From 2ac4e7b7fb26a191b6819dda7118c0721900f34e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Sun, 18 Mar 2018 13:54:45 +0100 Subject: [PATCH] Restore "Do not send authorization with challenge" Also set Pebble to strict mode. This reverts commit cdab2b8bd0478c7317c1449570f0b234c7b6188f. --- .../org/shredzone/acme4j/challenge/TokenChallenge.java | 8 -------- .../org/shredzone/acme4j/challenge/DnsChallengeTest.java | 6 ++---- .../org/shredzone/acme4j/challenge/HttpChallengeTest.java | 3 +-- .../test/resources/json/triggerHttpChallengeRequest.json | 1 - .../test/resources/json/triggerHttpChallengeResponse.json | 3 +-- acme4j-it/pom.xml | 2 +- 6 files changed, 5 insertions(+), 18 deletions(-) diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java index f4881ac0..d5d63c9c 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java @@ -24,7 +24,6 @@ import org.jose4j.lang.JoseException; import org.shredzone.acme4j.Login; import org.shredzone.acme4j.exception.AcmeProtocolException; import org.shredzone.acme4j.toolbox.JSON; -import org.shredzone.acme4j.toolbox.JSONBuilder; /** * An extension of {@link Challenge} that handles challenges with a {@code token} and @@ -35,7 +34,6 @@ public class TokenChallenge extends Challenge { private static final long serialVersionUID = 1634133407432681800L; protected static final String KEY_TOKEN = "token"; - protected static final String KEY_KEY_AUTHORIZATION = "keyAuthorization"; /** * Creates a new generic {@link TokenChallenge} object. @@ -49,12 +47,6 @@ public class TokenChallenge extends Challenge { super(login, data); } - @Override - protected void prepareResponse(JSONBuilder response) { - super.prepareResponse(response); - response.put(KEY_KEY_AUTHORIZATION, getAuthorization()); - } - /** * Gets the token. */ diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java index fcaf174d..9dd1daef 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java @@ -30,8 +30,6 @@ import org.shredzone.acme4j.toolbox.TestUtils; * Unit tests for {@link Dns01Challenge}. */ public class DnsChallengeTest { - private static final String KEY_AUTHORIZATION = - "pNvmJivs0WCko2suV7fhe-59oFqyYx_yB7tx6kIMAyE.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0"; private Login login = TestUtils.login(); @@ -45,12 +43,12 @@ public class DnsChallengeTest { assertThat(challenge.getType(), is(Dns01Challenge.TYPE)); assertThat(challenge.getStatus(), is(Status.PENDING)); assertThat(challenge.getDigest(), is("rzMmotrIgsithyBYc0vgiLUEEKYx0WetQRgEF2JIozA")); + assertThat(challenge.getAuthorization(), is("pNvmJivs0WCko2suV7fhe-59oFqyYx_yB7tx6kIMAyE.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0")); JSONBuilder response = new JSONBuilder(); challenge.prepareResponse(response); - assertThat(response.toString(), sameJSONAs("{\"keyAuthorization\"=\"" - + KEY_AUTHORIZATION + "\"}").allowingExtraUnexpectedFields()); + assertThat(response.toString(), sameJSONAs("{}").allowingExtraUnexpectedFields()); } } diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java index 2773d2a9..714309fd 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java @@ -53,8 +53,7 @@ public class HttpChallengeTest { JSONBuilder response = new JSONBuilder(); challenge.prepareResponse(response); - assertThat(response.toString(), sameJSONAs("{\"keyAuthorization\"=\"" - + KEY_AUTHORIZATION + "\"}").allowingExtraUnexpectedFields()); + assertThat(response.toString(), sameJSONAs("{}").allowingExtraUnexpectedFields()); } /** diff --git a/acme4j-client/src/test/resources/json/triggerHttpChallengeRequest.json b/acme4j-client/src/test/resources/json/triggerHttpChallengeRequest.json index 8ecbc882..2c63c085 100644 --- a/acme4j-client/src/test/resources/json/triggerHttpChallengeRequest.json +++ b/acme4j-client/src/test/resources/json/triggerHttpChallengeRequest.json @@ -1,3 +1,2 @@ { - "keyAuthorization": "IlirfxKKXAsHtmzK29Pj8A.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0" } diff --git a/acme4j-client/src/test/resources/json/triggerHttpChallengeResponse.json b/acme4j-client/src/test/resources/json/triggerHttpChallengeResponse.json index 6845afe5..42ce743d 100644 --- a/acme4j-client/src/test/resources/json/triggerHttpChallengeResponse.json +++ b/acme4j-client/src/test/resources/json/triggerHttpChallengeResponse.json @@ -2,6 +2,5 @@ "type": "http-01", "status": "pending", "url": "https://example.com/acme/some-location", - "token": "IlirfxKKXAsHtmzK29Pj8A", - "keyAuthorization": "XbmEGDDc2AMDArHLt5x7GxZfIRv0aScknUKlyf5S4KU.KMH_h8aGAKlY3VQqBUczm1cfo9kaovivy59rSY1xZ0E" + "token": "IlirfxKKXAsHtmzK29Pj8A" } diff --git a/acme4j-it/pom.xml b/acme4j-it/pom.xml index d54f5670..0f31c5c4 100644 --- a/acme4j-it/pom.xml +++ b/acme4j-it/pom.xml @@ -132,7 +132,7 @@ echo "nameserver $(grep 'bammbamm' /etc/hosts|cut -f1)">/etc/resolv.conf; \ - pebble -config /etc/pebble/pebble-config.json + pebble -strict -config /etc/pebble/pebble-config.json