From e7532e90c74f2fd2559c6afead1748b2f29edf8e Mon Sep 17 00:00:00 2001 From: INOPIAE Date: Wed, 30 Aug 2017 07:15:27 +0200 Subject: [PATCH 1/1] add: revocation state in the result list of support cert search Change-Id: I1b18cfdd2fc4dfb88cb33d0ff468f848f69fa4fd --- .../wpia/gigi/output/template/Template.java | 4 ++- .../pages/admin/support/FindCertPage.java | 7 ++++ .../pages/admin/support/FindCertPage.templ | 3 +- .../admin/TestSEAdminPageCertSearch.java | 36 +++++++++++++++---- 4 files changed, 41 insertions(+), 9 deletions(-) diff --git a/src/club/wpia/gigi/output/template/Template.java b/src/club/wpia/gigi/output/template/Template.java index 65db37fe..cb0bed02 100644 --- a/src/club/wpia/gigi/output/template/Template.java +++ b/src/club/wpia/gigi/output/template/Template.java @@ -73,6 +73,8 @@ public class Template implements Outputable { private static final String UNKOWN_CONTROL_STRUCTURE_MSG = "Unknown control structure \"%s\", did you mean \"%s\"?"; + public static final String UTC_TIMESTAMP_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'"; + /** * Creates a new template by parsing the contents from the given URL. This * constructor will fail on syntax error. When the URL points to a file, @@ -267,7 +269,7 @@ public class Template implements Outputable { if (vars.containsKey(Outputable.OUT_KEY_PLAIN)) { out.print(sdfUI.format(s)); } else { - SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); + SimpleDateFormat sdf = new SimpleDateFormat(UTC_TIMESTAMP_FORMAT); out.print(""); diff --git a/src/club/wpia/gigi/pages/admin/support/FindCertPage.java b/src/club/wpia/gigi/pages/admin/support/FindCertPage.java index 0d2edbc9..ea5ac1e9 100644 --- a/src/club/wpia/gigi/pages/admin/support/FindCertPage.java +++ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.java @@ -9,6 +9,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import club.wpia.gigi.dbObjects.Certificate; +import club.wpia.gigi.dbObjects.Certificate.CertificateStatus; import club.wpia.gigi.dbObjects.Certificate.SubjectAlternateName; import club.wpia.gigi.localisation.Language; import club.wpia.gigi.output.ArrayIterable; @@ -59,6 +60,12 @@ public class FindCertPage extends Page { vars.put("id", t.getId()); vars.put("serial", t.getSerial()); + if (t.getStatus() == CertificateStatus.REVOKED) { + vars.put("revoked", t.getRevocationDate()); + } else { + vars.put("revoked", l.getTranslation("N/A")); + } + final List san = t.getSANs(); vars.put("san", new IterableDataset() { diff --git a/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ index d8f61c11..0e0fa25b 100644 --- a/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ +++ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ @@ -1,7 +1,7 @@

:

- + @@ -11,6 +11,7 @@ +
Id
Id
diff --git a/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java b/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java index e61f559e..6feaafcf 100644 --- a/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java +++ b/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java @@ -7,6 +7,7 @@ import java.net.URLConnection; import java.net.URLEncoder; import java.security.GeneralSecurityException; import java.security.KeyPair; +import java.text.SimpleDateFormat; import org.hamcrest.CoreMatchers; import org.junit.Test; @@ -15,10 +16,12 @@ import club.wpia.gigi.GigiApiException; import club.wpia.gigi.dbObjects.Certificate; import club.wpia.gigi.dbObjects.Certificate.CSRType; import club.wpia.gigi.dbObjects.Certificate.CertificateStatus; +import club.wpia.gigi.dbObjects.Certificate.RevocationType; import club.wpia.gigi.dbObjects.Certificate.SANType; import club.wpia.gigi.dbObjects.Digest; import club.wpia.gigi.dbObjects.Group; import club.wpia.gigi.dbObjects.User; +import club.wpia.gigi.output.template.Template; import club.wpia.gigi.pages.account.certs.Certificates; import club.wpia.gigi.pages.admin.support.FindCertPage; import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage; @@ -34,18 +37,16 @@ public class TestSEAdminPageCertSearch extends ClientTest { private String certMail; + private int id; + public TestSEAdminPageCertSearch() throws IOException, GigiApiException, GeneralSecurityException, InterruptedException { grant(u, Group.SUPPORTER); cookie = login(email, TEST_PASSWORD); assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode()); certMail = uniq + "_certowner@example.com"; - int id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD); - User u1 = User.getById(id); - KeyPair kp = generateKeypair(); - String key = generatePEMCSR(kp, "CN=" + certMail); - c = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail)); - await(c.issue(null, "2y", u)); + id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD); + c = createCertificate(); } @Test @@ -70,7 +71,7 @@ public class TestSEAdminPageCertSearch extends ClientTest { } @Test - public void testRevoke() throws IOException { + public void testRevoke() throws IOException, GeneralSecurityException, GigiApiException, InterruptedException { URLConnection conn = post(Certificates.SUPPORT_PATH + "/" + c.getSerial(), "action=revoke"); assertEquals("https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + Certificates.SUPPORT_PATH + "/" + c.getSerial(), conn.getHeaderField("Location")); for (int i = 0; i < 2; i++) { @@ -79,6 +80,27 @@ public class TestSEAdminPageCertSearch extends ClientTest { assertThat(tm.getMessage(), CoreMatchers.containsString(c.getSerial())); } assertEquals(CertificateStatus.REVOKED, c.getStatus()); + } + @Test + public void testShowRevocation() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException { + Certificate c1 = createCertificate(); + await(c1.revoke(RevocationType.SUPPORT)); + URLConnection uc = post(cookie, FindCertPage.PATH, "certType=email&process=Next&cert=" + URLEncoder.encode(certMail, "UTF-8"), 0); + SimpleDateFormat sdf = new SimpleDateFormat(Template.UTC_TIMESTAMP_FORMAT); + String revokeDate = sdf.format(c1.getRevocationDate()); + String result = IOUtils.readURL(uc); + assertThat(result, CoreMatchers.containsString(revokeDate)); + assertThat(result, CoreMatchers.containsString("N/A")); + } + + private Certificate createCertificate() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException { + User u1 = User.getById(id); + KeyPair kp = generateKeypair(); + String key = generatePEMCSR(kp, "CN=" + certMail); + Certificate c1 = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail)); + await(c1.issue(null, "2y", u)); + return c1; + } } -- 2.39.2