summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--certs/app/assets/images/leap_web_certs/.gitkeep0
-rw-r--r--certs/app/assets/javascripts/leap_web_certs/.gitkeep0
-rw-r--r--certs/app/assets/stylesheets/leap_web_certs/.gitkeep0
-rw-r--r--certs/app/helpers/.gitkeep0
-rw-r--r--certs/app/helpers/certs_helper.rb2
-rw-r--r--certs/app/mailers/.gitkeep0
-rw-r--r--certs/app/models/.gitkeep0
-rw-r--r--certs/app/models/leap_ca/cert.rb56
-rw-r--r--certs/app/views/.gitkeep0
-rw-r--r--certs/leap_web_certs.gemspec1
-rw-r--r--certs/lib/leap_web_certs/engine.rb10
-rw-r--r--certs/test/unit/cert_pool_test.rb52
-rw-r--r--certs/test/unit/cert_test.rb39
13 files changed, 149 insertions, 11 deletions
diff --git a/certs/app/assets/images/leap_web_certs/.gitkeep b/certs/app/assets/images/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/assets/images/leap_web_certs/.gitkeep
diff --git a/certs/app/assets/javascripts/leap_web_certs/.gitkeep b/certs/app/assets/javascripts/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/assets/javascripts/leap_web_certs/.gitkeep
diff --git a/certs/app/assets/stylesheets/leap_web_certs/.gitkeep b/certs/app/assets/stylesheets/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/assets/stylesheets/leap_web_certs/.gitkeep
diff --git a/certs/app/helpers/.gitkeep b/certs/app/helpers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/helpers/.gitkeep
diff --git a/certs/app/helpers/certs_helper.rb b/certs/app/helpers/certs_helper.rb
new file mode 100644
index 0000000..94e76b8
--- /dev/null
+++ b/certs/app/helpers/certs_helper.rb
@@ -0,0 +1,2 @@
+module CertsHelper
+end
diff --git a/certs/app/mailers/.gitkeep b/certs/app/mailers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/mailers/.gitkeep
diff --git a/certs/app/models/.gitkeep b/certs/app/models/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/models/.gitkeep
diff --git a/certs/app/models/leap_ca/cert.rb b/certs/app/models/leap_ca/cert.rb
new file mode 100644
index 0000000..9d4f15e
--- /dev/null
+++ b/certs/app/models/leap_ca/cert.rb
@@ -0,0 +1,56 @@
+#
+# Model for certificates stored in CouchDB.
+#
+# This file must be loaded after Config has been loaded.
+#
+
+module LeapCA
+ class Cert < CouchRest::Model::Base
+
+# No config yet. use_database LeapCA::Config.db_name
+ use_database 'client_certificates'
+
+ timestamps!
+
+ property :key, String # the client private RSA key
+ property :cert, String # the client x509 certificate, signed by the CA
+ property :valid_until, Time # expiration time of the client certificate
+ property :random, Float, :accessible => false # used to help pick a random cert by the webapp
+
+ before_validation :set_random, :on => :create
+
+ validates :key, :presence => true
+ validates :cert, :presence => true
+ validates :random, :presence => true
+ validates :random, :numericality => {:greater_than => 0, :less_than => 1}
+
+ design do
+ view :by_random
+ end
+
+ def set_random
+ self.random = rand
+ end
+
+ class << self
+ def sample
+ self.by_random.startkey(rand).first || self.by_random.first
+ end
+
+ def pick_from_pool
+ cert = self.sample
+ raise RECORD_NOT_FOUND unless cert
+ cert.destroy
+ return cert
+ rescue RESOURCE_NOT_FOUND
+ retry if self.by_random.count > 0
+ raise RECORD_NOT_FOUND
+ end
+
+ def valid_attributes_hash
+ {:key => "ABCD", :cert => "A123"}
+ end
+ end
+
+ end
+end
diff --git a/certs/app/views/.gitkeep b/certs/app/views/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/certs/app/views/.gitkeep
diff --git a/certs/leap_web_certs.gemspec b/certs/leap_web_certs.gemspec
