autosign 0.1.2 → 0.1.3

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    MjVlNTVmZDU1NTI0MDVkOGFkOWY4NWQ5OWJhYmEzOTQyODJkNGM3Zg==
-  data.tar.gz: !binary |-
-    NTQxY2ZlNmZlODE4NDBkOWU4OWY3OGYwY2UxZjMxNTA3NzNhMWE1OA==
+SHA1:
+  metadata.gz: a408db14ff5f1ab3bdf26ff21c3807b88a5ac9bf
+  data.tar.gz: 79dcf642bc0965605a45594397e73872061d2159
 SHA512:
-  metadata.gz: !binary |-
-    NmZkMzA2MzljMjYwNzhhNDQ0ZDNmY2IwYzkyMGQxMzFhOWRlMDhkMDQ3ZTMw
-    M2E2NGQ5YjIyODk5NmIzOTRlNDE5YTdlODU5NjAyYjhmMGViM2NlYWVmNmJj
-    ZGNmYTA5YzNiYzY0NGVjZmJmNWQ0NjhkNjUwZmQ0OTdiNWMxNjk=
-  data.tar.gz: !binary |-
-    YTFjM2QyNjJkN2RmYzUzZDNkYWI2ZTcyODM2MzkwMTExYzhlMjkyMDc0NGIz
-    Y2JiZmJhNGQyNWNlNTIwODg2YmUyNGMxYmQyMDI2Njc1MWFlYTY0MTkyMjMz
-    YmViNzBjYTVjNmYzY2Y0ODkzZjk1ZWNlN2M3OWMyMTgxY2MzNzg=
+  metadata.gz: '08d0db1656abb18f7036a112c25a5abb25d813aba6edb250cd28e0e40f68566bbc77a2a37c1aabb910e9cc5193198d08cd40e960e6e438e6978b9c18389cccdc'
+  data.tar.gz: 86003a00b10e13440592a0c18fcb446d767a74fdd4827aabf3ead3ed8c5978bbdeefa54f87d9c9f56ae67d48e1f6b3e9ab82702ebd006e139a02ef2f34a7dd6a

data/.travis.yml

@@ -4,11 +4,10 @@ before_install: rm Gemfile.lock || true
 cache: bundler
 sudo: false
 rvm:
-  - 1.9.3
-  - jruby-19mode
   - 2.0.0
   - 2.1.5
   - 2.2.2
+  - 2.3.0
 deploy:
   provider: rubygems
   api_key:

data/Gemfile.lock

@@ -1,30 +1,29 @@
 PATH
   remote: .
   specs:
-    autosign (0.1.2)
+    autosign (0.1.3)
       deep_merge (~> 1)
       gli (~> 2)
       iniparse (~> 1)
-      json (~> 1)
+      json (>= 1)
       jwt (~> 1)
       logging (~> 2)
       require_all (~> 1)
-      yard (~> 0.8)
+      yard (~> 0.9.11)
 
 GEM
   remote: https://rubygems.org/
   specs:
     CFPropertyList (2.2.8)
-    aruba (0.11.2)
+    aruba (0.10.2)
       childprocess (~> 0.5.6)
       contracts (~> 0.9)
       cucumber (>= 1.3.19)
-      event-bus (~> 0.2)
       ffi (~> 1.9.10)
       rspec-expectations (>= 2.99)
       thor (~> 0.19)
     builder (3.2.2)
-    childprocess (0.5.8)
+    childprocess (0.5.9)
       ffi (~> 1.0, >= 1.0.11)
     coderay (1.1.0)
     contracts (0.12.0)
@@ -35,36 +34,39 @@ GEM
       term-ansicolor (~> 1.3)
       thor (~> 0.19.1)
       tins (~> 1.6.0)
-    cucumber (2.1.0)
+    cucumber (2.2.0)
       builder (>= 2.1.2)
       cucumber-core (~> 1.3.0)
+      cucumber-wire (~> 0.0.1)
       diff-lcs (>= 1.1.3)
+      event-bus (~> 0.1.0)
       gherkin3 (~> 3.1.0)
       multi_json (>= 1.7.5, < 2.0)
       multi_test (>= 0.1.2)
     cucumber-core (1.3.1)
       gherkin3 (~> 3.1.0)
-    deep_merge (1.0.1)
+    cucumber-wire (0.0.1)
+    deep_merge (1.2.1)
     diff-lcs (1.2.5)
     docile (1.1.5)
     domain_name (0.5.25)
       unf (>= 0.0.5, < 1.0.0)
-    event-bus (0.2.1)
+    event-bus (0.1.0)
     facter (2.4.4)
       CFPropertyList (~> 2.2.6)
     ffi (1.9.10)
     gherkin3 (3.1.2)
-    gli (2.13.4)
+    gli (2.17.1)
     hiera (1.3.4)
       json_pure
     http-cookie (1.0.2)
       domain_name (~> 0.5)
-    iniparse (1.4.2)
+    iniparse (1.4.4)
     json (1.8.3)
     json_pure (1.8.3)
-    jwt (1.5.2)
+    jwt (1.5.6)
     little-plugger (1.1.4)
-    logging (2.0.0)
+    logging (2.2.2)
       little-plugger (~> 1.1)
       multi_json (~> 1.10)
     method_source (0.8.2)
@@ -83,7 +85,7 @@ GEM
     rake (10.4.2)
     rdoc (4.2.1)
       json (~> 1.4)
-    require_all (1.3.3)
+    require_all (1.5.0)
     rest-client (1.8.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 3.0)
@@ -114,7 +116,7 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.1)
-    yard (0.8.7.6)
+    yard (0.9.12)
 
