digicert-cli 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d58010c165e4fb5ca8dab1177536629119f55bf2
+  data.tar.gz: 4d1d6c1db358babe1cbb25b46991a1d3452c600e
+SHA512:
+  metadata.gz: e260958d36db163a0d06c9cce128d98bce2212f4d89f07b5a20d2ff7157d60db3dcb0cef6cafd168ccafbdac1b8368479023e15719c3fba1125cb4904ddf69f8
+  data.tar.gz: d488abf8b7bad01d645f64ff2030481759c752a0f2b16fadfa764b1ecf987d8801753a53d3465c4d944905c2b5b895f38550f30d0825edf1addcd798f02f16b1

data/.gitignore

@@ -0,0 +1,15 @@
+source_credentials.sh
+.DS_Store
+/.bundle/
+/.yardoc
+/.pryrc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status

data/.sample.env

@@ -0,0 +1 @@
+DIGICERT_API_KEY=YOUR_DIGICERT_API_KEY

data/.travis.yml

@@ -0,0 +1,8 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.4.1
+
+before_install:
+  - cp .sample.env .env
+  - gem install bundler -v 1.14.6

data/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in digicert-cli.gemspec
+gemspec
+
+gem "digicert", github: "riboseinc/digicert", ref: "f122a4b"

data/README.md

@@ -0,0 +1,104 @@
+# Digicert CLI
+
+[![Build
+Status](https://travis-ci.org/riboseinc/digicert-cli.svg?branch=master)](https://travis-ci.org/riboseinc/digicert-cli)
+
+The CLI for the Digicert API
+
+## Usages
+
+### Orders
+
+This CLI provides an easier interface to list the orders from the Digicert API.
+To retrieve the list of the certificate orders we can use
+
+```sh
+digicert order list
+```
+
+Digicert does not have any a direct interface to filter certificate orders,
+but we have added partial support for filtering, to filter the orders by any
+specific criteria please pass those as option to the `order list` interface.
+Currently supported options are `common_name` and `product_type`.
+
+```sh
+digicert order list -c "ribosetest.com" -p "ssl_plus"
+```
+
+### Single Order
+
+Use `find` interface to retrieve a single order, this interface supports all
+default filters.
+
+```sh
+digicert order find -c "ribosetest.com" -p "ssl_plus" --status expired
+```
+
+This interface also allow us to specific a flag in case we only want to find
+the `id` for the resource.
+
+```sh
+digicert order find -c "ribosetest.com" -p "ssl_plus" --status expired --quiet
+```
+
+### Reissue an order
+
+To reissue an existing order, we can use the following interface.
+
+```sh
+digicert order reissue --order_id 12345
+```
+
+## Development
+
+We are following Sandi Metz's Rules for this gem, you can read the
+[description of the rules here][sandi-metz] All new code should follow these
+rules. If you make changes in a pre-existing file that violates these rules you
+should fix the violations as part of your contribution.
+
+### Setup
+
+Clone the repository.
+
+```sh
+git clone https://github.com/abunashir/digicert-cli
+```
+
+Setup your environment.
+
+```sh
+bin/setup
+```
+
+Run the test suite
+
+```sh
+bin/rspec
+```
+
+## Contributing
+
+First, thank you for contributing! We love pull requests from everyone. By
+participating in this project, you hereby grant [Ribose Inc.][riboseinc] the
+right to grant or transfer an unlimited number of non exclusive licenses or
+sub-licenses to third parties, under the copyright covering the contribution
+to use the contribution by all means.
+
+Here are a few technical guidelines to follow:
+
+1. Open an [issue][issues] to discuss a new feature.
+1. Write tests to support your new feature.
+1. Make sure the entire test suite passes locally and on CI.
+1. Open a Pull Request.
+1. [Squash your commits][squash] after receiving feedback.
+1. Party!
+
+
+## Credits
+
+This gem is developed, maintained and funded by [Ribose Inc.][riboseinc]
+
+[riboseinc]: https://www.ribose.com
+[issues]: https://github.com/abunashir/digicert-cli/issues
+[squash]: https://github.com/thoughtbot/guides/tree/master/protocol/git#write-a-feature
+[sandi-metz]: http://robots.thoughtbot.com/post/50655960596/sandi-metz-rules-for-developers

