foreman_rh_cloud 4.0.25 → 4.0.25.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4ac06b57bc84d2c31a7a2e5ad8ec8874053bf4419f018c94b95192ba7281ccf4
-  data.tar.gz: 1e8dd2dce4252a247123e0662f6b33621fadf34e3d03a008335d1902dc7d69db
+  metadata.gz: cf14938ab96483d5b90b699ad095664ccda999db645f3d0e4b868b8e6066f268
+  data.tar.gz: 90062d9c4bf632a9d856d17e16639d6920e6a9b9d0bbad1334202041122fd19f
 SHA512:
-  metadata.gz: e7f0324f7854d483ce3c8836fcc5a70af02ed5f3f1bb64e3e1fcb68603eb4daa078b7cb7090ba4b9bcda6c4003639d5cd7265432f5d0b60b89cd5bccaf521fe3
-  data.tar.gz: f8e8b5317c59dc110e7315ba8bf665d7bdeda836e899dc81c1c7bcecdcd81a4568b0c8ad9849e69b9f74dd4cf7127ca097f234001b1492992d677d4cd5b44939
+  metadata.gz: 46eb0bfffd3853da3d4d0254756469e07f6f690166e96732bcb77a027d9cf3370cbe3d3f72e59a801cf85338fd2b2a042e45dd4a74907df3b66969a1006cb8c8
+  data.tar.gz: 1464b0f05e778e6b0a002114175b0c0a3f95b51c78af5fecd00395c42d6cd4196dffb0362724bcc62989403500e9994afe9012552e6e0ad00f0c0fe8f2e2fc5e

data/app/controllers/foreman_inventory_upload/cloud_status_controller.rb

@@ -0,0 +1,26 @@
+module ForemanInventoryUpload
+  class CloudStatusController < ::ApplicationController
+    def index
+      organizations = User.current.my_organizations
+
+      ping_service = ForemanRhCloud::CloudPingService.new(organizations, logger)
+      ping_result = ping_service.ping
+      ping_result[:cert_auth] =  ping_result[:cert_auth].map do |org, status_hash|
+        status_hash.merge(
+          {
+            org_id: org.id,
+            org_name: org.name,
+          }
+        )
+      end
+
+      render json: {
+        ping: ping_result,
+      }, status: :ok
+    end
+
+    def logger
+      Foreman::Logging.logger('app')
+    end
+  end
+end

data/app/controllers/insights_cloud/api/machine_telemetries_controller.rb

@@ -49,13 +49,19 @@ module InsightsCloud::Api
     private
 
     def ensure_telemetry_enabled_for_consumer
-      render_message 'Telemetry is not enabled for your organization', :status => 403 unless telemetry_config
+      unless (config = telemetry_config(@host))
+        logger.debug("Rejected telemetry forwarding for host #{@host.name}, insights param is set to: #{config}")
+        render_message 'Telemetry is not enabled for this host', :status => 403
+      end
+      config
     end
 
-    def telemetry_config
-      ::RedhatAccess::TelemetryConfiguration.find_or_create_by(:organization_id => @organization.id) do |conf|
-        conf.enable_telemetry = true
+    def telemetry_config(host)
+      param_value = nil
+      User.as_anonymous_admin do
+        param_value = host.host_param(InsightsCloud.enable_client_param)
       end
+      param_value
     end
 
     def cert_uuid

data/app/controllers/insights_cloud/hits_controller.rb

@@ -9,7 +9,6 @@ module InsightsCloud
         hasToken: !Setting[:rh_cloud_token].empty?,
         hits: hits.map { |hit| hit.attributes.merge(hostname: hit.host&.name, has_playbook: hit.has_playbook?) },
         itemCount: hits.count,
-        isExperimentalMode: Setting[:lab_features],
       }, status: :ok
     end
 