 PLATFORMS
   ruby
@@ -129,3 +131,6 @@ DEPENDENCIES
   rake (~> 10)
   rdoc (~> 4)
   rspec (~> 3)
+
+BUNDLED WITH
+   1.16.1

data/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} {name of copyright owner}
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/autosign.gemspec

@@ -28,8 +28,8 @@ spec = Gem::Specification.new do |s|
   s.add_runtime_dependency('jwt','~> 1')
   s.add_runtime_dependency('iniparse','~> 1')
   s.add_runtime_dependency('logging', '~> 2')
-  s.add_runtime_dependency('json', '~> 1')
+  s.add_runtime_dependency('json', '>=1')
   s.add_runtime_dependency('deep_merge', '~> 1')
   s.add_runtime_dependency('require_all', '~> 1')
-  s.add_runtime_dependency('yard', '~> 0.8')
+  s.add_runtime_dependency('yard', '~> 0.9.11')
 end

data/bin/autosign

@@ -112,7 +112,7 @@ command :config do |c|
   c.command :setup do |setup|
     setup.action do |global_options,options,args|
       @logger.info "setup command ran with #{global_options} #{options} #{args}"
-      result = Autosign::Config.generate_default
+      result = Autosign::Config.generate_default({'config_file' => global_options['config']})
       STDOUT.puts "generated default config file at #{result}" if result
     end
   end
@@ -134,17 +134,19 @@ pre do |global,command,options,args|
   # chosen command
   # Use skips_pre before a command to skip this block
   # on that command only
-#  config = Autosign::Config.new
-#  @logger.level = config.settings.to_hash['general']['loglevel'].to_sym unless config.settings.to_hash['general']['loglevel'].nil?
+  config = Autosign::Config.new
+  @logger.level = config.settings.to_hash['general']['loglevel'].to_sym unless config.settings.to_hash['general']['loglevel'].nil?
 
   @logger.level = :error if global['quiet']
   @logger.level = :info if global['verbose']
   @logger.level = :debug if global['debug']
 
-  if global['logfile'].nil?
-    @logger.add_appenders Logging.appenders.stdout
-  else
-    @logger.add_appenders Logging.appenders.stdout, Logging.appenders.file(global['logfile'])
+  stdout_layout = Logging.layouts.pattern(:pattern => "%-5l -- %c : %m\n")
+  @logger.add_appenders Logging.appenders.stdout(:layout => stdout_layout)
+
+  unless global['logfile'].nil?
+    file_layout = Logging.layouts.pattern(:pattern => "%d %-5l -- %c : %m\n", :date_pattern => "%Y-%m-%dT%H:%M:%S.%s")
+    @logger.add_appenders Logging.appenders.file(global['logfile'], :layout => file_layout)
   end
 
   true

data/bin/autosign-validator

@@ -5,14 +5,21 @@ require 'logging'
 
 ### Start logging
 @logger = Logging.logger['Autosign']
-@logger.level = :debug
+@logger.level = :warn
 
 # Start logging to stdout first so we get errors while loading the config file
 @logger.add_appenders Logging.appenders.stdout
 
 # Load config and then add logfile as a log appender
 config = Autosign::Config.new
-@logger.add_appenders Logging.appenders.file(config.settings['general']['logfile']) unless config.settings['general']['logfile'].nil?
+
+unless config.settings['general']['logfile'].nil?
+  file_layout = Logging.layouts.pattern(:pattern => "%d %-5l -- %c : %m\n", :date_pattern => "%Y-%m-%dT%H:%M:%S.%s")
+  @logger.add_appenders Logging.appenders.file(config.settings['general']['logfile'], :layout => file_layout)
+end
+
+@logger.level = config.settings['general']['loglevel'].to_sym unless config.settings['general']['loglevel'].nil?
+
 ### End logging initialization
 