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "digicert/cli"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/digicert

@@ -0,0 +1,22 @@
+#!/usr/bin/env ruby
+# encoding: UTF-8
+
+# resolve bin path, ignoring symlinks
+require "pathname"
+bin_file = Pathname.new(__FILE__).realpath
+
+# add self to libpath
+$:.unshift File.expand_path("../../lib", bin_file)
+
+# Fixes https://github.com/rubygems/rubygems/issues/1420
+require "rubygems/specification"
+
+class Gem::Specification
+  def this; self; end
+end
+
+# start up the CLI
+require "bundler/setup"
+require "digicert/cli"
+
+Digicert::CLI.start(*ARGV)

data/bin/rspec

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/digicert-cli.gemspec

@@ -0,0 +1,41 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "digicert/cli/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "digicert-cli"
+  spec.version       = Digicert::CLI::VERSION
+  spec.authors       = ["Ribose Inc."]
+  spec.email         = ["operations@ribose.com"]
+
+  spec.summary       = %q{The CLI for digicert API}
+  spec.description   = %q{The CLI for digicert API}
+  spec.homepage      = "https://www.ribose.com"
+
+  spec.files         = `git ls-files`.split("\n")
+  spec.test_files    = `git ls-files -- {spec}/*`.split("\n")
+
+  spec.require_paths = ["lib"]
+  spec.bindir        = "bin"
+  spec.executables   = "digicert"
+
+  # Digicert gem dpendenceis
+  #
+  # We are developing this cli and the digicert gem at the same time
+  # and we might not instantly push the digicert gems to rubygems while
+  # we are adding any new features. So let's use the one from our github
+  # and once we are close to finalize then we will switch to the actual
+  # digicert gem from rubygems.
+  #
+  # spec.add_dependency "digicert", "~> 0.1.1"
+  #
+
+  spec.add_dependency "terminal-table"
+
+  spec.add_development_dependency "bundler", "~> 1.14"
+  spec.add_development_dependency "dotenv"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "webmock", "~> 2.0"
+end

