From 37d7e272b7f8a649034a0cf60f6c4a1424bf767a Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Tue, 4 Sep 2012 01:08:05 +0900
Subject: better separate cert validation/download logic

stubbing out the timestamp validity check (waiting for #507)
also some more deep tests are missing, wrote todo in tests.
---
 src/leap/eip/tests/test_checks.py | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

(limited to 'src/leap/eip/tests')

diff --git a/src/leap/eip/tests/test_checks.py b/src/leap/eip/tests/test_checks.py
index 541b884b..09fdaabf 100644
--- a/src/leap/eip/tests/test_checks.py
+++ b/src/leap/eip/tests/test_checks.py
@@ -199,7 +199,7 @@ class ProviderCertCheckerTest(BaseLeapTest):
         self.assertTrue(hasattr(checker, "is_there_provider_ca"),
                         "missing meth")
         self.assertTrue(hasattr(checker, "is_https_working"), "missing meth")
-        self.assertTrue(hasattr(checker, "download_new_client_cert"),
+        self.assertTrue(hasattr(checker, "check_new_cert_needed"),
                         "missing meth")
 
     def test_checker_should_actually_call_all_tests(self):
@@ -217,7 +217,7 @@ class ProviderCertCheckerTest(BaseLeapTest):
         self.assertTrue(mc.is_there_provider_ca.called, "not called")
         self.assertTrue(mc.is_https_working.called,
                         "not called")
-        self.assertTrue(mc.download_new_client_cert.called,
+        self.assertTrue(mc.check_new_cert_needed.called,
                         "not called")
 
     # test individual check methods
@@ -233,6 +233,7 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase):
         responses = {
             '/': ['OK', ''],
             '/client.cert': [
+                # XXX get sample cert
                 '-----BEGIN CERTIFICATE-----',
                 '-----END CERTIFICATE-----'],
             '/badclient.cert': [
@@ -301,13 +302,30 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase):
                             uri=uri, verify=cacert))
 
         # did we write cert to its path?
-        self.assertTrue(os.path.isfile(eipspecs.client_cert_path()))
+        clientcertfile = eipspecs.client_cert_path()
+        self.assertTrue(os.path.isfile(clientcertfile))
         certfile = eipspecs.client_cert_path()
         with open(certfile, 'r') as cf:
             certcontent = cf.read()
         self.assertEqual(certcontent,
                          '\n'.join(
                              self.request_handler.responses['/client.cert']))
+        os.remove(clientcertfile)
+
+    def test_is_cert_valid(self):
+        checker = eipchecks.ProviderCertChecker()
+        # TODO: better exception catching
+        with self.assertRaises(Exception) as exc:
+            self.assertFalse(checker.is_cert_valid())
+            exc.message = "missing cert"
+
+    def test_check_new_cert_needed(self):
+        # check: missing cert
+        checker = eipchecks.ProviderCertChecker()
+        self.assertTrue(checker.check_new_cert_needed(skip_download=True))
+        # TODO check: malformed cert
+        # TODO check: expired cert
+        # TODO check: pass test server uri instead of skip
 
 
 if __name__ == "__main__":
-- 
cgit v1.2.3