github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

Revert "Do not send authorization with challenge" 

Pebble now has a strict flag, which is false by default. I'm reverting this commit until staging/prod also accept challenges without authorization.

This reverts commit 1987d951e8.
pull/61/head
Richard Körber 2018-03-14 19:54:54 +01:00
parent eeedf0faad
commit cdab2b8bd0
No known key found for this signature in database
GPG Key ID: AAB9FD19C78AA3E0
5 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
acme4j-client/src/main/java/org/shredzone/acme4j/challenge/TokenChallenge.java
View File

@ -22,6 +22,7 @@ import org.jose4j.lang.JoseException;
import org.shredzone.acme4j.Login; import org.shredzone.acme4j.Login;
import org.shredzone.acme4j.exception.AcmeProtocolException; import org.shredzone.acme4j.exception.AcmeProtocolException;
import org.shredzone.acme4j.toolbox.JSON; import org.shredzone.acme4j.toolbox.JSON;
import org.shredzone.acme4j.toolbox.JSONBuilder;
/** /**
* An extension of {@link Challenge} that handles challenges with a {@code token} and * An extension of {@link Challenge} that handles challenges with a {@code token} and
@ -31,6 +32,7 @@ public class TokenChallenge extends Challenge {
private static final long serialVersionUID = 1634133407432681800L; private static final long serialVersionUID = 1634133407432681800L;
protected static final String KEY_TOKEN = "token"; protected static final String KEY_TOKEN = "token";
protected static final String KEY_KEY_AUTHORIZATION = "keyAuthorization";
/** /**
* Creates a new generic {@link TokenChallenge} object. * Creates a new generic {@link TokenChallenge} object.
@ -44,6 +46,12 @@ public class TokenChallenge extends Challenge {
super(login, data); super(login, data);
} }
@Override
protected void prepareResponse(JSONBuilder response) {
super.prepareResponse(response);
response.put(KEY_KEY_AUTHORIZATION, getAuthorization());
}
/** /**
* Gets the token. * Gets the token.
*/ */

6
acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java
View File

@ -30,6 +30,8 @@ import org.shredzone.acme4j.toolbox.TestUtils;
* Unit tests for {@link Dns01Challenge}. * Unit tests for {@link Dns01Challenge}.
*/ */
public class DnsChallengeTest { public class DnsChallengeTest {
private static final String KEY_AUTHORIZATION =
"pNvmJivs0WCko2suV7fhe-59oFqyYx_yB7tx6kIMAyE.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0";
private Login login = TestUtils.login(); private Login login = TestUtils.login();
@ -43,12 +45,12 @@ public class DnsChallengeTest {
assertThat(challenge.getType(), is(Dns01Challenge.TYPE)); assertThat(challenge.getType(), is(Dns01Challenge.TYPE));
assertThat(challenge.getStatus(), is(Status.PENDING)); assertThat(challenge.getStatus(), is(Status.PENDING));
assertThat(challenge.getDigest(), is("rzMmotrIgsithyBYc0vgiLUEEKYx0WetQRgEF2JIozA")); assertThat(challenge.getDigest(), is("rzMmotrIgsithyBYc0vgiLUEEKYx0WetQRgEF2JIozA"));
assertThat(challenge.getAuthorization(), is("pNvmJivs0WCko2suV7fhe-59oFqyYx_yB7tx6kIMAyE.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0"));
JSONBuilder response = new JSONBuilder(); JSONBuilder response = new JSONBuilder();
challenge.prepareResponse(response); challenge.prepareResponse(response);
assertThat(response.toString(), sameJSONAs("{}").allowingExtraUnexpectedFields()); assertThat(response.toString(), sameJSONAs("{\"keyAuthorization\"=\""
+ KEY_AUTHORIZATION + "\"}").allowingExtraUnexpectedFields());
} }
} }

3
acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java
View File

@ -53,7 +53,8 @@ public class HttpChallengeTest {
JSONBuilder response = new JSONBuilder(); JSONBuilder response = new JSONBuilder();
challenge.prepareResponse(response); challenge.prepareResponse(response);
assertThat(response.toString(), sameJSONAs("{}").allowingExtraUnexpectedFields()); assertThat(response.toString(), sameJSONAs("{\"keyAuthorization\"=\""
+ KEY_AUTHORIZATION + "\"}").allowingExtraUnexpectedFields());
} }
/** /**

1
acme4j-client/src/test/resources/json/triggerHttpChallengeRequest.json
View File

@ -1,2 +1,3 @@
{ {
"keyAuthorization": "IlirfxKKXAsHtmzK29Pj8A.HnWjTDnyqlCrm6tZ-6wX-TrEXgRdeNu9G71gqxSO6o0"
} }

3
acme4j-client/src/test/resources/json/triggerHttpChallengeResponse.json
View File

@ -2,5 +2,6 @@
"type": "http-01", "type": "http-01",
"status": "pending", "status": "pending",
"url": "https://example.com/acme/some-location", "url": "https://example.com/acme/some-location",
"token": "IlirfxKKXAsHtmzK29Pj8A" "token": "IlirfxKKXAsHtmzK29Pj8A",
"keyAuthorization": "XbmEGDDc2AMDArHLt5x7GxZfIRv0aScknUKlyf5S4KU.KMH_h8aGAKlY3VQqBUczm1cfo9kaovivy59rSY1xZ0E"
} }