mirror of https://github.com/shred/acme4j
Add version number to challenge classes
parent
2c4e8bb6d4
commit
82a6eb16cb
|
@ -20,11 +20,11 @@ import java.security.NoSuchAlgorithmException;
|
|||
import org.jose4j.base64url.Base64Url;
|
||||
|
||||
/**
|
||||
* Implements the {@code dns-01} challenge.
|
||||
* Implements the {@value TYPE} challenge.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
public class DnsChallenge extends GenericTokenChallenge {
|
||||
public class Dns01Challenge extends GenericTokenChallenge {
|
||||
private static final long serialVersionUID = 6964687027713533075L;
|
||||
|
||||
/**
|
|
@ -15,11 +15,11 @@ package org.shredzone.acme4j.challenge;
|
|||
|
||||
|
||||
/**
|
||||
* Implements the {@code http-01} challenge.
|
||||
* Implements the {@value TYPE} challenge.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
public class HttpChallenge extends GenericTokenChallenge {
|
||||
public class Http01Challenge extends GenericTokenChallenge {
|
||||
private static final long serialVersionUID = 3322211185872544605L;
|
||||
|
||||
/**
|
|
@ -33,11 +33,11 @@ import org.shredzone.acme4j.util.ClaimBuilder;
|
|||
import org.shredzone.acme4j.util.ValidationBuilder;
|
||||
|
||||
/**
|
||||
* Implements the {@code proof-of-possession-01} challenge.
|
||||
* Implements the {@value TYPE} challenge.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
public class ProofOfPossessionChallenge extends GenericChallenge {
|
||||
public class ProofOfPossession01Challenge extends GenericChallenge {
|
||||
private static final long serialVersionUID = 6212440828380185335L;
|
||||
|
||||
protected static final String KEY_CERTS = "certs";
|
|
@ -20,11 +20,11 @@ import java.security.NoSuchAlgorithmException;
|
|||
import org.shredzone.acme4j.Registration;
|
||||
|
||||
/**
|
||||
* Implements the {@code tls-sni-01} challenge.
|
||||
* Implements the {@value TYPE} challenge.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
public class TlsSniChallenge extends GenericTokenChallenge {
|
||||
public class TlsSni01Challenge extends GenericTokenChallenge {
|
||||
private static final long serialVersionUID = 7370329525205430573L;
|
||||
private static final char[] HEX = "0123456789abcdef".toCharArray();
|
||||
|
|
@ -17,10 +17,10 @@ import java.net.URI;
|
|||
|
||||
import org.shredzone.acme4j.AcmeClient;
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.DnsChallenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossessionChallenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSniChallenge;
|
||||
import org.shredzone.acme4j.challenge.Dns01Challenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossession01Challenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSni01Challenge;
|
||||
import org.shredzone.acme4j.connector.Connection;
|
||||
import org.shredzone.acme4j.connector.HttpConnector;
|
||||
import org.shredzone.acme4j.impl.DefaultConnection;
|
||||
|
@ -68,10 +68,10 @@ public abstract class AbstractAcmeClientProvider implements AcmeClientProvider {
|
|||
}
|
||||
|
||||
switch (type) {
|
||||
case DnsChallenge.TYPE: return new DnsChallenge();
|
||||
case TlsSniChallenge.TYPE: return new TlsSniChallenge();
|
||||
case ProofOfPossessionChallenge.TYPE: return new ProofOfPossessionChallenge();
|
||||
case HttpChallenge.TYPE: return new HttpChallenge();
|
||||
case Dns01Challenge.TYPE: return new Dns01Challenge();
|
||||
case TlsSni01Challenge.TYPE: return new TlsSni01Challenge();
|
||||
case ProofOfPossession01Challenge.TYPE: return new ProofOfPossession01Challenge();
|
||||
case Http01Challenge.TYPE: return new Http01Challenge();
|
||||
default: return null;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,10 +24,10 @@ import org.jose4j.jwk.PublicJsonWebKey;
|
|||
import org.jose4j.jws.JsonWebSignature;
|
||||
import org.jose4j.lang.JoseException;
|
||||
import org.shredzone.acme4j.Registration;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossessionChallenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossession01Challenge;
|
||||
|
||||
/**
|
||||
* Generates a validation string for {@link ProofOfPossessionChallenge}.
|
||||
* Generates a validation string for {@link ProofOfPossession01Challenge}.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
|
@ -102,7 +102,7 @@ public class ValidationBuilder {
|
|||
|
||||
try {
|
||||
ClaimBuilder claims = new ClaimBuilder();
|
||||
claims.put("type", ProofOfPossessionChallenge.TYPE);
|
||||
claims.put("type", ProofOfPossession01Challenge.TYPE);
|
||||
claims.array("identifiers", identifiers.toArray());
|
||||
claims.putKey("accountKey", registration.getKeyPair().getPublic());
|
||||
|
||||
|
|
|
@ -30,10 +30,10 @@ import java.util.Map;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.DnsChallenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossessionChallenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSniChallenge;
|
||||
import org.shredzone.acme4j.challenge.Dns01Challenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossession01Challenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSni01Challenge;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link Authorization}.
