28 files changed, 0 insertions, 408 deletions
diff --git a/certs/Gemfile b/certs/Gemfile
deleted file mode 100644
index 992f236..0000000
--- a/certs/Gemfile
+++ /dev/null
@@ -1,14 +0,0 @@
-source "https://rubygems.org"
-
-eval(File.read(File.dirname(__FILE__) + '/../common_dependencies.rb'))
-
-# We require leap_web_core from here so we can use the path option.
-gem "leap_web_core", :path => '../core'
-
-# Declare your gem's dependencies in leap_web_users.gemspec.
-# Bundler will treat runtime dependencies like base dependencies, and
-# development dependencies will be added by default to the :development group.
-gemspec
-
-# To use debugger
-# gem 'ruby-debug'
diff --git a/certs/Rakefile b/certs/Rakefile
deleted file mode 100644
index 54ed86d..0000000
--- a/certs/Rakefile
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/usr/bin/env rake
-
-require 'rake/packagetask'
-require 'rubygems/package_task'
-
-begin
-  require 'bundler/setup'
-rescue LoadError
-  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
-end
-begin
-  require 'rdoc/task'
-rescue LoadError
-  require 'rdoc/rdoc'
-  require 'rake/rdoctask'
-  RDoc::Task = Rake::RDocTask
-end
-
-RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'LeapWebCerts'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('README.rdoc')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
-
-spec = eval(File.read('leap_web_certs.gemspec'))
-Gem::PackageTask.new(spec) do |p|
-    p.gem_spec = spec
-end
-
-Bundler::GemHelper.install_tasks
-
-require 'rake/testtask'
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << 'lib'
-  t.libs << 'test'
-  t.pattern = 'test/**/*_test.rb'
-  t.verbose = false
-end
-
-
-task :default => :test
diff --git a/certs/Readme.md b/certs/Readme.md
deleted file mode 100644
index 4ea8d9d..0000000
--- a/certs/Readme.md
+++ /dev/null
@@ -1,9 +0,0 @@
-LeapWebCerts
-=========
-
-
-Configuration
--------------
-
-
-Currently LeapWebCerts falls back to handing out a cert in /config/cert if the cert pool is empty. You need to add that file in the application that includes this engine.
diff --git a/certs/app/assets/images/leap_web_certs/.gitkeep b/certs/app/assets/images/leap_web_certs/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/assets/images/leap_web_certs/.gitkeep
+++ /dev/null
diff --git a/certs/app/assets/javascripts/leap_web_certs/.gitkeep b/certs/app/assets/javascripts/leap_web_certs/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/assets/javascripts/leap_web_certs/.gitkeep
+++ /dev/null
diff --git a/certs/app/assets/stylesheets/leap_web_certs/.gitkeep b/certs/app/assets/stylesheets/leap_web_certs/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/assets/stylesheets/leap_web_certs/.gitkeep
+++ /dev/null
diff --git a/certs/app/controllers/.gitkeep b/certs/app/controllers/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/controllers/.gitkeep
+++ /dev/null
diff --git a/certs/app/controllers/certs_controller.rb b/certs/app/controllers/certs_controller.rb
deleted file mode 100644
index 82cbc44..0000000
--- a/certs/app/controllers/certs_controller.rb
+++ /dev/null
@@ -1,50 +0,0 @@
-class CertsController < ApplicationController
-
-  before_filter :require_login, :unless => :anonymous_certs_allowed?
-
-  # GET /cert
-  def show
-    @cert = ClientCertificate.new(:prefix => certificate_prefix)
-    render text: @cert.to_s, content_type: 'text/plain'
-  end
-
-  protected
-
-  def anonymous_certs_allowed?
-    APP_CONFIG[:allow_anonymous_certs]
-  end
-  #
-  # this is some temporary logic until we store the service level in the user db.
-  #
-  # better logic might look like this:
-  #
-  # if logged_in?
-  #   service_level = user.service_level
-  # elsif allow_anonymous?
-  #   service_level = service_levels[:anonymous]
-  # else
-  #   service_level = nil
-  # end
-  #
-  # if service_level.bandwidth == 'limited' && allow_limited?
-  #   prefix = limited
-  # elsif allow_unlimited?
