Catch PKI errors

app/controllers/registrant/sessions_controller.rb

@@ -12,7 +12,8 @@ class Registrant::SessionsController < Devise::SessionsController
 
     logger.error request.env['SSL_CLIENT_S_DN']
     logger.error request.env['SSL_CLIENT_S_DN'].encoding
-    @user = RegistrantUser.find_or_create_by_idc_data(request.env['SSL_CLIENT_S_DN'])
+    logger.error request.env['SSL_CLIENT_I_DN_O']
+    @user = RegistrantUser.find_or_create_by_idc_data(request.env['SSL_CLIENT_S_DN'], request.env['SSL_CLIENT_I_DN_O'])
     if @user
       sign_in(@user, event: :authentication)
       redirect_to registrant_root_url

app/models/api_user.rb

@@ -46,6 +46,7 @@ class ApiUser < User
   end
 
   def registrar_pki_ok?(crt, cn)
+    return false if crt.blank? || cn.blank?
     crt = crt.split(' ').join("\n")
     crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
     crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
@@ -55,6 +56,7 @@ class ApiUser < User
   end
 
   def api_pki_ok?(crt, cn)
+    return false if crt.blank? || cn.blank?
     crt = crt.split(' ').join("\n")
     crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
     crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")

app/models/registrant_user.rb

@@ -11,8 +11,9 @@ class RegistrantUser < User
   end
 
   class << self
-    def find_or_create_by_idc_data(idc_data)
+    def find_or_create_by_idc_data(idc_data, issuer_organization)
       return false if idc_data.blank?
+      return false if issuer_organization != 'AS Sertifitseerimiskeskus'
 
       idc_data.force_encoding('UTF-8')
       logger.error(idc_data)