data/app/services/foreman_rh_cloud/cloud_ping_service.rb

@@ -0,0 +1,83 @@
+require 'rest-client'
+
+module ForemanRhCloud
+  class CloudPingService
+    class TokenPing
+      include ForemanRhCloud::CloudAuth
+
+      attr_accessor :logger
+
+      def initialize(logger)
+        @logger = logger
+      end
+
+      def ping
+        execute_cloud_request(
+          method: :get,
+          url: ForemanRhCloud.base_url + "/api/inventory/v1/hosts?per_page=1",
+          headers: {
+            content_type: :json,
+          }
+        )
+      rescue StandardError => ex
+        ex
+      end
+    end
+
+    class CertPing
+      include ForemanRhCloud::CloudRequest
+      include InsightsCloud::CandlepinCache
+
+      attr_accessor :logger
+
+      def initialize(org, logger)
+        @org = org
+        @logger = logger
+      end
+
+      def ping
+        certs = candlepin_id_cert(@org)
+        return StandardError.new('certificate missing') unless certs
+
+        execute_cloud_request(
+          method: :get,
+          url: ForemanRhCloud.cert_base_url + "/api/apicast-tests/ping",
+          headers: {
+            content_type: :json,
+          },
+          ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
+          ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key])
+        )
+      rescue StandardError => ex
+        ex
+      end
+    end
+
+    def initialize(organizations, logger)
+      @organizations = organizations
+      @logger = logger
+    end
+
+    def ping
+      token_response = TokenPing.new(@logger).ping
+      {
+        token_auth: {
+          success: token_response.is_a?(RestClient::Response),
+          error: (token_response.is_a?(Exception) ? token_response.inspect : nil),
+        },
+        cert_auth: Hash[
+          @organizations.map do |org|
+            cert_response = CertPing.new(org, @logger).ping
+            [
+              org,
+              {
+                success: cert_response.is_a?(RestClient::Response),
+                error: (cert_response.is_a?(Exception) ? cert_response.inspect : nil),
+              },
+            ]
+          end
+        ],
+      }
+    end
+  end
+end

data/app/services/foreman_rh_cloud/cloud_request_forwarder.rb

@@ -67,7 +67,7 @@ module ForemanRhCloud
           url: ForemanRhCloud.legacy_insights_url + request_path.sub('/redhat_access/r/insights', '/r/insights'),
           ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
           ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key]),
-          ssl_ca_file: Class.new.include(RedhatAccess::Telemetry::LookUps).new.get_default_ssl_ca_file,
+          ssl_ca_file: ForemanRhCloud.legacy_insights_ca,
         }
       end
     end

data/config/Gemfile.lock.gh_test

@@ -4,7 +4,6 @@ PATH
     foreman_rh_cloud (3.0.15)
       foreman_ansible
       katello
-      redhat_access
 
 PATH
   remote: ../katello
@@ -541,13 +540,6 @@ GEM
     rdoc (6.3.0)
     record_tag_helper (1.0.1)
       actionview (>= 5)
-    redhat_access (2.2.18)
-      angular-rails-templates (>= 0.0.4)
-      foreman-tasks
-      katello
-      redhat_access_lib (>= 1.1.5)
-    redhat_access_lib (1.1.5)
-      rest-client (>= 1.6.3)
     redis (4.1.4)
     regexp_parser (1.8.2)
     representable (3.0.4)

