add more pki features, bug fixes, try not to use jquery

lenticular_cloud/views/__init__.py

@@ -3,3 +3,4 @@
 from .auth import auth_views
 from .frontend import frontend_views, init_login_manager
 from .api import api_views
+from .pki import pki_views

lenticular_cloud/views/frontend.py

@@ -126,12 +126,26 @@ def client_cert():
     return render_template('frontend/client_cert.html.j2', services=current_app.lenticular_services, client_certs=client_certs)
 
 
-@frontend_views.route('/client_cert/<service_name>/<fingerprint>')
+@frontend_views.route('/client_cert/<service_name>/<serial_number>')
 @login_required
-def get_client_cert(service_name, fingerprint):
+def get_client_cert(service_name, serial_number):
     service = current_app.lenticular_services[service_name]
-    current_app.pki.get_client_cert(current_user, service, fingerprint)
-    pass
+    cert = current_app.pki.get_client_cert(
+            current_user, service, serial_number)
+    return jsonify({
+        'data': {
+            'pem': cert.pem()}
+        })
+
+
+@frontend_views.route('/client_cert/<service_name>/<serial_number>', methods=['DELETE'])
+@login_required
+def revoke_client_cert(service_name, serial_number):
+    service = current_app.lenticular_services[service_name]
+    cert = current_app.pki.get_client_cert(
+            current_user, service, serial_number)
+    current_app.pki.revoke_certificate(cert)
+    return jsonify({})
 
 
 @frontend_views.route(
@@ -160,7 +174,8 @@ def client_cert_new(service_name):
                 'errors': form.errors
             })
 
-    return render_template('frontend/client_cert_new.html.j2',
+    return render_template(
+            'frontend/client_cert_new.html.j2',
             service=service,
             form=form)
 
@@ -172,7 +187,7 @@ def totp():
     return render_template('frontend/totp.html.j2', delete_form=delete_form)
 
 
-@frontend_views.route('/totp/new', methods=['GET','POST'])
+@frontend_views.route('/totp/new', methods=['GET', 'POST'])
 @login_required
 def totp_new():
     form = TOTPForm()

lenticular_cloud/views/pki.py

@@ -0,0 +1,38 @@
+import flask
+from flask import Blueprint, redirect, request
+from flask import current_app, session
+from flask import jsonify
+from flask.helpers import make_response
+from flask.templating import render_template
+from oic.oic.message import TokenErrorResponse, UserInfoErrorResponse, EndSessionRequest
+
+from pyop.access_token import AccessToken, BearerTokenError
+from pyop.exceptions import InvalidAuthenticationRequest, InvalidAccessToken, InvalidClientAuthentication, OAuthError, \
+    InvalidSubjectIdentifier, InvalidClientRegistrationRequest
+from pyop.util import should_fragment_encode
+
+from flask import Blueprint, render_template, request, url_for
+from flask_login import login_required, login_user, logout_user
+from werkzeug.utils import redirect
+import logging
+from urllib.parse import urlparse
+from base64 import b64decode, b64encode
+import ory_hydra_client as hydra
+from requests_oauthlib.oauth2_session import OAuth2Session
+import requests
+from cryptography.hazmat.primitives import serialization
+
+from ..model import User, SecurityUser
+from ..model_db import User as DbUser
+from ..form.login import LoginForm
+from ..auth_providers import LdapAuthProvider
+
+
+pki_views = Blueprint('pki', __name__, url_prefix='/')
+
+@pki_views.route('/<service_name>.crl')
+def crl(service_name: str):
+    service = current_app.lenticular_services[service_name]
+    crl = current_app.pki.get_crl(service)
+    return crl.public_bytes(encoding=serialization.Encoding.DER)
+