acme-client 2.0.4 → 2.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/CHANGELOG.md +5 -0
- data/README.md +1 -1
- data/acme-client.gemspec +1 -1
- data/lib/acme/client.rb +28 -15
- data/lib/acme/client/jwk/base.rb +2 -2
- data/lib/acme/client/resources/challenges.rb +2 -6
- data/lib/acme/client/resources/challenges/base.rb +8 -10
- data/lib/acme/client/resources/challenges/unsupported_challenge.rb +2 -0
- data/lib/acme/client/version.rb +1 -1
- metadata +12 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: bdf3dcbcbe410b8843976b06e849045be1cec4515b771d2cad99bf49d2dc206d
|
4
|
+
data.tar.gz: 52b8a373c8f8135abffe75e04d581a0b7800cfb4fab23662bfc68c81ce4b8626
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ce77c7466d8c625f043831425e4a0a6563d4ff667e6abb4280c43de00e2aa037caf5802bc56ce229f33707009d5bf76ee979b3f8161cb2dbf91ccf37c5ce8be5
|
7
|
+
data.tar.gz: 44a2290c512cea8cc8b89b42b983d14c1fba80d94dd663eed4c83877f3f5d407f1ec69a6e8d29fe205b8c5a0f6d43a2403d26d5514fd9cef99c691bbc244103f
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
[![Build Status](https://travis-ci.org/unixcharles/acme-client.svg?branch=master)](https://travis-ci.org/unixcharles/acme-client)
|
4
4
|
|
5
|
-
`acme-client` is a client implementation of the [
|
5
|
+
`acme-client` is a client implementation of the ACMEv2 / [RFC 8555](https://tools.ietf.org/html/rfc8555) protocol in Ruby.
|
6
6
|
|
7
7
|
You can find the ACME reference implementations of the [server](https://github.com/letsencrypt/boulder) in Go and the [client](https://github.com/certbot/certbot) in Python.
|
8
8
|
|
data/acme-client.gemspec
CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
20
20
|
spec.add_development_dependency 'rake', '~> 10.0'
|
21
21
|
spec.add_development_dependency 'rspec', '~> 3.3', '>= 3.3.0'
|
22
22
|
spec.add_development_dependency 'vcr', '~> 2.9', '>= 2.9.3'
|
23
|
-
spec.add_development_dependency 'webmock', '~>
|
23
|
+
spec.add_development_dependency 'webmock', '~> 3.3'
|
24
24
|
|
25
25
|
spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
|
26
26
|
end
|
data/lib/acme/client.rb
CHANGED
@@ -90,7 +90,7 @@ class Acme::Client
|
|
90
90
|
response.headers.fetch(:location)
|
91
91
|
end
|
92
92
|
|
93
|
-
response =
|
93
|
+
response = post_as_get(@kid)
|
94
94
|
arguments = attributes_from_account_response(response)
|
95
95
|
Acme::Client::Resources::Account.new(self, url: @kid, **arguments)
|
96
96
|
end
|
@@ -101,13 +101,7 @@ class Acme::Client
|
|
101
101
|
|
102
102
|
def new_order(identifiers:, not_before: nil, not_after: nil)
|
103
103
|
payload = {}
|
104
|
-
payload['identifiers'] =
|
105
|
-
identifiers
|
106
|
-
else
|
107
|
-
Array(identifiers).map do |identifier|
|
108
|
-
{ type: 'dns', value: identifier }
|
109
|
-
end
|
110
|
-
end
|
104
|
+
payload['identifiers'] = prepare_order_identifiers(identifiers)
|
111
105
|
payload['notBefore'] = not_before if not_before
|
112
106
|
payload['notAfter'] = not_after if not_after
|
113
107
|
|
@@ -117,7 +111,7 @@ class Acme::Client
|
|
117
111
|
end
|
118
112
|
|
119
113
|
def order(url:)
|
120
|
-
response =
|
114
|
+
response = post_as_get(url)
|
121
115
|
arguments = attributes_from_order_response(response)
|
122
116
|
Acme::Client::Resources::Order.new(self, **arguments.merge(url: url))
|
123
117
|
end
|
@@ -139,7 +133,7 @@ class Acme::Client
|
|
139
133
|
end
|
140
134
|
|
141
135
|
def authorization(url:)
|
142
|
-
response =
|
136
|
+
response = post_as_get(url)
|
143
137
|
arguments = attributes_from_authorization_response(response)
|
144
138
|
