Class: Acme::Client

Inherits:

Object

• Object
• Acme::Client

Defined in:

lib/acme/client.rb,
lib/acme/version.rb

Constant Summary

DEFAULT_ENDPOINT =

'http://127.0.0.1:4000'

DIRECTORY_DEFAULT =

{
  'new-authz' => '/acme/new-authz',
  'new-cert' => '/acme/new-cert',
  'new-reg' => '/acme/new-reg',
  'revoke-cert' => '/acme/revoke-cert'
}

VERSION =

'0.2.0'

Instance Attribute Summary

• #nonces ⇒ Object readonly

  Returns the value of attribute nonces.

• #operation_endpoints ⇒ Object readonly

  Returns the value of attribute operation_endpoints.

• #private_key ⇒ Object readonly

  Returns the value of attribute private_key.

Instance Method Summary

• #authorize(domain:) ⇒ Object
• #connection ⇒ Object
• #fetch_chain(response, limit = 10) ⇒ Object
• #initialize(private_key:, endpoint: DEFAULT_ENDPOINT, directory_uri: nil) ⇒ Client constructor

  A new instance of Client.

• #load_directory! ⇒ Object
• #new_certificate(csr) ⇒ Object
• #register(contact:) ⇒ Object

Constructor Details

#initialize(private_key:, endpoint: DEFAULT_ENDPOINT, directory_uri: nil) ⇒ Client

Returns a new instance of Client.

# File 'lib/acme/client.rb', line 10

def initialize(private_key:, endpoint: DEFAULT_ENDPOINT, directory_uri: nil)
  @endpoint, @private_key, @directory_uri = endpoint, private_key, directory_uri
  @nonces ||= []
  load_directory!
end

Instance Attribute Details

#nonces ⇒ Object (readonly)

Returns the value of attribute nonces.

# File 'lib/acme/client.rb', line 16

def nonces
  @nonces
end

#operation_endpoints ⇒ Object (readonly)

Returns the value of attribute operation_endpoints.

# File 'lib/acme/client.rb', line 16

def operation_endpoints
  @operation_endpoints
end

#private_key ⇒ Object (readonly)

Returns the value of attribute private_key.

# File 'lib/acme/client.rb', line 16

def private_key
  @private_key
end

Instance Method Details

#authorize(domain:) ⇒ Object

# File 'lib/acme/client.rb', line 27

def authorize(domain:)
  payload = {
    resource: 'new-authz',
    identifier: {
      type: 'dns',
      value: domain
    }
  }

  response = connection.post(@operation_endpoints.fetch('new-authz'), payload)
  ::Acme::Resources::Authorization.new(self, response)
end

#connection ⇒ Object

# File 'lib/acme/client.rb', line 59

def connection
  @connection ||= Faraday.new(@endpoint) do |configuration|
    configuration.use Acme::FaradayMiddleware, client: self
    configuration.adapter Faraday.default_adapter
  end
end

#fetch_chain(response, limit = 10) ⇒ Object

# File 'lib/acme/client.rb', line 50

def fetch_chain(response, limit=10)
  if limit == 0 || response.headers["link"].nil? || response.headers["link"]["up"].nil?
    []
  else
    issuer = connection.get(response.headers["link"]["up"])
    [OpenSSL::X509::Certificate.new(issuer.body), *fetch_chain(issuer, limit-1)]
  end
end

#load_directory! ⇒ Object

# File 'lib/acme/client.rb', line 66

def load_directory!
  @operation_endpoints = if @directory_uri
    response = connection.get(@directory_uri)
    body = response.body
    {
      'new-reg' => body.fetch('new-reg'),
      'new-authz' => body.fetch('new-authz'),
      'new-cert' => body.fetch('new-cert'),
      'revoke-cert' => body.fetch('revoke-cert'),
    }
  else
    DIRECTORY_DEFAULT
  end
end

#new_certificate(csr) ⇒ Object

# File 'lib/acme/client.rb', line 40

def new_certificate(csr)
  payload = {
    resource: 'new-cert',
    csr: UrlSafeBase64.encode64(csr.to_der)
  }

  response = connection.post(@operation_endpoints.fetch('new-cert'), payload)
  ::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response).reverse)
end

#register(contact:) ⇒ Object

# File 'lib/acme/client.rb', line 18

def register(contact:)
  payload = {
    resource: 'new-reg', contact: Array(contact)
  }

  response = connection.post(@operation_endpoints.fetch('new-reg'), payload)
  ::Acme::Resources::Registration.new(self, response)
end