index 81bc042..15a45be 100644
--- a/certs/leap_web_certs.gemspec
+++ b/certs/leap_web_certs.gemspec
@@ -16,6 +16,5 @@ Gem::Specification.new do |s|
s.test_files = Dir["test/**/*"]
s.add_dependency "leap_web_core", LeapWeb::VERSION
- s.add_dependency "leap_ca", '~> 0.2.0'
end
diff --git a/certs/lib/leap_web_certs/engine.rb b/certs/lib/leap_web_certs/engine.rb
index bc0801d..3c8948a 100644
--- a/certs/lib/leap_web_certs/engine.rb
+++ b/certs/lib/leap_web_certs/engine.rb
@@ -1,14 +1,4 @@
require "leap_web_core"
-require "leap_ca/config"
-LeapCA::Config.db_name = "client_certificates"
-
-# couchrest model has an initializer for this - but apparently that does not work
-CouchRest::Model::Base.configure do |conf|
- conf.environment = Rails.env
- conf.connection_config_file = File.join(Rails.root, 'config', 'couchdb.yml')
-end
-
-require "leap_ca/cert"
module LeapWebCerts
class Engine < ::Rails::Engine
diff --git a/certs/test/unit/cert_pool_test.rb b/certs/test/unit/cert_pool_test.rb
new file mode 100644
index 0000000..06f7ce0
--- /dev/null
+++ b/certs/test/unit/cert_pool_test.rb
@@ -0,0 +1,52 @@
+require 'test_helper'
+
+class CertPoolTest < ActiveSupport::TestCase
+
+ setup do
+ 2.times { LeapCA::Cert.create(LeapCA::Cert.valid_attributes_hash) }
+ end
+
+ teardown do
+ LeapCA::Cert.all.each {|c| c.destroy}
+ end
+
+ test "picks random sample" do
+ # with 3 certs chances are pretty low we pick the same one 40 times.
+ LeapCA::Cert.create! LeapCA::Cert.valid_attributes_hash
+ picked = []
+ first = LeapCA::Cert.sample.id
+ current = LeapCA::Cert.sample.id
+ 40.times do
+ break if current != first
+ current = LeapCA::Cert.sample.id
+ end
+ assert_not_equal current, first
+ end
+
+ test "picks cert from the pool" do
+ assert_difference "LeapCA::Cert.count", -1 do
+ cert = LeapCA::Cert.pick_from_pool
+ end
+ end
+
+ test "err's out if all certs have been destroyed" do
+ sample = LeapCA::Cert.first.tap{|c| c.destroy}
+ LeapCA::Cert.all.each {|c| c.destroy}
+ assert_raises RECORD_NOT_FOUND do
+ LeapCA::Cert.expects(:sample).returns(sample)
+ cert = LeapCA::Cert.pick_from_pool
+ end
+ end
+
+ test "picks other cert if first pick has been destroyed" do
+ first = LeapCA::Cert.first.tap{|c| c.destroy}
+ second = LeapCA::Cert.first
+ LeapCA::Cert.expects(:sample).at_least_once.
+ returns(first).
+ then.returns(second)
+ cert = LeapCA::Cert.pick_from_pool
+ assert_equal second, cert
+ assert_nil LeapCA::Cert.first
+ end
+
+end
diff --git a/certs/test/unit/cert_test.rb b/certs/test/unit/cert_test.rb
new file mode 100644
index 0000000..0b21d0b
--- /dev/null
+++ b/certs/test/unit/cert_test.rb
@@ -0,0 +1,39 @@
+require 'test_helper'
+
+class CertTest < ActiveSupport::TestCase
+
+ setup do
+ @sample = LeapCA::Cert.new LeapCA::Cert.valid_attributes_hash
+ end
+
+ test "stub cert for testing is valid" do
+ assert @sample.valid?
+ end
+
+ test "setting random on create validation" do
+ @sample.random = "asdf"
+ assert @sample.valid?
+ assert @sample.random.is_a? Float
+ assert @sample.random >= 0
+ assert @sample.random < 1
+ end
+
+ test "validates random" do
+ @sample.save # make sure we are past the on_create
+ assert @sample.valid?
+ ["asdf", 1, 2, -0.1, nil, "asdf"].each do |invalid|
+ @sample.random = invalid
+ assert !@sample.valid?, "#{invalid} should not be a valid value for random"
+ end
+ end
+
+ test "validates key" do
+ @sample.key = nil
+ assert !@sample.valid?, "Cert should require key"
+ end
+
+ test "validates cert" do
+ @sample.cert = nil
+ assert !@sample.valid?, "Cert should require cert"
+ end
+end