Acme::Client::Resources::Authorization.new(self, url: url, **arguments)
|
145
139
|
end
|
@@ -151,13 +145,13 @@ class Acme::Client
|
|
151
145
|
end
|
152
146
|
|
153
147
|
def challenge(url:)
|
154
|
-
response =
|
148
|
+
response = post_as_get(url)
|
155
149
|
arguments = attributes_from_challenge_response(response)
|
156
150
|
Acme::Client::Resources::Challenges.new(self, **arguments)
|
157
151
|
end
|
158
152
|
|
159
|
-
def request_challenge_validation(url:, key_authorization:)
|
160
|
-
response = post(url, payload: {
|
153
|
+
def request_challenge_validation(url:, key_authorization: nil)
|
154
|
+
response = post(url, payload: {})
|
161
155
|
arguments = attributes_from_challenge_response(response)
|
162
156
|
Acme::Client::Resources::Challenges.new(self, **arguments)
|
163
157
|
end
|
@@ -206,6 +200,20 @@ class Acme::Client
|
|
206
200
|
|
207
201
|
private
|
208
202
|
|
203
|
+
def prepare_order_identifiers(identifiers)
|
204
|
+
if identifiers.is_a?(Hash)
|
205
|
+
[identifiers]
|
206
|
+
else
|
207
|
+
Array(identifiers).map do |identifier|
|
208
|
+
if identifier.is_a?(String)
|
209
|
+
{ type: 'dns', value: identifier }
|
210
|
+
else
|
211
|
+
identifier
|
212
|
+
end
|
213
|
+
end
|
214
|
+
end
|
215
|
+
end
|
216
|
+
|
209
217
|
def attributes_from_account_response(response)
|
210
218
|
extract_attributes(
|
211
219
|
response.body,
|
@@ -252,14 +260,19 @@ class Acme::Client
|
|
252
260
|
connection.post(url, payload)
|
253
261
|
end
|
254
262
|
|
263
|
+
def post_as_get(url, mode: :kid)
|
264
|
+
connection = connection_for(url: url, mode: mode)
|
265
|
+
connection.post(url, nil)
|
266
|
+
end
|
267
|
+
|
255
268
|
def get(url, mode: :kid)
|
256
269
|
connection = connection_for(url: url, mode: mode)
|
257
270
|
connection.get(url)
|
258
271
|
end
|
259
272
|
|
260
273
|
def download(url, format:)
|
261
|
-
connection = connection_for(url: url, mode: :
|
262
|
-
connection.
|
274
|
+
connection = connection_for(url: url, mode: :kid)
|
275
|
+
connection.post do |request|
|
263
276
|
request.url(url)
|
264
277
|
request.headers['Accept'] = CONTENT_TYPES.fetch(format)
|
265
278
|
end
|
data/lib/acme/client/jwk/base.rb
CHANGED
@@ -14,10 +14,10 @@ class Acme::Client::JWK::Base
|
|
14
14
|
# payload - A Hash of payload data.
|
15
15
|
#
|
16
16
|
# Returns a JSON String.
|
17
|
-
def jws(header: {}, payload:
|
17
|
+
def jws(header: {}, payload:)
|
18
18
|
header = jws_header(header)
|
19
19
|
encoded_header = Acme::Client::Util.urlsafe_base64(header.to_json)
|
20
|
-
encoded_payload = Acme::Client::Util.urlsafe_base64(payload.to_json)
|
20
|
+
encoded_payload = Acme::Client::Util.urlsafe_base64(payload.nil? ? '' : payload.to_json)
|
21
21
|
|
22
22
|
signature_data = "#{encoded_header}.#{encoded_payload}"
|
23
23
|
signature = sign(signature_data)
|
@@ -4,6 +4,7 @@ module Acme::Client::Resources::Challenges
|
|
4
4
|
require 'acme/client/resources/challenges/base'
|
5
5
|
require 'acme/client/resources/challenges/http01'
|
6
6
|
require 'acme/client/resources/challenges/dns01'
|
7
|
+
require 'acme/client/resources/challenges/unsupported_challenge'
|
7
8
|
|
8
9
|
CHALLENGE_TYPES = {
|
9
10
|
'http-01' => Acme::Client::Resources::Challenges::HTTP01,
|
@@ -11,11 +12,6 @@ module Acme::Client::Resources::Challenges
|
|
11
12
|
}
|
12
13
|
|
13
14
|
def self.new(client, type:, **arguments)
|
14
|
-
|
15
|
-
if klass
|
16
|
-
klass.new(client, **arguments)
|
17
|
-
else
|
18
|
-
{ type: type }.merge(arguments)
|
19
|
-
end
|
15
|
+
CHALLENGE_TYPES.fetch(type, Unsupported).new(client, **arguments)
|
20
16
|
end
|