data/legacy_cli.sh

@@ -0,0 +1,301 @@
+#!/bin/bash
+
+# USAGE:
+# export API_DIGICERT_KEY="MY KEY"
+# export API_DIGICERT_ACCOUNT_ID="ACCOUNT ID"
+# ./build_cert.sh reissue -o 00900495 -n star_ribose_com -c "*.ribose.com"
+# ./build_cert.sh retrieve -o 00900495 -n star_ribose_com
+
+# TODO: as certificate generation takes time, if we run two "reissues" in
+# parallel, only the last one will be generated and therefore we lose the first
+# request! Use the "comments" field to store some unique number that we can
+# match later on retrieval to ensure it is the same request.
+
+readonly __progname=$(basename $0)
+readonly api_digicert_key="${API_DIGICERT_KEY}"
+readonly digicert_account_id="${API_DIGICERT_ACCOUNT_ID}"
+
+#digicert_orders="
+#star_ribose_com:00900495
+#www_ribose_com:00900495
+#"
+#star_ribose_com:00427785
+
+readonly digicert_api_user="-u \"${digicert_account_id}:${api_digicert_key}\""
+readonly digicert_contenttype="-H \"Content-Type: application/vnd.digicert.rest-v1+json\""
+readonly curl_cmd="curl -s"
+
+errx() {
+	printf "$__progname: $@\n" >&2
+	exit 1
+}
+
+mkjson() {
+  local readonly tmpfile=$(mktemp) || \
+	errx "Failed to create temp file"
+  echo '{
+  "comments": "COMMENTS",
+  "common_name": "COMMONNAME",
+  "sans": "SANS",
+  "server_type": 2,
+  "csr": "CSRS"
+}' > ${tmpfile} || \
+	errx "Failed to write temp json file"
+
+  echo ${tmpfile}
+}
+
+retrieve_cert() {
+  local order_id=$1
+  local name=$2
+  local destination=$3
+
+  local digicert_api_url_retrieve="https://api.digicert.com/order/${order_id}/certificate"
+  local responsejson=${destination}/retrieve.response.json
+
+  cmd="${curl_cmd} \
+    ${digicert_api_user} \
+    ${digicert_contenttype} \
+    -o ${responsejson} \
+    ${digicert_api_url_retrieve}"
+
+  echo "------- CURL COMMAND IS -------" >&2
+  echo ${cmd} >&2
+  echo "------- CURL COMMAND END -------" >&2
+
+  eval ${cmd} >&2 || \
+	errx "curl failed"
+
+  # If the certificate is not yet available, CURL still returns success.
+  # However, the response json will be:
+  # {"errors":[{"code":"cert_unavailable_processing","description":"Unable to download certificate, the certificate has not yet been issued.  Try back in a bit."}]}
+
+  # exit 2 if the cert isn't ready
+  cat ${responsejson} | grep -q "the certificate has not yet been issued" && \
+	exit 2
+
+  echo "------- JSON RETRIEVED IS -------" >&2
+  cat ${responsejson} >&2
+  printf "\n" >&2
+  echo "------- JSON RETRIEVED END -------" >&2
+
+  local has_error=$(jq -r '.errors[]? | has("description")' ${responsejson})
+
+  if [ "${has_error}" == "true" ]; then
+	printf "\n\n******** Retrieval error ********: \n $(jq -r '.errors[]' ${responsejson})\n\n" >&2
+	errx "Failed to retrieve certificate."
+  fi
+
+  local filename=""
+  for key in certificate intermediate root pkcs7; do
+    filename=${destination}/${name}.${key}
+    echo "Generating $filename..." >&2
+    # sed removes the empty lines
+    # tr removes the \r's (Ctrl-M's)
+    jq -r ".certs.${key}" ${responsejson} | sed '/^$/d' | tr -d $'\r' > ${filename}
+  done
+
+  filename=${destination}/${name}.chain
+  echo "Generating $filename..." >&2
+  cat ${destination}/${name}.{intermediate,root} > ${filename}
+
+  filename=${destination}/${name}.pem
+  echo "Generating $filename..." >&2
+  cat ${destination}/${name}.{certificate,intermediate,root} > ${filename}
+
+  echo "Retrieve certificate complete." >&2
+}
+
+# Note: if we change the Common Name, there will be a long wait before the cert
+# is ready.
+reissue_cert() {
+  local order_id=$1
+  local name=$2
+  local destination=$3
+
+  local cn="*.ribose.com"
+  [[ "$4" ]] && \
+	cn=$4
+
+  local cipher_type=$5
+  local sans="" # "www-afnj8x.ribose.com,www-xfgho3.ribose.com"
+  [[ "$6" ]] && \
+	sans=$6
+
+  local method_reissue="-X REISSUE"
+  local digicert_api_url_reissue="https://api.digicert.com/order/${order_id}"
+  local responsejson=${destination}/reissue.response.json
+  local jsonpath=$(mkjson)
+  local keypath=${destination}/${name}.key
+  local pkeypath=${destination}/${name}.pkey
+  local csrpath=${destination}/${name}.csr
+  local csrsubj="/C=US/ST=Delaware/L=Wilmington/O=Ribose Inc./CN=${cn}"
+  local genkey_cmd=""
+  local gencsr_cmd=""
+
+  if [ "${cipher_type}" == "rsa" ]; then
+    gencsr_cmd="openssl req -new -newkey rsa:2048 -nodes -out ${csrpath} -keyout ${keypath} -subj \"${csrsubj}\""
+    echo "${gencsr_cmd}" >&2
+    eval "$gencsr_cmd" || \
+	errx "Failed to generate CSR (certificate signing request)"
+  else
+    genkey_cmd="openssl ecparam -out ${pkeypath} -name prime256v1 -genkey"
