client: Name API after protocol documentation.

5ddb439a · Vincent Pelletier · 4ebf6259 · 5ddb439a · 5ddb439a · 5ddb439a
Commit 5ddb439a authored Oct 22, 2017 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 37 additions and 37 deletions

caucase/cli.py caucase/cli.py +18 -18

caucase/client.py caucase/client.py +18 -18

caucase/test.py caucase/test.py +1 -1

No files found.
--- a/caucase/cli.py
+++ b/caucase/cli.py
@@ -65,14 +65,14 @@ class CLICaucaseClient(object):
      csr_pem = utils.getCertRequest(csr_path)
      # Quick sanity check
      utils.load_certificate_request(csr_pem)
-      print self._client.putCSR(csr_pem), csr_path
+      print self._client.createCertificateSigningRequest(csr_pem), csr_path

  def getCSR(self, csr_id_path_list):
    """
    --get-csr
    """
    for csr_id, csr_path in csr_id_path_list:
-      csr_pem = self._client.getCSR(int(csr_id))
+      csr_pem = self._client.getCertificateSigningRequest(int(csr_id))
      with open(csr_path, 'a') as csr_file:
        csr_file.write(csr_pem)

@@ -83,12 +83,12 @@ class CLICaucaseClient(object):
    for crt_id, crt_path in crt_id_path_list:
      crt_id = int(crt_id)
      try:
-        crt_pem = self._client.getCRT(crt_id)
+        crt_pem = self._client.getCertificate(crt_id)
      except CaucaseError, e:
        if e.args[0] != httplib.NOT_FOUND:
          raise
        try:
-          self._client.getCSR(crt_id)
+          self._client.getCertificateSigningRequest(crt_id)
        except CaucaseError, e:
          if e.args[0] != httplib.NOT_FOUND:
            raise
@@ -145,7 +145,7 @@ class CLICaucaseClient(object):
        )
        error = True
        continue
-      self._client.revokeCRT(crt, key)
+      self._client.revokeCertificate(crt, key)
    return error

  def renewCRT(
@@ -184,7 +184,7 @@ class CLICaucaseClient(object):
      if renewal_deadline < old_crt.not_valid_after:
        print crt_path, 'did not reach renew threshold, not renewing'
        continue
-      new_key_pem, new_crt_pem = self._client.renewCRT(
+      new_key_pem, new_crt_pem = self._client.renewCertificate(
        old_crt=old_crt,
        old_key=utils.load_privatekey(old_key_pem),
        key_len=key_len,
@@ -209,7 +209,7 @@ class CLICaucaseClient(object):
      'csr_id',
      'subject preview (fetch csr and check full content !)',
    )
-    for entry in self._client.getCSRList():
+    for entry in self._client.getPendingCertificateRequestList():
      csr = utils.load_certificate_request(entry['csr'])
      print '%20i | %r' % (
        entry['id'],
@@ -222,14 +222,14 @@ class CLICaucaseClient(object):
    --sign-csr
    """
    for csr_id in csr_id_list:
-      self._client.signCSR(int(csr_id))
+      self._client.createCertificate(int(csr_id))

  def signCSRWith(self, csr_id_path_list):
    """
    --sign-csr-with
    """
    for csr_id, csr_path in csr_id_path_list:
-      self._client.signCSR(
+      self._client.createCertificate(
        int(csr_id),
        template_csr=utils.getCertRequest(csr_path),
      )
@@ -239,7 +239,7 @@ class CLICaucaseClient(object):
    --reject-csr
    """
    for csr_id in csr_id_list:
-      self._client.deleteCSR(int(csr_id))
+      self._client.deletePendingCertificateRequest(int(csr_id))

  def revokeOtherCRT(self, crt_list):
    """
@@ -263,7 +263,7 @@ class CLICaucaseClient(object):
            crt_path,
          )
        )
-      self._client.revokeCRT(crt_pem)
+      self._client.revokeCertificate(crt_pem)
    return error

  def revokeSerial(self, serial_list):
@@ -573,14 +573,14 @@ def probe(argv=None):
  http_client = CaucaseClient(
    ca_url=cas_url,
  )
-  http_ca_pem = http_client.getCA()
+  http_ca_pem = http_client.getCACertificate()
  https_ca_pem = HTTPSOnlyCaucaseClient(
    ca_url=cas_url,
    ca_crt_pem_list=[http_ca_pem],
-  ).getCA()
+  ).getCACertificate()
  # Retrieve again in case there was a renewal between both calls - we do
  # not expect 2 renewals in very short succession.
-  http2_ca_pem = http_client.getCA()
+  http2_ca_pem = http_client.getCACertificate()
  if https_ca_pem not in (http_ca_pem, http2_ca_pem):
    raise ValueError('http and https do not serve the same caucase database')

@@ -700,18 +700,18 @@ def updater(argv=None):
      csr_pem = utils.getCertRequest(args.csr)
      # Quick sanity check before bothering server
      utils.load_certificate_request(csr_pem)
-      csr_id = client.putCSR(csr_pem)
+      csr_id = client.createCertificateSigningRequest(csr_pem)
      print 'Waiting for signature of', csr_id
      while True:
        try:
-          crt_pem = client.getCRT(csr_id)
+          crt_pem = client.getCertificate(csr_id)
        except CaucaseError, e:
          if e.args[0] != httplib.NOT_FOUND:
            raise
          # If server does not know our CSR anymore, getCSR will raise.
          # If it does, we were likely rejected, so exit by letting exception
          # through.
-          client.getCSR(csr_id)
+          client.getCertificateSigningRequest(csr_id)
          # Still here ? Ok, wait a bit and try again.
          utils.interruptibleSleep(60)
        else:
@@ -746,7 +746,7 @@ def updater(argv=None):
      next_deadline = crt.not_valid_after - threshold
      if next_deadline <= now:
        print 'Renewing', args.crt
-        new_key_pem, new_crt_pem = client.renewCRT(
+        new_key_pem, new_crt_pem = client.renewCertificate(
          old_crt=crt,
          old_key=utils.load_privatekey(key_pem),
          key_len=args.key_len,

