last from journey

DEPLOYMENT.md

@@ -1,5 +1,5 @@
 # Guide de Déploiement - PKI API
-
+  
 ## Déploiement Local (Développement)
 
 ### Mode MemoryStore (en mémoire)

go.mod

@@ -5,6 +5,8 @@ go 1.21
 require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/golang-jwt/jwt/v5 v5.1.0
+	github.com/google/uuid v1.6.0
+	go.mongodb.org/mongo-driver v1.17.6
 )
 
 require (
@@ -17,7 +19,6 @@ require (
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/uuid v1.6.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/compress v1.16.7 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
@@ -33,7 +34,6 @@ require (
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
-	go.mongodb.org/mongo-driver v1.17.6 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/crypto v0.26.0 // indirect
 	golang.org/x/net v0.21.0 // indirect

internal/api/crl_test.go

@@ -0,0 +1,73 @@
+package api
+
+import (
+    "encoding/json"
+    "net/http"
+    "net/http/httptest"
+    "testing"
+
+    "github.com/gin-gonic/gin"
+    "github.com/google/uuid"
+    "github.com/stef/pkiapi/internal/pki"
+    "github.com/stef/pkiapi/internal/storage"
+)
+
+func TestGetCRLHandler(t *testing.T) {
+    gin.SetMode(gin.TestMode)
+
+    // Préparer un MemoryStore et l'initialiser dans l'API
+    mem := storage.NewMemoryStore()
+    InitCertificateStore(mem)
+
+    // Générer un certificat de test
+    cert, err := pki.GenerateCertificate("CN=test.example.com,O=Example,C=FR", 365)
+    if err != nil {
+        t.Fatalf("GenerateCertificate error: %v", err)
+    }
+
+    id := uuid.New().String()
+    cert.ID = id
+
+    // Sauvegarder le certificat (non révoqué)
+    if err := mem.SaveCertificate(id, cert); err != nil {
+        t.Fatalf("SaveCertificate error: %v", err)
+    }
+
+    // Révoquer le certificat
+    cert.Revoked = true
+    if err := mem.SaveCertificate(id, cert); err != nil {
+        t.Fatalf("SaveCertificate(revoked) error: %v", err)
+    }
+
+    // Appeler le handler GetCRL
+    w := httptest.NewRecorder()
+    c, _ := gin.CreateTestContext(w)
+    req, _ := http.NewRequest("GET", "/api/v1/crl", nil)
+    c.Request = req
+
+    GetCRL(c)
+
+    if w.Code != http.StatusOK {
+        t.Fatalf("expected status 200, got %d, body: %s", w.Code, w.Body.String())
+    }
+
+    var resp struct {
+        CRL     []struct {
+            SerialNumber string `json:"serial_number"`
+            Subject      string `json:"subject"`
+        } `json:"crl"`
+        Version int `json:"version"`
+    }
+
+    if err := json.Unmarshal(w.Body.Bytes(), &resp); err != nil {
+        t.Fatalf("unmarshal response: %v", err)
+    }
+
+    if len(resp.CRL) != 1 {
+        t.Fatalf("expected 1 revoked cert in CRL, got %d, body: %s", len(resp.CRL), w.Body.String())
+    }
+
+    if resp.CRL[0].SerialNumber == "" {
+        t.Fatalf("expected serial number present in CRL entry, got empty")
+    }
+}

internal/storage/mongo.go

@@ -106,7 +106,7 @@ func (m *MongoStore) SaveCertificate(id string, cert *pki.Certificate) error {
 }
 
 // GetCertificate récupère un certificat depuis MongoDB
-func (m *MongoStore) GetCertificate(id string) (*pki.Certificate, error) {
+func (m *MongoStore) GetCertificate(id string) (*pki.Certificate,error) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 	defer cancel()