 ### Get Inputs

data/lib/autosign/config.rb

@@ -36,13 +36,13 @@ module Autosign
     # @return [Autosign::Config] instance of the Autosign::Config class
     def initialize(settings_param = {})
       # set up logging
-      @log = Logging.logger['Autosign::Config']
-      @log.debug "initializing Autosign::Config"
+      @log = Logging.logger[self.class]
+      @log.debug "initializing #{self.class.name}"
       # validate parameter
       raise 'settings is not a hash' unless settings_param.is_a?(Hash)
 
       # look in the following places for a config file
-      @config_file_paths = ['/etc/autosign.conf', '/usr/local/etc/autosign.conf']
+      @config_file_paths = ['/etc/puppetlabs/puppetserver/autosign.conf', '/etc/autosign.conf', '/usr/local/etc/autosign.conf']
 
       # HOME is unset when puppet runs, so we need to only use it if it's set
       @config_file_paths << File.join(Dir.home, '.autosign.conf') unless ENV['HOME'].nil?
@@ -59,7 +59,7 @@ module Autosign
     def settings
       @log.debug "merging settings"
       setting_sources = [default_settings, configfile, @settings]
-      merged_settings = setting_sources.inject({}) { |merged, hash| merged.deep_merge(hash) }
+      merged_settings = setting_sources.inject({}) { |merged, hash| merged.deep_merge!(hash) }
       @log.debug "using merged settings: " + merged_settings.to_s
       return merged_settings
     end
@@ -132,7 +132,7 @@ module Autosign
     # Generate a default configuration file
     # As a convenience for the user, we can generate a default config file
     # This class is currently too tightly coupled with the JWT token validator
-    def self.generate_default()
+    def self.generate_default(settings_param = {})
       os_defaults = (
         case RbConfig::CONFIG['host_os']
         when /darwin|mac os/
@@ -189,8 +189,9 @@ module Autosign
 #          jwt_token.option(";password", 'another_static_autosign_password')
 #        end
 #      end.to_ini
-      raise Autosign::Exceptions::Error, "file #{os_defaults['confpath']} already exists, aborting" if File.file?(os_defaults['confpath'])
-      return os_defaults['confpath'] if File.write(os_defaults['confpath'], config.to_yaml)
+      config_file=settings_param['config_file'] || os_defaults['confpath']
+      raise Autosign::Exceptions::Error, "file #{config_file} already exists, aborting" if File.file?(config_file)
+      return config_file if File.write(config_file, config.to_yaml)
     end
   end
 end

data/lib/autosign/decoder.rb

@@ -9,7 +9,7 @@ module Autosign
     # @param csr[String] X509 format CSR
     # @return [Hash] hash containing :challenge_password and :common_name keys
     def self.decode_csr(csr)
-      @log = Logging.logger['Autosign::Decoder']
+      @log = Logging.logger[self.class]
       @log.debug "decoding CSR"
 
       begin
@@ -23,8 +23,12 @@ module Autosign
       end
 
       # extract challenge password
-
-      challenge_password = csr.attributes.find { |a| a.oid == 'challengePassword' }.value.value.first.value.to_s
+      challenge_attr = csr.attributes.find { |a| a.oid == 'challengePassword' }
+      challenge_password = if challenge_attr
+                             challenge_attr.value.value.first.value.to_s
+                           else
+                             nil
+                           end
 
       # extract common name
       common_name = /^\/CN=(\S*)$/.match(csr.subject.to_s)[1]

data/lib/autosign/journal.rb

@@ -15,8 +15,8 @@ module Autosign
     # @param settings [Hash] config settings for the new journal instance
     # @return [Autosign::Journal] instance of the Autosign::Journal class
     def initialize(settings = {})
-      @log = Logging.logger['Autosign::Journal']
-      @log.debug "initializing Autosign::Journal"
+      @log = Logging.logger[self.class]
+      @log.debug "initializing #{self.class.name}"
       @settings = settings
       fail unless setup
     end

data/lib/autosign/token.rb

@@ -33,8 +33,8 @@ module Autosign
     # @return [Autosign::Config] instance of the Autosign::Config class
     def initialize(certname, reusable=false, validfor=7200, requester, secret)
       # set up logging
-      @log = Logging.logger['Autosign::Token']
-      @log.debug "initializing"
+      @log = Logging.logger[self.class]
+      @log.debug "initializing #{self.class.name}"
 
