acme-client 2.0.4 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +1 -0
  3. data/CHANGELOG.md +5 -0
  4. data/README.md +1 -1
  5. data/acme-client.gemspec +1 -1
  6. data/lib/acme/client.rb +28 -15
  7. data/lib/acme/client/jwk/base.rb +2 -2
  8. data/lib/acme/client/resources/challenges.rb +2 -6
  9. data/lib/acme/client/resources/challenges/base.rb +8 -10
  10. data/lib/acme/client/resources/challenges/unsupported_challenge.rb +2 -0
  11. data/lib/acme/client/version.rb +1 -1
  12. metadata +12 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 54ec1f6479ae9ad3e2cbf8c5986a10c320f357c8
4
- data.tar.gz: df0f59c9c338dc51dc695be84a463af71c839476
2
+ SHA256:
3
+ metadata.gz: bdf3dcbcbe410b8843976b06e849045be1cec4515b771d2cad99bf49d2dc206d
4
+ data.tar.gz: 52b8a373c8f8135abffe75e04d581a0b7800cfb4fab23662bfc68c81ce4b8626
5
5
  SHA512:
6
- metadata.gz: d8f1abedad59da56d0703c142db46c87467cda2fe7612c638f83ca9a6b77029b783d8eea8231b04c99094495b70164efda1ca03be08be28eb70cb5ca20b15de2
7
- data.tar.gz: e6913ac5eda13275adcd2638e04d96c23a6c13083dc4e70c7956236e03a1d7d4aca22c2f388c6fc4917987dfb42ca828c27d605f2cb856ed3117e73d2b25e21d
6
+ metadata.gz: ce77c7466d8c625f043831425e4a0a6563d4ff667e6abb4280c43de00e2aa037caf5802bc56ce229f33707009d5bf76ee979b3f8161cb2dbf91ccf37c5ce8be5
7
+ data.tar.gz: 44a2290c512cea8cc8b89b42b983d14c1fba80d94dd663eed4c83877f3f5d407f1ec69a6e8d29fe205b8c5a0f6d43a2403d26d5514fd9cef99c691bbc244103f
data/.gitignore CHANGED
@@ -9,3 +9,4 @@
9
9
  /tmp/
10
10
  /vendor/bundle
11
11
  /.idea/
12
+ .tool-versions
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## `2.0.5`
2
+
3
+ * Use post-as-get
4
+ * Remove deprecated keyAuthorization
5
+
1
6
  ## `2.0.4`
2
7
 
3
8
  * Add an option to retry bad nonce errors
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  [![Build Status](https://travis-ci.org/unixcharles/acme-client.svg?branch=master)](https://travis-ci.org/unixcharles/acme-client)
4
4
 
5
- `acme-client` is a client implementation of the [ACMEv2](https://github.com/ietf-wg-acme/acme) protocol in Ruby.
5
+ `acme-client` is a client implementation of the ACMEv2 / [RFC 8555](https://tools.ietf.org/html/rfc8555) protocol in Ruby.
6
6
 
7
7
  You can find the ACME reference implementations of the [server](https://github.com/letsencrypt/boulder) in Go and the [client](https://github.com/certbot/certbot) in Python.
8
8
 
data/acme-client.gemspec CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.add_development_dependency 'rake', '~> 10.0'
21
21
  spec.add_development_dependency 'rspec', '~> 3.3', '>= 3.3.0'
22
22
  spec.add_development_dependency 'vcr', '~> 2.9', '>= 2.9.3'
23
- spec.add_development_dependency 'webmock', '~> 1.21', '>= 1.21.0'
23
+ spec.add_development_dependency 'webmock', '~> 3.3'
24
24
 
25
25
  spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
26
26
  end
data/lib/acme/client.rb CHANGED
@@ -90,7 +90,7 @@ class Acme::Client
90
90
  response.headers.fetch(:location)
91
91
  end
92
92
 
93
- response = post(@kid)
93
+ response = post_as_get(@kid)
94
94
  arguments = attributes_from_account_response(response)
95
95
  Acme::Client::Resources::Account.new(self, url: @kid, **arguments)
96
96
  end
@@ -101,13 +101,7 @@ class Acme::Client
101
101
 
102
102
  def new_order(identifiers:, not_before: nil, not_after: nil)
103
103
  payload = {}
104
- payload['identifiers'] = if identifiers.is_a?(Hash)
105
- identifiers
106
- else
107
- Array(identifiers).map do |identifier|
108
- { type: 'dns', value: identifier }
109
- end
110
- end
104
+ payload['identifiers'] = prepare_order_identifiers(identifiers)
111
105
  payload['notBefore'] = not_before if not_before
112
106
  payload['notAfter'] = not_after if not_after
113
107
 