data/config/rh_cert-api_chain.pem

@@ -0,0 +1,74 @@
+-----BEGIN CERTIFICATE-----
+MIIHZDCCBUygAwIBAgIJAOb+QiglyeZeMA0GCSqGSIb3DQEBBQUAMIGwMQswCQYD
+VQQGEwJVUzEXMBUGA1UECAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVp
+Z2gxFjAUBgNVBAoMDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsMD1JlZCBIYXQgTmV0
+d29yazEeMBwGA1UEAwwVRW50aXRsZW1lbnQgTWFzdGVyIENBMSQwIgYJKoZIhvcN
+AQkBFhVjYS1zdXBwb3J0QHJlZGhhdC5jb20wHhcNMTAwMzE3MTkwMDQ0WhcNMzAw
+MzEyMTkwMDQ0WjCBsDELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9s
+aW5hMRAwDgYDVQQHDAdSYWxlaWdoMRYwFAYDVQQKDA1SZWQgSGF0LCBJbmMuMRgw
+FgYDVQQLDA9SZWQgSGF0IE5ldHdvcmsxHjAcBgNVBAMMFUVudGl0bGVtZW50IE1h
+c3RlciBDQTEkMCIGCSqGSIb3DQEJARYVY2Etc3VwcG9ydEByZWRoYXQuY29tMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2Z+mW7OYcBcGxWS+RSKG2GJ2
+csMXiGGfEp36vKVsIvypmNS60SkicKENMYREalbdSjrgfXxPJygZWsVWJ5lHPfBV
+o3WkFrFHTIXd/R6LxnaHD1m8Cx3GwEeuSlE/ASjc1ePtMnsHH7xqZ9wdl85b1C8O
+scgO7fwuM192kvv/veI/BogIqUQugtG6szXpV8dp4ml029LXFoNIy2lfFoa2wKYw
+MiUHwtYgAz7TDY63e8qGhd5PoqTv9XKQogo2ze9sF9y/npZjliNy5qf6bFE+24oW
+E8pGsp3zqz8h5mvw4v+tfIx5uj7dwjDteFrrWD1tcT7UmNrBDWXjKMG81zchq3h4
+etgF0iwMHEuYuixiJWNzKrLNVQbDmcLGNOvyJfq60tM8AUAd72OUQzivBegnWMit
+CLcT5viCT1AIkYXt7l5zc/duQWLeAAR2FmpZFylSukknzzeiZpPclRziYTboDYHq
+revM97eER1xsfoSYp4mJkBHfdlqMnf3CWPcNgru8NbEPeUGMI6+C0YvknPlqDDtU
+ojfl4qNdf6nWL+YNXpR1YGKgWGWgTU6uaG8Sc6qGfAoLHh6oGwbuz102j84OgjAJ
+DGv/S86svmZWSqZ5UoJOIEqFYrONcOSgztZ5tU+gP4fwRIkTRbTEWSgudVREOXhs
+bfN1YGP7HYvS0OiBKZUCAwEAAaOCAX0wggF5MB0GA1UdDgQWBBSIS6ZFxEbsj9bP
+pvYazyY8kMx/FzCB5QYDVR0jBIHdMIHagBSIS6ZFxEbsj9bPpvYazyY8kMx/F6GB
+tqSBszCBsDELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRAw
+DgYDVQQHDAdSYWxlaWdoMRYwFAYDVQQKDA1SZWQgSGF0LCBJbmMuMRgwFgYDVQQL
+DA9SZWQgSGF0IE5ldHdvcmsxHjAcBgNVBAMMFUVudGl0bGVtZW50IE1hc3RlciBD
+QTEkMCIGCSqGSIb3DQEJARYVY2Etc3VwcG9ydEByZWRoYXQuY29tggkA5v5CKCXJ
+5l4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEG
+MCAGA1UdEQQZMBeBFWNhLXN1cHBvcnRAcmVkaGF0LmNvbTAgBgNVHRIEGTAXgRVj
+YS1zdXBwb3J0QHJlZGhhdC5jb20wDQYJKoZIhvcNAQEFBQADggIBAJ1hEdNBDTRr
+6kI6W6stoogSUwjuiWPDY8DptwGhdpyIfbCoxvBR7F52DlwyXOpCunogfKMRklnE
+gH1Wt66RYkgNuJcenKHAhR5xgSLoPCOVF9rDjMunyyBuxjIbctM21R7BswVpsEIE
+OpV5nlJ6wkHsrn0/E+Zk5UJdCzM+Fp4hqHtEn/c97nvRspQcpWeDg6oUvaJSZTGM
+8yFpzR90X8ZO4rOgpoERukvYutUfJUzZuDyS3LLc6ysamemH93rZXr52zc4B+C9G
+Em8zemDgIPaH42ce3C3TdVysiq/yk+ir7pxW8toeavFv75l1UojFSjND+Q2AlNQn
+pYkmRznbD5TZ3yDuPFQG2xYKnMPACepGgKZPyErtOIljQKCdgcvb9EqNdZaJFz1+