|
||||
|
@ -49,9 +49,9 @@ public class AuthorizationTest {
|
|||
*/
|
||||
@Before
|
||||
public void setup() {
|
||||
Challenge challenge1 = setupChallenge(HttpChallenge.TYPE, new HttpChallenge());
|
||||
Challenge challenge2 = setupChallenge(DnsChallenge.TYPE, new DnsChallenge());
|
||||
Challenge challenge3 = setupChallenge(TlsSniChallenge.TYPE, new TlsSniChallenge());
|
||||
Challenge challenge1 = setupChallenge(Http01Challenge.TYPE, new Http01Challenge());
|
||||
Challenge challenge2 = setupChallenge(Dns01Challenge.TYPE, new Dns01Challenge());
|
||||
Challenge challenge3 = setupChallenge(TlsSni01Challenge.TYPE, new TlsSni01Challenge());
|
||||
|
||||
List<Challenge> challenges = new ArrayList<>();
|
||||
challenges.add(challenge1);
|
||||
|
@ -102,16 +102,16 @@ public class AuthorizationTest {
|
|||
@Test
|
||||
public void testFindChallenge() {
|
||||
// ProofOfPossesionChallenge is not available at all
|
||||
Challenge c1 = authorization.findChallenge(ProofOfPossessionChallenge.TYPE);
|
||||
Challenge c1 = authorization.findChallenge(ProofOfPossession01Challenge.TYPE);
|
||||
assertThat(c1, is(nullValue()));
|
||||
|
||||
// HttpChallenge is available as standalone challenge
|
||||
Challenge c2 = authorization.findChallenge(HttpChallenge.TYPE);
|
||||
Challenge c2 = authorization.findChallenge(Http01Challenge.TYPE);
|
||||
assertThat(c2, is(notNullValue()));
|
||||
assertThat(c2, is(instanceOf(HttpChallenge.class)));
|
||||
assertThat(c2, is(instanceOf(Http01Challenge.class)));
|
||||
|
||||
// TlsSniChallenge is available, but not as standalone challenge
|
||||
Challenge c3 = authorization.findChallenge(TlsSniChallenge.TYPE);
|
||||
Challenge c3 = authorization.findChallenge(TlsSni01Challenge.TYPE);
|
||||
assertThat(c3, is(nullValue()));
|
||||
}
|
||||
|
||||
|
@ -123,39 +123,39 @@ public class AuthorizationTest {
|
|||
@SuppressWarnings("unchecked")
|
||||
public void testFindCombination() {
|
||||
// Standalone challenge
|
||||
Collection<Challenge> c1 = authorization.findCombination(HttpChallenge.TYPE);
|
||||
Collection<Challenge> c1 = authorization.findCombination(Http01Challenge.TYPE);
|
||||
assertThat(c1, hasSize(1));
|
||||
assertThat(c1, contains(instanceOf(HttpChallenge.class)));
|
||||
assertThat(c1, contains(instanceOf(Http01Challenge.class)));
|
||||
|
||||
// Available combined challenge
|
||||
Collection<Challenge> c2 = authorization.findCombination(DnsChallenge.TYPE, TlsSniChallenge.TYPE);
|
||||
Collection<Challenge> c2 = authorization.findCombination(Dns01Challenge.TYPE, TlsSni01Challenge.TYPE);
|
||||
assertThat(c2, hasSize(2));
|
||||
assertThat(c2, contains(instanceOf(DnsChallenge.class),
|
||||
instanceOf(TlsSniChallenge.class)));
|
||||
assertThat(c2, contains(instanceOf(Dns01Challenge.class),
|
||||
instanceOf(TlsSni01Challenge.class)));
|
||||
|
||||
// Order does not matter
|
||||
Collection<Challenge> c3 = authorization.findCombination(TlsSniChallenge.TYPE, DnsChallenge.TYPE);
|
||||
Collection<Challenge> c3 = authorization.findCombination(TlsSni01Challenge.TYPE, Dns01Challenge.TYPE);
|
||||
assertThat(c3, hasSize(2));
|
||||
assertThat(c3, contains(instanceOf(DnsChallenge.class),
|
||||
instanceOf(TlsSniChallenge.class)));
|
||||
assertThat(c3, contains(instanceOf(Dns01Challenge.class),
|
||||
instanceOf(TlsSni01Challenge.class)));
|
||||
|
||||
// Finds smaller combinations as well
|
||||
Collection<Challenge> c4 = authorization.findCombination(DnsChallenge.TYPE, TlsSniChallenge.TYPE, ProofOfPossessionChallenge.TYPE);
|
||||
Collection<Challenge> c4 = authorization.findCombination(Dns01Challenge.TYPE, TlsSni01Challenge.TYPE, ProofOfPossession01Challenge.TYPE);
|
||||
assertThat(c4, hasSize(2));
|
||||
assertThat(c4, contains(instanceOf(DnsChallenge.class),
|
||||
instanceOf(TlsSniChallenge.class)));
|
||||
assertThat(c4, contains(instanceOf(Dns01Challenge.class),
|
||||
instanceOf(TlsSni01Challenge.class)));
|
||||
|
||||
// Finds the smallest possible combination
|
||||
Collection<Challenge> c5 = authorization.findCombination(DnsChallenge.TYPE, TlsSniChallenge.TYPE, HttpChallenge.TYPE);
|
||||
