Move MockSA from WFE to mocks.

2015-09-16 12:53:02 -07:00 · 2015-09-16 12:53:02 -07:00 · f7910753b5
parent 73bf101ad1
commit f7910753b5
2 changed files with 198 additions and 163 deletions
--- a/mocks/mocks.go
+++ b/mocks/mocks.go
@ -6,12 +6,19 @@
 package mocks

 import (
+	"database/sql"
+	"encoding/pem"
+	"errors"
 	"fmt"
+	"io/ioutil"
 	"net"
 	"strings"
 	"time"

+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/miekg/dns"
+
+	"github.com/letsencrypt/boulder/core"
 )

 // MockDNS is a mock
@ -121,3 +128,182 @@ func (mock *MockDNS) LookupMX(domain string) ([]string, time.Duration, error) {
 	}
 	return nil, 0, nil
 }
+
+// MockSA is a mock
+type MockSA struct {
+	authorizedDomains map[string]bool
+}
+
+const (
+	test1KeyPublicJSON = `
+{
+	"kty":"RSA",
+	"n":"yNWVhtYEKJR21y9xsHV-PD_bYwbXSeNuFal46xYxVfRL5mqha7vttvjB_vc7Xg2RvgCxHPCqoxgMPTzHrZT75LjCwIW2K_klBYN8oYvTwwmeSkAz6ut7ZxPv-nZaT5TJhGk0NT2kh_zSpdriEJ_3vW-mqxYbbBmpvHqsa1_zx9fSuHYctAZJWzxzUZXykbWMWQZpEiE0J4ajj51fInEzVn7VxV-mzfMyboQjujPh7aNJxAWSq4oQEJJDgWwSh9leyoJoPpONHxh5nEE5AjE01FkGICSxjpZsF-w8hOTI3XXohUdu29Se26k2B0PolDSuj0GIQU6-W9TdLXSjBb2SpQ",
+	"e":"AAEAAQ"
+}`
+	test2KeyPublicJSON = `{
+		"kty":"RSA",
+		"n":"qnARLrT7Xz4gRcKyLdydmCr-ey9OuPImX4X40thk3on26FkMznR3fRjs66eLK7mmPcBZ6uOJseURU6wAaZNmemoYx1dMvqvWWIyiQleHSD7Q8vBrhR6uIoO4jAzJZR-ChzZuSDt7iHN-3xUVspu5XGwXU_MVJZshTwp4TaFx5elHIT_ObnTvTOU3Xhish07AbgZKmWsVbXh5s-CrIicU4OexJPgunWZ_YJJueOKmTvnLlTV4MzKR2oZlBKZ27S0-SfdV_QDx_ydle5oMAyKVtlAV35cyPMIsYNwgUGBCdY_2Uzi5eX0lTc7MPRwz6qR1kip-i59VcGcUQgqHV6Fyqw",
+		"e":"AAEAAQ"
+	}`
+	agreementURL = "http://example.invalid/terms"
+)
+
+// GetRegistration is a mock
+func (sa *MockSA) GetRegistration(id int64) (core.Registration, error) {
+	if id == 100 {
+		// Tag meaning "Missing"
+		return core.Registration{}, errors.New("missing")
+	}
+	if id == 101 {
+		// Tag meaning "Malformed"
+		return core.Registration{}, nil
+	}
+
+	keyJSON := []byte(test1KeyPublicJSON)
+	var parsedKey jose.JsonWebKey
+	parsedKey.UnmarshalJSON(keyJSON)
+
+	return core.Registration{ID: id, Key: parsedKey, Agreement: agreementURL}, nil
+}
+
+// GetRegistrationByKey is a mock
+func (sa *MockSA) GetRegistrationByKey(jwk jose.JsonWebKey) (core.Registration, error) {
+	var test1KeyPublic jose.JsonWebKey
+	var test2KeyPublic jose.JsonWebKey
+	test1KeyPublic.UnmarshalJSON([]byte(test1KeyPublicJSON))
+	test2KeyPublic.UnmarshalJSON([]byte(test2KeyPublicJSON))
+
+	if core.KeyDigestEquals(jwk, test1KeyPublic) {
+		return core.Registration{ID: 1, Key: jwk, Agreement: agreementURL}, nil
+	}
+
+	if core.KeyDigestEquals(jwk, test2KeyPublic) {
+		// No key found
+		return core.Registration{ID: 2}, sql.ErrNoRows
+	}
+
+	// Return a fake registration. Make sure to fill the key field to avoid marshaling errors.
+	return core.Registration{ID: 1, Key: test1KeyPublic, Agreement: agreementURL}, nil
+}
+
+// GetAuthorization is a mock
+func (sa *MockSA) GetAuthorization(id string) (core.Authorization, error) {
+	if id == "valid" {
+		exp := time.Now().AddDate(100, 0, 0)
+		return core.Authorization{
+			ID:             "valid",
+			Status:         core.StatusValid,
+			RegistrationID: 1,
+			Expires:        &exp,
+			Identifier:     core.AcmeIdentifier{Type: "dns", Value: "not-an-example.com"},
+			Challenges: []core.Challenge{
+				core.Challenge{
+					ID:   23,
+					Type: "dns",
+					URI:  "http://localhost:4300/acme/challenge/valid/23",
+				},
+			},
+		}, nil
+	}
+	return core.Authorization{}, nil
+}
+
+// GetCertificate is a mock