+    gencsr_cmd="openssl req -new -key ${pkeypath} -nodes -out ${csrpath} -subj \"${csrsubj}\""
+
+    if [ "${genkey_cmd}" ]; then
+      echo ${genkey_cmd} >&2
+      $genkey_cmd || \
+	errx "Failed to generate certificate key"
+    fi
+
+    # AWS IAM EC certificate needs to remove ""
+    # http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html
+    # When you specify an ECDHE-ECDSA private key for a certificate that you will
+    # upload to IAM, you must delete the lines containing "-----BEGIN EC
+    # PARAMETERS-----" and "-----END EC PARAMETERS-----", and the line in between
+    # these lines.
+
+    local readonly key_demarc="/^-----BEGIN EC PRIVATE KEY-----\$/,\$!d"
+    local keypath=${destination}/${name}.key
+    echo "Generating $keypath..." >&2
+    extract_key_cmd="cat ${pkeypath} | sed '${key_demarc}' > ${keypath}"
+    echo ${extract_key_cmd} >&2
+    eval ${extract_key_cmd} || \
+	errx "Failed to extract private key from pkey file"
+
+    echo "${gencsr_cmd}" >&2
+    eval "$gencsr_cmd" || \
+	errx "Failed to generate CSR (certificate signing request)"
+  fi
+
+  # input
+  local csrcontent=$(<${csrpath})
+  # template
+  local jsoncontent=$(<${jsonpath})
+  echo "${jsoncontent//COMMONNAME/${cn}}" > ${jsonpath}
+  local jsoncontent=$(<${jsonpath})
+  echo "${jsoncontent//COMMENTS/${sans}}" > ${jsonpath}
+  local jsoncontent=$(<${jsonpath})
+  echo "${jsoncontent//SANS/${sans}}" > ${jsonpath}
+  local jsoncontent=$(<${jsonpath})
+  echo "${jsoncontent//CSRS/${csrcontent}}" > ${jsonpath}
+
+  echo "------- JSON TO BE SUBMITTED IS -------" >&2
+  cat ${jsonpath} >&2
+  echo "------- JSON TO BE SUBMITTED END -------" >&2
+
+  cmd="${curl_cmd} \
+    ${digicert_api_user} \
+    ${method_reissue} \
+    ${digicert_contenttype} \
+    -o ${responsejson} \
+    --data @${jsonpath} \
+    ${digicert_api_url_reissue}"
+
+  echo "------- CURL COMMAND IS -------" >&2
+  echo ${cmd} >&2
+  echo "------- CURL COMMAND END -------" >&2
+
+  eval ${cmd} >&2 || \
+	errx "curl failed"
+
+  echo "------- JSON RETRIEVED IS -------" >&2
+  cat ${responsejson} >&2
+  printf "\n" >&2
+  echo "------- JSON RETRIEVED END -------" >&2
+
+  local has_error=$(jq -r '.errors[]? | has("description")' ${responsejson})
+  if [ "${has_error}" == "true" ]; then
+	printf "\n\n******** Reissue error ********:\n $(jq -r '.errors[]' ${responsejson})\n\n" >&2
+	errx "Failed to reissue certificate."
+  fi
+
+  echo "Reissue certificate request submitted. Waiting for it to be available." >&2
+}
+
+usage() {
+  local progname=$(basename $__progname)
+  echo "Usage: $progname"
+  echo "  $progname (command: reissue | retrieve) (options)"
+  echo "  $progname retrieve -n <certificate-name> -o <order-id> [-p <path>]"
+  echo "  $progname reissue -n <certificate-name> -o <order-id> -c '<common-name>' [-s <comma-separated SANS: abc.com,bbc.com>] [-p <path>] [-t <cipher type: ec | rsa>]"
+  echo "  Note: if you want to generate a wildcard certificate (common name starts with *), remember to quote it in the -c option!!!"
+
+  exit 1;
+} >&2
+
+main() {
+	if ([ -z $API_DIGICERT_KEY ] || [ -z $API_DIGICERT_ACCOUNT_ID ]); then
+		echo "You must specify these environment variables for authentication: API_DIGICERT_KEY, API_DIGICERT_ACCOUNT_ID" >&2
+		exit 1
+	fi
+
+	[ ! $1 ] && \
+		usage
+
+	local readonly cmd=$1;
+	shift
+
+	([ "${cmd}" != "retrieve" ] && [ "${cmd}" != "reissue" ]) && \
+		usage
+
+	local sans=""
+	local cipher_type="rsa"
+
+  while getopts ":n:o:c:s:p:i:h:t:" o; do
+    case "${o}" in
+      n)
+        name=${OPTARG}
+        ;;
+      o)
+        order_id=${OPTARG}
+        ;;
+      c)
+        common_name=${OPTARG}
+        ;;
+      s)
+        sans=${OPTARG}
+        ;;
+      p)
+        certpath=${OPTARG}
+        ;;
+      t)
+        cipher_type=${OPTARG}
+        ;;
+      i)
+        iid=${OPTARG}
+        ;;
+      h)
+        usage
+        ;;
+      *)
+        usage
+        ;;
+    esac
+  done
+  shift $((OPTIND-1))
+
+  [ -z "${name}" ] && \
+    errx "Must provide '-n' certificate name"
+
+  [ -z "${order_id}" ] && \
+    errx "Must provide '-o' order_id"
+
+  if [ -z ${certpath} ]; then
+	certpath=$(pwd)/${name}
+	mkdir -p ${certpath} || \
+		errx "mkdir -p ${certpath}"
+  fi
+
+  [ ${cmd} == "reissue" ] && [ -z "${common_name}" ] && \
+	errx "Must provide '-c' common name for reissue"
+
+  ${cmd}_cert ${order_id} ${name} ${certpath} ${common_name} ${cipher_type} "${sans}"
+  echo
+}
+
+main "$@"
+
+# ./reissue_certificate.sh -o 00900495 -n star_ribose_com -c *.ribose.com
+
+exit 0

