UI/Fix parsing CRL in PKI engine (#13913)

* fix parsing of CRLs * removes tests * update comment

UI/Fix parsing CRL in PKI engine (#13913)
* fix parsing of CRLs * removes tests * update comment
9b782bbd · claire bontempo · GitHub · 9e4c63e7 · 9b782bbd · 9b782bbd
Unverified Commit 9b782bbd authored 3 years ago by claire bontempo Committed by GitHub 3 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 4 additions and 21 deletions
+4 -21
--- a/ui/app/helpers/parse-pki-cert.js
+++ b/ui/app/helpers/parse-pki-cert.js
@@ -5,7 +5,8 @@ import { Certificate } from 'pkijs';

 export function parsePkiCert([model]) {
  // model has to be the responseJSON from PKI serializer
-  if (!model.certificate) {
+  // return if no certificate or if the "certificate" is actually a CRL
+  if (!model.certificate || model.certificate.includes('BEGIN X509 CRL')) {
    return;
  }
  let cert;
@@ -15,7 +16,7 @@ export function parsePkiCert([model]) {
    let cert_asn1 = asn1js.fromBER(stringToArrayBuffer(cert_der));
    cert = new Certificate({ schema: cert_asn1.result });
  } catch (error) {
-    console.log('Error parsing certificate:', error, model.certificate);
+    console.debug('DEBUG: Parsing Certificate', error);
    return {
      can_parse: false,
    };

--- a/ui/app/serializers/pki-certificate.js
+++ b/ui/app/serializers/pki-certificate.js
@@ -43,7 +43,7 @@ export default RESTSerializer.extend({
    const responseJSON = this.normalizeItems(payload);
    const { modelName } = primaryModelClass;
    let transformedPayload, certMetadata;
-    // hits cert/list endpoint first which returns an array, only want to parse if response is not an array
+    // hits cert/list endpoint first which returns an array of keys, only want to parse if response contains certificates
    if (!Array.isArray(responseJSON)) {
      certMetadata = parsePkiCert([responseJSON]);
      transformedPayload = { [modelName]: { ...certMetadata, ...responseJSON } };

--- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js
+++ b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js
@@ -94,17 +94,6 @@ BXUV2Uwtxf+QCphnlht9muX2fsLIzDJea0JipWj1uf2H8OZsjE8=
    );
  });

-  test('EC cert config: generate', async function (assert) {
-    await mountAndNav(assert);
-    await settled();
-    assert.equal(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section');
-
-    await page.form.generateCAKeyTypeEC();
-    await settled();
-
-    assert.dom('[data-test-warning]').exists('Info banner renders when unable to parse certificate metadata');
-  });
-
  test('cert config: upload', async function (assert) {
    await mountAndNav(assert);
    await settled();

--- a/ui/tests/pages/components/config-pki-ca.js
+++ b/ui/tests/pages/components/config-pki-ca.js
@@ -32,9 +32,6 @@ export default {
  enterCertAsText: clickable('[data-test-text-toggle]'),
  pemBundle: fillable('[data-test-text-file-textarea]'),
  commonName: fillable('[data-test-input="commonName"]'),
-  toggleOptions: clickable('[data-test-toggle-group="Options"]'),
-  keyType: fillable('[data-test-input="keyType"]'),
-  keyBits: fillable('[data-test-input="keyBits"]'),

  issueDateIsPresent: text('[data-test-row-value="Issue date"]'),
  expiryDateIsPresent: text('[data-test-row-value="Expiration date"]'),
@@ -46,10 +43,6 @@ export default {
    return await this.replaceCA().commonName(commonName).submit();
  },

-  async generateCAKeyTypeEC(commonName = 'PKI CA EC') {
-    return await this.replaceCA().commonName(commonName).toggleOptions().keyType('ec').keyBits(256).submit();
-  },
-
  async uploadCA(pem) {
    return await this.replaceCA().uploadCert().enterCertAsText().pemBundle(pem).submit();
  },