+/iWKYBL077Y0CKwb+HGIDeYdzrYxbEd95YuVU0aStnf2Yii2tLcpQtK9cC2+DXjL
+Yf3kQs4xzH4ZejhG9wzv8PGXOS8wHYnfVNA3+fclDEQ1mEBKWHHmenGI6QKZUP8f
+g0SQ3PNRnSZu8R+rhABOEuVFIBRlaYijg2Pxe0NgL9FlHsNyRfo6EUrB2QFRKACW
+3Mo6pZyDjQt7O8J7l9B9IIURoJ1niwygf7VSJTMl2w3fFleNJlZTGgdXw0V+5g+9
+Kg6Ay0rrsi4nw1JHue2GvdjdfVOaWSWC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA2WgAwIBAgIJAJGKz8qFAAADMA0GCSqGSIb3DQEBBQUAMIGwMQswCQYD
+VQQGEwJVUzEXMBUGA1UECAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVp
+Z2gxFjAUBgNVBAoMDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsMD1JlZCBIYXQgTmV0
+d29yazEeMBwGA1UEAwwVRW50aXRsZW1lbnQgTWFzdGVyIENBMSQwIgYJKoZIhvcN
+AQkBFhVjYS1zdXBwb3J0QHJlZGhhdC5jb20wHhcNMTUwNTA1MTMwMzQ4WhcNMjUw
+NTAyMTMwMzQ4WjCBiTELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5PUlRIIENBUk9M
+SU5BMRAwDgYDVQQHEwdSYWxlaWdoMRAwDgYDVQQKEwdSZWQgSGF0MRgwFgYDVQQL
+Ew9SZWQgSGF0IE5ldHdvcmsxIzAhBgNVBAMTGmNlcnQtYXBpLmFjY2Vzcy5yZWRo
+YXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9hTNMtZMa7Kg
+Jlux6pnuUinP0Rv0aiiPFr7qNHFore4loGrPlpzUvQbUByy3xm7lhf4R4qbINCls
+veWg6HDidvQr174RXb5YLMXuBrYAiPWQTrRRLNuvXFHKzREghRWTv48IXTIDEo0G
+fZJUO+myY2RfwqugZKic5dR6ZakHSSpQO70O6H5R0eHlKa13k4eEpG2fVY/xqFto
+WkfZyEmSacZpqxp7gIjZqreLc4MFwpiVjGFrK3Jk+Px1Z6J94LTLx2SxrYzWIeUs
+5j+lceQOvpV4/pkClnRCW1pkCKTccjFKQkpNPGwdIusRXUGl9IYc20Fa/7g9iUQc
+5fXu9EAzfwIDAQABo4G+MIG7MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA
+MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAKBggrBgEFBQcDATA5BglghkgBhvhCAQ0E
+LBYqTWFuYWdlZCBieSBSZWQgSGF0IChjYS1zdXBwb3J0QHJlZGhhdC5jb20pMB0G
+A1UdDgQWBBRfgCjd8aXf0U4VX8DKTVIn+paGBzAfBgNVHSMEGDAWgBSIS6ZFxEbs
+j9bPpvYazyY8kMx/FzANBgkqhkiG9w0BAQUFAAOCAgEAlC+r6UEEp5BUkI0Rj2T+
+1PH7oUCaGQeQoyVbGddz/WUcBk/lMMtyCEoxU+3tTwNWmCWWjYXtjoL9MlSAC/q+
+NZfBi1iq0uuSus9JI/Uu8aRhoxTK56qGRed/JNixOHEmFn891cahIPpF0exWwtYD
+ThwXo7Z6PI7t8EMKdSrGTOowp58yho8xYFL/Z7JmjL55Pf85GIrdiniNZd4i178J
+07R9zsiLvdXq9mT33iJwkm+uhO+FA9d8OE3ji21pBbGUAQSWOdkemvUCsy8zANW9
+fT+dBrMr5Buk7eaBBJ2PxECNiWLCRQJWmyff1O5zMT0daS2lBdEGUNhBZ0hnX13Q
+kabUp0bxRrNRq+WkomP7onZhfZS6SjKm0UmwoV6o3V1ED6y7muQNRmgDpA5PcbvO
+gl7OexNL4zcpyfMdAmTYf5yTRSvB42Yg5hVfuzPEnOIqupwES3mWkEHRlqbMUkHw
+qIQAxIwQqZd5PdPpElQ/6j/ZT9DwW/I6zgndX2rsS0oGYcwFTkSj0/rKKkC13hk7
+LchXMZu5ckdustM79U6OZIBairrJaL2OpR08un2nwIjgEGqhVFYc44UK1VpkE8mr
+qvqJS6OHVlTlKcEDnhVkPS3i5qjuS/PtSq0CwH8bzYKFJayLDY/z36Zv6PdttzmU
+Yb1NSDcJejHJ80pMINutyYQ=
+-----END CERTIFICATE-----

