|
|
||||||
aG9yaXR5IC0gRzMwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQsw
|
|
||||||
CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
|
|
||||||
BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENs
|
|
||||||
YXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
|
|
||||||
AQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJb
|
|
||||||
A3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW
|
|
||||||
9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzu
|
|
||||||
s3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8T
|
|
||||||
L9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVK
|
|
||||||
Fpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBQDCCATwwHQYDVR0O
|
|
||||||
BBYEFF9gz2GQVd+EQxSKYCqy9Xr0QxjvMBIGA1UdEwEB/wQIMAYBAf8CAQAwawYD
|
|
||||||
VR0gBGQwYjBgBgpghkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cu
|
|
||||||
c3ltYXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0
|
|
||||||
aC5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9w
|
|
||||||
Y2EzLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNV
|
|
||||||
BAMTEVN5bWFudGVjUEtJLTEtNTM0MC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcw
|
|
||||||
AYYSaHR0cDovL3Muc3ltY2QuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBbF1K+1lZ7
|
|
||||||
9Pc0CUuWysf2IdBpgO/nmhnoJOJ/2S9h3RPrWmXk4WqQy04q6YoW51KN9kMbRwUN
|
|
||||||
gKOomv4p07wdKNWlStRxPA91xQtzPwBIZXkNq2oeJQzAAt5mrL1LBmuaV4oqgX5n
|
|
||||||
m7pSYHPEFfe7wVDJCKW6V0o6GxBzHOF7tpQDS65RsIJAOloknO4NWF2uuil6yjOe
|
|
||||||
soHCL47BJ89A8AShP/U3wsr8rFNtqVNpT+F2ZAwlgak3A/I5czTSwXx4GByoaxbn
|
|
||||||
5+CdKa/Y5Gk5eZVpuXtcXQGc1PfzSEUTZJXXCm5y2kMiJG8+WnDcwJLgLeVX+OQr
|
|
||||||
J+71/xuzAYN6
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
"""
|
|
||||||
|
|
||||||
VERISIGN_ROOT = """-----BEGIN CERTIFICATE-----
|
|
||||||
MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
|
|
||||||
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
|
|
||||||
cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
|
|
||||||
LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
|
|
||||||
aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
|
|
||||||
dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
|
|
||||||
VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
|
|
||||||
aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
|
|
||||||
bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
|
|
||||||
IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
|
|
||||||
LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
|
|
||||||
N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
|
|
||||||
KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
|
|
||||||
kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
|
|
||||||
CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
|
|
||||||
Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
|
|
||||||
imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
|
|
||||||
2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
|
|
||||||
DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
|
|
||||||
/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
|
|
||||||
F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
|
|
||||||
TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
"""
|
|
|
@ -13,9 +13,8 @@ import xmltodict
|
||||||
|
|
||||||
from flask import current_app
|
from flask import current_app
|
||||||
|
|
||||||
from lemur.plugins.bases import IssuerPlugin
|
from lemur.plugins.bases import IssuerPlugin, SourcePlugin
|
||||||
from lemur.plugins import lemur_verisign as verisign
|
from lemur.plugins import lemur_verisign as verisign
|
||||||
from lemur.plugins.lemur_verisign import constants
|
|
||||||
from lemur.common.utils import get_psuedo_random_string
|
from lemur.common.utils import get_psuedo_random_string
|
||||||
|
|
||||||
|
|
||||||
|
@ -132,7 +131,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
|
||||||
version = verisign.VERSION
|
version = verisign.VERSION
|
||||||
|
|
||||||
author = 'Kevin Glisson'
|
author = 'Kevin Glisson'
|
||||||
author_url = 'https://github.com/netflix/lemur'
|
author_url = 'https://github.com/netflix/lemur.git'
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
self.session = requests.Session()
|
self.session = requests.Session()
|
||||||
|
