rebase dogtag clean-up patch

checks/check-ra.py

@@ -14,87 +14,98 @@ server.  I don't exactly remember the steps, so ping him for help.
 from os import path
 import sys
 parent = path.dirname(path.dirname(path.abspath(__file__)))
-sys.path.append(parent)
+sys.path.insert(0, parent)
+verbose = True
 
 from base64 import b64encode, b64decode
 from ipalib import api
 
-# certificate with serial number 17
-cert = b64decode("""
-MIIC3zCCAcegAwIBAgIBETANBgkqhkiG9w0BAQUFADA7MRkwFwYDVQQKExBTamNSZWRoYXQgRG9tYW
-luMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwMTIyMjMzODA2WhcNMDkwNzIx
-MjMzODA2WjAUMRIwEAYKCZImiZPyLGQBARMCbGwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM
-id6i9ri9ldyAXaH4MJSPdUDjdc9+E10hwxw7crFE1K0uvr8YT2e1YotNqv7Q+Bk7KVRrLH6Y5UPlWY
-uSAP8G9t8yjn5Uo3iXU5AqsrRek+pxerD/WocwedF6yjJ/zlQyYyg93h0njJr1lStyVLTyp+VVqtk3
-FSDIwLCWQHOTejAgMBAAGjgZgwgZUwHwYDVR0jBBgwFoAUlz9JZxqVabh4QQOEkxyWt80pIQkwQwYI
-KwYBBQUHAQEENzA1MDMGCCsGAQUFBzABhidodHRwOi8vYS1mOC5zamMucmVkaGF0LmNvbTo5MTgwL2
-NhL29jc3AwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkq
-hkiG9w0BAQUFAAOCAQEAhU+oqPh+rlYFPm0D8HAJ0RIWw9gkNctHUfVGi+NeYTaUAEGWUOpXjLSQgP
-gq1fNBHd+IRLhycwp4uUsFCPE1n3eStmn/D6o9u1eNnTFPj74MLZVQQTXPE8+LBYeHgTUwFuKp2WyW
-9J/BDZ3pDWKYWWMawhD7ext7UhZkpIJODFEaDxiXCfB8GsAEbmfoYFk21znuGQQu3Wu1s6licyunLh
-/W3sxCFGIT9DHxS0GZKimm7M02IPGxK/0TZr0kVcLQx6XGKqiK1464rvl4u60mQjwJwfhawshs84YT
-xFnXZKkvsT3GjfIe/k687TMG3paTFtKkis+u7z0v6355uJzLpQ==
-""")
+subject = u'CN=vm-070.idm.lab.bos.redhat.com'
+csr = '\
+MIIBZzCB0QIBADAoMSYwJAYDVQQDEx12bS0wNzAuaWRtLmxhYi5ib3MucmVkaGF0\n\
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAriTSlAG+/xkvtxliWMeO\n\
+Qu+vFQTz+/fgy7xWIg6WR2At6j/9eJ7LUYhqguqevOAQpuePxY4/FEfpmQ6PTgs/\n\
+LXKa0vhIkXzkmMjKynUIWHYeaZekcXxye1dV/PdNB6H801xs60YjbScOJj3Hexvm\n\
+hOKsdmwO1ukqTTEKDXrr3c8CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAG4pTLrE\n\
+cvrkQXVdMOjgAVJ6KZYl/caIOYhIlcJ3jhf95Bv/Zs3lpfHjXnM8jj4EWfyd0lZx\n\
+2EUytXXubKJUpjUCeBp4oaQ2Ahvdxo++oUcbXkKxtCOUB6Mw8XEIVYaldZlcHDHM\n\
+dysLdrZ3K9HOzoeSq2e0m+trQaWnBQG47O7F\n\
+'
 