data/lib/digicert/cli/auth.rb

@@ -0,0 +1,5 @@
+require "dotenv/load"
+
+Digicert.configure do |config|
+  config.api_key = ENV["DIGICERT_API_KEY"]
+end

data/lib/digicert/cli/command/order.rb

@@ -0,0 +1,50 @@
+module Digicert
+  module CLI
+    module Command
+      class Order
+        attr_reader :order_id, :options
+
+        def initialize(attributes = {})
+          @options = attributes
+          @order_id = options[:order_id]
+        end
+
+        def list
+          find_order || order_api.all
+        end
+
+        def find
+          find_order || filter_order
+        end
+
+        private
+
+        def find_order
+          if order_id
+            order_api.fetch(order_id)
+          end
+        end
+
+        def filter_order
+          list.select do |order|
+            filter_by_common_name(order) && filter_by_product_type(order)
+          end
+        end
+
+        def filter_by_common_name(order)
+          !options[:common_name] ||
+            options[:common_name] == order.certificate.common_name
+        end
+
+        def filter_by_product_type(order)
+          !options[:product_type] ||
+            options[:product_type] == order.product_name_id
+        end
+
+        def order_api
+          Digicert::Order
+        end
+      end
+    end
+  end
+end

data/lib/digicert/cli/command.rb

@@ -0,0 +1,58 @@
+require "optparse"
+require "digicert/cli/order"
+
+module Digicert
+  module CLI
+    module Command
+      def self.run(command, subcommand, args = {})
+        command_klass = command_handler(command)
+        attributes = parse_option_arguments(args)
+
+        command_klass.new(attributes).send(subcommand.to_sym)
+      end
+
+      def self.parse(command)
+        command_handlers[command.to_sym] || raise(ArgumentError)
+      end
+
+      def self.command_handlers
+        @commands ||= { order: "Order" }
+      end
+
+      def self.command_handler(command)
+        Object.const_get(
+          ["Digicert", "CLI", parse(command)].join("::")
+        )
+      end
+
+      def self.parse_option_arguments(args)
+        attributes = {}
+
+        option_parser = OptionParser.new do |parser|
+          parser.banner = "Usage: digicert resource:action [options]"
+
+          global_options.each do |option|
+            attribute_name = option[1].split.first.gsub("--", "").to_sym
+            parser.on(*option) { |value| attributes[attribute_name] = value}
+          end
+        end
+
+        if args.first
+          option_parser.parse!(args)
+        end
+
+        attributes
+      end
+
+      def self.global_options
+        [
+          ["-o", "--order_id ORDER_ID",  "The Digicert Order Id"],
+          ["-q", "--quiet",  "Flag to return resource Id only"],
+          ["-s", "--status STATUS", "Use to specify the order status"],
+          ["-c", "--common_name COMMON_NAME", "The common name for the order"],
+          ["-p", "--product_type NAME_ID", "The Digicert product name Id"],
+        ]
+      end
+    end
+  end
+end