+func (sa *MockSA) GetCertificate(serial string) (core.Certificate, error) {
+	// Serial ee == 238.crt
+	if serial == "000000000000000000000000000000ee" {
+		certPemBytes, _ := ioutil.ReadFile("test/238.crt")
+		certBlock, _ := pem.Decode(certPemBytes)
+		return core.Certificate{
+			RegistrationID: 1,
+			DER:            certBlock.Bytes,
+		}, nil
+	} else if serial == "000000000000000000000000000000b2" {
+		certPemBytes, _ := ioutil.ReadFile("test/178.crt")
+		certBlock, _ := pem.Decode(certPemBytes)
+		return core.Certificate{
+			RegistrationID: 1,
+			DER:            certBlock.Bytes,
+		}, nil
+	} else {
+		return core.Certificate{}, errors.New("No cert")
+	}
+}
+
+// GetCertificateByShortSerial is a mock
+func (sa *MockSA) GetCertificateByShortSerial(serial string) (core.Certificate, error) {
+	return sa.GetCertificate("0000000000000000" + serial)
+}
+
+// GetCertificateStatus is a mock
+func (sa *MockSA) GetCertificateStatus(serial string) (core.CertificateStatus, error) {
+	// Serial ee == 238.crt
+	if serial == "000000000000000000000000000000ee" {
+		return core.CertificateStatus{
+			Status: core.OCSPStatusGood,
+		}, nil
+	} else if serial == "000000000000000000000000000000b2" {
+		return core.CertificateStatus{
+			Status: core.OCSPStatusRevoked,
+		}, nil
+	} else {
+		return core.CertificateStatus{}, errors.New("No cert status")
+	}
+}
+
+// AlreadyDeniedCSR is a mock
+func (sa *MockSA) AlreadyDeniedCSR([]string) (bool, error) {
+	return false, nil
+}
+
+// AddCertificate is a mock
+func (sa *MockSA) AddCertificate(certDER []byte, regID int64) (digest string, err error) {
+	return
+}
+
+// FinalizeAuthorization is a mock
+func (sa *MockSA) FinalizeAuthorization(authz core.Authorization) (err error) {
+	return
+}
+
+// MarkCertificateRevoked is a mock
+func (sa *MockSA) MarkCertificateRevoked(serial string, ocspResponse []byte, reasonCode core.RevocationCode) (err error) {
+	return
+}
+
+// UpdateOCSP is a mock
+func (sa *MockSA) UpdateOCSP(serial string, ocspResponse []byte) (err error) {
+	return
+}
+
+// NewPendingAuthorization is a mock
+func (sa *MockSA) NewPendingAuthorization(authz core.Authorization) (output core.Authorization, err error) {
+	return
+}
+
+// NewRegistration is a mock
+func (sa *MockSA) NewRegistration(reg core.Registration) (regR core.Registration, err error) {
+	return
+}
+
+// UpdatePendingAuthorization is a mock
+func (sa *MockSA) UpdatePendingAuthorization(authz core.Authorization) (err error) {
+	return
+}
+
+// UpdateRegistration is a mock
+func (sa *MockSA) UpdateRegistration(reg core.Registration) (err error) {
+	return
+}
+
+// GetLatestValidAuthorization is a mock
+func (sa *MockSA) GetLatestValidAuthorization(registrationId int64, identifier core.AcmeIdentifier) (authz core.Authorization, err error) {
+	if registrationId == 1 && identifier.Type == "dns" {
+		if sa.authorizedDomains[identifier.Value] || identifier.Value == "not-an-example.com" {
+			exp := time.Now().AddDate(100, 0, 0)
+			return core.Authorization{Status: core.StatusValid, RegistrationID: 1, Expires: &exp, Identifier: identifier}, nil
+		}
+	}
+	return core.Authorization{}, errors.New("no authz")
+}
--- a/wfe/web-front-end_test.go
+++ b/wfe/web-front-end_test.go
@ -9,10 +9,8 @@ import (
 	"bytes"
 	"crypto/rsa"
 	"crypto/x509"
-	"database/sql"
 	"encoding/json"
 	"encoding/pem"
-	"errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@ -29,8 +27,8 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"