data/config/routes.rb

@@ -11,6 +11,8 @@ Rails.application.routes.draw do
     post 'cloud_connector', to: 'uploads#enable_cloud_connector'
 
     resources :tasks, only: [:create, :show]
+
+    get 'status', to: 'cloud_status#index'
   end
 
   namespace :insights_cloud do

data/lib/foreman_inventory_upload/generators/queries.rb

@@ -45,26 +45,10 @@ module ForemanInventoryUpload
           )
       end
 
-      def self.for_report(portal_user)
-        org_ids = organizations_for_user(portal_user).pluck(:id)
-        for_org(org_ids)
-      end
-
       def self.for_org(organization_id, use_batches: true)
         base_query = for_slice(Host.unscoped.where(organization_id: organization_id))
         use_batches ? base_query.in_batches(of: ForemanInventoryUpload.slice_size) : base_query
       end
-
-      def self.organizations_for_user(portal_user)
-        Organization
-          .joins(:telemetry_configuration)
-          .where(
-            redhat_access_telemetry_configurations: {
-              portal_user: portal_user,
-              enable_telemetry: true,
-            }
-          )
-      end
     end
   end
 end

data/lib/foreman_rh_cloud.rb

@@ -100,4 +100,8 @@ module ForemanRhCloud
   def self.foreman_host
     @foreman_host ||= ::Host.unscoped.friendly.find(ENV['SATELLITE_RH_CLOUD_FOREMAN_HOST'] || ::SmartProxy.default_capsule.name)
   end
+
+  def self.legacy_insights_ca
+    "#{ForemanRhCloud::Engine.root}/config/rh_cert-api_chain.pem"
+  end
 end

data/lib/foreman_rh_cloud/engine.rb

@@ -1,5 +1,4 @@
 require 'katello'
-require 'redhat_access'
 require 'foreman_ansible'
 
 module ForemanRhCloud

data/lib/foreman_rh_cloud/version.rb

@@ -1,3 +1,3 @@
 module ForemanRhCloud
-  VERSION = '4.0.25'.freeze
+  VERSION = '4.0.25.1'.freeze
 end

data/lib/insights_cloud.rb

@@ -28,4 +28,8 @@ module InsightsCloud
   def self.remediation_rule_id(rule_id)
     "advisor:#{rule_id}"
   end
+
+  def self.enable_client_param
+    'host_registration_insights'
+  end
 end

data/lib/tasks/rh_cloud_inventory.rake

@@ -19,7 +19,6 @@ namespace :rh_cloud_inventory do
     end
     desc 'Generate inventory report to be sent to Red Hat cloud'
     task generate: :environment do
-      portal_user = ENV['portal_user']
       organizations = [ENV['organization_id']]
       base_folder = ENV['target'] || Dir.pwd
 
@@ -29,18 +28,12 @@ namespace :rh_cloud_inventory do
         puts "Using #{base_folder} for the output"
       end
 
-      if portal_user.empty? && organizations.empty?
-        puts "Must specify either portal_user or organization_id"
+      if organizations.empty?
+        puts "Must specify organization_id"
         return
       end
 
       User.as_anonymous_admin do
-        if portal_user
-          puts "Generating report for all organizations associated with #{portal_user}"
-          base_folder = File.join(base_folder, portal_user)
-          organizations = ForemanInventoryUpload::Generators::Queries.organizations_for_user(portal_user).pluck(:id)
-        end
-
         organizations.each do |organization|
           target = File.join(base_folder, ForemanInventoryUpload.facts_archive_name(organization))
           archived_report_generator = ForemanInventoryUpload::Generators::ArchivedReport.new(target, Logger.new(STDOUT))