data/lib/digicert/cli/order.rb

@@ -0,0 +1,66 @@
+require "digicert/cli/order_filterer"
+require "digicert/cli/order_reissuer"
+
+module Digicert
+  module CLI
+    class Order
+      attr_reader :order_id, :options
+
+      def initialize(attributes = {})
+        @options = attributes
+        @order_id = options.delete(:order_id)
+      end
+
+      def list
+        filtered_orders = apply_filters(orders)
+        display_orders_in_table(filtered_orders)
+      end
+
+      def find
+        filtered_orders = apply_filters(orders)
+        apply_ouput_flag(filtered_orders.first)
+      end
+
+      def reissue
+        Digicert::CLI::OrderReissuer.new(
+          order_id: order_id, **options
+        ).create
+      end
+
+      private
+
+      def orders
+        @orders ||= order_api.all
+      end
+
+      def order_api
+        Digicert::Order
+      end
+
+      def apply_filters(orders)
+        Digicert::CLI::OrderFilterer.filter(orders, options)
+      end
+
+      def apply_ouput_flag(order)
+        options[:quiet] ? order.id : order
+      end
+
+      def display_orders_in_table(orders)
+        orders_attribtues = orders.map do |order|
+          [
+            order.id,
+            order.product_name_id,
+            order.certificate.common_name,
+            order.status,
+            order.certificate.valid_till,
+          ]
+        end
+
+        Digicert::CLI::Util.make_it_pretty(
+          rows: orders_attribtues,
+          headings: ["Id", "Product Type", "Common Name", "Status", "Expiry"],
+        )
+      end
+    end
+  end
+end

data/lib/digicert/cli/order_filterer.rb

@@ -0,0 +1,43 @@
+module Digicert
+  module CLI
+    class OrderFilterer
+      attr_reader :orders
+
+      def initialize(orders:, filters:)
+        @orders = orders
+        @status = filters.fetch(:status, nil)
+        @common_name = filters.fetch(:common_name, nil)
+        @product_type = filters.fetch(:product_type, nil)
+      end
+
+      def filter
+        orders.select {|order| apply_option_filters(order) }
+      end
+
+      def self.filter(orders, filter_options)
+        new(orders: orders, filters: filter_options).filter
+      end
+
+      private
+
+      attr_reader :status, :common_name, :product_type
+
+      def apply_option_filters(order)
+        filter_by_common_name(order) &&
+          filter_by_product_type(order) && filter_by_status(order)
+      end
+
+      def filter_by_status(order)
+        !status || status == order.status
+      end
+
+      def filter_by_common_name(order)
+        !common_name || common_name == order.certificate.common_name
+      end
+
+      def filter_by_product_type(order)
+        !product_type || product_type == order.product.name_id
+      end
+    end
+  end
+end

data/lib/digicert/cli/order_reissuer.rb

@@ -0,0 +1,26 @@
+module Digicert
+  module CLI
+    class OrderReissuer
+      attr_reader :order_id, :options
+
+      def initialize(order_id:, **options)
+        @order_id = order_id
+        @options = options
+      end
+
+      def create
+        reissue = Digicert::OrderReissuer.create(order_id: order_id)
+        apply_output_options(reissue)
+      end
+
+      private
+
+      def apply_output_options(reissue)
+        if reissue
+          request_id = reissue.requests.first.id
+          "Reissue request #{request_id} created for order - #{order_id}"
+        end
+      end
+    end
+  end
+end

data/lib/digicert/cli/util.rb

@@ -0,0 +1,16 @@
+require "terminal-table"
+
+module Digicert
+  module CLI
+    module Util
+      def self.make_it_pretty(headings:, rows:, table_wdith: 80)
+        Terminal::Table.new do |table|
+          table.headings = headings
+          table.style = { width: table_wdith }
+
+          table.rows = rows
+        end
+      end
+    end
+  end
+end