Collection<Challenge> c5 = authorization.findCombination(Dns01Challenge.TYPE, TlsSni01Challenge.TYPE, Http01Challenge.TYPE);
|
||||
assertThat(c5, hasSize(1));
|
||||
assertThat(c5, contains(instanceOf(HttpChallenge.class)));
|
||||
assertThat(c5, contains(instanceOf(Http01Challenge.class)));
|
||||
|
||||
// Finds only entire combinations
|
||||
Collection<Challenge> c6 = authorization.findCombination(DnsChallenge.TYPE);
|
||||
Collection<Challenge> c6 = authorization.findCombination(Dns01Challenge.TYPE);
|
||||
assertThat(c6, is(nullValue()));
|
||||
|
||||
// Does not find challenges that have not been provided
|
||||
Collection<Challenge> c7 = authorization.findCombination(ProofOfPossessionChallenge.TYPE);
|
||||
Collection<Challenge> c7 = authorization.findCombination(ProofOfPossession01Challenge.TYPE);
|
||||
assertThat(c7, is(nullValue()));
|
||||
}
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ import org.shredzone.acme4j.util.ClaimBuilder;
|
|||
import org.shredzone.acme4j.util.TestUtils;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link DnsChallenge}.
|
||||
* Unit tests for {@link Dns01Challenge}.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
|
@ -37,17 +37,17 @@ public class DnsChallengeTest {
|
|||
"pNvmJivs0WCko2suV7fhe-59oFqyYx_yB7tx6kIMAyE.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0";
|
||||
|
||||
/**
|
||||
* Test that {@link DnsChallenge} generates a correct authorization key.
|
||||
* Test that {@link Dns01Challenge} generates a correct authorization key.
|
||||
*/
|
||||
@Test
|
||||
public void testDnsChallenge() throws IOException {
|
||||
KeyPair keypair = TestUtils.createKeyPair();
|
||||
Registration reg = new Registration(keypair);
|
||||
|
||||
DnsChallenge challenge = new DnsChallenge();
|
||||
Dns01Challenge challenge = new Dns01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("dnsChallenge"));
|
||||
|
||||
assertThat(challenge.getType(), is(DnsChallenge.TYPE));
|
||||
assertThat(challenge.getType(), is(Dns01Challenge.TYPE));
|
||||
assertThat(challenge.getStatus(), is(Status.PENDING));
|
||||
|
||||
try {
|
||||
|
|
|
@ -88,7 +88,7 @@ public class GenericChallengeTest {
|
|||
*/
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void testNotAcceptable() throws URISyntaxException {
|
||||
HttpChallenge challenge = new HttpChallenge();
|
||||
Http01Challenge challenge = new Http01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("dnsChallenge"));
|
||||
}
|
||||
|
||||
|
@ -123,7 +123,7 @@ public class GenericChallengeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testSerialization() throws IOException, ClassNotFoundException {
|
||||
HttpChallenge originalChallenge = new HttpChallenge();
|
||||
Http01Challenge originalChallenge = new Http01Challenge();
|
||||
originalChallenge.unmarshall(TestUtils.getJsonAsMap("httpChallenge"));
|
||||
|
||||
// Serialize
|
||||
|
@ -144,10 +144,10 @@ public class GenericChallengeTest {
|
|||
}
|
||||
|
||||
assertThat(testChallenge, not(sameInstance((Challenge) originalChallenge)));
|
||||
assertThat(testChallenge, is(instanceOf(HttpChallenge.class)));
|
||||
assertThat(testChallenge.getType(), is(HttpChallenge.TYPE));
|
||||
assertThat(testChallenge, is(instanceOf(Http01Challenge.class)));
|
||||
assertThat(testChallenge.getType(), is(Http01Challenge.TYPE));
|
||||
assertThat(testChallenge.getStatus(), is(Status.PENDING));
|
||||
assertThat(((HttpChallenge )testChallenge).getToken(), is("rSoI9JpyvFi-ltdnBW0W1DjKstzG7cHixjzcOjwzAEQ"));
|
||||
assertThat(((Http01Challenge )testChallenge).getToken(), is("rSoI9JpyvFi-ltdnBW0W1DjKstzG7cHixjzcOjwzAEQ"));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ import org.shredzone.acme4j.util.ClaimBuilder;
|
|||
import org.shredzone.acme4j.util.TestUtils;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link HttpChallenge}.
|
||||
* Unit tests for {@link Http01Challenge}.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
|
@ -39,17 +39,17 @@ public class HttpChallengeTest {
|
|||
"rSoI9JpyvFi-ltdnBW0W1DjKstzG7cHixjzcOjwzAEQ.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0";
|
||||
|
||||
/**
|
||||
* Test that {@link HttpChallenge} generates a correct authorization key.