@@ -117,7 +111,7 @@ class Acme::Client
117
111
  end
118
112
 
119
113
  def order(url:)
120
- response = get(url)
114
+ response = post_as_get(url)
121
115
  arguments = attributes_from_order_response(response)
122
116
  Acme::Client::Resources::Order.new(self, **arguments.merge(url: url))
123
117
  end
@@ -139,7 +133,7 @@ class Acme::Client
139
133
  end
140
134
 
141
135
  def authorization(url:)
142
- response = get(url)
136
+ response = post_as_get(url)
143
137
  arguments = attributes_from_authorization_response(response)
144
138
  Acme::Client::Resources::Authorization.new(self, url: url, **arguments)
145
139
  end
@@ -151,13 +145,13 @@ class Acme::Client
151
145
  end
152
146
 
153
147
  def challenge(url:)
154
- response = get(url)
148
+ response = post_as_get(url)
155
149
  arguments = attributes_from_challenge_response(response)
156
150
  Acme::Client::Resources::Challenges.new(self, **arguments)
157
151
  end
158
152
 
159
- def request_challenge_validation(url:, key_authorization:)
160
- response = post(url, payload: { keyAuthorization: key_authorization })
153
+ def request_challenge_validation(url:, key_authorization: nil)
154
+ response = post(url, payload: {})
161
155
  arguments = attributes_from_challenge_response(response)
162
156
  Acme::Client::Resources::Challenges.new(self, **arguments)
163
157
  end
@@ -206,6 +200,20 @@ class Acme::Client
206
200
 
207
201
  private
208
202
 
203
+ def prepare_order_identifiers(identifiers)
204
+ if identifiers.is_a?(Hash)
205
+ [identifiers]
206
+ else
207
+ Array(identifiers).map do |identifier|
208
+ if identifier.is_a?(String)
209
+ { type: 'dns', value: identifier }
210
+ else
211
+ identifier
212
+ end
213
+ end
214
+ end
215
+ end
216
+
209
217
  def attributes_from_account_response(response)
210
218
  extract_attributes(
211
219
  response.body,
@@ -252,14 +260,19 @@ class Acme::Client
252
260
  connection.post(url, payload)
253
261
  end
254
262
 
263
+ def post_as_get(url, mode: :kid)
264
+ connection = connection_for(url: url, mode: mode)
265
+ connection.post(url, nil)
266
+ end
267
+
255
268
  def get(url, mode: :kid)
256
269
  connection = connection_for(url: url, mode: mode)
257
270
  connection.get(url)
258
271
  end
259
272
 
260
273
  def download(url, format:)
261
- connection = connection_for(url: url, mode: :download)
262
- connection.get do |request|
274
+ connection = connection_for(url: url, mode: :kid)
275
+ connection.post do |request|
263
276
  request.url(url)
264
277
  request.headers['Accept'] = CONTENT_TYPES.fetch(format)
265
278
  end
data/lib/acme/client/jwk/base.rb CHANGED
@@ -14,10 +14,10 @@ class Acme::Client::JWK::Base
14
14
  # payload - A Hash of payload data.
15
15
  #
16
16
  # Returns a JSON String.
17
- def jws(header: {}, payload: {})
17
+ def jws(header: {}, payload:)
18
18
  header = jws_header(header)
19
19
  encoded_header = Acme::Client::Util.urlsafe_base64(header.to_json)
20
- encoded_payload = Acme::Client::Util.urlsafe_base64(payload.to_json)
20
+ encoded_payload = Acme::Client::Util.urlsafe_base64(payload.nil? ? '' : payload.to_json)
21
21
 
22
22
  signature_data = "#{encoded_header}.#{encoded_payload}"
23
23
  signature = sign(signature_data)
data/lib/acme/client/resources/challenges.rb CHANGED
@@ -4,6 +4,7 @@ module Acme::Client::Resources::Challenges
4
4
  require 'acme/client/resources/challenges/base'
5
5
  require 'acme/client/resources/challenges/http01'
6
6
  require 'acme/client/resources/challenges/dns01'
7
+ require 'acme/client/resources/challenges/unsupported_challenge'
7
8
 
8
9
  CHALLENGE_TYPES = {
9
10
  'http-01' => Acme::Client::Resources::Challenges::HTTP01,
@@ -11,11 +12,6 @@ module Acme::Client::Resources::Challenges
11
12
  }
12
13
 
