acme-client 2.0.4 → 2.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/CHANGELOG.md +5 -0
- data/README.md +1 -1
- data/acme-client.gemspec +1 -1
- data/lib/acme/client.rb +28 -15
- data/lib/acme/client/jwk/base.rb +2 -2
- data/lib/acme/client/resources/challenges.rb +2 -6
- data/lib/acme/client/resources/challenges/base.rb +8 -10
- data/lib/acme/client/resources/challenges/unsupported_challenge.rb +2 -0
- data/lib/acme/client/version.rb +1 -1
- metadata +12 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: bdf3dcbcbe410b8843976b06e849045be1cec4515b771d2cad99bf49d2dc206d
|
|
4
|
+
data.tar.gz: 52b8a373c8f8135abffe75e04d581a0b7800cfb4fab23662bfc68c81ce4b8626
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ce77c7466d8c625f043831425e4a0a6563d4ff667e6abb4280c43de00e2aa037caf5802bc56ce229f33707009d5bf76ee979b3f8161cb2dbf91ccf37c5ce8be5
|
|
7
|
+
data.tar.gz: 44a2290c512cea8cc8b89b42b983d14c1fba80d94dd663eed4c83877f3f5d407f1ec69a6e8d29fe205b8c5a0f6d43a2403d26d5514fd9cef99c691bbc244103f
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
[](https://travis-ci.org/unixcharles/acme-client)
|
|
4
4
|
|
|
5
|
-
`acme-client` is a client implementation of the [
|
|
5
|
+
`acme-client` is a client implementation of the ACMEv2 / [RFC 8555](https://tools.ietf.org/html/rfc8555) protocol in Ruby.
|
|
6
6
|
|
|
7
7
|
You can find the ACME reference implementations of the [server](https://github.com/letsencrypt/boulder) in Go and the [client](https://github.com/certbot/certbot) in Python.
|
|
8
8
|
|
data/acme-client.gemspec
CHANGED
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
spec.add_development_dependency 'rake', '~> 10.0'
|
|
21
21
|
spec.add_development_dependency 'rspec', '~> 3.3', '>= 3.3.0'
|
|
22
22
|
spec.add_development_dependency 'vcr', '~> 2.9', '>= 2.9.3'
|
|
23
|
-
spec.add_development_dependency 'webmock', '~>
|
|
23
|
+
spec.add_development_dependency 'webmock', '~> 3.3'
|
|
24
24
|
|
|
25
25
|
spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
|
|
26
26
|
end
|
data/lib/acme/client.rb
CHANGED
|
@@ -90,7 +90,7 @@ class Acme::Client
|
|
|
90
90
|
response.headers.fetch(:location)
|
|
91
91
|
end
|
|
92
92
|
|
|
93
|
-
response =
|
|
93
|
+
response = post_as_get(@kid)
|
|
94
94
|
arguments = attributes_from_account_response(response)
|
|
95
95
|
Acme::Client::Resources::Account.new(self, url: @kid, **arguments)
|
|
96
96
|
end
|
|
@@ -101,13 +101,7 @@ class Acme::Client
|
|
|
101
101
|
|
|
102
102
|
def new_order(identifiers:, not_before: nil, not_after: nil)
|
|
103
103
|
payload = {}
|
|
104
|
-
payload['identifiers'] =
|
|
105
|
-
identifiers
|
|
106
|
-
else
|
|
107
|
-
Array(identifiers).map do |identifier|
|
|
108
|
-
{ type: 'dns', value: identifier }
|
|
109
|
-
end
|
|
110
|
-
end
|
|
104
|
+
payload['identifiers'] = prepare_order_identifiers(identifiers)
|
|
111
105
|
payload['notBefore'] = not_before if not_before
|
|
112
106
|
payload['notAfter'] = not_after if not_after
|
|
113
107
|
|
|
@@ -117,7 +111,7 @@ class Acme::Client
|
|
|
117
111
|
end
|
|
118
112
|
|
|
119
113
|
def order(url:)
|
|
120
|
-
response =
|
|
114
|
+
response = post_as_get(url)
|
|
121
115
|
arguments = attributes_from_order_response(response)
|
|
122
116
|
Acme::Client::Resources::Order.new(self, **arguments.merge(url: url))
|
|
123
117
|
end
|
|
@@ -139,7 +133,7 @@ class Acme::Client
|
|
|
139
133
|
end
|
|
140
134
|
|
|
141
135
|
def authorization(url:)
|
|
142
|
-
response =
|
|
136
|
+
response = post_as_get(url)
|
|
143
137
|
arguments = attributes_from_authorization_response(response)
|
|
144
138
|
Acme::Client::Resources::Authorization.new(self, url: url, **arguments)
|
|
145
139
|
end
|
|
@@ -151,13 +145,13 @@ class Acme::Client
