Add pages domains acme orders

Extract acme double to helper Create ACME challanges for pages domains * Create order & challange through API * save them to database * request challenge validation We're saving order and challenge as one entity, that wouldn't be correct if we would order certificates for several domains simultaneously, but we always order certificate per domain Add controller for processing acme challenges redirected from pages Don't save acme challenge url - we don't use it Validate acme challenge attributes Encrypt private_key in acme orders
author: Vladimir Shushlin <vshushlin@gitlab.com> 2019-06-06 18:55:31 +0000
committer: Nick Thomas <nick@gitlab.com> 2019-06-06 18:55:31 +0000
commit: c3338c920d6123174000ea11243cb7dc285cee03 (patch)
tree: 018ca45fb1ce2b02f9a513321c05fc7a4440abce /spec/lib/gitlab/lets_encrypt/order_spec.rb
parent: 68a1ba6a296f340fcddf58e5fbd26d51d66bd90b (diff)
download: gitlab-ce-c3338c920d6123174000ea11243cb7dc285cee03.tar.gz
1 files changed, 20 insertions, 18 deletions
diff --git a/spec/lib/gitlab/lets_encrypt/order_spec.rb b/spec/lib/gitlab/lets_encrypt/order_spec.rb
index ee7058baf8d..1a759103c44 100644
--- a/spec/lib/gitlab/lets_encrypt/order_spec.rb
+++ b/spec/lib/gitlab/lets_encrypt/order_spec.rb
@@ -3,20 +3,13 @@
 require 'spec_helper'
 
 describe ::Gitlab::LetsEncrypt::Order do
-  delegated_methods = {
-    url: 'https://example.com/',
-    status: 'valid'
-  }
-
-  let(:acme_order) do
-    acme_order = instance_double('Acme::Client::Resources::Order')
-    allow(acme_order).to receive_messages(delegated_methods)
-    acme_order
-  end
+  include LetsEncryptHelpers
+
+  let(:acme_order) { acme_order_double }
 
   let(:order) { described_class.new(acme_order) }
 
-  delegated_methods.each do |method, value|
+  LetsEncryptHelpers::ACME_ORDER_METHODS.each do |method, value|
     describe "##{method}" do
       it 'delegates to Acme::Client::Resources::Order' do
         expect(order.public_send(method)).to eq(value)
@@ -25,15 +18,24 @@ describe ::Gitlab::LetsEncrypt::Order do
   end
 
   describe '#new_challenge' do
-    before do
-      challenge = instance_double('Acme::Client::Resources::Challenges::HTTP01')
-      authorization = instance_double('Acme::Client::Resources::Authorization')
-      allow(authorization).to receive(:http).and_return(challenge)
-      allow(acme_order).to receive(:authorizations).and_return([authorization])
-    end
-
     it 'returns challenge' do
       expect(order.new_challenge).to be_a(::Gitlab::LetsEncrypt::Challenge)
     end
   end
+
+  describe '#request_certificate' do
+    let(:private_key) do
+      OpenSSL::PKey::RSA.new(4096).to_pem
+    end
+
+    it 'generates csr and finalizes order' do
+      expect(acme_order).to receive(:finalize) do |csr:|
+        expect do
+          csr.csr # it's being evaluated lazily
+        end.not_to raise_error
+      end
+
+      order.request_certificate(domain: 'example.com', private_key: private_key)
+    end
+  end
 end
author	Vladimir Shushlin <vshushlin@gitlab.com>	2019-06-06 18:55:31 +0000
committer	Nick Thomas <nick@gitlab.com>	2019-06-06 18:55:31 +0000
commit	c3338c920d6123174000ea11243cb7dc285cee03 (patch)
tree	018ca45fb1ce2b02f9a513321c05fc7a4440abce /spec/lib/gitlab/lets_encrypt/order_spec.rb
parent	68a1ba6a296f340fcddf58e5fbd26d51d66bd90b (diff)
download	gitlab-ce-c3338c920d6123174000ea11243cb7dc285cee03.tar.gz