From aac7a634874ecc05489e553a5e093805fc0cfe66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= <karlerik@kreative.ee>
Date: Mon, 21 Dec 2020 16:49:39 +0200
Subject: [PATCH] Use plain Net::HTTP for bulk renew, include webclient certs

---
 app/models/repp_api.rb | 39 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 5 deletions(-)

diff --git a/app/models/repp_api.rb b/app/models/repp_api.rb
index 40c080a0b..15ded62c5 100644
--- a/app/models/repp_api.rb
+++ b/app/models/repp_api.rb
@@ -1,11 +1,40 @@
 class ReppApi
   def self.bulk_renew(domains, period, registrar)
     payload = { domains: domains, renew_period: period }
-    token = Base64.urlsafe_encode64("#{registrar.username}:#{registrar.plain_text_password}")
-    headers = { Authorization: "Basic #{token}" }
+    uri = URI.parse("#{ENV['repp_url']}domains/renew/bulk")
+    request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
+    request.body = payload.to_json
+    request.basic_auth(registrar.username, registrar.plain_text_password)
 
-    RestClient.post("#{ENV['repp_url']}domains/renew/bulk", payload, headers)
-  rescue RestClient::ExceptionWithResponse => e
-    e.response
+    if Rails.env.test?
+      response =
+        Net::HTTP.start(uri.hostname, uri.port,
+                        use_ssl: (uri.scheme == 'https'),
+                        verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
+          http.request(request)
+        end
+    elsif Rails.env.development?
+      client_cert = File.read(ENV['cert_path'])
+      client_key = File.read(ENV['key_path'])
+      response =
+        Net::HTTP.start(uri.hostname, uri.port,
+                        use_ssl: (uri.scheme == 'https'),
+                        verify_mode: OpenSSL::SSL::VERIFY_NONE,
+                        cert: OpenSSL::X509::Certificate.new(client_cert),
+                        key: OpenSSL::PKey::RSA.new(client_key)) do |http|
+          http.request(request)
+        end
+    else
+      client_cert = File.read(ENV['cert_path'])
+      client_key = File.read(ENV['key_path'])
+      response =
+        Net::HTTP.start(uri.hostname, uri.port,
+                        use_ssl: (uri.scheme == 'https'),
+                        cert: OpenSSL::X509::Certificate.new(client_cert),
+                        key: OpenSSL::PKey::RSA.new(client_key)) do |http|
+          http.request(request)
+        end
+    end
+    response.body
   end
 end