|
||||
* Test that {@link Http01Challenge} generates a correct authorization key.
|
||||
*/
|
||||
@Test
|
||||
public void testHttpChallenge() throws IOException {
|
||||
KeyPair keypair = TestUtils.createKeyPair();
|
||||
Registration reg = new Registration(keypair);
|
||||
|
||||
HttpChallenge challenge = new HttpChallenge();
|
||||
Http01Challenge challenge = new Http01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("httpChallenge"));
|
||||
|
||||
assertThat(challenge.getType(), is(HttpChallenge.TYPE));
|
||||
assertThat(challenge.getType(), is(Http01Challenge.TYPE));
|
||||
assertThat(challenge.getStatus(), is(Status.PENDING));
|
||||
|
||||
try {
|
||||
|
|
|
@ -29,14 +29,14 @@ import org.shredzone.acme4j.util.TestUtils;
|
|||
import org.shredzone.acme4j.util.ValidationBuilder;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link ProofOfPossessionChallenge}.
|
||||
* Unit tests for {@link ProofOfPossession01Challenge}.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
public class ProofOfPossessionChallengeTest {
|
||||
|
||||
/**
|
||||
* Test that {@link ProofOfPossessionChallenge} generates a correct authorization key.
|
||||
* Test that {@link ProofOfPossession01Challenge} generates a correct authorization key.
|
||||
*/
|
||||
@Test
|
||||
public void testProofOfPossessionChallenge() throws IOException {
|
||||
|
@ -45,12 +45,12 @@ public class ProofOfPossessionChallengeTest {
|
|||
Registration reg = new Registration(keypair);
|
||||
KeyPair domainKeyPair = TestUtils.createDomainKeyPair();
|
||||
|
||||
ProofOfPossessionChallenge challenge = new ProofOfPossessionChallenge();
|
||||
ProofOfPossession01Challenge challenge = new ProofOfPossession01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("proofOfPossessionChallenge"));
|
||||
|
||||
assertThat(challenge.getCertificates(), contains(cert));
|
||||
|
||||
assertThat(challenge.getType(), is(ProofOfPossessionChallenge.TYPE));
|
||||
assertThat(challenge.getType(), is(ProofOfPossession01Challenge.TYPE));
|
||||
assertThat(challenge.getStatus(), is(Status.PENDING));
|
||||
|
||||
try {
|
||||
|
@ -66,13 +66,13 @@ public class ProofOfPossessionChallengeTest {
|
|||
challenge.respond(cb);
|
||||
|
||||
assertThat(cb.toString(), sameJSONAs("{\"type\"=\""
|
||||
+ ProofOfPossessionChallenge.TYPE + "\",\"authorization\"="
|
||||
+ ProofOfPossession01Challenge.TYPE + "\",\"authorization\"="
|
||||
+ new ValidationBuilder().domain("example.org").sign(reg, domainKeyPair)
|
||||
+ "}"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that {@link ProofOfPossessionChallenge#importValidation(String)} works
|
||||
* Test that {@link ProofOfPossession01Challenge#importValidation(String)} works
|
||||
* correctly.
|
||||
*/
|
||||
@Test
|
||||
|
@ -85,7 +85,7 @@ public class ProofOfPossessionChallengeTest {
|
|||
.domain("example.org")
|
||||
.sign(reg, domainKeyPair);
|
||||
|
||||
ProofOfPossessionChallenge challenge = new ProofOfPossessionChallenge();
|
||||
ProofOfPossession01Challenge challenge = new ProofOfPossession01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("proofOfPossessionChallenge"));
|
||||
challenge.importValidation(validation);
|
||||
|
||||
|
@ -93,7 +93,7 @@ public class ProofOfPossessionChallengeTest {
|
|||
challenge.respond(cb);
|
||||
|
||||
assertThat(cb.toString(), sameJSONAs("{\"type\"=\""
|
||||
+ ProofOfPossessionChallenge.TYPE + "\",\"authorization\"=" + validation
|
||||
+ ProofOfPossession01Challenge.TYPE + "\",\"authorization\"=" + validation
|
||||
+ "}"));
|
||||
}
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ import org.shredzone.acme4j.util.ClaimBuilder;
|
|||
import org.shredzone.acme4j.util.TestUtils;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link TlsSniChallenge}.
|
||||
* Unit tests for {@link TlsSni01Challenge}.
|
||||
*
|
||||
* @author Richard "Shred" Körber
|
||||
*/
|
||||
|
@ -37,17 +37,17 @@ public class TlsSniChallengeTest {
|
|||
"VNLBdSiZ3LppU2CRG8bilqlwq4DuApJMg3ZJowU6JhQ.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0";
|
||||
|
||||
/**
|
||||
* Test that {@link TlsSniChallenge} generates a correct authorization key.
|
||||
* Test that {@link TlsSni01Challenge} generates a correct authorization key.
