Merge pull request #859 from letsencrypt/report_success

Report cert issuance to the user

letsencrypt/account.py

@@ -92,13 +92,13 @@ def report_new_account(acc, config):
         "contain certificates and private keys obtained by Let's Encrypt "
         "so making regular backups of this folder is ideal.".format(
             config.config_dir),
-        reporter.MEDIUM_PRIORITY, True)
+        reporter.MEDIUM_PRIORITY)
 
     if acc.regr.body.emails:
         recovery_msg = ("If you lose your account credentials, you can "
                         "recover through e-mails sent to {0}.".format(
                             ", ".join(acc.regr.body.emails)))
-        reporter.add_message(recovery_msg, reporter.HIGH_PRIORITY, True)
+        reporter.add_message(recovery_msg, reporter.HIGH_PRIORITY)
 
 
 class AccountMemoryStorage(interfaces.AccountStorage):

letsencrypt/auth_handler.py

@@ -531,7 +531,7 @@ def _report_failed_challs(failed_achalls):
     reporter = zope.component.getUtility(interfaces.IReporter)
     for achalls in problems.itervalues():
         reporter.add_message(
-            _generate_failed_chall_msg(achalls), reporter.MEDIUM_PRIORITY, True)
+            _generate_failed_chall_msg(achalls), reporter.MEDIUM_PRIORITY)
 
 
 def _generate_failed_chall_msg(failed_achalls):

letsencrypt/cli.py

@@ -267,6 +267,14 @@ def _treat_as_renewal(config, domains):
     return None
 
 
+def _report_new_cert(cert_path):
+    """Reports the creation of a new certificate to the user."""
+    reporter_util = zope.component.getUtility(interfaces.IReporter)
+    reporter_util.add_message("Congratulations! Your certificate has been "
+                              "saved at {0}.".format(cert_path),
+                              reporter_util.MEDIUM_PRIORITY)
+
+
 def _auth_from_domains(le_client, config, domains, plugins):
     """Authenticate and enroll certificate."""
     # Note: This can raise errors... caught above us though.
@@ -292,6 +300,8 @@ def _auth_from_domains(le_client, config, domains, plugins):
         if not lineage:
             raise errors.Error("Certificate could not be obtained")
 
+    _report_new_cert(lineage.cert)
+
     return lineage
 
 
@@ -365,6 +375,7 @@ def auth(args, config, plugins):
             file=args.csr[0], data=args.csr[1], form="der"))
         le_client.save_certificate(
             certr, chain, args.cert_path, args.chain_path)
+        _report_new_cert(args.cert_path)
     else:
         domains = _find_domains(args, installer)
         _auth_from_domains(le_client, config, domains, plugins)
@@ -518,7 +529,7 @@ class HelpfulArgumentParser(object):
         help2 = self.prescan_for_flag("--help", self.help_topics)
         assert max(True, "a") == "a", "Gravity changed direction"
         help_arg = max(help1, help2)
-        if help_arg == True:
+        if help_arg is True:
             # just --help with no topic; avoid argparse altogether
             print USAGE
             sys.exit(0)

letsencrypt/client.py

@@ -286,7 +286,7 @@ class Client(object):
                 "configured in the directories under {0}.").format(
                     cert.cli_config.renewal_configs_dir)
         reporter = zope.component.getUtility(interfaces.IReporter)
-        reporter.add_message(msg, reporter.LOW_PRIORITY, True)
+        reporter.add_message(msg, reporter.LOW_PRIORITY)
 
     def save_certificate(self, certr, chain_cert, cert_path, chain_path):
         # pylint: disable=no-self-use

letsencrypt/interfaces.py

@@ -478,7 +478,7 @@ class IReporter(zope.interface.Interface):
     LOW_PRIORITY = zope.interface.Attribute(
         "Used to denote low priority messages")
 
-    def add_message(self, msg, priority, on_crash=False):
+    def add_message(self, msg, priority, on_crash=True):
         """Adds msg to the list of messages to be printed.
 
         :param str msg: Message to be displayed to the user.

letsencrypt/reporter.py

@@ -36,7 +36,7 @@ class Reporter(object):
     def __init__(self):
         self.messages = Queue.PriorityQueue()
 
-    def add_message(self, msg, priority, on_crash=False):
+    def add_message(self, msg, priority, on_crash=True):
         """Adds msg to the list of messages to be printed.
 
