Here's the simple "fix" for #201, plus the tedious patches of the quirky tests

Martin Maney · Martin Maney · commit e3e4e639341e · 2020-09-11T21:21:15.000-05:00
diff --git a/sewer/client.py b/sewer/client.py
@@ -202,15 +202,16 @@ def get_acme_endpoints(self):
             )
         return get_acme_endpoints
 
+    ### FIX ME ### this is a kludge to fix Alec's needs until there's time to do the Acme* refactor
+
     def acme_register(self):
-        """
-        RFC8555 has some changes in behavior.
 
-        For now,leaving the behavior unchanged except replacing "self.PRIOR_REGISTERED"
-        with "not self.is_new_acct".  But further work is needed - I don't think a
-        409 result is part of the protocol any more, for one thing.
-        """
         self.logger.info("acme_register%s" % " (is new account)" if self.is_new_acct else "")
+
+        if self.acct_key.kid:
+            self.logger.info("acme_register: key was already registered")
+            return None
+
         if not self.is_new_acct:
             payload = {"onlyReturnExisting": True}
         elif self.contact_email:
@@ -222,27 +223,26 @@ def acme_register(self):
             payload = {"termsOfServiceAgreed": True}
 
         url = self.ACME_NEW_ACCOUNT_URL
-        acme_register_response = self.make_signed_acme_request(
+        response = self.make_signed_acme_request(
             url=url, payload=json.dumps(payload), needs_jwk=True
         )
         self.logger.debug(
-            "acme_register_response. status_code={0}. response={1}".format(
-                acme_register_response.status_code, log_response(acme_register_response)
+            "response. status_code={0}. response={1}".format(
+                response.status_code, log_response(response)
             )
         )
 
-        if acme_register_response.status_code not in [201, 200, 409]:
+        if response.status_code not in [201, 200, 409]:
             raise ValueError(
                 "Error while registering: status_code={status_code} response={response}".format(
-                    status_code=acme_register_response.status_code,
-                    response=log_response(acme_register_response),
+                    status_code=response.status_code, response=log_response(response),
                 )
             )
 
-        self.acct_key.set_kid(acme_register_response.headers["Location"])
+        self.acct_key.set_kid(response.headers["Location"])
 
         self.logger.info("acme_register_success")
-        return acme_register_response
+        return response
 
     def apply_for_cert_issuance(self):
         """
diff --git a/sewer/tests/test_Client.py b/sewer/tests/test_Client.py
@@ -24,15 +24,23 @@
 
 LOG_LEVEL = "CRITICAL"
 
-keys_for_ACME = {"acct_key": AcmeKey.create("rsa2048"), "cert_key": AcmeKey.create("rsa2048")}
+### FIX ME ### even with making the keys new each time, some tests manage to re-register!
+# luckily it's working anyway, but it's a good thing most of this will have to be scrapped soon
 
-usual_ACME = {
-    "ACME_REQUEST_TIMEOUT": 1,
-    "ACME_AUTH_STATUS_WAIT_PERIOD": 0,
-    "ACME_DIRECTORY_URL": ACME_DIRECTORY_URL_STAGING,
-    "LOG_LEVEL": LOG_LEVEL,
-}
-usual_ACME.update(keys_for_ACME)
+
+def keys_for_ACME():
+    return {"acct_key": AcmeKey.create("secp256r1"), "cert_key": AcmeKey.create("secp256r1")}
+
+
+def usual_ACME():
+    res = {
+        "ACME_REQUEST_TIMEOUT": 1,
+        "ACME_AUTH_STATUS_WAIT_PERIOD": 0,
+        "ACME_DIRECTORY_URL": ACME_DIRECTORY_URL_STAGING,
+        "LOG_LEVEL": LOG_LEVEL,
+    }
+    res.update(keys_for_ACME())
+    return res
 
 
 class TestClient(TestCase):
@@ -57,7 +65,7 @@ def setUp(self):
 
             self.provider = test_utils.ExmpleHttpProvider()
             self.client = sewer.client.Client(
-                domain_name=self.domain_name, provider=self.provider, **usual_ACME
+                domain_name=self.domain_name, provider=self.provider, **usual_ACME()
             )
 
     def tearDown(self):
@@ -74,7 +82,7 @@ def mock_create_acme_client():
                     provider=test_utils.ExmpleHttpProvider(),
                     ACME_DIRECTORY_URL=ACME_DIRECTORY_URL_STAGING,
                     LOG_LEVEL=LOG_LEVEL,
-                    **keys_for_ACME,
+                    **keys_for_ACME(),
                 )
 
             self.assertRaises(ValueError, mock_create_acme_client)
@@ -243,7 +251,7 @@ def mock_instantiate_client():
                 domain_name=self.domain_name,
                 provider=self.provider,
                 domain_alt_names="domain_alt_names",
-                **usual_ACME,
+                **usual_ACME(),
             )
 
         with self.assertRaises(ValueError) as raised_exception:
@@ -275,7 +283,7 @@ def setUp(self):
                 domain_name="exampleSAN.com",
                 dns_class=self.dns_class,
                 domain_alt_names=self.domain_alt_names,
-                **usual_ACME,
+                **usual_ACME(),
             )
         super(TestClientForSAN, self).setUp()
 
@@ -305,7 +313,7 @@ def setUp(self):
                 dns_class=self.dns_class,
                 domain_alt_names=self.domain_alt_names,
                 ACME_AUTH_STATUS_MAX_CHECKS=1,
-                **usual_ACME,
+                **usual_ACME(),
             )
         super(TestClientForWildcard, self).setUp()
 
@@ -327,7 +335,7 @@ def setUp(self):
 
             self.dns_class = test_utils.ExmpleDnsProvider()
             self.client = sewer.client.Client(
-                domain_name=self.domain_name, dns_class=self.dns_class, **usual_ACME
+                domain_name=self.domain_name, dns_class=self.dns_class, **usual_ACME()
             )
 
     def test_get_get_acme_endpoints_failure_results_in_exception_with(self):
@@ -341,7 +349,7 @@ def mock_create_acme_client():
                     dns_class=test_utils.ExmpleDnsProvider(),  # NOTE: dns_class used here
                     ACME_DIRECTORY_URL=ACME_DIRECTORY_URL_STAGING,
                     LOG_LEVEL=LOG_LEVEL,
-                    **keys_for_ACME,
+                    **keys_for_ACME(),
                 )
 
             self.assertRaises(ValueError, mock_create_acme_client)
@@ -377,7 +385,7 @@ def mock_instantiate_client():
                 domain_name=self.domain_name,
                 dns_class=self.dns_class,  # NOTE: dns_class used here
                 domain_alt_names="domain_alt_names",
-                **usual_ACME,
+                **usual_ACME(),
             )
 
         with self.assertRaises(ValueError) as raised_exception:
@@ -392,7 +400,7 @@ class TestClientUnits(TestCase):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.mock_args = {"domain_name": "example.com", "LOG_LEVEL": LOG_LEVEL}
-        self.mock_args.update(keys_for_ACME)
+        self.mock_args.update(keys_for_ACME())
         self.mock_challenges = [{"ident_value": "example.com", "key_auth": "abcdefgh12345678"}]
 
     def mock_sewer(self, provider):