-  #   prefix = unlimited
-  # else
-  #   prefix = nil
-  # end
-  #
-  def certificate_prefix
-    if logged_in?
-      if APP_CONFIG[:allow_unlimited_certs]
-        APP_CONFIG[:unlimited_cert_prefix]
-      elsif APP_CONFIG[:allow_limited_certs]
-        APP_CONFIG[:limited_cert_prefix]
-      end
-    elsif !APP_CONFIG[:allow_limited_certs]
-      APP_CONFIG[:unlimited_cert_prefix]
-    else
-      APP_CONFIG[:limited_cert_prefix]
-    end
-  end
-end
diff --git a/certs/app/helpers/.gitkeep b/certs/app/helpers/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/helpers/.gitkeep
+++ /dev/null
diff --git a/certs/app/helpers/certs_helper.rb b/certs/app/helpers/certs_helper.rb
deleted file mode 100644
index 94e76b8..0000000
--- a/certs/app/helpers/certs_helper.rb
+++ /dev/null
@@ -1,2 +0,0 @@
-module CertsHelper
-end
diff --git a/certs/app/mailers/.gitkeep b/certs/app/mailers/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/mailers/.gitkeep
+++ /dev/null
diff --git a/certs/app/models/.gitkeep b/certs/app/models/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/models/.gitkeep
+++ /dev/null
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb
deleted file mode 100644
index 76b07a2..0000000
--- a/certs/app/models/client_certificate.rb
+++ /dev/null
@@ -1,113 +0,0 @@
-#
-# Model for certificates
-#
-# This file must be loaded after Config has been loaded.
-#
-require 'base64'
-require 'digest/md5'
-require 'openssl'
-require 'certificate_authority'
-require 'date'
-
-class ClientCertificate
-
-  attr_accessor :key                          # the client private RSA key
-  attr_accessor :cert                         # the client x509 certificate, signed by the CA
-
-  #
-  # generate the private key and client certificate
-  #
-  def initialize(options = {})
-    cert = CertificateAuthority::Certificate.new
-
-    # set subject
-    cert.subject.common_name = common_name(options[:prefix])
-
-    # set expiration
-    cert.not_before = yesterday
-    cert.not_after = months_from_yesterday(APP_CONFIG[:client_cert_lifespan])
-
-    # generate key
-    cert.serial_number.number = cert_serial_number
-    cert.key_material.generate_key(APP_CONFIG[:client_cert_bit_size])
-
-    # sign
-    cert.parent = ClientCertificate.root_ca
-    cert.sign! client_signing_profile
-
-    self.key = cert.key_material.private_key
-    self.cert = cert
-  end
-
-  def to_s
-    self.key.to_pem + self.cert.to_pem
-  end
-
-  private
-
-  def self.root_ca
-    @root_ca ||= begin
-                   crt = File.read(APP_CONFIG[:client_ca_cert])
-                   key = File.read(APP_CONFIG[:client_ca_key])
-                   openssl_cert = OpenSSL::X509::Certificate.new(crt)
-                   cert = CertificateAuthority::Certificate.from_openssl(openssl_cert)
-                   cert.key_material.private_key = OpenSSL::PKey::RSA.new(key, APP_CONFIG[:ca_key_password])
-                   cert
-                 end
-  end
-
-  #
-  # For cert serial numbers, we need a non-colliding number less than 160 bits.
-  # md5 will do nicely, since there is no need for a secure hash, just a short one.
-  # (md5 is 128 bits)
-  #
-  def cert_serial_number
-    Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
-  end
-
-  def common_name(prefix = nil)
-    [prefix, random_common_name].join
-  end
-
-  #
-  # for the random common name, we need a text string that will be unique across all certs.
-  # ruby 1.8 doesn't have a built-in uuid generator, or we would use SecureRandom.uuid
-  #
-  def random_common_name
-    cert_serial_number.to_s(36)
-  end
-
-  def client_signing_profile
-    {
-      "digest" => APP_CONFIG[:client_cert_hash],
-      "extensions" => {
-        "keyUsage" => {
-          "usage" => ["digitalSignature"]
-        },
-        "extendedKeyUsage" => {
-          "usage" => ["clientAuth"]
-        }
-      }
-    }
-  end
-
-  ##
-  ## TIME HELPERS
-  ##
-  ## note: we use 'yesterday' instead of 'today', because times are in UTC, and some people on the planet
-  ## are behind UTC.
