store cert fingerprint with main user identity

3 files changed, 7 insertions, 4 deletions

diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
index 001425d..258b391 100644
--- a/app/controllers/v1/smtp_certs_controller.rb
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -6,6 +6,8 @@ class V1::SmtpCertsController < ApplicationController
   # GET /cert
   def show
     @cert = ClientCertificate.new prefix: current_user.email_address
+    current_user.identity.cert_fingerprints << @cert.fingerprint
+    current_user.identity.save
     render text: @cert.to_s, content_type: 'text/plain'
   end
 
diff --git a/app/models/identity.rb b/app/models/identity.rb
index ad8c01e..2f8d4eb 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -8,6 +8,7 @@ class Identity < CouchRest::Model::Base
   property :address, LocalEmail
   property :destination, Email
   property :keys, HashWithIndifferentAccess
+  property :cert_fingerprints, [String]
 
   validate :unique_forward
   validate :alias_available
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
index a579d93..4f0f4a6 100644
--- a/test/integration/api/smtp_cert_test.rb
+++ b/test/integration/api/smtp_cert_test.rb
@@ -14,7 +14,7 @@ class SmtpCertTest < ApiIntegrationTest
     assert_response_includes "END CERTIFICATE"
   end
 
-  test "key matches the cert" do
+  test "cert and key" do
     @user = FactoryGirl.create :user, effective_service_level_code: 2
     login
     get '/1/smtp_cert', {}, RACK_ENV
@@ -22,17 +22,17 @@ class SmtpCertTest < ApiIntegrationTest
     cert = OpenSSL::X509::Certificate.new(get_response.body)
     key = OpenSSL::PKey::RSA.new(get_response.body)
     assert cert.check_private_key(key)
+    prefix = "/CN=#{@user.email_address}"
+    assert_equal prefix, cert.subject.to_s.slice(0,prefix.size)
   end
 
-  # we'll store the fingerprint later.
-  test "fingerprint matches" do
+  test "fingerprint is stored with identity" do
     @user = FactoryGirl.create :user, effective_service_level_code: 2
     login
     get '/1/smtp_cert', {}, RACK_ENV
     assert_text_response
     cert = OpenSSL::X509::Certificate.new(get_response.body)
     fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
-    skip "we're not storing the fingerprints yet"
     assert_equal fingerprint, @user.identity.cert_fingerprints.last
   end