spec/http_spec.rb in r509-ca-http-0.2.1 vs spec/http_spec.rb in r509-ca-http-0.2.2

@@ -131,9 +131,41 @@
 
       post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"]
       last_response.should be_ok
       last_response.body.should == "signed cert"
     end
+    it "issues a CSR with dNSNames" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      general_names = double("general names")
+      R509::ASN1::GeneralNames.should_receive(:new).and_return(general_names)
+      general_names.should_receive(:create_item).with(:tag => 2, :value => "domain1.com")
+      general_names.should_receive(:create_item).with(:tag => 2, :value => "domain2.com")
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => general_names, :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
+
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[dNSNames][]" => ["domain1.com","domain2.com"]
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
+    it "issues a CSR with both SAN names and dNSNames provided (and ignore the dNSNames)" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => ["domain1.com", "domain2.com"], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
+
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"], "extensions[dNSNames][]" => ["domain3.com", "domain4.com"]
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
     it "issues an SPKI without SAN extensions" do
       @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
       subject = R509::Subject.new [["CN", "domain.com"]]
       @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
       spki = double("spki")