21
17
|
end
|
@@ -21,17 +21,9 @@ class Acme::Client::Resources::Challenges::Base
|
|
21
21
|
true
|
22
22
|
end
|
23
23
|
|
24
|
-
def send_challenge_vallidation(url:, key_authorization:)
|
25
|
-
@client.request_challenge_validation(
|
26
|
-
url: url,
|
27
|
-
key_authorization: key_authorization
|
28
|
-
).to_h
|
29
|
-
end
|
30
|
-
|
31
24
|
def request_validation
|
32
|
-
assign_attributes(**
|
33
|
-
url: url
|
34
|
-
key_authorization: key_authorization
|
25
|
+
assign_attributes(**send_challenge_validation(
|
26
|
+
url: url
|
35
27
|
))
|
36
28
|
true
|
37
29
|
end
|
@@ -42,6 +34,12 @@ class Acme::Client::Resources::Challenges::Base
|
|
42
34
|
|
43
35
|
private
|
44
36
|
|
37
|
+
def send_challenge_validation(url:)
|
38
|
+
@client.request_challenge_validation(
|
39
|
+
url: url
|
40
|
+
).to_h
|
41
|
+
end
|
42
|
+
|
45
43
|
def assign_attributes(status:, url:, token:, error: nil)
|
46
44
|
@status = status
|
47
45
|
@url = url
|
data/lib/acme/client/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: acme-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Charles Barbier
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-10-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -48,22 +48,22 @@ dependencies:
|
|
48
48
|
name: rspec
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
50
50
|
requirements:
|
51
|
-
- - "~>"
|
52
|
-
- !ruby/object:Gem::Version
|
53
|
-
version: '3.3'
|
54
51
|
- - ">="
|
55
52
|
- !ruby/object:Gem::Version
|
56
53
|
version: 3.3.0
|
54
|
+
- - "~>"
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: '3.3'
|
57
57
|
type: :development
|
58
58
|
prerelease: false
|
59
59
|
version_requirements: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
|
-
- - "~>"
|
62
|
-
- !ruby/object:Gem::Version
|
63
|
-
version: '3.3'
|
64
61
|
- - ">="
|
65
62
|
- !ruby/object:Gem::Version
|
66
63
|
version: 3.3.0
|
64
|
+
- - "~>"
|
65
|
+
- !ruby/object:Gem::Version
|
66
|
+
version: '3.3'
|
67
67
|
- !ruby/object:Gem::Dependency
|
68
68
|
name: vcr
|
69
69
|
requirement: !ruby/object:Gem::Requirement
|
@@ -90,20 +90,14 @@ dependencies:
|
|
90
90
|
requirements:
|
91
91
|
- - "~>"
|
92
92
|
- !ruby/object:Gem::Version
|
93
|
-
version: '
|
94
|
-
- - ">="
|
95
|
-
- !ruby/object:Gem::Version
|
96
|
-
version: 1.21.0
|
93
|
+
version: '3.3'
|
97
94
|
type: :development
|
98
95
|
prerelease: false
|
99
96
|
version_requirements: !ruby/object:Gem::Requirement
|
100
97
|
requirements:
|
101
98
|
- - "~>"
|
102
99
|
- !ruby/object:Gem::Version
|
103
|
-
version: '
|
104
|
-
- - ">="
|
105
|
-
- !ruby/object:Gem::Version
|
106
|
-
version: 1.21.0
|
100
|
+
version: '3.3'
|
107
101
|
- !ruby/object:Gem::Dependency
|
108
102
|
name: faraday
|
109
103
|
requirement: !ruby/object:Gem::Requirement
|
@@ -161,6 +155,7 @@ files:
|
|
161
155
|
- lib/acme/client/resources/challenges/base.rb
|
162
156
|
- lib/acme/client/resources/challenges/dns01.rb
|
163
157
|
- lib/acme/client/resources/challenges/http01.rb
|
158
|
+
- lib/acme/client/resources/challenges/unsupported_challenge.rb
|
164
159
|
- lib/acme/client/resources/directory.rb
|
165
160
|
- lib/acme/client/resources/order.rb
|
166
161
|
- lib/acme/client/self_sign_certificate.rb
|
@@ -185,8 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
185
180
|
- !ruby/object:Gem::Version
|
186
181
|
version: '0'
|
187
182
|
requirements: []
|
188
|
-
|
189
|
-
rubygems_version: 2.5.2.3
|
183
|
+
rubygems_version: 3.0.3
|
190
184
|
signing_key:
|
191
185
|
specification_version: 4
|
192
186
|
summary: Client for the ACME protocol.
|