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "foreman_rh_cloud",
-  "version": "4.0.25",
+  "version": "4.0.25.1",
   "description": "Inventory Upload =============",
   "main": "index.js",
   "scripts": {
@@ -45,4 +45,4 @@
     "jed": "~1.1.1",
     "react-intl": "~2.8.0"
   }
-}
+}

data/test/controllers/insights_cloud/api/machine_telemetries_controller_test.rb

@@ -2,6 +2,10 @@ require 'test_plugin_helper'
 
 module InsightsCloud::Api
   class MachineTelemetriesControllerTest < ActionController::TestCase
+    setup do
+      FactoryBot.create(:common_parameter, name: InsightsCloud.enable_client_param, key_type: 'boolean', value: true)
+    end
+
     context '#forward_request' do
       setup do
         @body = 'Cloud response body'

data/test/controllers/inventory_upload/cloud_status_controller_test.rb

@@ -0,0 +1,44 @@
+require 'test_plugin_helper'
+
+class CloudStatusControllerTest < ActionController::TestCase
+  include MockCerts
+  tests ForemanInventoryUpload::CloudStatusController
+
+  test 'return ping status hash for each organization' do
+    organizations = FactoryBot.create_list(:organization, 2)
+    user = users(:admin)
+    User.stubs(:current).returns(user)
+    user.stubs(:my_organizations).returns(organizations)
+
+    ForemanRhCloud::CloudPingService::TokenPing.any_instance.expects(:execute_cloud_request).returns(
+      RestClient::Response.new('TEST RESPONSE')
+    )
+
+    setup_certs_expectation do
+      ForemanRhCloud::CloudPingService::CertPing.any_instance.expects(:candlepin_id_cert).with { |actual| actual.id == organizations[0].id }
+    end
+    ForemanRhCloud::CloudPingService::CertPing.any_instance.expects(:execute_cloud_request).returns(
+      RestClient::Response.new('TEST RESPONSE ORG 0')
+    )
+
+    setup_certs_expectation do
+      ForemanRhCloud::CloudPingService::CertPing.any_instance.expects(:candlepin_id_cert).with { |actual| actual.id == organizations[1].id }
+    end
+
+    ForemanRhCloud::CloudPingService::CertPing.any_instance.expects(:execute_cloud_request).returns(
+      RestClient::Response.new('TEST RESPONSE ORG 1')
+    )
+
+    get :index, session: set_session_user
+
+    assert_response :success
+    actual = JSON.parse(response.body)
+    assert_not_nil (actual_ping = actual['ping'])
+    assert actual_ping['token_auth']['success']
+    assert_nil actual_ping['token_auth']['error']
+    assert actual_ping['cert_auth'][0]['success']
+    assert_nil actual_ping['cert_auth'][0]['error']
+    assert actual_ping['cert_auth'][1]['success']
+    assert_nil actual_ping['cert_auth'][1]['error']
+  end
+end

