summaryrefslogtreecommitdiffstats
path: root/test/modules/md/test_202_acmev2_regs.py
diff options
context:
space:
mode:
Diffstat (limited to 'test/modules/md/test_202_acmev2_regs.py')
-rw-r--r--test/modules/md/test_202_acmev2_regs.py132
1 files changed, 132 insertions, 0 deletions
diff --git a/test/modules/md/test_202_acmev2_regs.py b/test/modules/md/test_202_acmev2_regs.py
new file mode 100644
index 0000000..97f093e
--- /dev/null
+++ b/test/modules/md/test_202_acmev2_regs.py
@@ -0,0 +1,132 @@
+# test mod_md ACMEv2 registrations
+
+import re
+import json
+import pytest
+
+from .md_conf import MDConf
+from .md_env import MDTestEnv
+
+
+@pytest.mark.skipif(condition=not MDTestEnv.has_a2md(), reason="no a2md available")
+@pytest.mark.skipif(condition=not MDTestEnv.has_acme_server(),
+ reason="no ACME test server configured")
+class TestAcmeAcc:
+
+ @pytest.fixture(autouse=True, scope='class')
+ def _class_scope(self, env, acme):
+ acme.start(config='default')
+ env.check_acme()
+ env.APACHE_CONF_SRC = "data/test_drive"
+ MDConf(env).install()
+ assert env.apache_restart() == 0
+
+ @pytest.fixture(autouse=True, scope='function')
+ def _method_scope(self, env):
+ env.check_acme()
+ env.clear_store()
+
+ # test case: register a new account, vary length to check base64 encoding
+ @pytest.mark.parametrize("contact", [
+ "x@not-forbidden.org", "xx@not-forbidden.org", "xxx@not-forbidden.org"
+ ])
+ def test_md_202_000(self, env, contact):
+ r = env.a2md(["-t", "accepted", "acme", "newreg", contact], raw=True)
+ assert r.exit_code == 0, r
+ m = re.match("registered: (.*)$", r.stdout)
+ assert m, "did not match: {0}".format(r.stdout)
+ acct = m.group(1)
+ print("newreg: %s" % m.group(1))
+ self._check_account(env, acct, ["mailto:" + contact])
+
+ # test case: register a new account without accepting ToS, must fail
+ def test_md_202_000b(self, env):
+ r = env.a2md(["acme", "newreg", "x@not-forbidden.org"], raw=True)
+ assert r.exit_code == 1
+ m = re.match(".*must agree to terms of service.*", r.stderr)
+ if m is None:
+ # the pebble variant
+ m = re.match(".*account did not agree to the terms of service.*", r.stderr)
+ assert m, "did not match: {0}".format(r.stderr)
+
+ # test case: respect 'mailto:' prefix in contact url
+ def test_md_202_001(self, env):
+ contact = "mailto:xx@not-forbidden.org"
+ r = env.a2md(["-t", "accepted", "acme", "newreg", contact], raw=True)
+ assert r.exit_code == 0
+ m = re.match("registered: (.*)$", r.stdout)
+ assert m
+ acct = m.group(1)
+ self._check_account(env, acct, [contact])
+
+ # test case: fail on invalid contact url
+ @pytest.mark.parametrize("invalid_contact", [
+ "mehlto:xxx@not-forbidden.org", "no.at.char", "with blank@test.com",
+ "missing.host@", "@missing.localpart.de",
+ "double..dot@test.com", "double@at@test.com"
+ ])
+ def test_md_202_002(self, env, invalid_contact):
+ assert env.a2md(["acme", "newreg", invalid_contact]).exit_code == 1
+
+ # test case: use contact list
+ def test_md_202_003(self, env):
+ contact = ["xx@not-forbidden.org", "aa@not-forbidden.org"]
+ r = env.a2md(["-t", "accepted", "acme", "newreg"] + contact, raw=True)
+ assert r.exit_code == 0
+ m = re.match("registered: (.*)$", r.stdout)
+ assert m
+ acct = m.group(1)
+ self._check_account(env, acct, ["mailto:" + contact[0], "mailto:" + contact[1]])
+
+ # test case: validate new account
+ def test_md_202_100(self, env):
+ acct = self._prepare_account(env, ["tmp@not-forbidden.org"])
+ assert env.a2md(["acme", "validate", acct]).exit_code == 0
+
+ # test case: fail on non-existing account
+ def test_md_202_101(self, env):
+ assert env.a2md(["acme", "validate", "ACME-localhost-1000"]).exit_code == 1
+
+ # test case: report fail on request signing problem
+ def test_md_202_102(self, env):
+ acct = self._prepare_account(env, ["tmp@not-forbidden.org"])
+ with open(env.path_account(acct)) as f:
+ acctj = json.load(f)
+ acctj['url'] = acctj['url'] + "0"
+ open(env.path_account(acct), "w").write(json.dumps(acctj))
+ assert env.a2md(["acme", "validate", acct]).exit_code == 1
+
+ # test case: register and try delete an account, will fail without persistence
+ def test_md_202_200(self, env):
+ acct = self._prepare_account(env, ["tmp@not-forbidden.org"])
+ assert env.a2md(["delreg", acct]).exit_code == 1
+
+ # test case: register and try delete an account with persistence
+ def test_md_202_201(self, env):
+ acct = self._prepare_account(env, ["tmp@not-forbidden.org"])
+ assert env.a2md(["acme", "delreg", acct]).exit_code == 0
+ # check that store is clean
+ r = env.run(["find", env.store_dir])
+ assert re.match(env.store_dir, r.stdout)
+
+ # test case: delete a persisted account without specifying url
+ def test_md_202_202(self, env):
+ acct = self._prepare_account(env, ["tmp@not-forbidden.org"])
+ assert env.run([env.a2md_bin, "-d", env.store_dir, "acme", "delreg", acct]).exit_code == 0
+
+ # test case: delete, then validate an account
+ def test_md_202_203(self, env):
+ acct = self._prepare_account(env, ["test014@not-forbidden.org"])
+ assert env.a2md(["acme", "delreg", acct]).exit_code == 0
+ # validate on deleted account fails
+ assert env.a2md(["acme", "validate", acct]).exit_code == 1
+
+ def _check_account(self, env, acct, contact):
+ with open(env.path_account(acct)) as f:
+ acctj = json.load(f)
+ assert acctj['registration']['contact'] == contact
+
+ def _prepare_account(self, env, contact):
+ r = env.a2md(["-t", "accepted", "acme", "newreg"] + contact, raw=True)
+ assert r.exit_code == 0
+ return re.match("registered: (.*)$", r.stdout).group(1)