|
||||
*/
|
||||
@Test
|
||||
public void testTlsSniChallenge() throws IOException {
|
||||
KeyPair keypair = TestUtils.createKeyPair();
|
||||
Registration reg = new Registration(keypair);
|
||||
|
||||
TlsSniChallenge challenge = new TlsSniChallenge();
|
||||
TlsSni01Challenge challenge = new TlsSni01Challenge();
|
||||
challenge.unmarshall(TestUtils.getJsonAsMap("tlsSniChallenge"));
|
||||
|
||||
assertThat(challenge.getType(), is(TlsSniChallenge.TYPE));
|
||||
assertThat(challenge.getType(), is(TlsSni01Challenge.TYPE));
|
||||
assertThat(challenge.getStatus(), is(Status.PENDING));
|
||||
|
||||
try {
|
||||
|
|
|
@ -35,9 +35,9 @@ import org.shredzone.acme4j.Authorization;
|
|||
import org.shredzone.acme4j.Registration;
|
||||
import org.shredzone.acme4j.Status;
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.DnsChallenge;
|
||||
import org.shredzone.acme4j.challenge.Dns01Challenge;
|
||||
import org.shredzone.acme4j.challenge.GenericChallenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.connector.Connection;
|
||||
import org.shredzone.acme4j.connector.Resource;
|
||||
import org.shredzone.acme4j.connector.Session;
|
||||
|
@ -290,8 +290,8 @@ public class AbstractAcmeClientTest {
|
|||
}
|
||||
};
|
||||
|
||||
HttpChallenge httpChallenge = new HttpChallenge();
|
||||
DnsChallenge dnsChallenge = new DnsChallenge();
|
||||
Http01Challenge httpChallenge = new Http01Challenge();
|
||||
Dns01Challenge dnsChallenge = new Dns01Challenge();
|
||||
|
||||
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
|
||||
client.putTestResource(Resource.NEW_AUTHZ, resourceUri);
|
||||
|
@ -335,8 +335,8 @@ public class AbstractAcmeClientTest {
|
|||
}
|
||||
};
|
||||
|
||||
HttpChallenge httpChallenge = new HttpChallenge();
|
||||
DnsChallenge dnsChallenge = new DnsChallenge();
|
||||
Http01Challenge httpChallenge = new Http01Challenge();
|
||||
Dns01Challenge dnsChallenge = new Dns01Challenge();
|
||||
|
||||
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
|
||||
client.putTestChallenge("http-01", httpChallenge);
|
||||
|
@ -382,7 +382,7 @@ public class AbstractAcmeClientTest {
|
|||
|
||||
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
|
||||
|
||||
HttpChallenge challenge = new HttpChallenge();
|
||||
Http01Challenge challenge = new Http01Challenge();
|
||||
challenge.unmarshall(getJsonAsMap("triggerHttpChallenge"));
|
||||
challenge.authorize(testRegistration);
|
||||
|
||||
|
@ -412,7 +412,7 @@ public class AbstractAcmeClientTest {
|
|||
|
||||
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
|
||||
|
||||
Challenge challenge = new HttpChallenge();
|
||||
Challenge challenge = new Http01Challenge();
|
||||
challenge.unmarshall(getJsonAsMap("triggerHttpChallengeResponse"));
|
||||
|
||||
client.updateChallenge(challenge);
|
||||
|
@ -437,7 +437,7 @@ public class AbstractAcmeClientTest {
|
|||
};
|
||||
|
||||
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
|
||||
client.putTestChallenge(HttpChallenge.TYPE, new HttpChallenge());
|
||||
client.putTestChallenge(Http01Challenge.TYPE, new Http01Challenge());
|
||||
|
||||
Challenge challenge = client.restoreChallenge(locationUri);
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ import java.util.Map;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.connector.Connection;
|
||||
import org.shredzone.acme4j.connector.Resource;
|
||||
import org.shredzone.acme4j.exception.AcmeException;
|
||||
|
@ -54,18 +54,18 @@ public class GenericAcmeClientTest {
|
|||
*/
|
||||
@Test
|
||||
public void testCreateChallenge() {
|
||||
HttpChallenge mockChallenge = mock(HttpChallenge.class);
|
||||
when(mockProvider.createChallenge(HttpChallenge.TYPE)).thenReturn(mockChallenge);
|
||||
Http01Challenge mockChallenge = mock(Http01Challenge.class);
|
||||
when(mockProvider.createChallenge(Http01Challenge.TYPE)).thenReturn(mockChallenge);
|
||||
|
||||
GenericAcmeClient client = new GenericAcmeClient(mockProvider, directoryUri);
|
||||
Challenge challenge = client.createChallenge(new ClaimBuilder()
|
||||
.put("type", HttpChallenge.TYPE)
|
||||
.put("type", Http01Challenge.TYPE)
|
||||
.toMap());
|
||||
|
||||
assertThat(challenge, is(instanceOf(HttpChallenge.class)));
|
||||
assertThat(challenge, is(instanceOf(Http01Challenge.class)));
|
||||
assertThat(challenge, is(sameInstance((Challenge) mockChallenge)));
|
||||
|
||||
verify(mockProvider).createChallenge(HttpChallenge.TYPE);
|
||||
verify(mockProvider).createChallenge(Http01Challenge.TYPE);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -22,10 +22,10 @@ import java.net.URISyntaxException;
|
|||
import org.junit.Test;
|
||||
import org.shredzone.acme4j.AcmeClient;
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.DnsChallenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossessionChallenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSniChallenge;
|
||||
import org.shredzone.acme4j.challenge.Dns01Challenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.challenge.ProofOfPossession01Challenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSni01Challenge;
|
||||
|
||||
/**
|
||||
* Unit tests for {@link AbstractAcmeClientProvider}.