--- a/caucase/client.py
+++ b/caucase/client.py
@@ -61,7 +61,7 @@ def updateCAFile(url, ca_crt_path):
  if not os.path.exists(ca_crt_path):
    ca_pem = CaucaseClient(
      ca_url=url,
-    ).getCA()
+    ).getCACertificate()
    with open(ca_crt_path, 'w') as ca_crt_file:
      ca_crt_file.write(ca_pem)
    updated = True
@@ -78,7 +78,7 @@ def updateCAFile(url, ca_crt_path):
    CaucaseClient(
      ca_url=url,
      ca_crt_pem_list=ca_pem_list,
-    ).getNewCAList(),
+    ).getCACertificateChain(),
  )
  if ca_pem_list != loaded_ca_pem_list:
    data = ''.join(ca_pem_list)
@@ -107,7 +107,7 @@ def updateCRLFile(url, crl_path, ca_list):
    my_crl = None
  latest_crl_pem = CaucaseClient(
    ca_url=url,
-  ).getCRL()
+  ).getCertificateRevocationList()
  latest_crl = utils.load_crl(latest_crl_pem, ca_list)
  if latest_crl != my_crl:
    with open(crl_path, 'w') as crl_file:
@@ -166,19 +166,19 @@ class CaucaseClient(object):
  def _https(self, method, url, body=None, headers=None):
    return self._request(self._https_connection, method, url, body, headers)

-  def getCRL(self):
+  def getCertificateRevocationList(self):
    """
    [ANONYMOUS] Retrieve latest CRL.
    """
    return self._http('GET', '/crl')

-  def getCSR(self, csr_id):
+  def getCertificateSigningRequest(self, csr_id):
    """
    [ANONYMOUS] Retrieve an CSR by its identifier.
    """
    return self._http('GET', '/csr/%i' % (csr_id, ))

-  def getCSRList(self):
+  def getPendingCertificateRequestList(self):
    """
    [AUTHENTICATED] Retrieve all pending CSRs.
    """
@@ -190,7 +190,7 @@ class CaucaseClient(object):
      for x in json.loads(self._https('GET', '/csr'))
    ]

-  def putCSR(self, csr):
+  def createCertificateSigningRequest(self, csr):
    """
    [ANONYMOUS] Store a CSR and return its identifier.
    """
@@ -198,29 +198,29 @@ class CaucaseClient(object):
      'Content-Type': 'application/pkcs10',
    }))

-  def deleteCSR(self, csr_id):
+  def deletePendingCertificateRequest(self, csr_id):
    """
    [AUTHENTICATED] Reject a pending CSR.
    """
    self._https('DELETE', '/csr/%i' % (csr_id, ))

-  def _getCRT(self, crt_id):
+  def _getCertificate(self, crt_id):
    return self._http('GET', '/crt' + crt_id)

-  def getCRT(self, csr_id):
+  def getCertificate(self, csr_id):
    """
    [ANONYMOUS] Retrieve CRT by its identifier (same as corresponding CRL
    identifier).
    """
-    return self._getCRT('/%i' % (csr_id, ))
+    return self._getCertificate('/%i' % (csr_id, ))

-  def getCA(self):
+  def getCACertificate(self):
    """
    [ANONYMOUS] Retrieve current CA certificate.
    """
-    return self._getCRT('/ca.crt.pem')
+    return self._getCertificate('/ca.crt.pem')

-  def getNewCAList(self):
+  def getCACertificateChain(self):
    """
    [ANONYMOUS] Retrieve CA certificate chain, with CA certificate N+1 signed
    by CA certificate N, allowing automated CA cert rollout.
@@ -234,7 +234,7 @@ class CaucaseClient(object):
      key=lambda x: x.not_valid_before,
    )[-1]
    result = []
-    for entry in json.loads(self._getCRT('/ca.crt.json')):
+    for entry in json.loads(self._getCertificate('/ca.crt.json')):
      try:
        payload = utils.unwrap(
          entry,
@@ -257,7 +257,7 @@ class CaucaseClient(object):
        previous_ca = utils.load_ca_certificate(new_pem)
    return result

-  def renewCRT(self, old_crt, old_key, key_len):
+  def renewCertificate(self, old_crt, old_key, key_len):
    """
    [ANONYMOUS] Request certificate renewal.
    """
@@ -292,7 +292,7 @@ class CaucaseClient(object):
      ),
    )

-  def revokeCRT(self, crt, key=None):
+  def revokeCertificate(self, crt, key=None):
    """
    Revoke certificate.
    [ANONYMOUS] if key is provided.
@@ -334,7 +334,7 @@ class CaucaseClient(object):
      {'Content-Type': 'application/json'},
    )

-  def signCSR(self, csr_id, template_csr=''):
+  def createCertificate(self, csr_id, template_csr=''):
    """
    [AUTHENTICATED] Sign certificate signing request.
    """

--- a/caucase/test.py
+++ b/caucase/test.py
@@ -722,7 +722,7 @@ class CaucaseTest(unittest.TestCase):
    """
    client = CaucaseClient(self._caucase_url + '/cas')
    try:
-      client.putCSR('Not actually a CSR')
+      client.createCertificateSigningRequest('Not actually a CSR')
    except CaucaseError, e:
      self.assertEqual(e.args[0], 400, e)
    else: