summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/v1/smtp_certs_controller.rb2
-rw-r--r--app/models/identity.rb1
-rw-r--r--test/integration/api/smtp_cert_test.rb8
3 files changed, 7 insertions, 4 deletions
diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
index 001425d..258b391 100644
--- a/app/controllers/v1/smtp_certs_controller.rb
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -6,6 +6,8 @@ class V1::SmtpCertsController < ApplicationController
# GET /cert
def show
@cert = ClientCertificate.new prefix: current_user.email_address
+ current_user.identity.cert_fingerprints << @cert.fingerprint
+ current_user.identity.save
render text: @cert.to_s, content_type: 'text/plain'
end
diff --git a/app/models/identity.rb b/app/models/identity.rb
index ad8c01e..2f8d4eb 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -8,6 +8,7 @@ class Identity < CouchRest::Model::Base
property :address, LocalEmail
property :destination, Email
property :keys, HashWithIndifferentAccess
+ property :cert_fingerprints, [String]
validate :unique_forward
validate :alias_available
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
index a579d93..4f0f4a6 100644
--- a/test/integration/api/smtp_cert_test.rb
+++ b/test/integration/api/smtp_cert_test.rb
@@ -14,7 +14,7 @@ class SmtpCertTest < ApiIntegrationTest
assert_response_includes "END CERTIFICATE"
end
- test "key matches the cert" do
+ test "cert and key" do
@user = FactoryGirl.create :user, effective_service_level_code: 2
login
get '/1/smtp_cert', {}, RACK_ENV
@@ -22,17 +22,17 @@ class SmtpCertTest < ApiIntegrationTest
cert = OpenSSL::X509::Certificate.new(get_response.body)
key = OpenSSL::PKey::RSA.new(get_response.body)
assert cert.check_private_key(key)
+ prefix = "/CN=#{@user.email_address}"
+ assert_equal prefix, cert.subject.to_s.slice(0,prefix.size)
end
- # we'll store the fingerprint later.
- test "fingerprint matches" do
+ test "fingerprint is stored with identity" do
@user = FactoryGirl.create :user, effective_service_level_code: 2
login
get '/1/smtp_cert', {}, RACK_ENV
assert_text_response
cert = OpenSSL::X509::Certificate.new(get_response.body)
fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
- skip "we're not storing the fingerprints yet"
assert_equal fingerprint, @user.identity.cert_fingerprints.last
end