 	jose "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
-	"github.com/letsencrypt/boulder/core"

+	"github.com/letsencrypt/boulder/core"
 	"github.com/letsencrypt/boulder/mocks"
 	"github.com/letsencrypt/boulder/ra"
 	"github.com/letsencrypt/boulder/test"
@ -113,155 +111,6 @@ wk6Oiadty3eQqSBJv0HnpmiEdQVffIK5Pg4M8Dd+aOBnEkbopAJOuA==
 `
 )

-type MockSA struct {
-	authorizedDomains map[string]bool
-}
-
-func (sa *MockSA) GetRegistration(id int64) (core.Registration, error) {
-	if id == 100 {
-		// Tag meaning "Missing"
-		return core.Registration{}, errors.New("missing")
-	}
-	if id == 101 {
-		// Tag meaning "Malformed"
-		return core.Registration{}, nil
-	}
-
-	keyJSON := []byte(test1KeyPublicJSON)
-	var parsedKey jose.JsonWebKey
-	parsedKey.UnmarshalJSON(keyJSON)
-
-	return core.Registration{ID: id, Key: parsedKey, Agreement: agreementURL}, nil
-}
-
-func (sa *MockSA) GetRegistrationByKey(jwk jose.JsonWebKey) (core.Registration, error) {
-	var test1KeyPublic jose.JsonWebKey
-	var test2KeyPublic jose.JsonWebKey
-	test1KeyPublic.UnmarshalJSON([]byte(test1KeyPublicJSON))
-	test2KeyPublic.UnmarshalJSON([]byte(test2KeyPublicJSON))
-
-	if core.KeyDigestEquals(jwk, test1KeyPublic) {
-		return core.Registration{ID: 1, Key: jwk, Agreement: agreementURL}, nil
-	}
-
-	if core.KeyDigestEquals(jwk, test2KeyPublic) {
-		// No key found
-		return core.Registration{ID: 2}, sql.ErrNoRows
-	}
-
-	// Return a fake registration. Make sure to fill the key field to avoid marshaling errors.
-	return core.Registration{ID: 1, Key: test1KeyPublic, Agreement: agreementURL}, nil
-}
-
-func (sa *MockSA) GetAuthorization(id string) (core.Authorization, error) {
-	if id == "valid" {
-		exp := time.Now().AddDate(100, 0, 0)
-		return core.Authorization{
-			ID:             "valid",
-			Status:         core.StatusValid,
-			RegistrationID: 1,
-			Expires:        &exp,
-			Identifier:     core.AcmeIdentifier{Type: "dns", Value: "not-an-example.com"},
-			Challenges: []core.Challenge{
-				core.Challenge{
-					ID:   23,
-					Type: "dns",
-					URI:  "http://localhost:4300/acme/challenge/valid/23",
-				},
-			},
-		}, nil
-	}
-	return core.Authorization{}, nil
-}
-
-func (sa *MockSA) GetLatestValidAuthorization(registrationId int64, identifier core.AcmeIdentifier) (authz core.Authorization, err error) {
-	if registrationId == 1 && identifier.Type == "dns" {
-		if sa.authorizedDomains[identifier.Value] || identifier.Value == "not-an-example.com" {
-			exp := time.Now().AddDate(100, 0, 0)
