diff --git a/bin/psigner b/bin/psigner index 9163005..7b4f5ff 100755 --- a/bin/psigner +++ b/bin/psigner @@ -12,13 +12,13 @@ options = {} optparse = OptionParser.new do |opts| # Set a banner, displayed at the top # of the help screen. - opts.banner = "Usage: Psigner [options] ..." + opts.banner = "Usage: PSigner [options] ..." opts.separator '' opts.separator "Configuration options:" opts.on_tail( "-v", "--version", "Show version") do - puts "Psigner version #{Psigner::VERSION}" + puts "PSigner version #{PSigner::VERSION}" exit end @@ -33,7 +33,7 @@ end begin optparse.parse! - Psigner::Application.run! + PSigner::Application.run! rescue OptionParser::InvalidArgument, OptionParser::InvalidOption, OptionParser::MissingArgument puts $!.to_s puts optparse diff --git a/config.ru b/config.ru index da6dae1..a3ac027 100644 --- a/config.ru +++ b/config.ru @@ -1,3 +1,3 @@ require './lib/psigner/app.rb' -run Psigner::Application \ No newline at end of file +run PSigner::Application diff --git a/lib/psigner/app.rb b/lib/psigner/app.rb index f5b23aa..969262c 100644 --- a/lib/psigner/app.rb +++ b/lib/psigner/app.rb @@ -6,29 +6,29 @@ def load_configuration(file, name) puts "There's no configuration file at #{file}!" exit! end - Psigner.const_set(name, YAML.load_file(file)) + PSigner.const_set(name, YAML.load_file(file)) end -module Psigner +module PSigner class Application < Sinatra::Base configure do load_configuration("config/config.yml", "APP_CONFIG") end - set :public_folder, File.join(File.dirname(__FILE__), 'public') - set :views, File.join(File.dirname(__FILE__), 'views') - # Sign certificates /api/sign?host=hostname.to.be.signed?secret=sharedsecret - post '/api/sign' do + post '/api/cert' do authenticated_only! - requires_param :certname - sign_cert(params[:certname]) + success, output = sign_cert(params[:certname]) + unless success + halt 500, {'Content-Type' => 'text/plain'}, output + end + "OK" end - get '/api/sign' do + get '/api/cert' do 'You need to POST API signing requests' end @@ -62,12 +62,8 @@ def requires_params(*needed) alias :requires_param :requires_params def sign_cert(certname) - begin - signed = `puppet certificate --ca-location local --mode master sign #{certname}` - rescue => e - return "Signing failed because: #{e}" - end - signed + stdout = `puppet cert sign #{certname}` + [$?.exitstatus == 0, stdout] end def clean_cert(certname) diff --git a/lib/version.rb b/lib/version.rb index 4bc77ef..b5d160a 100644 --- a/lib/version.rb +++ b/lib/version.rb @@ -1,3 +1,3 @@ -module Psigner +module PSigner VERSION = "0.0.1" end diff --git a/psigner.gemspec b/psigner.gemspec index cdc0fd0..d5f9300 100644 --- a/psigner.gemspec +++ b/psigner.gemspec @@ -4,7 +4,7 @@ require "version" Gem::Specification.new do |s| s.name = "psigner" - s.version = Psigner::VERSION + s.version = PSigner::VERSION s.authors = ["James Turnbull"] s.email = ["james@lovedthanlost.net"] s.homepage = "" diff --git a/spec/psigner_spec.rb b/spec/psigner_spec.rb index d6b7aba..85b7940 100644 --- a/spec/psigner_spec.rb +++ b/spec/psigner_spec.rb @@ -1,33 +1,58 @@ require 'spec_helper' -describe Psigner::Application do +describe PSigner::Application do - describe "GET '/api/sign'" do + describe "GET '/api/cert'" do it "should fail" do get '/' last_response.should_not be_ok end end - describe "POST '/api/sign'" do - it "should fail to get the API signing page without parameters" do - post '/api/sign' - last_response.status.should == 400 + describe "POST '/api/cert'" do + it "should fail to sign the cert without parameters" do + post '/api/cert' + last_response.status.should == 401 end - it "should fail to get the API signing page with only one parameter" do - post '/api/sign', params = { "secret" => "SHAREDSECRET" } + it "should fail to sign via the API with only one parameter" do + post '/api/cert', params = { "secret" => "SHAREDSECRET" } last_response.status.should == 400 end - it "should get the API signing page" do - post '/api/sign', params = { "secret" => "SHAREDSECRET", "certname" => "bob" } + it "should fail with incorrect shared secret" do + post '/api/cert', params = { "secret" => "NOSHAREDSECRET", "certname" => "bob" } + last_response.status.should == 401 + end + + it "should sign via the API with correct parameters" do + post '/api/cert', params = { "secret" => "SHAREDSECRET", "certname" => "bob" } last_response.status.should == 200 end + end + + describe "DELETE '/api/cert'" do + it "should fail to delete the cert without parameters" do + delete '/api/cert' + last_response.status.should == 401 + end + + it "should fail to delete the cert with only one parameter" do + delete '/api/cert', params = { "secret" => "SHAREDSECRET" } + last_response.status.should == 400 + end + it "should fail with incorrect shared secret" do - post '/api/sign', params = { "secret" => "NOSHAREDSECRET", "certname" => "bob" } + delete '/api/cert', params = { "secret" => "NOSHAREDSECRET", "certname" => "bob" } last_response.status.should == 401 end + + it "should delete via the API with correct parameters" do + delete '/api/cert', params = { "secret" => "SHAREDSECRET", "certname" => "bob" } + last_response.status.should == 200 + end + + end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 6dc4eba..6e24a5b 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -18,7 +18,7 @@ ENV['RACK_ENV'] = "test" def app - @app ||= Psigner::Application + @app ||= PSigner::Application end # quick convenience methods..