Added Let's Encrypt API

9 years ago · ccdb7bad62
parent 2ef5c3aafc
commit ccdb7bad62
9 changed files with 169 additions and 8 deletions
--- a/quiz/migrations/0004_letsencryptchallenge.py
+++ b/quiz/migrations/0004_letsencryptchallenge.py
@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('quiz', '0003_auto_20150520_1113'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='LetsEncryptChallenge',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('challenge', models.CharField(max_length=128)),
+                ('response', models.CharField(max_length=128)),
+                ('expiry_date', models.DateTimeField()),
+            ],
+            options={
+            },
+            bases=(models.Model,),
+        ),
+    ]
--- a/quiz/models.py
+++ b/quiz/models.py
@ -17,4 +17,9 @@ class Answer(models.Model):
        unique_together = ('user', 'question')

    def __str__(self):
-        return self.question + ": " + self.string
+        return self.question + ": " + self.string
+
+class LetsEncryptChallenge(models.Model):
+    challenge = models.CharField(max_length=128)
+    response = models.CharField(max_length=128)
+    expiry_date = models.DateTimeField()
--- a/quiz/tests.py
+++ b/quiz/tests.py
@ -1,3 +0,0 @@
-from django.test import TestCase
-
-# Create your tests here.
--- a/quiz/views.py
+++ b/quiz/views.py
@ -1,3 +0,0 @@
-from django.shortcuts import render
-
-# Create your views here.
--- a/securityquiz/urls.py
+++ b/securityquiz/urls.py
@ -14,5 +14,7 @@ urlpatterns = patterns('',
    url(r'^admin/', include(admin.site.urls)),
    url(r'^save$', 'views.save'),
    url(r'^sign$', 'views.sign'),
+    url(r'^letsencrypt$', 'views.letsencrypt'),
+    url(r'^\.well-known/acme-challenge/(.+)', 'views.letsencrypt_challenge'),
    url(r'^(.*)$', 'views.home', name='home'),
 )
--- a/static/css/semantic.min.css
+++ b/static/css/semantic.min.css
--- a/static/js/semantic.min.js
+++ b/static/js/semantic.min.js
--- a/templates/letsencrypt.html
+++ b/templates/letsencrypt.html
@ -0,0 +1,53 @@
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <link rel="stylesheet" href="/static/css/semantic.min.css">
+    <style type="text/css">
+    body {
+      margin-top: 20px;
+    }
+    </style>
+  </head>
+
+  <body>
+    <h1 class="ui centered aligned header">Let's Encrypt</h1>
+
+    <div class="ui three column centered grid">
+      <div class="column ui">
+        <form method="POST" action="" class="ui form primary center aligned segment">
+          {% csrf_token %}
+
+          {% if challenge %}
+          <p>Vanaf<br>
+          <a href="http://sec1.aii.avans.nl/.well-known/acme-challenge/{{challenge}}">http://sec1.aii.avans.nl/.well-known/acme-challenge/{{challenge}}</a><br> wordt de komende 10 minuten de volgende tekst getoond:<br>
+          <code>{{challenge}}.{{response}}</code>
+
+          {% elif error %}
+          <div class="ui negative message">
+            <p>{{error}}</p>
+          </div>
+
+          {% else %}
+          <div class="field">
+            <label for="domain">Challenge-response</label>
+            <div class="ui huge input">
+              <textarea name="challenge-response" value="" style="text-align: center;" placeholder=""></textarea>
+            </div>
+            <p>Vul hier de code in die Let's Encrypt van je vraagt om te geven via <br><code>http://sec1.aii.avans.nl/.well-known/acme-challenge/</code></p>
+          </div>
+
+          <button type="submit" class="ui big blue submit button">Opslaan</button>
+
+          {% endif %}
+        </form>
+      </div>
+    </div>
+
+
+  </div>
+
+
+
+  </body>
+</html>
--- a/views.py
+++ b/views.py
@ -6,7 +6,7 @@ from django.views.decorators.csrf import csrf_exempt
 from django.contrib.auth import authenticate, login, logout
 from django.contrib.auth.models import User
 from django.contrib import messages
-from quiz.models import Answer
+from quiz.models import Answer, LetsEncryptChallenge
 import oauth2 as oauth, cgi, json, base64, urlparse, subprocess
 from oauth2_provider.views.generic import ProtectedResourceView
 import securityquiz.secrets as secrets
@ -132,6 +132,59 @@ class SecurityApi(ProtectedResourceView):
    def get(self, request, *args, **kwargs):
        return HttpResponse("Geheime code: abguvatgbfrrurerzbirnybat")

+def letsencrypt(request):
+    template_vars = {}
+    if request.method == 'POST':
+        try:
+            challengeresponse = request.POST['challenge-response']
+
+            if challengeresponse.strip() == '':
+                raise Exception('Geen data opgegeven')
+
+            if not '.' in challengeresponse:
+                raise Exception('Verkeerde code opgegeven. De code die je moet opgeven is met een puntje er in.')
+            print challengeresponse.split('.')
+            if len(challengeresponse.split('.')) <> 2:
+                raise Exception('De code moet maar 1 puntje bevatten')
+
+            challenge, response = challengeresponse.split('.')
+
+            if len(challenge) < 40 or len(response) < 40:
+                raise Exception('De code is te kort')
+
+            expiry_date = pytz.utc.localize(datetime.datetime.utcnow() + datetime.timedelta(minutes=10))
+            challengeresponse, created = LetsEncryptChallenge.objects.get_or_create(challenge=challenge, defaults={
+                'response': response,
+                'expiry_date': expiry_date
+                })
+
+            challengeresponse.response = response
+            challengeresponse.expiry_date = expiry_date
+            challengeresponse.save()
+
+            template_vars['challenge'] = challenge
+            template_vars['response'] = response
+        except str as e:
+            template_vars['error'] = e.message
+            raise e
+
+    return render(request, 'letsencrypt.html', template_vars)
+
+def letsencrypt_challenge(request, challenge):
+    try:
+        # Delete old challenges
+        LetsEncryptChallenge.objects.filter(expiry_date__lte=datetime.datetime.utcnow()).delete()
+
+        challengeresponse = LetsEncryptChallenge.objects.get(challenge=challenge)
+
+        response = HttpResponse(challengeresponse.challenge + "." + challengeresponse.response)
+        response['Content-Type'] = 'text/plain'
+        return response
+    except LetsEncryptChallenge.DoesNotExist:
+        return HttpResponseNotFound('404')
+
+
+
 def sign(request):
    if request.method == 'POST':
        from OpenSSL import crypto