Merge pull request #63 from Venafi/add-uri-support

Add uri support
Venafi · Jan 10, 2020 · 0581a4b · 0581a4b
2 parents 7f93760 + e94b110
commit 0581a4b
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 3 deletions.
diff --git a/examples/simple-cli/main.go b/examples/simple-cli/main.go
@@ -68,7 +68,8 @@ func main() {
 				Province:           []string{"Salt Lake"},
 				Country:            []string{"US"},
 			},
-			DNSNames:       []string{"www.client.venafi.example.com", "ww1.client.venafi.example.com"},
+			DNSNames: []string{"www.client.venafi.example.com", "ww1.client.venafi.example.com"},
+
 			EmailAddresses: []string{"e1@venafi.example.com", "e2@venafi.example.com"},
 			IPAddresses:    []net.IP{net.IPv4(127, 0, 0, 1), net.IPv4(127, 0, 0, 2)},
 			CsrOrigin:      certificate.LocalGeneratedCSR,

diff --git a/pkg/certificate/certificate.go b/pkg/certificate/certificate.go
@@ -27,6 +27,7 @@ import (
 	"encoding/pem"
 	"fmt"
 	"net"
+	"net/url"
 	"strings"
 	"time"
 )
@@ -145,6 +146,7 @@ type Request struct {
 	DNSNames           []string
 	EmailAddresses     []string
 	IPAddresses        []net.IP
+	URIs               []*url.URL
 	Attributes         []pkix.AttributeTypeAndValueSET
 	SignatureAlgorithm x509.SignatureAlgorithm
 	FriendlyName       string
@@ -256,6 +258,7 @@ func (request *Request) GenerateCSR() error {
 	certificateRequest.DNSNames = request.DNSNames
 	certificateRequest.EmailAddresses = request.EmailAddresses
 	certificateRequest.IPAddresses = request.IPAddresses
+	certificateRequest.URIs = request.URIs
 	certificateRequest.Attributes = request.Attributes
 
 	csr, err := x509.CreateCertificateRequest(rand.Reader, &certificateRequest, request.PrivateKey)

diff --git a/pkg/venafi/tpp/connector_test.go b/pkg/venafi/tpp/connector_test.go
@@ -28,6 +28,7 @@ import (
 	"github.com/Venafi/vcert/pkg/endpoint"
 	"github.com/Venafi/vcert/test"
 	"net/http"
+	"net/url"
 	"os"
 	"reflect"
 	"strings"
@@ -348,24 +349,41 @@ func TestRequestCertificate(t *testing.T) {
 	}
 
 	cn := test.RandCN()
-	req := &certificate.Request{}
+	req := &certificate.Request{Timeout: time.Second * 30}
 	req.Subject.CommonName = cn
 	req.Subject.Organization = []string{"Venafi, Inc."}
 	req.Subject.OrganizationalUnit = []string{"Automated Tests"}
 	req.Subject.Locality = []string{"Las Vegas"}
 	req.Subject.Province = []string{"Nevada"}
 	req.Subject.Country = []string{"US"}
+	u := url.URL{Scheme: "https", Host: "example.com", Path: "/test"}
+	req.URIs = []*url.URL{&u}
 	req.FriendlyName = cn
 	err = tpp.GenerateRequest(config, req)
 	if err != nil {
 		t.Fatalf("err is not nil, err: %s", err)
 	}
 
 	t.Logf("getPolicyDN(ctx.TPPZone) = %s", getPolicyDN(ctx.TPPZone))
-	_, err = tpp.RequestCertificate(req)
+	req.PickupID, err = tpp.RequestCertificate(req)
+	if err != nil {
+		t.Fatalf("err is not nil, err: %s", err)
+	}
+	certCollections, err := tpp.RetrieveCertificate(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+	p, _ := pem.Decode([]byte(certCollections.Certificate))
+	cert, err := x509.ParseCertificate(p.Bytes)
 	if err != nil {
 		t.Fatalf("err is not nil, err: %s", err)
 	}
+	if cert.Subject.CommonName != cn {
+		t.Fatalf("mismatched common names: %v and %v", cn, cert.Subject.CommonName)
+	}
+	if cert.URIs[0].String() != u.String() {
+		t.Fatalf("mismatched URIs: %v and %v", u.String(), cert.URIs[0].String())
+	}
 }
 
 func TestRequestCertificateServiceGenerated(t *testing.T) {