-			return core.Authorization{Status: core.StatusValid, RegistrationID: 1, Expires: &exp, Identifier: identifier}, nil
-		}
-	}
-	return core.Authorization{}, errors.New("no authz")
-}
-
-func (sa *MockSA) GetCertificate(serial string) (core.Certificate, error) {
-	// Serial ee == 238.crt
-	if serial == "000000000000000000000000000000ee" {
-		certPemBytes, _ := ioutil.ReadFile("test/238.crt")
-		certBlock, _ := pem.Decode(certPemBytes)
-		return core.Certificate{
-			RegistrationID: 1,
-			DER:            certBlock.Bytes,
-		}, nil
-	} else if serial == "000000000000000000000000000000b2" {
-		certPemBytes, _ := ioutil.ReadFile("test/178.crt")
-		certBlock, _ := pem.Decode(certPemBytes)
-		return core.Certificate{
-			RegistrationID: 1,
-			DER:            certBlock.Bytes,
-		}, nil
-	}
-	return core.Certificate{}, errors.New("No cert")
-}
-
-func (sa *MockSA) GetCertificateByShortSerial(serial string) (core.Certificate, error) {
-	return sa.GetCertificate("0000000000000000" + serial)
-}
-
-func (sa *MockSA) GetCertificateStatus(serial string) (core.CertificateStatus, error) {
-	// Serial ee == 238.crt
-	if serial == "000000000000000000000000000000ee" {
-		return core.CertificateStatus{
-			Status: core.OCSPStatusGood,
-		}, nil
-	} else if serial == "000000000000000000000000000000b2" {
-		return core.CertificateStatus{
-			Status: core.OCSPStatusRevoked,
-		}, nil
-	} else {
-		return core.CertificateStatus{}, errors.New("No cert status")
-	}
-}
-
-func (sa *MockSA) AlreadyDeniedCSR([]string) (bool, error) {
-	return false, nil
-}
-
-func (sa *MockSA) AddCertificate(certDER []byte, regID int64) (digest string, err error) {
-	return
-}
-
-func (sa *MockSA) FinalizeAuthorization(authz core.Authorization) (err error) {
-	if authz.Status == core.StatusValid && authz.Identifier.Type == core.IdentifierDNS {
-		sa.authorizedDomains[authz.Identifier.Value] = true
-	}
-	return
-}
-
-func (sa *MockSA) MarkCertificateRevoked(serial string, ocspResponse []byte, reasonCode core.RevocationCode) (err error) {
-	return
-}
-
-func (sa *MockSA) UpdateOCSP(serial string, ocspResponse []byte) (err error) {
-	return
-}
-
-func (sa *MockSA) NewPendingAuthorization(authz core.Authorization) (output core.Authorization, err error) {
-	return
-}
-
-func (sa *MockSA) NewRegistration(reg core.Registration) (regR core.Registration, err error) {
-	return
-}
-
-func (sa *MockSA) UpdatePendingAuthorization(authz core.Authorization) (err error) {
-	return
-}
-
-func (sa *MockSA) UpdateRegistration(reg core.Registration) (err error) {
-	return
-}
-
 type MockRegistrationAuthority struct{}

 func (ra *MockRegistrationAuthority) NewRegistration(reg core.Registration) (core.Registration, error) {
@ -363,7 +212,7 @@ func setupWFE(t *testing.T) WebFrontEndImpl {
 	wfe.log.SyslogWriter = mocks.NewSyslogWriter()

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	wfe.SubscriberAgreementURL = agreementURL

@ -586,10 +435,10 @@ func TestIssueCertificate(t *testing.T) {
 	// TODO: Use a mock RA so we can test various conditions of authorized, not
 	// authorized, etc.
 	ra := ra.NewRegistrationAuthorityImpl(fakeClock, wfe.log)
-	ra.SA = &MockSA{}
+	ra.SA = &mocks.MockSA{}
 	ra.CA = &MockCA{}
 	ra.PA = &MockPA{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.RA = &ra
 	wfe.Stats, _ = statsd.NewNoopClient()
 	responseWriter := httptest.NewRecorder()
@ -709,7 +558,7 @@ func TestChallenge(t *testing.T) {
 	wfe := setupWFE(t)

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	responseWriter := httptest.NewRecorder()

 	var key jose.JsonWebKey
@ -745,7 +594,7 @@ func TestNewRegistration(t *testing.T) {
 	test.AssertNotError(t, err, "Problem setting up HTTP handlers")

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	wfe.SubscriberAgreementURL = agreementURL

@ -1017,7 +866,7 @@ func TestRevokeCertificateAlreadyRevoked(t *testing.T) {
 	wfe := setupWFE(t)

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	wfe.SubscriberAgreementURL = agreementURL
 	responseWriter := httptest.NewRecorder()
@ -1038,7 +887,7 @@ func TestAuthorization(t *testing.T) {
 	test.AssertNotError(t, err, "Problem setting up HTTP handlers")

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	responseWriter := httptest.NewRecorder()

@ -1126,7 +975,7 @@ func TestRegistration(t *testing.T) {
 	test.AssertNotError(t, err, "Problem setting up HTTP handlers")

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	wfe.SubscriberAgreementURL = agreementURL
 	responseWriter := httptest.NewRecorder()
@ -1217,7 +1066,7 @@ func TestTermsRedirect(t *testing.T) {
 	wfe := setupWFE(t)

 	wfe.RA = &MockRegistrationAuthority{}
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}
 	wfe.Stats, _ = statsd.NewNoopClient()
 	wfe.SubscriberAgreementURL = agreementURL

@ -1253,7 +1102,7 @@ func TestGetCertificate(t *testing.T) {
 	wfe := setupWFE(t)
 	wfe.CertCacheDuration = time.Second * 10
 	wfe.CertNoCacheExpirationWindow = time.Hour * 24 * 7
-	wfe.SA = &MockSA{}
+	wfe.SA = &mocks.MockSA{}

 	certPemBytes, _ := ioutil.ReadFile("test/178.crt")
 	certBlock, _ := pem.Decode(certPemBytes)
@ -1322,7 +1171,7 @@ func TestLogCsrPem(t *testing.T) {
 	err := json.Unmarshal([]byte(certificateRequestJson), &certificateRequest)
 	test.AssertNotError(t, err, "Unable to parse certificateRequest")

-	mockSA := MockSA{}
+	mockSA := mocks.MockSA{}
 	reg, err := mockSA.GetRegistration(789)
 	test.AssertNotError(t, err, "Unable to get registration")