-csr = 'MIIBlDCB/gIBADBVMR0wGwYDVQQKExRVc2Vyc3lzUmVkaGF0LURvbWFpbjEQMA4GA1UECxMHcGtpLWlwYTEiMCAGA1UEAxMZSVBBLVN1YnN5c3RlbS1DZXJ0aWZpY2F0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3Qmpr81WxbnISmyyhc2ShiPzUvWIrCg5FgJ1QrBl7CRe62Wl/YYiV/DbuMoex1ec7zKfgfSFVFU9/2iwj7Du0sZdXYJNQPdj9yLdPk2tyxdgJuHLdxI0SNgaEFyvmIMP/X9vQN9H5w0/PyrJQscOxc6tbTcYL0ZSSylLQ+diaQECAwEAA'
+reference_decode = {
+    'certificate' : b64decode
+}
+
+trial_decode = {
+    'certificate' : b64decode
+}
 
 api.bootstrap(
     in_server=True,
     enable_ra=True,
-    ca_host='a-f8.sjc.redhat.com',
+    ra_plugin='dogtag',
+    ca_host='vm-070.idm.lab.bos.redhat.com',
     debug=True,
     in_tree=True,
 )
 api.finalize()
 ra = api.Backend.ra
 
-def assert_equal(*vals):
-    val0 = vals[0]
-    for val in vals[1:]:
-        assert val == val0, '%r != %r' % (val, val0)
+def assert_equal(trial, reference):
+    keys = reference.keys()
+    keys.sort()
+    for key in keys:
+        reference_val = reference[key]
+        trial_val = trial[key]
 
+        if reference_decode.has_key(key):
+            reference_val = reference_decode[key](reference_val)
 
-api.log.info('******** Testing ra.check_request_status() ********')
-assert_equal(
-    ra.check_request_status('35'),
-    dict(
-        status='0',
-        serial_number='17',
-        request_status='complete',
-        request_id='35',
-    )
-)
+        if trial_decode.has_key(key):
+            trial_val = trial_decode[key](trial_val)
+
+        assert reference_val == trial_val, \
+            '%s: not equal\n\nreference_val:\n%r\ntrial_val:\n%r' % \
+            (key, reference[key], trial[key])
 
-api.log.info('******** Testing ra.get_certificate() ********')
-assert_equal(
-    ra.get_certificate('17'),
-    dict(
-        status='0',
-        certificate=b64encode(cert),
-    )
-)
 
 api.log.info('******** Testing ra.request_certificate() ********')
-assert_equal(
-    ra.request_certificate(csr),
-    dict(
-        status='1',
-    )
-)
+request_result = ra.request_certificate(csr)
+if verbose: print "request_result=\n%s" % request_result
+assert_equal(request_result,
+             {'subject' : subject,
+              })
+
+api.log.info('******** Testing ra.check_request_status() ********')
+status_result = ra.check_request_status(request_result['request_id'])
+if verbose: print "status_result=\n%s" % status_result
+assert_equal(status_result,
+             {'serial_number'       : request_result['serial_number'],
+              'request_id'          : request_result['request_id'],
+              'cert_request_status' : u'complete',
+              })
+
+api.log.info('******** Testing ra.get_certificate() ********')
+get_result = ra.get_certificate(request_result['serial_number'])
+if verbose: print "get_result=\n%s" % get_result
+assert_equal(get_result,
+             {'serial_number' : request_result['serial_number'],
+              'certificate'   : request_result['certificate'],
+              })
 
 api.log.info('******** Testing ra.revoke_certificate() ********')
-assert_equal(
-    ra.revoke_certificate('17', revocation_reason=6),  # Put on hold
-    dict(
-        status='0',
-        revoked=True,
-    )
-)
+revoke_result = ra.revoke_certificate(request_result['serial_number'],
+                                      revocation_reason=6)  # Put on hold
+if verbose: print "revoke_result=\n%s" % revoke_result
+assert_equal(revoke_result,
+             {'revoked' : True
+              })
+
 
 api.log.info('******** Testing ra.take_certificate_off_hold() ********')
-assert_equal(
-    ra.take_certificate_off_hold('17'),
-    dict(
-        taken_off_hold=True,
-    )
-)
+unrevoke_result = ra.take_certificate_off_hold(request_result['serial_number'])
+if verbose: print "unrevoke_result=\n%s" % unrevoke_result
+assert_equal(unrevoke_result,
+             {'unrevoked' : True
+              })
+