@ -156,7 +155,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
|
||||||
|
|
||||||
response = self.session.post(url, data=data)
|
response = self.session.post(url, data=data)
|
||||||
cert = handle_response(response.content)['Response']['Certificate']
|
cert = handle_response(response.content)['Response']['Certificate']
|
||||||
return cert, constants.VERISIGN_INTERMEDIATE,
|
return cert, current_app.config.get('VERISIGN_INTERMEDIATE'),
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def create_authority(options):
|
def create_authority(options):
|
||||||
|
@ -168,7 +167,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
role = {'username': '', 'password': '', 'name': 'verisign'}
|
role = {'username': '', 'password': '', 'name': 'verisign'}
|
||||||
return constants.VERISIGN_ROOT, "", [role]
|
return current_app.config.get('VERISIGN_ROOT'), "", [role]
|
||||||
|
|
||||||
def get_available_units(self):
|
def get_available_units(self):
|
||||||
"""
|
"""
|
||||||
|
@ -180,3 +179,32 @@ class VerisignIssuerPlugin(IssuerPlugin):
|
||||||
url = current_app.config.get("VERISIGN_URL") + '/rest/services/getTokens'
|
url = current_app.config.get("VERISIGN_URL") + '/rest/services/getTokens'
|
||||||
response = self.session.post(url, headers={'content-type': 'application/x-www-form-urlencoded'})
|
response = self.session.post(url, headers={'content-type': 'application/x-www-form-urlencoded'})
|
||||||
return handle_response(response.content)['Response']['Order']
|
return handle_response(response.content)['Response']['Order']
|
||||||
|
|
||||||
|
|
||||||
|
class VerisignSourcePlugin(SourcePlugin):
|
||||||
|
title = 'Verisign'
|
||||||
|
slug = 'verisign-source'
|
||||||
|
description = 'Allows for the polling of issued certificates from the VICE2.0 verisign API.'
|
||||||
|
version = verisign.VERSION
|
||||||
|
|
||||||
|
author = 'Kevin Glisson'
|
||||||
|
author_url = 'https://github.com/netflix/lemur.git'
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
self.session = requests.Session()
|
||||||
|
self.session.cert = current_app.config.get('VERISIGN_PEM_PATH')
|
||||||
|
super(VerisignSourcePlugin, self).__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
def get_certificates(self):
|
||||||
|
url = current_app.config.get('VERISIGN_URL') + '/reportingws'
|
||||||
|
end = arrow.now()
|
||||||
|
start = end.replace(years=-5)
|
||||||
|
data = {
|
||||||
|
'reportType': 'detail',
|
||||||
|
'startDate': start.format("MM/DD/YYYY"),
|
||||||
|
'endDate': end.format("MM/DD/YYYY"),
|
||||||
|
'structuredRecord': 'Y',
|
||||||
|
'certStatus': 'Valid',
|
||||||
|
}
|
||||||
|
current_app.logger.debug(data)
|
||||||
|
response = self.session.post(url, data=data)
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
from lemur.tests.conftest import * # noqa
|
|
@ -0,0 +1,5 @@
|
||||||
|
|
||||||
|
def test_get_certificates(app):
|
||||||
|
from lemur.plugins.base import plugins
|
||||||
|
p = plugins.get('verisign-source')
|
||||||
|
p.get_certificates()
|
|
@ -8,6 +8,7 @@ from lemur.roles import service as role_service
|
||||||
|
|
||||||
|
|
||||||
def pytest_addoption(parser):
|
def pytest_addoption(parser):
|
||||||
|
parser.addoption("--lemurconfig", help="override the default test config")
|
||||||
parser.addoption("--runslow", action="store_true", help="run slow tests")
|
parser.addoption("--runslow", action="store_true", help="run slow tests")
|
||||||
|
|
||||||
|
|
||||||
|
@ -29,12 +30,15 @@ def pytest_runtest_makereport(item, call):
|
||||||
|
|
||||||
|
|
||||||
@pytest.yield_fixture(scope="session")
|
@pytest.yield_fixture(scope="session")
|
||||||
def app():
|
def app(request):
|
||||||
"""
|
"""
|
||||||
Creates a new Flask application for a test duration.
|
Creates a new Flask application for a test duration.
|
||||||
Uses application factory `create_app`.
|
Uses application factory `create_app`.
|
||||||
"""
|
"""
|
||||||
_app = create_app(os.path.dirname(os.path.realpath(__file__)) + '/conf.py')
|
if request.config.getoption('--lemurconfig'):
|
||||||
|
_app = create_app(request.config.getoption('--lemurconfig'))
|
||||||
|
else:
|
||||||
|
_app = create_app(os.path.dirname(os.path.realpath(__file__)) + '/conf.py')
|
||||||
ctx = _app.app_context()
|
ctx = _app.app_context()
|
||||||
ctx.push()
|
ctx.push()
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue