Add DIGICERT_ORDER_TYPE to Digicert plugin (#1025)

* Add DIGICERT_ORDER_TYPE to Digicert plugin

This allows lemur.conf.py to control which kind of certificate to
order.  User defined options are not currently supported in the the UI,
so we cannot create multiple Digicert authorities at runtime for
separate certificate types.

Change-Id: I06c216ec3c476e0001b240530626a86464be999e

* Fix Mock URL for Digicert test

Change-Id: Ida7c0ed1bd120c9024bea091c03b7d1ecfa66498

* Add documentation for DIGICERT_ORDER_TYPE

Change-Id: I0bc347883b628416eb7f13a7c60c937dcb6ae0c2
This commit is contained in:
James Chuong 2018-01-13 18:06:17 -08:00 committed by kevgliss
parent 050295ea20
commit 763c5e8356
4 changed files with 11 additions and 2 deletions

View File

@ -581,6 +581,12 @@ The following configuration properties are required to use the Digicert issuer p
This is the url for the Digicert API (e.g. https://www.digicert.com) This is the url for the Digicert API (e.g. https://www.digicert.com)
.. data:: DIGICERT_ORDER_TYPE
:noindex:
This is the type of certificate to order. (e.g. ssl_plus, ssl_ev_plus see: https://www.digicert.com/services/v2/documentation/order/overview-submit)
.. data:: DIGICERT_API_KEY .. data:: DIGICERT_API_KEY
:noindex: :noindex:

View File

@ -271,6 +271,7 @@ class DigiCertIssuerPlugin(IssuerPlugin):
'DIGICERT_API_KEY', 'DIGICERT_API_KEY',
'DIGICERT_URL', 'DIGICERT_URL',
'DIGICERT_ORG_ID', 'DIGICERT_ORG_ID',
'DIGICERT_ORDER_TYPE',
'DIGICERT_ROOT', 'DIGICERT_ROOT',
] ]
@ -296,9 +297,10 @@ class DigiCertIssuerPlugin(IssuerPlugin):
:return: :raise Exception: :return: :raise Exception:
""" """
base_url = current_app.config.get('DIGICERT_URL') base_url = current_app.config.get('DIGICERT_URL')
cert_type = current_app.config.get('DIGICERT_ORDER_TYPE')
# make certificate request # make certificate request
determinator_url = "{0}/services/v2/order/certificate/ssl".format(base_url) determinator_url = "{0}/services/v2/order/certificate/{1}".format(base_url, cert_type)
data = map_fields(issuer_options, csr) data = map_fields(issuer_options, csr)
response = self.session.post(determinator_url, data=json.dumps(data)) response = self.session.post(determinator_url, data=json.dumps(data))

View File

@ -166,7 +166,7 @@ ghi
subject = DigiCertIssuerPlugin() subject = DigiCertIssuerPlugin()
adapter = requests_mock.Adapter() adapter = requests_mock.Adapter()
adapter.register_uri('POST', 'mock://www.digicert.com/services/v2/order/certificate/ssl', text=json.dumps({'id': 'id123'})) adapter.register_uri('POST', 'mock://www.digicert.com/services/v2/order/certificate/ssl_plus', text=json.dumps({'id': 'id123'}))
adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/order/certificate/id123', text=json.dumps({'status': 'issued', 'certificate': {'id': 'cert123'}})) adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/order/certificate/id123', text=json.dumps({'status': 'issued', 'certificate': {'id': 'cert123'}}))
adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/certificate/cert123/download/format/pem_all', text=pem_fixture) adapter.register_uri('GET', 'mock://www.digicert.com/services/v2/certificate/cert123/download/format/pem_all', text=pem_fixture)
subject.session.mount('mock', adapter) subject.session.mount('mock', adapter)

View File

@ -71,6 +71,7 @@ LEMUR_INSTANCE_PROFILE = 'Lemur'
DIGICERT_URL = 'mock://www.digicert.com' DIGICERT_URL = 'mock://www.digicert.com'
DIGICERT_ORDER_TYPE = 'ssl_plus'
DIGICERT_API_KEY = 'api-key' DIGICERT_API_KEY = 'api-key'
DIGICERT_ORG_ID = 111111 DIGICERT_ORG_ID = 111111
DIGICERT_ROOT = "ROOT" DIGICERT_ROOT = "ROOT"