data/lib/digicert/cli/version.rb

@@ -0,0 +1,5 @@
+module Digicert
+  module CLI
+    VERSION = "0.1.0"
+  end
+end

data/lib/digicert/cli.rb

@@ -0,0 +1,20 @@
+require "optparse"
+require "digicert"
+
+require "digicert/cli/util"
+require "digicert/cli/auth"
+require "digicert/cli/command"
+
+module Digicert
+  module CLI
+    def self.start(*args)
+      command = args.shift.strip rescue help
+      subcommand = args.first.start_with?("-") ? "list" : args.shift.strip
+
+      response = Digicert::CLI::Command.run(command, subcommand, args)
+
+      $stdout.write(response)
+      $stdout.write("\n")
+    end
+  end
+end

data/spec/acceptance/order_spec.rb

@@ -0,0 +1,40 @@
+require "spec_helper"
+
+RSpec.describe "Order" do
+  describe "listing orders" do
+    it "retrieves the list of the orders" do
+      command = %w(order list -c *.ribostetest.com -p ssl_wildcard)
+
+      allow($stdout).to receive(:write)
+      allow(Digicert::Order).to receive(:all).and_return([])
+
+      Digicert::CLI.start(*command)
+
+      expect(Digicert::Order).to have_received(:all)
+    end
+  end
+
+  describe "finding an order" do
+    it "finds a specific order based on the filters params" do
+      command = %w(order find -c ribosetest.com -p -s expired)
+      allow(Digicert::CLI::Order).to receive_message_chain(:new, :find)
+
+      Digicert::CLI.start(*command)
+
+      expect(Digicert::CLI::Order.new).to have_received(:find)
+    end
+  end
+
+  describe "reissuing an order" do
+    it "reissues the order and print out the details" do
+      command = %w(order reissue --order_id 123456)
+      allow(Digicert::OrderReissuer).to receive(:create)
+
+      Digicert::CLI.start(*command)
+
+      expect(
+        Digicert::OrderReissuer,
+      ).to have_received(:create).with(order_id: "123456")
+    end
+  end
+end

data/spec/digicert/cli_spec.rb

@@ -0,0 +1,15 @@
+require "spec_helper"
+
+RSpec.describe Digicert::CLI do
+  describe ".start" do
+    it "sends run message to command handler" do
+      shell_command = %w(order find -n order_id)
+      allow(Digicert::CLI::Command).to receive(:run)
+
+      Digicert::CLI.start(*shell_command)
+
+      expect(Digicert::CLI::Command).to have_received(:run).
+        with(shell_command.shift, shell_command.shift, shell_command)
+    end
+  end
+end

data/spec/digicert/command_spec.rb

@@ -0,0 +1,16 @@
+require "spec_helper"
+
+RSpec.describe Digicert::CLI::Command do
+  describe ".run" do
+    it "runs the command through proper handler" do
+      mock_cli_order_command_messages(:new, :list)
+      Digicert::CLI::Command.run("order", "list")
+
+      expect(Digicert::CLI::Order.new).to have_received(:list)
+    end
+  end
+
+  def mock_cli_order_command_messages(*messages)
+    allow(Digicert::CLI::Order).to receive_message_chain(messages)
+  end
+end

data/spec/digicert/order_filterer_spec.rb

@@ -0,0 +1,50 @@
+require "spec_helper"
+require "digicert/cli/order_filterer"
+
+RSpec.describe Digicert::CLI::OrderFilterer do
+  describe ".filter" do
+    context "with common name filter" do
+      it "it filters the collection by common name" do
+        common_name = "digicert.com"
+
+        orders = Digicert::CLI::OrderFilterer.filter(
+          orders_double, common_name: common_name
+        )
+
+        expect(orders.count).to eq(3)
+        expect(orders.first.certificate.common_name).to eq(common_name)
+      end
+    end
+
+    context "with product type filter" do
+      it "filters the collection by product type" do
+        product_type = "ssl_plus"
+
+        orders = Digicert::CLI::OrderFilterer.filter(
+          orders_double, product_type: product_type
+        )
+
+        expect(orders.count).to eq(3)
+        expect(orders.first.product.name_id).to eq(product_type)
+      end
+    end
+
+    context "with order status filter" do
+      it "filters the collection by specified status" do
+        order_status = "needs_approval"
+
+        orders = Digicert::CLI::OrderFilterer.filter(
+          orders_double, status: order_status
+        )
+
+        expect(orders.count).to eq(2)
+        expect(orders.first.status).to eq(order_status)
+      end
+    end
+  end
+
+  def orders_double
+    stub_digicert_order_list_api
+    @orders ||= Digicert::Order.all
+  end
+end

