SSL for ELB mocking.

2022-11-09 13:51:43 -05:00 · 2011-07-07 17:53:25 -07:00 · 2011-07-07 17:53:25 -07:00 · b320294c30
commit b320294c30
parent 98961be7fc
3 changed files with 37 additions and 2 deletions
--- a/lib/fog/aws/requests/elb/create_load_balancer.rb
+++ b/lib/fog/aws/requests/elb/create_load_balancer.rb
@ -57,6 +57,17 @@ module Fog

          raise Fog::AWS::ELB::IdentifierTaken if self.data[:load_balancers].has_key? lb_name

+          certificate_ids = ::AWS[:iam].list_server_certificates.body['Certificates'].collect { |c| c['ServerCertificateId'] }
+
+          listeners = [*listeners].map do |listener|
+            if listener['SSLCertificateId'] and !certificate_ids.include? listener['SSLCertificateId']
+              response.status = 400
+              response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>CertificateNotFound</Code><Message>The specified SSL ID does not refer to a valid SSL certificate in the AWS Identity and Access Management Service..</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestId></Response>"
+              raise Excon::Errors.status_error({:expects => 200}, response)
+            end
+            {'Listener' => listener, 'PolicyNames' => []}
+          end
+
          dns_name = Fog::AWS::ELB::Mock.dns_name(lb_name, @region)
          self.data[:load_balancers][lb_name] = {
            'AvailabilityZones' => availability_zones,
@ -72,7 +83,7 @@ module Fog
              'Target' => 'TCP:80'
            },
            'Instances' => [],
-            'ListenerDescriptions' => [*listeners].map { |listener| {'Listener' => listener, 'PolicyNames' => []}},
+            'ListenerDescriptions' => listeners,
            'LoadBalancerName' => lb_name,
            'Policies' => {
              'LBCookieStickinessPolicies' => [],
--- a/lib/fog/aws/requests/elb/create_load_balancer_listeners.rb
+++ b/lib/fog/aws/requests/elb/create_load_balancer_listeners.rb
@ -51,12 +51,19 @@ module Fog
        def create_load_balancer_listeners(lb_name, listeners)
          if load_balancer = self.data[:load_balancers][lb_name]
            response = Excon::Response.new
-            response.status = 200
+
+            certificate_ids = ::AWS[:iam].list_server_certificates.body['Certificates'].collect { |c| c['ServerCertificateId'] }

            listeners.each do |listener|
+              if listener['SSLCertificateId'] and !certificate_ids.include? listener['SSLCertificateId']
+                response.status = 400
+                response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>CertificateNotFound</Code><Message>The specified SSL ID does not refer to a valid SSL certificate in the AWS Identity and Access Management Service..</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestId></Response>"
+                raise Excon::Errors.status_error({:expects => 200}, response)
+              end
              load_balancer['ListenerDescriptions'] << {'Listener' => listener, 'PolicyNames' => []}
            end

+            response.status = 200
            response.body = {
              'ResponseMetadata' => {
                'RequestId' => Fog::AWS::Mock.request_id
--- a/tests/aws/requests/elb/listener_tests.rb
+++ b/tests/aws/requests/elb/listener_tests.rb
@ -1,8 +1,10 @@
 Shindo.tests('AWS::ELB | listener_tests', ['aws', 'elb']) do
  @load_balancer_id = 'fog-test-listener'
+  @key_name = 'fog-test'

  tests('success') do
    AWS[:elb].create_load_balancer(['us-east-1a'], @load_balancer_id, [{'LoadBalancerPort' => 80, 'InstancePort' => 80, 'Protocol' => 'HTTP'}])
+    @certificate = AWS[:iam].upload_server_certificate(AWS::IAM::SERVER_CERT_PUBLIC_KEY, AWS::IAM::SERVER_CERT_PRIVATE_KEY, @key_name).body['Certificate']

    tests("#create_load_balancer_listeners").formats(AWS::ELB::Formats::BASIC) do
      listeners = [
@ -17,6 +19,21 @@ Shindo.tests('AWS::ELB | listener_tests', ['aws', 'elb']) do
      AWS[:elb].delete_load_balancer_listeners(@load_balancer_id, ports).body
    end

+    tests("#create_load_balancer_listeners with SSL certificate").formats(AWS::ELB::Formats::BASIC) do
+      listeners = [
+        {'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => @certificate['ServerCertificateId']},
+      ]
+      AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners).body
+    end
+
+    tests("#create_load_balancer_listeners with non-existant SSL certificate") do
+      listeners = [
+        {'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => 'non-existant'},
+      ]
+      raises(Excon::Errors::BadRequest) { AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners) }
+    end
+
+    AWS[:iam].delete_server_certificate(@key_name)
    AWS[:elb].delete_load_balancer(@load_balancer_id)
  end
 end