|
||||
|
@ -89,24 +89,24 @@ public class AbstractAcmeClientProviderTest {
|
|||
}
|
||||
};
|
||||
|
||||
Challenge c1 = provider.createChallenge(HttpChallenge.TYPE);
|
||||
Challenge c1 = provider.createChallenge(Http01Challenge.TYPE);
|
||||
assertThat(c1, not(nullValue()));
|
||||
assertThat(c1, instanceOf(HttpChallenge.class));
|
||||
assertThat(c1, instanceOf(Http01Challenge.class));
|
||||
|
||||
Challenge c2 = provider.createChallenge(HttpChallenge.TYPE);
|
||||
Challenge c2 = provider.createChallenge(Http01Challenge.TYPE);
|
||||
assertThat(c2, not(sameInstance(c1)));
|
||||
|
||||
Challenge c3 = provider.createChallenge(DnsChallenge.TYPE);
|
||||
Challenge c3 = provider.createChallenge(Dns01Challenge.TYPE);
|
||||
assertThat(c3, not(nullValue()));
|
||||
assertThat(c3, instanceOf(DnsChallenge.class));
|
||||
assertThat(c3, instanceOf(Dns01Challenge.class));
|
||||
|
||||
Challenge c4 = provider.createChallenge(ProofOfPossessionChallenge.TYPE);
|
||||
Challenge c4 = provider.createChallenge(ProofOfPossession01Challenge.TYPE);
|
||||
assertThat(c4, not(nullValue()));
|
||||
assertThat(c4, instanceOf(ProofOfPossessionChallenge.class));
|
||||
assertThat(c4, instanceOf(ProofOfPossession01Challenge.class));
|
||||
|
||||
Challenge c5 = provider.createChallenge(TlsSniChallenge.TYPE);
|
||||
Challenge c5 = provider.createChallenge(TlsSni01Challenge.TYPE);
|
||||
assertThat(c5, not(nullValue()));
|
||||
assertThat(c5, instanceOf(TlsSniChallenge.class));
|
||||
assertThat(c5, instanceOf(TlsSni01Challenge.class));
|
||||
|
||||
Challenge c6 = provider.createChallenge("foobar-01");
|
||||
assertThat(c6, is(nullValue()));
|
||||
|
|
|
@ -27,9 +27,9 @@ import java.util.Collection;
|
|||
import javax.swing.JOptionPane;
|
||||
|
||||
import org.shredzone.acme4j.challenge.Challenge;
|
||||
import org.shredzone.acme4j.challenge.DnsChallenge;
|
||||
import org.shredzone.acme4j.challenge.HttpChallenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSniChallenge;
|
||||
import org.shredzone.acme4j.challenge.Dns01Challenge;
|
||||
import org.shredzone.acme4j.challenge.Http01Challenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSni01Challenge;
|
||||
import org.shredzone.acme4j.exception.AcmeConflictException;
|
||||
import org.shredzone.acme4j.exception.AcmeException;
|
||||
import org.shredzone.acme4j.exception.AcmeUnauthorizedException;
|
||||
|
@ -194,9 +194,9 @@ public class ClientTest {
|
|||
*/
|
||||
public Challenge httpChallenge(Authorization auth, Registration reg, String domain) throws AcmeException {
|
||||
// Find a single http-01 challenge
|
||||
HttpChallenge challenge = auth.findChallenge(HttpChallenge.TYPE);
|
||||
Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
|
||||
if (challenge == null) {
|
||||
LOG.error("Found no " + HttpChallenge.TYPE + " challenge, don't know what to do...");
|
||||
LOG.error("Found no " + Http01Challenge.TYPE + " challenge, don't know what to do...");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
@ -233,9 +233,9 @@ public class ClientTest {
|
|||
*/
|
||||
public Challenge dnsChallenge(Authorization auth, Registration reg, String domain) throws AcmeException {
|
||||
// Find a single dns-01 challenge
|
||||
DnsChallenge challenge = auth.findChallenge(DnsChallenge.TYPE);
|
||||
Dns01Challenge challenge = auth.findChallenge(Dns01Challenge.TYPE);
|
||||
if (challenge == null) {
|
||||
LOG.error("Found no " + DnsChallenge.TYPE + " challenge, don't know what to do...");
|
||||
LOG.error("Found no " + Dns01Challenge.TYPE + " challenge, don't know what to do...");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
@ -267,9 +267,9 @@ public class ClientTest {
|
|||
*/
|
||||
public Challenge tlsSniChallenge(Authorization auth, Registration reg, String domain) throws AcmeException {
|
||||
// Find a single tls-sni-01 challenge
|
||||
TlsSniChallenge challenge = auth.findChallenge(TlsSniChallenge.TYPE);
|
||||
TlsSni01Challenge challenge = auth.findChallenge(TlsSni01Challenge.TYPE);
|
||||
if (challenge == null) {
|
||||
LOG.error("Found no " + TlsSniChallenge.TYPE + " challenge, don't know what to do...");
|
||||
LOG.error("Found no " + TlsSni01Challenge.TYPE + " challenge, don't know what to do...");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
|||
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
import org.shredzone.acme4j.challenge.TlsSniChallenge;
|
||||
import org.shredzone.acme4j.challenge.TlsSni01Challenge;
|
||||
|
||||
/**
|
||||
* Utility class offering convenience methods for certificates.
