Skip to content

Commit 71fa546

Browse files
committed
scripts: add reject-order + reject-all-pending (cancel pending CERTInext orders)
Wire up the CERTInext RejectOrder endpoint (orderDetails.{orderNumber, rejectRemarks}) the existing POC scripts never covered — RevokeOrder targets issued certs, RejectOrder cancels pre-issuance orders. reject-all-pending.sh snapshots all pending orders (certificateStatusId 2/24) and rejects them, preserving issued certs (status 9); dry-run by default, REJECT_ALL_PENDING=1 to fire. Note: cancelling pending orders declutters the account but does NOT refund credits (verified — a real saveAndHold=0 order still hits EMS-1140).
1 parent 82c2984 commit 71fa546

2 files changed

Lines changed: 80 additions & 0 deletions

File tree

scripts/reject-all-pending.sh

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
#!/usr/bin/env bash
2+
# Reject ALL pending (pre-issuance) CERTInext orders — to reclaim credits / declutter the
3+
# sandbox. Targets certificateStatusId in {2,24} ("Pending for Approver"). NEVER touches
4+
# issued certs (9 "Certificate Downloaded") or already-rejected orders (13).
5+
#
6+
# Safety: dry-run by default (lists what it WOULD reject). Set REJECT_ALL_PENDING=1 to fire.
7+
# Optional: PAGE_SIZE (default 100), REMARKS.
8+
set -euo pipefail
9+
. ~/.env_certinext
10+
. "$(dirname "$0")/lib/certinext-auth.sh"
11+
12+
DRY=1; [ "${REJECT_ALL_PENDING:-}" = "1" ] && DRY=0
13+
PAGE_SIZE="${PAGE_SIZE:-100}"
14+
REMARKS="${REMARKS:-Cancelled pending order to reclaim sandbox credits.}"
15+
16+
report_page() { # $1 = page number
17+
read -r ts txn authKey <<< "$(certinext_meta)"
18+
curl -s -X POST "$CERTINEXT_API_URL/GetOrderReport" -H "Content-Type: application/json" \
19+
-d "{\"meta\":{\"ver\":\"1.0\",\"ts\":\"$ts\",\"txn\":\"$txn\",\"accountNumber\":\"$CERTINEXT_ACCOUNT_NUMBER\",\"authKey\":\"$authKey\"},\"searchCriteria\":{\"groupNumber\":\"$CERTINEXT_GROUP_NUMBER\",\"pageNumber\":\"$1\",\"pageSize\":\"$PAGE_SIZE\"}}"
20+
}
21+
22+
# --- Snapshot all pending order numbers up front (before rejecting anything) ---
23+
first=$(report_page 1)
24+
pages=$(echo "$first" | jq -r '.orderDetails.noOfPages // 1')
25+
pending=$(echo "$first" | jq -r '.orderDetails.ordersArray[] | select(.certificateStatusId=="24" or .certificateStatusId=="2") | .orderNumber')
26+
p=2
27+
while [ "$p" -le "$pages" ]; do
28+
more=$(report_page "$p" | jq -r '.orderDetails.ordersArray[] | select(.certificateStatusId=="24" or .certificateStatusId=="2") | .orderNumber')
29+
[ -n "$more" ] && pending="$pending"$'\n'"$more"
30+
p=$((p+1))
31+
done
32+
pending=$(echo "$pending" | sed '/^$/d')
33+
34+
count=$(echo "$pending" | grep -c . || true)
35+
echo "Found $count pending order(s) (certificateStatusId 2/24) across $pages page(s)."
36+
37+
if [ "$DRY" = "1" ]; then
38+
echo "DRY RUN — set REJECT_ALL_PENDING=1 to reject. First 10:"
39+
echo "$pending" | head -10 | sed 's/^/ /'
40+
exit 0
41+
fi
42+
43+
ok=0; fail=0
44+
while IFS= read -r n; do
45+
[ -z "$n" ] && continue
46+
read -r ts txn authKey <<< "$(certinext_meta)"
47+
st=$(curl -s -X POST "$CERTINEXT_API_URL/RejectOrder" -H "Content-Type: application/json" \
48+
-d "{\"meta\":{\"ver\":\"1.0\",\"ts\":\"$ts\",\"txn\":\"$txn\",\"accountNumber\":\"$CERTINEXT_ACCOUNT_NUMBER\",\"authKey\":\"$authKey\"},\"orderDetails\":{\"orderNumber\":\"$n\",\"rejectRemarks\":\"$REMARKS\"}}" \
49+
| jq -r '.meta.status // "?"')
50+
if [ "$st" = "1" ]; then ok=$((ok+1)); else fail=$((fail+1)); echo " FAIL $n (status=$st)"; fi
51+
done <<< "$pending"
52+
53+
echo "Done. Rejected ok=$ok fail=$fail (of $count)."

scripts/reject-order.sh

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
#!/usr/bin/env bash
2+
# Cancel/reject a PENDING CERTInext order (pre-issuance) by order number.
3+
#
4+
# Unlike RevokeOrder (which targets issued certs), RejectOrder cancels an order that
5+
# has not yet been issued — e.g. one parked at EXTERNALVALIDATION awaiting DCV. Whether
6+
# this refunds the consumed credit is a CERTInext billing-policy question; run it on one
7+
# order and check GetProductDetails / your credit balance before/after to confirm.
8+
#
9+
# Required env var: ORDER_NUMBER
10+
# Optional env var: REMARKS (default "Cancelled pending order to reclaim sandbox credits.")
11+
set -euo pipefail
12+
. ~/.env_certinext
13+
. "$(dirname "$0")/lib/certinext-auth.sh"
14+
15+
if [ -z "${ORDER_NUMBER:-}" ]; then
16+
echo "Usage: ORDER_NUMBER=<order number> [REMARKS=...] scripts/reject-order.sh" >&2
17+
exit 1
18+
fi
19+
20+
REMARKS="${REMARKS:-Cancelled pending order to reclaim sandbox credits.}"
21+
22+
read -r ts txn authKey <<< "$(certinext_meta)"
23+
echo "RejectOrder orderNumber=$ORDER_NUMBER ts=$ts txn=$txn"
24+
curl -s -X POST "$CERTINEXT_API_URL/RejectOrder" \
25+
-H "Content-Type: application/json" \
26+
-d "{\"meta\":{\"ver\":\"1.0\",\"ts\":\"$ts\",\"txn\":\"$txn\",\"accountNumber\":\"$CERTINEXT_ACCOUNT_NUMBER\",\"authKey\":\"$authKey\"},\"orderDetails\":{\"orderNumber\":\"$ORDER_NUMBER\",\"rejectRemarks\":\"$REMARKS\"}}" \
27+
| jq .

0 commit comments

Comments
 (0)