         :param str msg: Message to be displayed to the user.

letsencrypt/tests/cli_test.py

@@ -16,6 +16,9 @@ from letsencrypt.tests import renewer_test
 from letsencrypt.tests import test_util
 
 
+CSR = test_util.vector_path('csr.der')
+
+
 class CLITest(unittest.TestCase):
     """Tests for different commands."""
 
@@ -65,40 +68,114 @@ class CLITest(unittest.TestCase):
                   for r in xrange(len(flags)))):
             self._call(['plugins'] + list(args))
 
-    @mock.patch("letsencrypt.cli.sys")
+    def test_auth_bad_args(self):
+        ret, _, _, _ = self._call(['-d', 'foo.bar', 'auth', '--csr', CSR])
+        self.assertEqual(ret, '--domains and --csr are mutually exclusive')
+
+        ret, _, _, _ = self._call(['-a', 'bad_auth', 'auth'])
+        self.assertEqual(ret, 'Authenticator could not be determined')
+
+    @mock.patch('letsencrypt.cli.zope.component.getUtility')
+    def test_auth_new_request_success(self, mock_get_utility):
+        cert_path = '/etc/letsencrypt/live/foo.bar'
+        mock_lineage = mock.MagicMock(cert=cert_path)
+        mock_client = mock.MagicMock()
+        mock_client.obtain_and_enroll_certificate.return_value = mock_lineage
+        self._auth_new_request_common(mock_client)
+        self.assertEqual(
+            mock_client.obtain_and_enroll_certificate.call_count, 1)
+        self.assertTrue(
+            cert_path in mock_get_utility().add_message.call_args[0][0])
+
+    def test_auth_new_request_failure(self):
+        mock_client = mock.MagicMock()
+        mock_client.obtain_and_enroll_certificate.return_value = False
+        self.assertRaises(errors.Error,
+                          self._auth_new_request_common, mock_client)
+
+    def _auth_new_request_common(self, mock_client):
+        with mock.patch('letsencrypt.cli._treat_as_renewal') as mock_renewal:
+            mock_renewal.return_value = None
+            with mock.patch('letsencrypt.cli._init_le_client') as mock_init:
+                mock_init.return_value = mock_client
+                self._call(['-d', 'foo.bar', '-a', 'standalone', 'auth'])
+
+    @mock.patch('letsencrypt.cli.zope.component.getUtility')
+    @mock.patch('letsencrypt.cli._treat_as_renewal')
+    @mock.patch('letsencrypt.cli._init_le_client')
+    def test_auth_renewal(self, mock_init, mock_renewal, mock_get_utility):
+        cert_path = '/etc/letsencrypt/live/foo.bar'
+        mock_lineage = mock.MagicMock(cert=cert_path)
+        mock_cert = mock.MagicMock(body='body')
+        mock_key = mock.MagicMock(pem='pem_key')
+        mock_renewal.return_value = mock_lineage
+        mock_client = mock.MagicMock()
+        mock_client.obtain_certificate.return_value = (mock_cert, 'chain',
+                                                       mock_key, 'csr')
+        mock_init.return_value = mock_client
+        with mock.patch('letsencrypt.cli.OpenSSL'):
+            with mock.patch('letsencrypt.cli.crypto_util'):
+                self._call(['-d', 'foo.bar', '-a', 'standalone', 'auth'])
+        mock_client.obtain_certificate.assert_called_once_with(['foo.bar'])
+        self.assertEqual(mock_lineage.save_successor.call_count, 1)
+        mock_lineage.update_all_links_to.assert_called_once_with(
+            mock_lineage.latest_common_version())
+        self.assertTrue(
+            cert_path in mock_get_utility().add_message.call_args[0][0])
+
+    @mock.patch('letsencrypt.cli.display_ops.pick_installer')
+    @mock.patch('letsencrypt.cli.zope.component.getUtility')
+    @mock.patch('letsencrypt.cli._init_le_client')
+    def test_auth_csr(self, mock_init, mock_get_utility, mock_pick_installer):
+        cert_path = '/etc/letsencrypt/live/foo.bar'
+        mock_client = mock.MagicMock()
+        mock_client.obtain_certificate_from_csr.return_value = ('certr',
+                                                                'chain')
+        mock_init.return_value = mock_client
+        installer = 'installer'
+        self._call(
+            ['-a', 'standalone', '-i', installer, 'auth', '--csr', CSR,
+             '--cert-path', cert_path, '--chain-path', '/'])
+        self.assertEqual(mock_pick_installer.call_args[0][1], installer)
+        mock_client.save_certificate.assert_called_once_with(
+            'certr', 'chain', cert_path, '/')
+        self.assertTrue(
+            cert_path in mock_get_utility().add_message.call_args[0][0])
+
+    @mock.patch('letsencrypt.cli.sys')
     def test_handle_exception(self, mock_sys):
         # pylint: disable=protected-access
         from letsencrypt import cli
 
