Catch PKI errors

2025-05-17 01:47:18 +02:00 · 2015-05-25 11:50:00 +03:00 · 2015-05-25 11:50:00 +03:00 · 27a71f02a3
commit 27a71f02a3
parent f6c7dd48db
3 changed files with 6 additions and 2 deletions
--- a/app/controllers/registrant/sessions_controller.rb
+++ b/app/controllers/registrant/sessions_controller.rb
@ -12,7 +12,8 @@ class Registrant::SessionsController < Devise::SessionsController

    logger.error request.env['SSL_CLIENT_S_DN']
    logger.error request.env['SSL_CLIENT_S_DN'].encoding
-    @user = RegistrantUser.find_or_create_by_idc_data(request.env['SSL_CLIENT_S_DN'])
+    logger.error request.env['SSL_CLIENT_I_DN_O']
+    @user = RegistrantUser.find_or_create_by_idc_data(request.env['SSL_CLIENT_S_DN'], request.env['SSL_CLIENT_I_DN_O'])
    if @user
      sign_in(@user, event: :authentication)
      redirect_to registrant_root_url
--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@ -46,6 +46,7 @@ class ApiUser < User
  end

  def registrar_pki_ok?(crt, cn)
+    return false if crt.blank? || cn.blank?
    crt = crt.split(' ').join("\n")
    crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
    crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
@ -55,6 +56,7 @@ class ApiUser < User
  end

  def api_pki_ok?(crt, cn)
+    return false if crt.blank? || cn.blank?
    crt = crt.split(' ').join("\n")
    crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
    crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
--- a/app/models/registrant_user.rb
+++ b/app/models/registrant_user.rb
@ -11,8 +11,9 @@ class RegistrantUser < User
  end

  class << self
-    def find_or_create_by_idc_data(idc_data)
+    def find_or_create_by_idc_data(idc_data, issuer_organization)
      return false if idc_data.blank?
+      return false if issuer_organization != 'AS Sertifitseerimiskeskus'

      idc_data.force_encoding('UTF-8')
      logger.error(idc_data)