FI-2980 Release Preparation (#2)

* Bug fix: certs may have more than one SAN entry, added unit tests for this

* Removed use of auto generated certs, updated custom routes and input instructions accordingly

* Input instruction and test description cleanup, reordering

* Refactored to use regex to parse more than one cert from inputs instead of comma delimiter

* Updated signed_metdata_contents spec test to use custom JWT instead of ref server response

* Moved unit test certs to spec/fixtures directory

* gemspec file updates

* Added empty CRL to test certs

* Updated unit tests to use Inferno certs with mocked CRL endpoint

* Renamed test kit module and update paths accordingly

* Fixed specs and linting

---------

Co-authored-by: Stephen MacVicar <[email protected]>

Dockerfile

@@ -10,6 +10,8 @@ WORKDIR $INSTALL_PATH
 
 ADD *.gemspec $INSTALL_PATH
 ADD Gemfile* $INSTALL_PATH
+ADD lib/udap_security_test_kit/version.rb $INSTALL_PATH/lib/udap_security_test_kit/version.rb
+
 RUN gem install bundler
 # The below RUN line is commented out for development purposes, because any change to the 
 # required gems will break the dockerfile build process.

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    udap_security_test_kit (0.1.1)
+    udap_security_test_kit (0.9.0)
       inferno_core (>= 0.4.2)
       jwt (~> 2.3)
 

README.md

@@ -21,25 +21,16 @@ use of X.509 certificates that are trusted by the authorization server under
 test.  There are two categories of certificates for this test kit:
 - Client certificates: represent the logical instance of a UDAP client interfacing
   with the authorization server.  This test
-  kit supports multiple logical clients, and a new client certificate is needed for each instance of
-  testing Dynamic Client Registration.  By default, Inferno will generate a
-  new client certificate for each run of the Dynamic Client Registration test
-  group.
+  kit supports multiple logical clients, and a new logical client is needed for each instance of
+  testing Dynamic Client Registration. 
 - Signing certificate: the certificate used to issue and sign the client
-  certificates.  This test kit includes a self-signed certificate
-  authority, `InfernoCA.pem`, and its accompanying private key, `InfernoCA.key`,
-  in `lib/udap_security/certs`.
-  By default, Inferno will use this cert and private key to
-  issue and sign it auto-generated client certs.  In the `lib/udap_security/certs`
-  directory there is also a `generate_certs.sh` script that will
-  regenerate the CA cert and its key as well as an example client cert and
-  private key.
-
-Testers may also provide their own client certificate(s) via the
-test inputs.
-
-In order for tests to pass, register the `InfernoCA.pem` file (if using
-Inferno's default CA) OR your own signing certificate as a trusted CA with
+  certificates.
+
+Testers must provide their own client certificate(s) via the
+test inputs.  Currently, the certificates available in `lib/udap_security_test_kit/certs`
+are for unit testing only.
+
+In order for tests to pass, register your own signing certificate as a trust anchor with
 the authorization server under tests.