diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py index 5528e168..1352f796 100644 --- a/lemur/certificates/schemas.py +++ b/lemur/certificates/schemas.py @@ -121,11 +121,9 @@ class CertificateInputSchema(CertificateCreationSchema): } elif not data['extensions'].get('subAltNames'): data['extensions']['subAltNames'] = { - 'subAltNames': { - 'names': [] - } + 'names': [] } - elif not data['extensions']['subAltNames'].get('names'): + elif not data['extensions']['subAltNames']['names']: data['extensions']['subAltNames']['names'] = [] data['extensions']['subAltNames']['names'] += csr_sans return missing.convert_validity_years(data) diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py index 4013d367..1d7bf65d 100644 --- a/lemur/tests/test_certificates.py +++ b/lemur/tests/test_certificates.py @@ -284,6 +284,31 @@ def test_certificate_input_with_extensions(client, authority): assert not errors +def test_certificate_input_schema_parse_csr(authority): + from lemur.certificates.schemas import CertificateInputSchema + + test_san_dns = 'foobar.com' + extensions = {'sub_alt_names': {'names': x509.SubjectAlternativeName([x509.DNSName(test_san_dns)])}} + csr, private_key = create_csr(owner='joe@example.com', common_name='ACommonName', organization='test', + organizational_unit='Meters', country='NL', state='Noord-Holland', location='Amsterdam', + key_type='RSA2048', extensions=extensions) + + input_data = { + 'commonName': 'test.example.com', + 'owner': 'jim@example.com', + 'authority': {'id': authority.id}, + 'description': 'testtestest', + 'csr': csr, + 'dnsProvider': None, + } + + data, errors = CertificateInputSchema().load(input_data) + + for san in data['extensions']['sub_alt_names']['names']: + assert san.value == test_san_dns + assert not errors + + def test_certificate_out_of_range_date(client, authority): from lemur.certificates.schemas import CertificateInputSchema input_data = {