diff options
-rw-r--r-- | app/controllers/v1/smtp_certs_controller.rb | 2 | ||||
-rw-r--r-- | app/models/identity.rb | 1 | ||||
-rw-r--r-- | test/integration/api/smtp_cert_test.rb | 8 |
3 files changed, 7 insertions, 4 deletions
diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 001425d..258b391 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -6,6 +6,8 @@ class V1::SmtpCertsController < ApplicationController # GET /cert def show @cert = ClientCertificate.new prefix: current_user.email_address + current_user.identity.cert_fingerprints << @cert.fingerprint + current_user.identity.save render text: @cert.to_s, content_type: 'text/plain' end diff --git a/app/models/identity.rb b/app/models/identity.rb index ad8c01e..2f8d4eb 100644 --- a/app/models/identity.rb +++ b/app/models/identity.rb @@ -8,6 +8,7 @@ class Identity < CouchRest::Model::Base property :address, LocalEmail property :destination, Email property :keys, HashWithIndifferentAccess + property :cert_fingerprints, [String] validate :unique_forward validate :alias_available diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb index a579d93..4f0f4a6 100644 --- a/test/integration/api/smtp_cert_test.rb +++ b/test/integration/api/smtp_cert_test.rb @@ -14,7 +14,7 @@ class SmtpCertTest < ApiIntegrationTest assert_response_includes "END CERTIFICATE" end - test "key matches the cert" do + test "cert and key" do @user = FactoryGirl.create :user, effective_service_level_code: 2 login get '/1/smtp_cert', {}, RACK_ENV @@ -22,17 +22,17 @@ class SmtpCertTest < ApiIntegrationTest cert = OpenSSL::X509::Certificate.new(get_response.body) key = OpenSSL::PKey::RSA.new(get_response.body) assert cert.check_private_key(key) + prefix = "/CN=#{@user.email_address}" + assert_equal prefix, cert.subject.to_s.slice(0,prefix.size) end - # we'll store the fingerprint later. - test "fingerprint matches" do + test "fingerprint is stored with identity" do @user = FactoryGirl.create :user, effective_service_level_code: 2 login get '/1/smtp_cert', {}, RACK_ENV assert_text_response cert = OpenSSL::X509::Certificate.new(get_response.body) fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':') - skip "we're not storing the fingerprints yet" assert_equal fingerprint, @user.identity.cert_fingerprints.last end |