Class: Acme::Client

Inherits:

Object

• Object
• Acme::Client

Defined in:

lib/acme/client.rb,
lib/acme/client.rb,
lib/acme/client/version.rb

Defined Under Namespace

Modules: JWK, Resources, Util Classes: Certificate, CertificateRequest, Error, FaradayMiddleware, SelfSignCertificate

Constant Summary

DEFAULT_ENDPOINT =

'http://127.0.0.1:4000'.freeze

DIRECTORY_DEFAULT =

{
  'new-authz' => '/acme/new-authz',
  'new-cert' => '/acme/new-cert',
  'new-reg' => '/acme/new-reg',
  'revoke-cert' => '/acme/revoke-cert'
}.freeze

VERSION =

'0.6.2'.freeze

Instance Attribute Summary

• #directory_uri ⇒ Object readonly

  Returns the value of attribute directory_uri.

• #endpoint ⇒ Object readonly

  Returns the value of attribute endpoint.

• #jwk ⇒ Object readonly

  Returns the value of attribute jwk.

• #nonces ⇒ Object readonly

  Returns the value of attribute nonces.

• #operation_endpoints ⇒ Object readonly

  Returns the value of attribute operation_endpoints.

Class Method Summary

• .revoke_certificate(certificate, *arguments) ⇒ Object

Instance Method Summary

• #authorize(domain:) ⇒ Object
• #connection ⇒ Object
• #fetch_authorization(uri) ⇒ Object
• #initialize(jwk: nil, private_key: nil, endpoint: DEFAULT_ENDPOINT, directory_uri: nil, connection_options: {}) ⇒ Client constructor

  A new instance of Client.

• #new_certificate(csr) ⇒ Object
• #register(contact:) ⇒ Object
• #revoke_certificate(certificate) ⇒ Object

Constructor Details

#initialize(jwk: nil, private_key: nil, endpoint: DEFAULT_ENDPOINT, directory_uri: nil, connection_options: {}) ⇒ Client

Returns a new instance of Client.

# File 'lib/acme/client.rb', line 33

def initialize(jwk: nil, private_key: nil, endpoint: DEFAULT_ENDPOINT, directory_uri: nil, connection_options: {})
  if jwk.nil? && private_key.nil?
    raise ArgumentError, 'must specify jwk or private_key'
  end

  @jwk = if jwk
    jwk
  else
    Acme::Client::JWK.from_private_key(private_key)
  end

  @endpoint, @directory_uri, @connection_options = endpoint, directory_uri, connection_options
  @nonces ||= []
  load_directory!
end

Instance Attribute Details

#directory_uri ⇒ Object (readonly)

Returns the value of attribute directory_uri.

# File 'lib/acme/client.rb', line 49

def directory_uri
  @directory_uri
end

#endpoint ⇒ Object (readonly)

Returns the value of attribute endpoint.

# File 'lib/acme/client.rb', line 49

def endpoint
  @endpoint
end

#jwk ⇒ Object (readonly)

Returns the value of attribute jwk.

# File 'lib/acme/client.rb', line 49

def jwk
  @jwk
end

#nonces ⇒ Object (readonly)

Returns the value of attribute nonces.

# File 'lib/acme/client.rb', line 49

def nonces
  @nonces
end

#operation_endpoints ⇒ Object (readonly)

Returns the value of attribute operation_endpoints.

# File 'lib/acme/client.rb', line 49

def operation_endpoints
  @operation_endpoints
end

Class Method Details

.revoke_certificate(certificate, *arguments) ⇒ Object

# File 'lib/acme/client.rb', line 95

def self.revoke_certificate(certificate, *arguments)
  client = new(*arguments)
  client.revoke_certificate(certificate)
end

Instance Method Details

#authorize(domain:) ⇒ Object

# File 'lib/acme/client.rb', line 60

def authorize(domain:)
  payload = {
    resource: 'new-authz',
    identifier: {
      type: 'dns',
      value: domain
    }
  }

  response = connection.post(@operation_endpoints.fetch('new-authz'), payload)
  ::Acme::Client::Resources::Authorization.new(self, response.headers['Location'], response)
end

#connection ⇒ Object

# File 'lib/acme/client.rb', line 100

def connection
  @connection ||= Faraday.new(@endpoint, **@connection_options) do |configuration|
    configuration.use Acme::Client::FaradayMiddleware, client: self
    configuration.adapter Faraday.default_adapter
  end
end

#fetch_authorization(uri) ⇒ Object

# File 'lib/acme/client.rb', line 73

def fetch_authorization(uri)
  response = connection.get(uri)
  ::Acme::Client::Resources::Authorization.new(self, uri, response)
end

#new_certificate(csr) ⇒ Object

# File 'lib/acme/client.rb', line 78

def new_certificate(csr)
  payload = {
    resource: 'new-cert',
    csr: Base64.urlsafe_encode64(csr.to_der)
  }

  response = connection.post(@operation_endpoints.fetch('new-cert'), payload)
  ::Acme::Client::Certificate.new(OpenSSL::X509::Certificate.new(response.body), response.headers['location'], fetch_chain(response), csr)
end

#register(contact:) ⇒ Object

# File 'lib/acme/client.rb', line 51

def register(contact:)
  payload = {
    resource: 'new-reg', contact: Array(contact)
  }

  response = connection.post(@operation_endpoints.fetch('new-reg'), payload)
  ::Acme::Client::Resources::Registration.new(self, response)
end

#revoke_certificate(certificate) ⇒ Object

# File 'lib/acme/client.rb', line 88

def revoke_certificate(certificate)
  payload = { resource: 'revoke-cert', certificate: Base64.urlsafe_encode64(certificate.to_der) }
  endpoint = @operation_endpoints.fetch('revoke-cert')
  response = connection.post(endpoint, payload)
  response.success?
end