data/spec/digicert/order_reissuer_spec.rb

@@ -0,0 +1,19 @@
+require "spec_helper"
+
+RSpec.describe Digicert::CLI::OrderReissuer do
+  describe "#create" do
+    context "with only order id passed" do
+      it "sends create message to digicert order reissuer" do
+        order_id = 123_456
+        allow(Digicert::OrderReissuer).to receive(:create)
+
+        reissuer = Digicert::CLI::OrderReissuer.new(order_id: order_id)
+        reissuer.create
+
+        expect(
+          Digicert::OrderReissuer
+        ).to have_received(:create).with(order_id: order_id)
+      end
+    end
+  end
+end

data/spec/digicert/order_spec.rb

@@ -0,0 +1,43 @@
+require "spec_helper"
+
+RSpec.describe Digicert::CLI::Order do
+  describe "#list" do
+    context "without order_id attributes" do
+      it "sends all message to digicert order interface" do
+        allow(Digicert::Order).to receive(:all).and_return([])
+
+        order = Digicert::CLI::Order.new
+        order.list
+
+        expect(Digicert::Order).to have_received(:all)
+      end
+    end
+  end
+
+  describe "#find" do
+    context "without any option" do
+      it "returns the first filtered order from digicert" do
+        common_name = "digicert.com"
+        stub_digicert_order_list_api
+
+        order = Digicert::CLI::Order.new(common_name: common_name).find
+
+        expect(order.id).not_to be_nil
+        expect(order.certificate.common_name).to eq(common_name)
+      end
+    end
+
+    context "with quiet option" do
+      it "only returns the id from the order" do
+        common_name = "digicert.com"
+        stub_digicert_order_list_api
+
+        order_id= Digicert::CLI::Order.new(
+          common_name: common_name, quiet: true
+        ).find
+
+        expect(order_id).to be_a(Integer)
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,13 @@
+require "webmock/rspec"
+require "bundler/setup"
+require "digicert/cli"
+require "digicert/rspec"
+
+RSpec.configure do |config|
+  # Enable flags like --only-failures and --next-failure
+  config.example_status_persistence_file_path = ".rspec_status"
+
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+end

metadata

@@ -0,0 +1,156 @@
+--- !ruby/object:Gem::Specification
+name: digicert-cli
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Ribose Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-05-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: terminal-table
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.14'
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: The CLI for digicert API
+email:
+- operations@ribose.com
+executables:
+- digicert
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".sample.env"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/digicert
+- bin/rspec
+- bin/setup
+- digicert-cli.gemspec
+- legacy_cli.sh
+- lib/digicert/cli.rb
+- lib/digicert/cli/auth.rb
+- lib/digicert/cli/command.rb
+- lib/digicert/cli/command/order.rb
+- lib/digicert/cli/order.rb
+- lib/digicert/cli/order_filterer.rb
+- lib/digicert/cli/order_reissuer.rb
+- lib/digicert/cli/util.rb
+- lib/digicert/cli/version.rb
+- spec/acceptance/order_spec.rb
+- spec/digicert/cli_spec.rb
+- spec/digicert/command_spec.rb
+- spec/digicert/order_filterer_spec.rb
+- spec/digicert/order_reissuer_spec.rb
+- spec/digicert/order_spec.rb
+- spec/spec_helper.rb
+homepage: https://www.ribose.com
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2
+signing_key: 
+specification_version: 4
+summary: The CLI for digicert API
+test_files: []