transform more tests to pytest

ca/django_ca/extensions/parse.py

@@ -153,17 +153,8 @@ def _parse_authority_information_access(
     value: ParsableAuthorityInformationAccess,
 ) -> x509.AuthorityInformationAccess:
     access_descriptions: List[x509.AccessDescription] = []
-    issuers: Optional[ParsableGeneralNameList] = value.get("issuers")
-    if issuers is None:
-        issuers = []
 
-    for name in issuers:
-        access_descriptions.append(
-            x509.AccessDescription(
-                access_method=AuthorityInformationAccessOID.CA_ISSUERS,
-                access_location=parse_general_name(name),
-            )
-        )
+    # NOTE: OCSP is first because OID is lexicographically smaller
     ocsp: Optional[ParsableGeneralNameList] = value.get("ocsp")
     if ocsp is None:
         ocsp = []
@@ -175,6 +166,17 @@ def _parse_authority_information_access(
             )
         )
 
+    issuers: Optional[ParsableGeneralNameList] = value.get("issuers")
+    if issuers is None:
+        issuers = []
+    for name in issuers:
+        access_descriptions.append(
+            x509.AccessDescription(
+                access_method=AuthorityInformationAccessOID.CA_ISSUERS,
+                access_location=parse_general_name(name),
+            )
+        )
+
     return x509.AuthorityInformationAccess(descriptions=access_descriptions)
 
 

ca/django_ca/models.py

@@ -731,6 +731,7 @@ def extensions_for_certificate(
 
         access_descriptions = []
         # TODO: use get_authority_information_access_extension() but it does not yet split lines
+        # NOTE: OCSP is first because OID is lexicographically smaller
         if self.ocsp_url:
             ocsp = [parse_general_name(name) for name in self.ocsp_url.splitlines()]
             access_descriptions += [