-  ##
-
-  def yesterday
-    t = Time.now - 24*60*60
-    Time.utc t.year, t.month, t.day
-  end
-
-  def months_from_yesterday(num)
-    t = yesterday
-    date = Date.new t.year, t.month, t.day
-    date = date >> num # >> is months in the future operator
-    Time.utc date.year, date.month, date.day
-  end
-
-end
diff --git a/certs/app/views/.gitkeep b/certs/app/views/.gitkeep
deleted file mode 100644
index e69de29..0000000
--- a/certs/app/views/.gitkeep
+++ /dev/null
diff --git a/certs/config/locales/en.yml b/certs/config/locales/en.yml
deleted file mode 100644
index 18e4f47..0000000
--- a/certs/config/locales/en.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-en:
-  cert_pool_empty: "Sorry the Cert pool is empty, please check back later."
diff --git a/certs/config/routes.rb b/certs/config/routes.rb
deleted file mode 100644
index cb97757..0000000
--- a/certs/config/routes.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-Rails.application.routes.draw do
-  scope '/1' do
-    resource :cert, :only => [:show]
-  end
-end
diff --git a/certs/leap_web_certs.gemspec b/certs/leap_web_certs.gemspec
deleted file mode 100644
index 21be09d..0000000
--- a/certs/leap_web_certs.gemspec
+++ /dev/null
@@ -1,21 +0,0 @@
-$:.push File.expand_path("../lib", __FILE__)
-
-require File.expand_path('../../lib/leap_web/version.rb', __FILE__)
-
-# Describe your gem and declare its dependencies:
-Gem::Specification.new do |s|
-  s.name        = "leap_web_certs"
-  s.version     = LeapWeb::VERSION
-  s.authors     = ["Azul"]
-  s.email       = ["azul@leap.se"]
-  s.homepage    = "http://www.leap.se"
-  s.summary     = "Cert distribution for the leap platform"
-  s.description = "This plugin for the leap platform distributes certs for the EIP client. It fetches the certs from a pool in CouchDB that is filled by leap-ca."
-
-  s.files = Dir["{app,config,db,lib}/**/*"] + ["Rakefile", "Readme.md"]
-  s.test_files = Dir["test/**/*"]
-
-  s.add_dependency "leap_web_core", LeapWeb::VERSION
-  s.add_dependency "certificate_authority", [">= 0.2.0"]
-
-end
diff --git a/certs/lib/leap_web_certs.rb b/certs/lib/leap_web_certs.rb
deleted file mode 100644
index beb683d..0000000
--- a/certs/lib/leap_web_certs.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-require "leap_web_certs/engine"
-
-module LeapWebCerts
-end
diff --git a/certs/lib/leap_web_certs/engine.rb b/certs/lib/leap_web_certs/engine.rb
deleted file mode 100644
index 3c8948a..0000000
--- a/certs/lib/leap_web_certs/engine.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-require "leap_web_core"
-
-module LeapWebCerts
-  class Engine < ::Rails::Engine
-
-  end
-end
diff --git a/certs/lib/tasks/leap_web_certs_tasks.rake b/certs/lib/tasks/leap_web_certs_tasks.rake
deleted file mode 100644
index e8fb7ff..0000000
--- a/certs/lib/tasks/leap_web_certs_tasks.rake
+++ /dev/null
@@ -1,4 +0,0 @@
-# desc "Explaining what the task does"
-# task :leap_web_certs do
-#   # Task goes here
-# end
diff --git a/certs/script/rails b/certs/script/rails
deleted file mode 100755
index 616d3c9..0000000
--- a/certs/script/rails