       @validfor  = validfor
       @certname  = certname
@@ -56,7 +56,7 @@ module Autosign
     # @param hmac_secret [String] Password that the token was (hopefully) originally signed with.
     # @return [True, False] returns true if the token can be validated, or false if the token cannot be validated.
     def self.validate(requested_certname, token, hmac_secret)
-      @log = Logging.logger['Autosign::Token.validate']
+      @log = Logging.logger[self.class]
       @log.debug "attempting to validate token"
       @log.info "attempting to validate token for: #{requested_certname.to_s}"
       errors = []

data/lib/autosign/validator.rb

@@ -92,7 +92,7 @@ module Autosign
     # @param raw_csr [String] the encoded X509 certificate signing request, as received by the autosign policy executable
     # @return [True, False] return true if the certificate should be signed, and false if it cannot be validated
     def self.any_validator(challenge_password, certname, raw_csr)
-      @log = Logging.logger[self.name]
+      @log = Logging.logger[self.class]
       # iterate over all known validators and attempt to validate using them
       results_by_validator = {}
       results = self.descendants.map {|c|
@@ -120,7 +120,7 @@ module Autosign
     # this is automatically called when the class is initialized; do not
     # override it in child classes.
     def start_logging
-      @log = Logging.logger["Autosign::Validator::" + self.name.to_s]
+      @log = Logging.logger[self.class]
       @log.debug "starting autosign validator: " + self.name.to_s
     end
 

data/lib/autosign/version.rb

@@ -1,3 +1,3 @@
 module Autosign
-  VERSION = '0.1.2'
+  VERSION = '0.1.3'
 end

data/spec/specs/decoder_spec.rb

@@ -3,14 +3,22 @@ require 'spec_helper'
 context Autosign::Decoder do
   describe '.decode_csr' do
     let(:csr) { File.read(File.join('fixtures', 'i-7672fe81.pem')) }
+
     it 'Accepts a CSR as the parameter' do
       expect { Autosign::Decoder.decode_csr(csr) }.to_not raise_error
     end
+
     it 'Extracts the challenge_password and common_name from a CSR' do
       expect(Autosign::Decoder.decode_csr(csr)).to eq({:challenge_password=>"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjoie1wiY2VydG5hbWVcIjpcImktNzY3MmZlODFcIixcInJlcXVlc3RlclwiOlwiRGFuaWVscy1NYWNCb29rLVByby0yLmxvY2FsXCIsXCJyZXVzYWJsZVwiOmZhbHNlLFwidmFsaWRmb3JcIjoxNTc2ODAwMDAsXCJ1dWlkXCI6XCJlMzZkMzkyOS05NWVlLTQyNDQtOTIwZS00NmZiN2Y4MTU3ZDVcIn0iLCJleHAiOiIxNTk1MTc3NTc0In0.gfTpUPLGnxwtvfMH5C0ucWsXBqrhBD_HvCiNH_9zvhFafHMij_ng14K8F-MMLgQoDBloOJukjX8qcki5cFmKKg", :common_name=>"i-7672fe81"})
     end
+
     it 'Returns nil given an invalid CSR' do
       expect(Autosign::Decoder.decode_csr("not_a_csr")).to be_nil
     end
+
+    it 'Does not raise an error decoding a CSR without a challengePassword' do
+      allow_any_instance_of(OpenSSL::X509::Attribute).to receive(:oid).and_return('notTheOidYouAreLookingFor')
+      expect { Autosign::Decoder.decode_csr(csr) }.to_not raise_error
+    end
   end
 end

metadata

@@ -1,239 +1,239 @@
 --- !ruby/object:Gem::Specification
 name: autosign
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Daniel Dreier
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-22 00:00:00.000000000 Z
+date: 2018-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10'
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '4'
 - !ruby/object:Gem::Dependency
   name: aruba
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.6'
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
 - !ruby/object:Gem::Dependency
   name: puppet
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
 - !ruby/object:Gem::Dependency
   name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.10'
 - !ruby/object:Gem::Dependency
   name: gli
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
   name: iniparse
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
   name: logging
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
   name: deep_merge
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
   name: require_all
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.9.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.9.11
 description: 
 email: ddreier@thinkplango.com
 executables:
@@ -242,11 +242,12 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - Gemfile
 - Gemfile.lock
+- LICENSE
 - README.md
 - Rakefile
 - autosign.gemspec
@@ -279,27 +280,27 @@ licenses: []
 metadata: {}
 post_install_message: 
 rdoc_options:
-- --title
+- "--title"
 - autosign
-- --main
+- "--main"
 - README.rdoc
-- -ri
+- "-ri"
 require_paths:
 - lib
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.6.10
 signing_key: 
 specification_version: 4
 summary: Tooling to make puppet autosigning easy, secure, and extensible