From b4374dbf6d0ea7e84f35a104cb1a0aecd959c4bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Tue, 6 Mar 2018 22:10:55 +0100
Subject: [PATCH] Add support for wildcard flag

---
 .../org/shredzone/acme4j/Authorization.java   | 14 ++++++
 .../shredzone/acme4j/AuthorizationTest.java   | 44 +++++++++++++++++++
 .../updateAuthorizationWildcardResponse.json  | 17 +++++++
 3 files changed, 75 insertions(+)
 create mode 100644 acme4j-client/src/test/resources/json/updateAuthorizationWildcardResponse.json

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/Authorization.java b/acme4j-client/src/main/java/org/shredzone/acme4j/Authorization.java
index f8051661..1a31b6d5 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/Authorization.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/Authorization.java
@@ -44,6 +44,10 @@ public class Authorization extends AcmeJsonResource {
 
     /**
      * Gets the domain name to be authorized.
+     * <p>
+     * For wildcard domain orders, the domain itself (without wildcard prefix) is returned
+     * here. To find out if this {@link Authorization} is related to a wildcard domain
+     * order, check the {@link #isWildcard()} method.
      */
     public String getDomain() {
         JSON jsonIdentifier = getJSON().get("identifier").required().asObject();
@@ -71,6 +75,16 @@ public class Authorization extends AcmeJsonResource {
                     .orElse(null);
     }
 
+    /**
+     * Returns {@code true} if this {@link Authorization} is related to a wildcard domain,
+     * {@code false} otherwise.
+     */
+    public boolean isWildcard() {
+        return getJSON().get("wildcard").optional()
+                    .map(Value::asBoolean)
+                    .orElse(false);
+    }
+
     /**
      * Gets a list of all challenges offered by the server.
      */
diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/AuthorizationTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/AuthorizationTest.java
index 3dcec7cb..e8d90c5d 100644
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/AuthorizationTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/AuthorizationTest.java
@@ -110,6 +110,7 @@ public class AuthorizationTest {
 
         assertThat(auth.getDomain(), is("example.org"));
         assertThat(auth.getStatus(), is(Status.VALID));
+        assertThat(auth.isWildcard(), is(false));
         assertThat(auth.getExpires(), is(parseTimestamp("2016-01-02T17:12:40Z")));
         assertThat(auth.getLocation(), is(locationUrl));
 
@@ -120,6 +121,47 @@ public class AuthorizationTest {
         provider.close();
     }
 
+    /**
+     * Test that wildcard authorization are correct.
+     */
+    @Test
+    public void testWildcard() throws Exception {
+        TestableConnectionProvider provider = new TestableConnectionProvider() {
+            @Override
+            public void sendRequest(URL url, Session session) {
+                assertThat(url, is(locationUrl));
+            }
+
+            @Override
+            public JSON readJsonResponse() {
+                return getJSON("updateAuthorizationWildcardResponse");
+            }
+
+            @Override
+            public void handleRetryAfter(String message) throws AcmeException {
+                // Just do nothing
+            }
+        };
+
+        Login login = provider.createLogin();
+
+        provider.putTestChallenge("dns-01", Dns01Challenge::new);
+
+        Authorization auth = new Authorization(login, locationUrl);
+        auth.update();
+
+        assertThat(auth.getDomain(), is("example.org"));
+        assertThat(auth.getStatus(), is(Status.VALID));
+        assertThat(auth.isWildcard(), is(true));
+        assertThat(auth.getExpires(), is(parseTimestamp("2016-01-02T17:12:40Z")));
+        assertThat(auth.getLocation(), is(locationUrl));
+
+        assertThat(auth.getChallenges(), containsInAnyOrder(
+                        provider.getChallenge(Dns01Challenge.TYPE)));
+
+        provider.close();
+    }
+
     /**
      * Test lazy loading.
      */
@@ -161,6 +203,7 @@ public class AuthorizationTest {
         requestWasSent.set(false);
         assertThat(auth.getDomain(), is("example.org"));
         assertThat(auth.getStatus(), is(Status.VALID));
+        assertThat(auth.isWildcard(), is(false));
         assertThat(auth.getExpires(), is(parseTimestamp("2016-01-02T17:12:40Z")));
         assertThat(requestWasSent.get(), is(false));
 
@@ -207,6 +250,7 @@ public class AuthorizationTest {
 
         assertThat(auth.getDomain(), is("example.org"));
         assertThat(auth.getStatus(), is(Status.VALID));
+        assertThat(auth.isWildcard(), is(false));
         assertThat(auth.getExpires(), is(parseTimestamp("2016-01-02T17:12:40Z")));
         assertThat(auth.getLocation(), is(locationUrl));
 
diff --git a/acme4j-client/src/test/resources/json/updateAuthorizationWildcardResponse.json b/acme4j-client/src/test/resources/json/updateAuthorizationWildcardResponse.json
new file mode 100644
index 00000000..dd581de7
--- /dev/null
+++ b/acme4j-client/src/test/resources/json/updateAuthorizationWildcardResponse.json
@@ -0,0 +1,17 @@
+{
+  "status": "valid",
+  "expires": "2016-01-02T17:12:40Z",
+  "wildcard": true,
+  "identifier": {
+    "type": "dns",
+    "value": "example.org"
+  },
+  "challenges": [
+    {
+      "type": "dns-01",
+      "status": "pending",
+      "url": "https://example.com/authz/asdf/1",
+      "token": "DGyRejmCefe7v4NfDGDKfA"
+    }
+  ]
+}