data/test/test_plugin_helper.rb

@@ -38,3 +38,56 @@ module KatelloLocationFix
     end
   end
 end
+
+module MockCerts
+  extend ActiveSupport::Concern
+
+  def test_certificate
+    @test_certificate ||= "-----BEGIN CERTIFICATE-----\r\n" +
+      "MIIFdDCCA1ygAwIBAgIJAM5Uqykb3EAtMA0GCSqGSIb3DQEBCwUAME8xCzAJBgNV\r\n" +
+      "BAYTAklMMREwDwYDVQQIDAhUZWwgQXZpdjEUMBIGA1UECgwLVGhlIEZvcmVtYW4x\r\n" +
+      "FzAVBgNVBAMMDnRoZWZvcmVtYW4ub3JnMB4XDTE4MDMyNDEyMzYyOFoXDTI4MDMy\r\n" +
+      "MTEyMzYyOFowTzELMAkGA1UEBhMCSUwxETAPBgNVBAgMCFRlbCBBdml2MRQwEgYD\r\n" +
+      "VQQKDAtUaGUgRm9yZW1hbjEXMBUGA1UEAwwOdGhlZm9yZW1hbi5vcmcwggIiMA0G\r\n" +
+      "CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDF04/s4h+BgHPG1HDZ/sDlYq925pkc\r\n" +
+      "RTVAfnE2EXDAmZ6W4Q9ueDY65MHe3ZWO5Dg72kNSP2sK9kRI7Dk5CAFOgyw1rH8t\r\n" +
+      "Hd1+0xp/lv6e4SvSYghxIL68vFe0ftKkm1usqejBM5ZTgKr7JCI+XSIN36F65Kde\r\n" +
+      "c+vxwBnayuhP04r9/aaE/709SXML4eRVYW8I3qFy9FPtUOm+bY8U2PIv5fHayqbG\r\n" +
+      "cL/4t3+MCtMhHJsLzdBXya+1P5t+HcKjUNlmwoUF961YAktVuEFloGd0RMRlqF3/\r\n" +
+      "itU3QNlXgA5QBIciE5VPr/PiqgMC3zgd5avjF4OribZ+N9AATLiQMW78il5wSfcc\r\n" +
+      "kQjU9ChOLrzku455vQ8KE4bc0qvpCWGfUah6MvL9JB+TQkRl/8kxl0b9ZinIvJDH\r\n" +
+      "ynVMb4cB/TDEjrjOfzn9mWLH0ZJqjmc2bER/G12WQxOaYLxdVwRStD3Yh6PtiFWu\r\n" +
+      "sXOk19UOTVkeuvGFVtvzLfEwQ1lDEo7+VBQz8FG/HBu2Hpq3IwCFrHuicikwjQJk\r\n" +
+      "nfturgD0rBOKEc1qWNZRCvovYOLL6ihvv5Orujsx5ZCHOAtnVNxkvIlFt2RS45LF\r\n" +
+      "MtPJyhAc6SjitllfUEirxprsbmeSZqrIfzcGaEhgOSnyik1WMv6bYiqPfBg8Fzjh\r\n" +
+      "vOCbtiDNPmvgOwIDAQABo1MwUTAdBgNVHQ4EFgQUtkAgQopsTtG9zSG3MgW2IxHD\r\n" +
+      "MDwwHwYDVR0jBBgwFoAUtkAgQopsTtG9zSG3MgW2IxHDMDwwDwYDVR0TAQH/BAUw\r\n" +
+      "AwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAJq7iN+ZroRBweNhvUobxs75bLIV6tNn1\r\n" +
+      "MdNHDRA+hezwf+gxHZhFyaAHfTpst2/9leK5Qe5Zd6gZLr3E5/8ppQuRod72H39B\r\n" +
+      "vxMlG5zxDss0WMo3vZeKZbTY6QhXi/lY2IZ6OGV4feSvCsYxn27GTjjrRUSLFeHH\r\n" +
+      "JVemCwCDMavaE3+OIY4v2P4FcG+MjUvfOB9ahI24TWL7YgrsNVmJjCILq+EeUj0t\r\n" +
+      "Gde1SXVyLkqt7PoxHRJAE0BCEMJSnjxaVB329acJgeehBUxjj4CCPqtDxtbz9HEH\r\n" +
+      "mOKfNdaKpFor+DUeEKUWVGnr9U9xOaC+Ws+oX7MIEUCDM7p2ob4JwcjnFs1jZgHh\r\n" +
+      "Hwig+i7doTlc701PvKWO96fuNHK3B3/jTb1fVvSZ49O/RvY1VWODdUdxWmXGHNh3\r\n" +
+      "LoR8tSPEb46lC2DXGaIQumqQt8PnBG+vL1qkQa1SGTV7dJ8TTbxbv0S+sS+igkk9\r\n" +
+      "zsIEK8Ea3Ep935cXximz0faAAKHSA+It+xHLAyDtqy2KaAEBgGsBuuWlUfK6TaP3\r\n" +
+      "Gwdjct3y4yYUO45lUsUfHqX8vk/4ttW5zYeDiW+HArJz+9VUXNbEdury4kGuHgBj\r\n" +
+      "xHD4Bsul65+hHZ9QywKU26F1A6TLkYpQ2rk/Dx9LGICM4m4IlHjWJPFsQdtkyOor\r\n" +
+      "osxMtcaZZ1E=\r\n" +
+      "-----END CERTIFICATE-----"
+  end
+
+  def generate_certs_hash
+    {
+      cert: test_certificate,
+      key: OpenSSL::PKey::RSA.new(1024).to_pem,
+    }
+  end
+
+  def setup_certs_expectation
+    expectation = yield
+    expectation.returns(
+      generate_certs_hash
+    )
+  end
+end