|
||||
|
@ -93,7 +93,7 @@ public final class CertificateUtils {
|
|||
|
||||
/**
|
||||
* Creates a self-signed {@link X509Certificate} that can be used for
|
||||
* {@link TlsSniChallenge}. The certificate is valid for 7 days.
|
||||
* {@link TlsSni01Challenge}. The certificate is valid for 7 days.
|
||||
*
|
||||
* @param keypair
|
||||
* A domain {@link KeyPair} to be used for the challenge
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# dns-01 Challenge
|
||||
|
||||
With the `dns-01` challenge, you prove to the CA that you are able to control the DNS records of the domain to be authorized, by creating a TXT record with a signed content.
|
||||
|
||||
After authorizing the challenge, `Dns01Challenge` provides a digest string:
|
||||
|
||||
```java
|
||||
Dns01Challenge challenge = auth.findChallenge(Dns01Challenge.TYPE);
|
||||
challenge.authorize(registration);
|
||||
|
||||
String digest = challenge.getDigest();
|
||||
```
|
||||
|
||||
The CA expects a TXT record at `_acme-challenge.${domain}` with the `digest` string as value.
|
||||
|
||||
The challenge is completed when the CA was able to fetch the TXT record and got the correct `digest` returned.
|
|
@ -1,16 +0,0 @@
|
|||
# DNS Challenge
|
||||
|
||||
With the DNS challenge, you prove to the CA that you are able to control the DNS records of the domain to be authorized, by creating a TXT record with a signed content.
|
||||
|
||||
After authorizing the challenge, `DnsChallenge` provides a digest string:
|
||||
|
||||
```java
|
||||
DnsChallenge challenge = auth.findChallenge(DnsChallenge.TYPE);
|
||||
challenge.authorize(registration);
|
||||
|
||||
String digest = challenge.getDigest();
|
||||
```
|
||||
|
||||
The CA expects a TXT record at `_acme-challenge.${domain}` with the `digest` string as value.
|
||||
|
||||
The challenge is completed when the CA was able to fetch the TXT record and got the correct `digest` returned.
|
|
@ -1,11 +1,11 @@
|
|||
# HTTP Challenge
|
||||
# http-01 Challenge
|
||||
|
||||
With the HTTP challenge, you prove to the CA that you are able to control the web site content of the domain to be authorized, by making a file with a signed content available at a given path.
|
||||
With the `http-01` challenge, you prove to the CA that you are able to control the web site content of the domain to be authorized, by making a file with a signed content available at a given path.
|
||||
|
||||
After authorizing the challenge, `HttpChallenge` provides two strings:
|
||||
After authorizing the challenge, `Http01Challenge` provides two strings:
|
||||
|
||||
```java
|
||||
HttpChallenge challenge = auth.findChallenge(HttpChallenge.TYPE);
|
||||
Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
|
||||
challenge.authorize(registration);
|
||||
|
||||
String token = challenge.getToken();
|
|
@ -8,7 +8,7 @@ The CA offers one or more sets of challenges. At least one set has to be complet
|
|||
|
||||
The ACME specifications define four standard challenges:
|
||||
|
||||
* [HTTP](./http.html)
|
||||
* [DNS](./dns.html)
|
||||
* [TLS-SNI](./tls-sni.html)
|
||||
* [Proof of Possession](./proof-of-possession.html)
|
||||
* [http-01](./http-01.html)
|
||||
* [dns-01](./dns-01.html)
|
||||
* [tls-sni-01](./tls-sni-01.html)
|
||||
* [proof-of-possession-01](./proof-of-possession-01.html)
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
# Proof of Possession
|
||||
# proof-of-possession-01 Challenge
|
||||
|
||||
With the Proof of Possesion challenge, you prove to the CA that you are able to provide a verification document that is signed with a key that is known to the server. The main purpose of this challenge is to transfer the authorization of a domain to your account.
|
||||
With the `proof-of-possession-01` challenge, you prove to the CA that you are able to provide a verification document that is signed with a key that is known to the server. The main purpose of this challenge is to transfer the authorization of a domain to your account.