13
14
  def self.new(client, type:, **arguments)
14
- klass = CHALLENGE_TYPES[type]
15
- if klass
16
- klass.new(client, **arguments)
17
- else
18
- { type: type }.merge(arguments)
19
- end
15
+ CHALLENGE_TYPES.fetch(type, Unsupported).new(client, **arguments)
20
16
  end
21
17
  end
data/lib/acme/client/resources/challenges/base.rb CHANGED
@@ -21,17 +21,9 @@ class Acme::Client::Resources::Challenges::Base
21
21
  true
22
22
  end
23
23
 
24
- def send_challenge_vallidation(url:, key_authorization:)
25
- @client.request_challenge_validation(
26
- url: url,
27
- key_authorization: key_authorization
28
- ).to_h
29
- end
30
-
31
24
  def request_validation
32
- assign_attributes(**send_challenge_vallidation(
33
- url: url,
34
- key_authorization: key_authorization
25
+ assign_attributes(**send_challenge_validation(
26
+ url: url
35
27
  ))
36
28
  true
37
29
  end
@@ -42,6 +34,12 @@ class Acme::Client::Resources::Challenges::Base
42
34
 
43
35
  private
44
36
 
37
+ def send_challenge_validation(url:)
38
+ @client.request_challenge_validation(
39
+ url: url
40
+ ).to_h
41
+ end
42
+
45
43
  def assign_attributes(status:, url:, token:, error: nil)
46
44
  @status = status
47
45
  @url = url
data/lib/acme/client/resources/challenges/unsupported_challenge.rb ADDED
@@ -0,0 +1,2 @@
1
+ class Acme::Client::Resources::Challenges::Unsupported < Acme::Client::Resources::Challenges::Base
2
+ end
data/lib/acme/client/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Acme
4
4
  class Client
5
- VERSION = '2.0.4'.freeze
5
+ VERSION = '2.0.5'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.4
4
+ version: 2.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-29 00:00:00.000000000 Z
11
+ date: 2019-10-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -48,22 +48,22 @@ dependencies:
48
48
  name: rspec
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
- - - "~>"
52
- - !ruby/object:Gem::Version
53
- version: '3.3'
54
51
  - - ">="
55
52
  - !ruby/object:Gem::Version
56
53
  version: 3.3.0
54
+ - - "~>"
55
+ - !ruby/object:Gem::Version
56
+ version: '3.3'
57
57
  type: :development
58
58
  prerelease: false
59
59
  version_requirements: !ruby/object:Gem::Requirement
60
60
  requirements:
61
- - - "~>"
62
- - !ruby/object:Gem::Version
63
- version: '3.3'
64
61
  - - ">="
65
62
  - !ruby/object:Gem::Version
66
63
  version: 3.3.0
64
+ - - "~>"
65
+ - !ruby/object:Gem::Version
66
+ version: '3.3'
67
67
  - !ruby/object:Gem::Dependency
68
68
  name: vcr
69
69
  requirement: !ruby/object:Gem::Requirement
@@ -90,20 +90,14 @@ dependencies:
90
90
  requirements:
91
91
  - - "~>"
92
92
  - !ruby/object:Gem::Version
93
- version: '1.21'
94
- - - ">="
95
- - !ruby/object:Gem::Version
96
- version: 1.21.0
93
+ version: '3.3'
97
94
  type: :development
98
95
  prerelease: false
99
96
  version_requirements: !ruby/object:Gem::Requirement
100
97
  requirements:
101
98
  - - "~>"
102
99
  - !ruby/object:Gem::Version
103
- version: '1.21'
104
- - - ">="
105
- - !ruby/object:Gem::Version
106
- version: 1.21.0
100
+ version: '3.3'
107
101
  - !ruby/object:Gem::Dependency
108
102
  name: faraday
109
103
  requirement: !ruby/object:Gem::Requirement
@@ -161,6 +155,7 @@ files:
161
155
  - lib/acme/client/resources/challenges/base.rb
162
156
  - lib/acme/client/resources/challenges/dns01.rb
163
157
  - lib/acme/client/resources/challenges/http01.rb
158
+ - lib/acme/client/resources/challenges/unsupported_challenge.rb
164
159
  - lib/acme/client/resources/directory.rb
165
160
  - lib/acme/client/resources/order.rb
166
161
  - lib/acme/client/self_sign_certificate.rb
@@ -185,8 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
185
180
  - !ruby/object:Gem::Version
186
181
  version: '0'
187
182
  requirements: []
188
- rubyforge_project:
189
- rubygems_version: 2.5.2.3
183
+ rubygems_version: 3.0.3
190
184
  signing_key:
191
185
  specification_version: 4
192
186
  summary: Client for the ACME protocol.