RubyGems - rails-letsencrypt - Versions diffs - 0.5.5 → 0.6.0 - Mend

rails-letsencrypt 0.5.5 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/app/models/concerns/lets_encrypt/certificate_issuable.rb +12 -11
data/app/models/concerns/lets_encrypt/certificate_verifiable.rb +9 -8
data/app/models/lets_encrypt/certificate.rb +4 -0
data/lib/letsencrypt.rb +6 -7
data/lib/letsencrypt/version.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a5aeeebd0dd776f4fcc05752ea8b438878398d79
-  data.tar.gz: fdff5b40a3526cbff50a83c7811b5a9970ccdf19
+  metadata.gz: 5be585e8379ddfbc487d70af910c3cf3302fb69b
+  data.tar.gz: 492664cf69aaf349837c0ae4f776ebb5fd6d913f
 SHA512:
-  metadata.gz: d8759789aae5935de7951c65bb1281de060485ed0ff0d5532f825cd1bb6a0087a2fab3e659c94d42dc76a81f5bf3da7a974eda33e8214d6d94d8f8666a86903f
-  data.tar.gz: d092e84fd25d14dd4e22546f922d9e74cce4a9357f5f0d1948f43c444fa1c8453170fbf313d51817648fcabefccf75e9c6b7ca9529a9bf3a45ef1d7d8d88f2d9
+  metadata.gz: 02564ed000fac27c0c623da185ffb58d0e37665fc979bf565d7e69a64743b88990991fd82962cc97aa23fd0e18ad6ace0d527561bc9c2addaff3fc494dd61cc3
+  data.tar.gz: b90615e07e0d1eeea7cb9deccc5b71926bd195d56d4e25ec304d2ce2f9c04a181db28599acb8a4c7123313115087404943d9f621638cbcc09a104db34df9bfed

data/app/models/concerns/lets_encrypt/certificate_issuable.rb CHANGED Viewed

@@ -18,21 +18,22 @@ module LetsEncrypt
     private
     def csr
-      csr = OpenSSL::X509::Request.new
-      csr.subject = OpenSSL::X509::Name.new(
-        [['CN', domain, OpenSSL::ASN1::UTF8STRING]]
+      Acme::Client::CertificateRequest.new(
+        private_key: OpenSSL::PKey::RSA.new(key),
+        subject: {
+          common_name: domain
+        }
       )
-      private_key = OpenSSL::PKey::RSA.new(key)
-      csr.public_key = private_key.public_key
-      csr.sign(private_key, OpenSSL::Digest::SHA256.new)
-      csr
     end
     def create_certificate
-      https_cert = LetsEncrypt.client.new_certificate(csr)
-      self.certificate = https_cert.to_pem
-      self.intermediaries = https_cert.chain_to_pem
-      self.expires_at = https_cert.x509.not_after
+      order.finalize(csr: csr)
+      sleep 1 while order.status == 'processing'
+      fullchain = order.certificate.split("\n\n")
+      cert = OpenSSL::X509::Certificate.new(fullchain.shift)
+      self.certificate = cert.to_pem
+      self.intermediaries = fullchain.join("\n\n")
+      self.expires_at = cert.not_after
       self.renew_after = (expires_at - 1.month) + rand(10).days
       save!
     end

data/app/models/concerns/lets_encrypt/certificate_verifiable.rb CHANGED Viewed

@@ -7,7 +7,7 @@ module LetsEncrypt
     # Returns true if verify domain is succeed.
     def verify
-      start_authorize
+      create_order
       start_challenge
       wait_verify_status
       check_verify_status
@@ -17,9 +17,9 @@ module LetsEncrypt
     private
-    def start_authorize
-      authorization = LetsEncrypt.client.authorize(domain: domain)
-      @challenge = authorization.http01
+    def create_order
+      # TODO: Support multiple domain
+      @challenge = order.authorizations.first.http
       self.verification_path = @challenge.filename
       self.verification_string = @challenge.file_content
       save!
@@ -27,24 +27,25 @@ module LetsEncrypt
     def start_challenge
       logger.info "Attempting verification of #{domain}"
-      @challenge.request_verification
+      @challenge.request_validation
     end
     def wait_verify_status
       checks = 0
-      until @challenge.verify_status != 'pending'
+      until @challenge.status != 'pending'
         checks += 1
         if checks > 30
           logger.info 'Status remained at pending for 30 checks'
           return false
         end
         sleep 1
+        @challenge.reload
       end
     end
     def check_verify_status
-      unless @challenge.verify_status == 'valid'
-        logger.info "Status was not valid (was: #{@challenge.verify_status})"
+      unless @challenge.status == 'valid'
+        logger.info "Status was not valid (was: #{@challenge.status})"
         return false
       end

data/app/models/lets_encrypt/certificate.rb CHANGED Viewed

@@ -78,5 +78,9 @@ module LetsEncrypt
     def logger
       LetsEncrypt.logger
     end
+    def order
+      @order ||= LetsEncrypt.client.new_order(identifiers: [domain])
+    end
   end
 end

data/lib/letsencrypt.rb CHANGED Viewed

@@ -12,18 +12,18 @@ require 'letsencrypt/redis'
 # :nodoc:
 module LetsEncrypt
   # Production mode API Endpoint
-  ENDPOINT = 'https://acme-v01.api.letsencrypt.org/'
+  ENDPOINT = 'https://acme-v02.api.letsencrypt.org/directory'
   # Staging mode API Endpoint, the rate limit is higher
   # but got invalid certificate for testing
-  ENDPOINT_STAGING = 'https://acme-staging.api.letsencrypt.org'
+  ENDPOINT_STAGING = 'https://acme-staging-v02.api.letsencrypt.org/directory'
   class << self
     # Create the ACME Client to Let's Encrypt
     def client
       @client ||= ::Acme::Client.new(
         private_key: private_key,
-        endpoint: endpoint
+        directory: directory
       )
     end
@@ -38,7 +38,7 @@ module LetsEncrypt
     end
     # Get current using Let's Encrypt endpoint
-    def endpoint
+    def directory
       @endpoint ||= config.use_staging? ? ENDPOINT_STAGING : ENDPOINT
     end
@@ -49,10 +49,9 @@ module LetsEncrypt
     # connect with domain and assign the owner who can
     # renew and revoked.
     def register(email)
-      registration = client.register(contact: "mailto:#{email}")
+      account = client.new_account(contact: "mailto:#{email}", terms_of_service_agreed: true)
       logger.info "Successfully registered private key with address #{email}"
-      registration.agree_terms
-      logger.info 'Terms have been accepted'
+      account.kid # TODO: Save KID
       true
     end

data/lib/letsencrypt/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module LetsEncrypt
-  VERSION = '0.5.5'
+  VERSION = '0.6.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails-letsencrypt
 version: !ruby/object:Gem::Version
-  version: 0.5.5
+  version: 0.6.0
 platform: ruby
 authors:
 - 蒼時弦也
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-06-20 00:00:00.000000000 Z
+date: 2018-08-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: redis
   requirement: !ruby/object:Gem::Requirement