|
|
|
151
145
|
end
|
|
152
146
|
|
|
153
147
|
def challenge(url:)
|
|
154
|
-
response =
|
|
148
|
+
response = post_as_get(url)
|
|
155
149
|
arguments = attributes_from_challenge_response(response)
|
|
156
150
|
Acme::Client::Resources::Challenges.new(self, **arguments)
|
|
157
151
|
end
|
|
158
152
|
|
|
159
|
-
def request_challenge_validation(url:, key_authorization:)
|
|
160
|
-
response = post(url, payload: {
|
|
153
|
+
def request_challenge_validation(url:, key_authorization: nil)
|
|
154
|
+
response = post(url, payload: {})
|
|
161
155
|
arguments = attributes_from_challenge_response(response)
|
|
162
156
|
Acme::Client::Resources::Challenges.new(self, **arguments)
|
|
163
157
|
end
|
|
@@ -206,6 +200,20 @@ class Acme::Client
|
|
|
206
200
|
|
|
207
201
|
private
|
|
208
202
|
|
|
203
|
+
def prepare_order_identifiers(identifiers)
|
|
204
|
+
if identifiers.is_a?(Hash)
|
|
205
|
+
[identifiers]
|
|
206
|
+
else
|
|
207
|
+
Array(identifiers).map do |identifier|
|
|
208
|
+
if identifier.is_a?(String)
|
|
209
|
+
{ type: 'dns', value: identifier }
|
|
210
|
+
else
|
|
211
|
+
identifier
|
|
212
|
+
end
|
|
213
|
+
end
|
|
214
|
+
end
|
|
215
|
+
end
|
|
216
|
+
|
|
209
217
|
def attributes_from_account_response(response)
|
|
210
218
|
extract_attributes(
|
|
211
219
|
response.body,
|
|
@@ -252,14 +260,19 @@ class Acme::Client
|
|
|
252
260
|
connection.post(url, payload)
|
|
253
261
|
end
|
|
254
262
|
|
|
263
|
+
def post_as_get(url, mode: :kid)
|
|
264
|
+
connection = connection_for(url: url, mode: mode)
|
|
265
|
+
connection.post(url, nil)
|
|
266
|
+
end
|
|
267
|
+
|
|
255
268
|
def get(url, mode: :kid)
|
|
256
269
|
connection = connection_for(url: url, mode: mode)
|
|
257
270
|
connection.get(url)
|
|
258
271
|
end
|
|
259
272
|
|
|
260
273
|
def download(url, format:)
|
|
261
|
-
connection = connection_for(url: url, mode: :
|
|
262
|
-
connection.
|
|
274
|
+
connection = connection_for(url: url, mode: :kid)
|
|
275
|
+
connection.post do |request|
|
|
263
276
|
request.url(url)
|
|
264
277
|
request.headers['Accept'] = CONTENT_TYPES.fetch(format)
|
|
265
278
|
end
|
data/lib/acme/client/jwk/base.rb
CHANGED
|
@@ -14,10 +14,10 @@ class Acme::Client::JWK::Base
|
|
|
14
14
|
# payload - A Hash of payload data.
|
|
15
15
|
#
|
|
16
16
|
# Returns a JSON String.
|
|
17
|
-
def jws(header: {}, payload:
|
|
17
|
+
def jws(header: {}, payload:)
|
|
18
18
|
header = jws_header(header)
|
|
19
19
|
encoded_header = Acme::Client::Util.urlsafe_base64(header.to_json)
|
|
20
|
-
encoded_payload = Acme::Client::Util.urlsafe_base64(payload.to_json)
|
|
20
|
+
encoded_payload = Acme::Client::Util.urlsafe_base64(payload.nil? ? '' : payload.to_json)
|
|
21
21
|
|
|
22
22
|
signature_data = "#{encoded_header}.#{encoded_payload}"
|
|
23
23
|
signature = sign(signature_data)
|
|
@@ -4,6 +4,7 @@ module Acme::Client::Resources::Challenges
|
|
|
4
4
|
require 'acme/client/resources/challenges/base'
|
|
5
5
|
require 'acme/client/resources/challenges/http01'
|
|
6
6
|
require 'acme/client/resources/challenges/dns01'
|
|
7
|
+
require 'acme/client/resources/challenges/unsupported_challenge'
|
|
7
8
|
|
|
8
9
|
CHALLENGE_TYPES = {
|
|
9
10
|
'http-01' => Acme::Client::Resources::Challenges::HTTP01,
|
|
@@ -11,11 +12,6 @@ module Acme::Client::Resources::Challenges
|
|
|
11
12
|
}
|
|
12
13
|
|
|
13
14
|
def self.new(client, type:, **arguments)
|
|
14
|
-
|
|
15
|
-
if klass
|
|
16
|
-
klass.new(client, **arguments)
|
|
17
|
-
else
|
|
18
|
-
{ type: type }.merge(arguments)
|
|
19
|
-
end
|
|
15
|
+
CHALLENGE_TYPES.fetch(type, Unsupported).new(client, **arguments)
|
|
20
16
|
end
|
|
21
17
|
end
|
|
@@ -21,17 +21,9 @@ class Acme::Client::Resources::Challenges::Base