         mock_open = mock.mock_open()
-        with mock.patch("letsencrypt.cli.open", mock_open, create=True):
-            exception = Exception("detail")
+        with mock.patch('letsencrypt.cli.open', mock_open, create=True):
+            exception = Exception('detail')
             cli._handle_exception(
                 Exception, exc_value=exception, trace=None, args=None)
-            mock_open().write.assert_called_once_with("".join(
+            mock_open().write.assert_called_once_with(''.join(
                 traceback.format_exception_only(Exception, exception)))
             error_msg = mock_sys.exit.call_args_list[0][0][0]
-            self.assertTrue("unexpected error" in error_msg)
+            self.assertTrue('unexpected error' in error_msg)
 
-        with mock.patch("letsencrypt.cli.open", mock_open, create=True):
+        with mock.patch('letsencrypt.cli.open', mock_open, create=True):
             mock_open.side_effect = [KeyboardInterrupt]
-            error = errors.Error("detail")
+            error = errors.Error('detail')
             cli._handle_exception(
                 errors.Error, exc_value=error, trace=None, args=None)
             # assert_any_call used because sys.exit doesn't exit in cli.py
-            mock_sys.exit.assert_any_call("".join(
+            mock_sys.exit.assert_any_call(''.join(
                 traceback.format_exception_only(errors.Error, error)))
 
         args = mock.MagicMock(debug=False)
         cli._handle_exception(
-            Exception, exc_value=Exception("detail"), trace=None, args=args)
+            Exception, exc_value=Exception('detail'), trace=None, args=args)
         error_msg = mock_sys.exit.call_args_list[-1][0][0]
-        self.assertTrue("unexpected error" in error_msg)
+        self.assertTrue('unexpected error' in error_msg)
 
-        interrupt = KeyboardInterrupt("detail")
+        interrupt = KeyboardInterrupt('detail')
         cli._handle_exception(
             KeyboardInterrupt, exc_value=interrupt, trace=None, args=None)
-        mock_sys.exit.assert_called_with("".join(
+        mock_sys.exit.assert_called_with(''.join(
             traceback.format_exception_only(KeyboardInterrupt, interrupt)))
 
 
@@ -108,13 +185,13 @@ class DetermineAccountTest(unittest.TestCase):
     def setUp(self):
         self.args = mock.MagicMock(account=None, email=None)
         self.config = configuration.NamespaceConfig(self.args)
-        self.accs = [mock.MagicMock(id="x"), mock.MagicMock(id="y")]
+        self.accs = [mock.MagicMock(id='x'), mock.MagicMock(id='y')]
         self.account_storage = account.AccountMemoryStorage()
 
     def _call(self):
         # pylint: disable=protected-access
         from letsencrypt.cli import _determine_account
-        with mock.patch("letsencrypt.cli.account.AccountFileStorage") as mock_storage:
+        with mock.patch('letsencrypt.cli.account.AccountFileStorage') as mock_storage:
             mock_storage.return_value = self.account_storage
             return _determine_account(self.args, self.config)
 
@@ -131,7 +208,7 @@ class DetermineAccountTest(unittest.TestCase):
         self.assertEqual(self.accs[0].id, self.args.account)
         self.assertTrue(self.args.email is None)
 
-    @mock.patch("letsencrypt.client.display_ops.choose_account")
+    @mock.patch('letsencrypt.client.display_ops.choose_account')
     def test_multiple_accounts(self, mock_choose_accounts):
         for acc in self.accs:
             self.account_storage.save(acc)
@@ -142,11 +219,11 @@ class DetermineAccountTest(unittest.TestCase):
         self.assertEqual(self.accs[1].id, self.args.account)
         self.assertTrue(self.args.email is None)
 
-    @mock.patch("letsencrypt.client.display_ops.get_email")
+    @mock.patch('letsencrypt.client.display_ops.get_email')
     def test_no_accounts_no_email(self, mock_get_email):
-        mock_get_email.return_value = "foo@bar.baz"
+        mock_get_email.return_value = 'foo@bar.baz'
 
