diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Challenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Challenge.java index e24acd10..57b6186b 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Challenge.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Challenge.java @@ -190,15 +190,6 @@ public class Challenge extends AcmeResource { } data = json; - authorize(); - } - - /** - * Callback that is invoked when the challenge is supposed to compute its - * authorization data. - */ - protected void authorize() { - // Does nothing here... } /** diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TlsSni02Challenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TlsSni02Challenge.java index 03404655..66c4513e 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TlsSni02Challenge.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TlsSni02Challenge.java @@ -28,9 +28,6 @@ public class TlsSni02Challenge extends TokenChallenge { */ public static final String TYPE = "tls-sni-02"; - private String subject; - private String sanB; - /** * Creates a new generic {@link TlsSni02Challenge} object. * @@ -46,7 +43,8 @@ public class TlsSni02Challenge extends TokenChallenge { * The CA will send the SNI request against this domain. */ public String getSubject() { - return subject; + String tokenHash = hexEncode(sha256hash(getToken())); + return tokenHash.substring(0, 32) + '.' + tokenHash.substring(32) + ".token.acme.invalid"; } /** @@ -54,7 +52,8 @@ public class TlsSni02Challenge extends TokenChallenge { * certificate. */ public String getSanB() { - return sanB; + String kaHash = hexEncode(sha256hash(getAuthorization())); + return kaHash.substring(0, 32) + '.' + kaHash.substring(32) + ".ka.acme.invalid"; } @Override @@ -62,15 +61,4 @@ public class TlsSni02Challenge extends TokenChallenge { return TYPE.equals(type); } - @Override - protected void authorize() { - super.authorize(); - - String tokenHash = hexEncode(sha256hash(getToken())); - subject = tokenHash.substring(0, 32) + '.' + tokenHash.substring(32) + ".token.acme.invalid"; - - String kaHash = hexEncode(sha256hash(getAuthorization())); - sanB = kaHash.substring(0, 32) + '.' + kaHash.substring(32) + ".ka.acme.invalid"; - } - } diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java index 5e80ebc8..e406756d 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java @@ -33,8 +33,6 @@ public class TokenChallenge extends Challenge { protected static final String KEY_TOKEN = "token"; protected static final String KEY_KEY_AUTHORIZATION = "keyAuthorization"; - private String authorization; - /** * Creates a new generic {@link TokenChallenge} object. * @@ -59,21 +57,12 @@ public class TokenChallenge extends Challenge { } /** - * Gets the authorization. - */ - protected String getAuthorization() { - return authorization; - } - - /** - * Computes the authorization string. + * Returns the authorization string. *

* The default is {@code token + '.' + base64url(jwkThumbprint)}. Subclasses may * override this method if a different algorithm is used. - * - * @return Authorization string */ - protected String computeAuthorization() { + protected String getAuthorization() { try { PublicKey pk = getSession().getKeyPair().getPublic(); PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(pk); @@ -85,10 +74,4 @@ public class TokenChallenge extends Challenge { } } - @Override - protected void authorize() { - super.authorize(); - authorization = computeAuthorization(); - } - }