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env ruby1.8
-# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
-
-ENGINE_ROOT = File.expand_path('../..', __FILE__)
-ENGINE_PATH = File.expand_path('../../lib/leap_web_certs/engine', __FILE__)
-
-require 'rails/all'
-require 'rails/engine/commands'
diff --git a/certs/test/files/ca.crt b/certs/test/files/ca.crt
deleted file mode 100644
index 8393eee..0000000
--- a/certs/test/files/ca.crt
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICYDCCAcCgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA7MREwDwYDVQQKDAh0ZXN0
-IG9yZzESMBAGA1UECwwJdGVzdCB1bml0MRIwEAYDVQQDDAl0ZXN0IG5hbWUwIBcN
-MTMwMjA1MDAwMDAwWhgPMjExMzAyMDUwMDAwMDBaMDsxETAPBgNVBAoMCHRlc3Qg
-b3JnMRIwEAYDVQQLDAl0ZXN0IHVuaXQxEjAQBgNVBAMMCXRlc3QgbmFtZTCBqDAN
-BgkqhkiG9w0BAQEFAAOBlgAwgZICgYoAx076Dz8zswvCLuz0HP3Y3PWOgFDo9+8o
-H4uXRcTpd+yw+5B79xjtQ7ojQy2465Jq00nkzHI6V1otM2uvVVIOcNk0t1HEjmK0
-T/r96dDHc59YvVQ+XPrzuQ4t3iREy8IAPNbc3r29PVZkMdGpeSYxyY1mUKza4DcY
-My4SVko9pcP8zJBD4bHgEa0CAwEAAaNgMF4wHQYDVR0OBBYEFOQ+d2EUwBpi93TJ
-9AX4Okew5/UIMA4GA1UdDwEB/wQEAwICBDAMBgNVHRMEBTADAQH/MB8GA1UdIwQY
-MBaAFOQ+d2EUwBpi93TJ9AX4Okew5/UIMA0GCSqGSIb3DQEBDQUAA4GKAJW9/39P
-VbVjH9C7F0XMOpd9nWBe9NUoiw36ZFZw95dqfUm6j5f3nejWG4lEtyMFu5i5rAw6
-GdDSXmq4sUqWTaJmQmZyY+WggQR4UGWJ0I18HRDiPxuA++OfkGzA20Gmvk+CIw/J
-QLHlVjLyyUwaA+EO88rEcdc9VnGL/Xgjh8C/PYH2DpWw/kJa
------END CERTIFICATE-----
diff --git a/certs/test/files/ca.key b/certs/test/files/ca.key
deleted file mode 100644
index 125997f..0000000
--- a/certs/test/files/ca.key
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIChAIBAAKBigDHTvoPPzOzC8Iu7PQc/djc9Y6AUOj37ygfi5dFxOl37LD7kHv3
-GO1DuiNDLbjrkmrTSeTMcjpXWi0za69VUg5w2TS3UcSOYrRP+v3p0Mdzn1i9VD5c
-+vO5Di3eJETLwgA81tzevb09VmQx0al5JjHJjWZQrNrgNxgzLhJWSj2lw/zMkEPh
-seARrQIDAQABAoGJIvn0HircOsaMfEmvCUtu/E/HgzMvvxrkMqz/jgnhYt9Rq8QO
-TS29rY4D1C0473ZRcuTb1xkQrfWwSv7R1SpCSIGFo8obtGb0NjNaYGyQ0IrYDjk8
-H5kYFEY4X4oqFhgy3owewaZZLxLD336ARRj2HhsLzA+4nD/wF7Q+bggpuMdkM2Uj
-tn12rIECRQ/XqIGF8jLw9IDMkr9kkfT+n03p8sOd4g7iSw0sknlzaZZpIDvibkyN
-SDKM7VX4VQa7u58+sCF4ylwi0UQu7/VT7Smp4QJFDJSoEOKplBvaT9fTfdVKjE4P
-QyCAWEsb6Up8KKswhtDqiWeFtktIvx1Mkxn25erLms3cUEBde//rwNB+6ItBR/N8
-4RlNAkUPLsc3Gn+7gmFQ7r3U3zViboON0B/wiWcUjJsQzR6zdoBCvg0+VwsOIniG
-ubjbI1uZUGHHg/SYn4KQOm4DwlgF7aDkxQECRQjVZMEedlXxzLOdZvoHBuZHdT38
-F0Jn0rxXOaDQuy0eimBamS+r4vOWngr4Az3jRH15KMYMu9dyllX3z/R2uyrLVBc2
-TQJFBEHIjoMVgP2h+N6VUDgPOhnxnnLvowOtX23J1y2foKwfZrHH38LNcWmuaGUi
-fz6EYeUO20D174GfhqB0j6yR50ejPjYD
------END RSA PRIVATE KEY-----
diff --git a/certs/test/functional/certs_controller_test.rb b/certs/test/functional/certs_controller_test.rb
deleted file mode 100644
index 503e74b..0000000
--- a/certs/test/functional/certs_controller_test.rb
+++ /dev/null
@@ -1,44 +0,0 @@
-require 'test_helper'
-
-class CertsControllerTest < ActionController::TestCase
-
-  test "send limited cert without login" do
-    with_config allow_limited_certs: true, allow_anonymous_certs: true do
-      cert = stub :to_s => "limited cert"
-      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:limited_cert_prefix]).returns(cert)
-      get :show