|
|
|
21
21
|
true
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
def send_challenge_vallidation(url:, key_authorization:)
|
|
25
|
-
@client.request_challenge_validation(
|
|
26
|
-
url: url,
|
|
27
|
-
key_authorization: key_authorization
|
|
28
|
-
).to_h
|
|
29
|
-
end
|
|
30
|
-
|
|
31
24
|
def request_validation
|
|
32
|
-
assign_attributes(**
|
|
33
|
-
url: url
|
|
34
|
-
key_authorization: key_authorization
|
|
25
|
+
assign_attributes(**send_challenge_validation(
|
|
26
|
+
url: url
|
|
35
27
|
))
|
|
36
28
|
true
|
|
37
29
|
end
|
|
@@ -42,6 +34,12 @@ class Acme::Client::Resources::Challenges::Base
|
|
|
42
34
|
|
|
43
35
|
private
|
|
44
36
|
|
|
37
|
+
def send_challenge_validation(url:)
|
|
38
|
+
@client.request_challenge_validation(
|
|
39
|
+
url: url
|
|
40
|
+
).to_h
|
|
41
|
+
end
|
|
42
|
+
|
|
45
43
|
def assign_attributes(status:, url:, token:, error: nil)
|
|
46
44
|
@status = status
|
|
47
45
|
@url = url
|
data/lib/acme/client/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: acme-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Charles Barbier
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-10-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -48,22 +48,22 @@ dependencies:
|
|
|
48
48
|
name: rspec
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
50
50
|
requirements:
|
|
51
|
-
- - "~>"
|
|
52
|
-
- !ruby/object:Gem::Version
|
|
53
|
-
version: '3.3'
|
|
54
51
|
- - ">="
|
|
55
52
|
- !ruby/object:Gem::Version
|
|
56
53
|
version: 3.3.0
|
|
54
|
+
- - "~>"
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '3.3'
|
|
57
57
|
type: :development
|
|
58
58
|
prerelease: false
|
|
59
59
|
version_requirements: !ruby/object:Gem::Requirement
|
|
60
60
|
requirements:
|
|
61
|
-
- - "~>"
|
|
62
|
-
- !ruby/object:Gem::Version
|
|
63
|
-
version: '3.3'
|
|
64
61
|
- - ">="
|
|
65
62
|
- !ruby/object:Gem::Version
|
|
66
63
|
version: 3.3.0
|
|
64
|
+
- - "~>"
|
|
65
|
+
- !ruby/object:Gem::Version
|
|
66
|
+
version: '3.3'
|
|
67
67
|
- !ruby/object:Gem::Dependency
|
|
68
68
|
name: vcr
|
|
69
69
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -90,20 +90,14 @@ dependencies:
|
|
|
90
90
|
requirements:
|
|
91
91
|
- - "~>"
|
|
92
92
|
- !ruby/object:Gem::Version
|
|
93
|
-
version: '
|
|
94
|
-
- - ">="
|
|
95
|
-
- !ruby/object:Gem::Version
|
|
96
|
-
version: 1.21.0
|
|
93
|
+
version: '3.3'
|
|
97
94
|
type: :development
|
|
98
95
|
prerelease: false
|
|
99
96
|
version_requirements: !ruby/object:Gem::Requirement
|
|
100
97
|
requirements:
|
|
101
98
|
- - "~>"
|
|
102
99
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: '
|
|
104
|
-
- - ">="
|
|
105
|
-
- !ruby/object:Gem::Version
|
|
106
|
-
version: 1.21.0
|
|
100
|
+
version: '3.3'
|
|
107
101
|
- !ruby/object:Gem::Dependency
|
|
108
102
|
name: faraday
|
|
109
103
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -161,6 +155,7 @@ files:
|
|
|
161
155
|
- lib/acme/client/resources/challenges/base.rb
|
|
162
156
|
- lib/acme/client/resources/challenges/dns01.rb
|
|
163
157
|
- lib/acme/client/resources/challenges/http01.rb
|
|
158
|
+
- lib/acme/client/resources/challenges/unsupported_challenge.rb
|
|
164
159
|
- lib/acme/client/resources/directory.rb
|
|
165
160
|
- lib/acme/client/resources/order.rb
|
|
166
161
|
- lib/acme/client/self_sign_certificate.rb
|
|
@@ -185,8 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
185
180
|
- !ruby/object:Gem::Version
|
|
186
181
|
version: '0'
|
|
187
182
|
requirements: []
|
|
188
|
-
|
|
189
|
-
rubygems_version: 2.5.2.3
|
|
183
|
+
rubygems_version: 3.0.3
|
|
190
184
|
signing_key:
|
|
191
185
|
specification_version: 4
|
|
192
186
|
summary: Client for the ACME protocol.
|