|
||||
|
||||
The challenge object contains a list of `X509Certificate`s that are already known to the CA:
|
||||
|
||||
```java
|
||||
ProofOfPossessionChallenge challenge =
|
||||
auth.findChallenge(ProofOfPossessionChallenge.TYPE);
|
||||
ProofOfPossession01Challenge challenge =
|
||||
auth.findChallenge(ProofOfPossession01Challenge.TYPE);
|
||||
Collection<X509Certificate> certificates = challenge.getCertificates();
|
||||
```
|
||||
|
||||
|
@ -44,8 +44,8 @@ This `json` string can be transported (e.g. via email) and then imported into th
|
|||
```java
|
||||
String json = ... // validation document
|
||||
|
||||
ProofOfPossessionChallenge challenge =
|
||||
auth.findChallenge(ProofOfPossessionChallenge.TYPE);
|
||||
ProofOfPossession01Challenge challenge =
|
||||
auth.findChallenge(ProofOfPossession01Challenge.TYPE);
|
||||
challenge.importValidation(json);
|
||||
```
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
# TLS-SNI
|
||||
# tls-sni-01 Challenge
|
||||
|
||||
With the TLS-SNI challenge, you prove to the CA that you are able to control the web server of the domain to be authorized, by letting it respond to a SNI request with a specific self-signed cert.
|
||||
With the `tls-sni-01` challenge, you prove to the CA that you are able to control the web server of the domain to be authorized, by letting it respond to a SNI request with a specific self-signed cert.
|
||||
|
||||
After authorizing the challenge, `TlsSniChallenge` provides a subject:
|
||||
After authorizing the challenge, `TlsSni01Challenge` provides a subject:
|
||||
|
||||
```java
|
||||
TlsSniChallenge challenge = auth.findChallenge(TlsSniChallenge.TYPE);
|
||||
TlsSni01Challenge challenge = auth.findChallenge(TlsSni01Challenge.TYPE);
|
||||
challenge.authorize(registration);
|
||||
|
||||
String subject = challenge.getSubject();
|
||||
|
@ -19,7 +19,7 @@ The `subject` is basically a domain name formed like in this example:
|
|||
|
||||
You need to create a self-signed certificate with the subject set as _Subject Alternative Name_. After that, configure your web server so it will use this certificate on a SNI request to the `subject`.
|
||||
|
||||
The `TlsSniChallenge` class does not generate a self-signed certificate, as it would require _Bouncy Castle_. However, there is a utility method in the _acme4j-utils_ module for this use case:
|
||||
The `TlsSni01Challenge` class does not generate a self-signed certificate, as it would require _Bouncy Castle_. However, there is a utility method in the _acme4j-utils_ module for this use case:
|
||||
|
||||
```java
|
||||
KeyPair sniKeyPair = KeyPairUtils.createKeyPair(2048);
|
|
@ -17,7 +17,7 @@ In the following example, your software would be able to either perform a HTTP o
|
|||
|
||||
```java
|
||||
Collection<Challenge> combination = auth.findCombination(
|
||||
HttpChallenge.TYPE, DnsChallenge.TYPE);
|
||||
Http01Challenge.TYPE, Dns01Challenge.TYPE);
|
||||
```
|
||||
|
||||
The returned `combination` contains a single combination of challenges you would have to perform. If the combination consists of more than one challenge, you would have to perform _all of them_ in order to successfully authorize your domain. If `null` is returned, it means that none of your offered challenge types are acceptable to the CA.
|
||||
|
@ -25,7 +25,7 @@ The returned `combination` contains a single combination of challenges you would
|
|||
If your software only implements a single challenge type, `findChallenge()` may be a little easier to use:
|
||||
|
||||
```java
|
||||
HttpChallenge challenge = auth.findChallenge(HttpChallenge.TYPE);
|
||||
Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
|
||||
```
|
||||
|
||||
It returns a properly casted `Challenge` object, or `null` if your challenge type was not acceptable.
|
||||
|
|
|
@ -37,10 +37,10 @@
|
|||
<item name="Recovery" href="usage/recovery.html"/>
|
||||
</item>
|
||||
<item name="Challenges" href="challenge/index.html">
|
||||
<item name="HTTP" href="challenge/http.html"/>
|
||||
<item name="DNS" href="challenge/dns.html"/>
|
||||
<item name="TLS-SNI" href="challenge/tls-sni.html"/>
|
||||
<item name="Proof of Possession" href="challenge/proof-of-possession.html"/>
|
||||
<item name="http-01" href="challenge/http-01.html"/>
|
||||
<item name="dns-01" href="challenge/dns-01.html"/>
|
||||
<item name="tls-sni-01" href="challenge/tls-sni-01.html"/>
|
||||
<item name="proof-of-possession-01" href="challenge/proof-of-possession-01.html"/>
|
||||
</item>
|
||||
<item name="CAs" href="ca/index.html">
|
||||
<item name="Let's Encrypt" href="ca/letsencrypt.html"/>
|
||||
|
|
Loading…
Reference in New Issue