-      assert_response :success
-      assert_equal cert.to_s, @response.body
-    end
-  end
-
-  test "send unlimited cert" do
-    with_config allow_unlimited_certs: true do
-      login
-      cert = stub :to_s => "unlimited cert"
-      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:unlimited_cert_prefix]).returns(cert)
-      get :show
-      assert_response :success
-      assert_equal cert.to_s, @response.body
-    end
-  end
-
-  test "login required if anonymous certs disabled" do
-    with_config allow_anonymous_certs: false do
-      get :show
-      assert_response :redirect
-    end
-  end
-
-  test "send limited cert" do
-    with_config allow_limited_certs: true, allow_unlimited_certs: false do
-      login
-      cert = stub :to_s => "real cert"
-      ClientCertificate.expects(:new).with(:prefix => APP_CONFIG[:limited_cert_prefix]).returns(cert)
-      get :show
-      assert_response :success
-      assert_equal cert.to_s, @response.body
-    end
-  end
-
-end
diff --git a/certs/test/integration/navigation_test.rb b/certs/test/integration/navigation_test.rb
deleted file mode 100644
index eec8c0e..0000000
--- a/certs/test/integration/navigation_test.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-require 'test_helper'
-
-class NavigationTest < ActionDispatch::IntegrationTest
-
-  # test "the truth" do
-  #   assert true
-  # end
-end
-
diff --git a/certs/test/leap_web_certs_test.rb b/certs/test/leap_web_certs_test.rb
deleted file mode 100644
index ee2058b..0000000
--- a/certs/test/leap_web_certs_test.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-require 'test_helper'
-
-class LeapWebCertsTest < ActiveSupport::TestCase
-  test "truth" do
-    assert_kind_of Module, LeapWebCerts
-  end
-end
diff --git a/certs/test/test_helper.rb b/certs/test/test_helper.rb
deleted file mode 100644
index f6b4eb8..0000000
--- a/certs/test/test_helper.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-ENV["RAILS_ENV"] = "test"
-require File.expand_path('../../../test/dummy/config/environment', __FILE__)
-require 'rails/test_help'
-require 'mocha/setup'
-
-Rails.backtrace_cleaner.remove_silencers!
-
-# Load support files
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
-
diff --git a/certs/test/unit/client_certificate_test.rb b/certs/test/unit/client_certificate_test.rb
deleted file mode 100644
index 036e724..0000000
--- a/certs/test/unit/client_certificate_test.rb
+++ /dev/null
@@ -1,24 +0,0 @@
-require 'test_helper'
-
-class ClientCertificateTest < ActiveSupport::TestCase
-
-  test "new cert has all we need" do
-    sample = ClientCertificate.new
-    assert sample.key
-    assert sample.cert
-    assert sample.to_s
-  end
-
-  test "cert has configured prefix" do
-    prefix = "PREFIX"
-    sample = ClientCertificate.new(:prefix => prefix)
-    assert sample.cert.subject.common_name.starts_with?(prefix)
-  end
-
-  test "cert issuer matches ca subject" do
-    sample = ClientCertificate.new
-    cert = OpenSSL::X509::Certificate.new(sample.cert.to_pem)
-    assert_equal ClientCertificate.root_ca.openssl_body.subject, cert.issuer
-  end
-
-end