-        with mock.patch("letsencrypt.cli.client") as client:
+        with mock.patch('letsencrypt.cli.client') as client:
             client.register.return_value = (
                 self.accs[0], mock.sentinel.acme)
             self.assertEqual((self.accs[0], mock.sentinel.acme), self._call())
@@ -154,15 +231,15 @@ class DetermineAccountTest(unittest.TestCase):
             self.config, self.account_storage, tos_cb=mock.ANY)
 
         self.assertEqual(self.accs[0].id, self.args.account)
-        self.assertEqual("foo@bar.baz", self.args.email)
+        self.assertEqual('foo@bar.baz', self.args.email)
 
     def test_no_accounts_email(self):
-        self.args.email = "other email"
-        with mock.patch("letsencrypt.cli.client") as client:
+        self.args.email = 'other email'
+        with mock.patch('letsencrypt.cli.client') as client:
             client.register.return_value = (self.accs[1], mock.sentinel.acme)
             self._call()
         self.assertEqual(self.accs[1].id, self.args.account)
-        self.assertEqual("other email", self.args.email)
+        self.assertEqual('other email', self.args.email)
 
 
 class DuplicativeCertsTest(renewer_test.BaseRenewableCertTest):
@@ -176,36 +253,36 @@ class DuplicativeCertsTest(renewer_test.BaseRenewableCertTest):
     def tearDown(self):
         shutil.rmtree(self.tempdir)
 
-    @mock.patch("letsencrypt.le_util.make_or_verify_dir")
+    @mock.patch('letsencrypt.le_util.make_or_verify_dir')
     def test_find_duplicative_names(self, unused_makedir):
         from letsencrypt.cli import _find_duplicative_certs
-        test_cert = test_util.load_vector("cert-san.pem")
-        with open(self.test_rc.cert, "w") as f:
+        test_cert = test_util.load_vector('cert-san.pem')
+        with open(self.test_rc.cert, 'w') as f:
             f.write(test_cert)
 
         # No overlap at all
-        result = _find_duplicative_certs(["wow.net", "hooray.org"],
+        result = _find_duplicative_certs(['wow.net', 'hooray.org'],
                                          self.config, self.cli_config)
         self.assertEqual(result, (None, None))
 
         # Totally identical
-        result = _find_duplicative_certs(["example.com", "www.example.com"],
+        result = _find_duplicative_certs(['example.com', 'www.example.com'],
                                          self.config, self.cli_config)
-        self.assertTrue(result[0].configfile.filename.endswith("example.org.conf"))
+        self.assertTrue(result[0].configfile.filename.endswith('example.org.conf'))
         self.assertEqual(result[1], None)
 
         # Superset
-        result = _find_duplicative_certs(["example.com", "www.example.com",
-                                          "something.new"], self.config,
+        result = _find_duplicative_certs(['example.com', 'www.example.com',
+                                          'something.new'], self.config,
                                          self.cli_config)
         self.assertEqual(result[0], None)
-        self.assertTrue(result[1].configfile.filename.endswith("example.org.conf"))
+        self.assertTrue(result[1].configfile.filename.endswith('example.org.conf'))
 
         # Partial overlap doesn't count
-        result = _find_duplicative_certs(["example.com", "something.new"],
+        result = _find_duplicative_certs(['example.com', 'something.new'],
                                          self.config, self.cli_config)
         self.assertEqual(result, (None, None))
 
 
-if __name__ == "__main__":
+if __name__ == '__main__':
     unittest.main()  # pragma: no cover

letsencrypt/tests/reporter_test.py

@@ -82,9 +82,11 @@ class ReporterTest(unittest.TestCase):
         self.assertTrue("Low" not in output)
 
     def _add_messages(self):
-        self.reporter.add_message("High", self.reporter.HIGH_PRIORITY, True)
-        self.reporter.add_message("Med", self.reporter.MEDIUM_PRIORITY)
-        self.reporter.add_message("Low", self.reporter.LOW_PRIORITY)
+        self.reporter.add_message("High", self.reporter.HIGH_PRIORITY)
+        self.reporter.add_message(
+            "Med", self.reporter.MEDIUM_PRIORITY, on_crash=False)
+        self.reporter.add_message(
+            "Low", self.reporter.LOW_PRIORITY, on_crash=False)
 
 
 if __name__ == "__main__":

tox.cover.sh

@@ -16,7 +16,7 @@ fi
 
 cover () {
   if [ "$1" = "letsencrypt" ]; then
-    min=96
+    min=97
   elif [ "$1" = "acme" ]; then
     min=100
   elif [ "$1" = "letsencrypt_apache" ]; then