github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity
745 Commits
4 Branches
43 Tags
4 MiB
Commit Graph

418 Commits (v2)

Author SHA1 Message Date
Richard Körber c1dee451e7
[maven-release-plugin] prepare release v2.2 2018-07-15 15:26:38 +02:00
Richard Körber 6be3f5ef4f
[maven-release-plugin] prepare for next development iteration 2018-04-18 23:25:53 +02:00
Richard Körber 274cfc9a63
[maven-release-plugin] prepare release v2.1 2018-04-18 23:25:52 +02:00
Richard Körber 4d8d951a6b
Note that some lists have no specific order 2018-04-17 22:48:16 +02:00
Richard Körber 568438a1f3
Add support for tls-alpn-01 challenge 2018-04-17 00:35:26 +02:00
Richard Körber cd7038a7fa
Send kid instead of jwk when revoking a cert (fixes issue #62) 2018-04-16 19:40:34 +02:00
Richard Körber ee291da06b
Note that wildcard domains cannot be pre-authorized 2018-04-16 19:40:13 +02:00
Richard Körber 7a1136ec2a
Use GenericProvider without ClassLoader 2018-03-27 22:17:27 +02:00
Richard Körber aa04ade9bb
Document a missing Authorization state 2018-03-27 22:12:16 +02:00
Richard Körber efb0b9d2f8
Document change of terms of service 2018-03-21 23:14:23 +01:00
Richard Körber 3f901e9e18
Strip empty lines from downloaded cert chains 
This fixes the "insufficient data" issue on IBMs crypto implementation.
 2018-03-21 23:14:08 +01:00
Richard Körber 2ac4e7b7fb
Restore "Do not send authorization with challenge" 
Also set Pebble to strict mode.

This reverts commit cdab2b8bd0.
 2018-03-18 13:55:59 +01:00
Richard Körber 3cd74220dd
Restore syntax highlighting in documentation 2018-03-18 13:42:51 +01:00
Richard Körber 7093fe7e92
Add JSR305 annotations 
Also fix FindBugs errors about possible null pointer dereferences.

Null-aware languages like Kotlin can now enjoy null-checks.
 2018-03-18 13:25:25 +01:00
Richard Körber 4de82be5f3
JSON getters never return null 2018-03-17 18:18:44 +01:00
Richard Körber a8d3f86f85
[maven-release-plugin] prepare for next development iteration 2018-03-13 23:40:55 +01:00
Richard Körber 14484b9fc9
[maven-release-plugin] prepare release v2.0 2018-03-13 23:40:54 +01:00
Richard Körber 7cfcbc99b6
Handle empty JSON responses 2018-03-13 23:15:19 +01:00
Richard Körber 44a036a858
Review status documentation 2018-03-10 15:22:23 +01:00
Richard Körber 323788dfdb
SpotBugs fix 2018-03-10 15:21:53 +01:00
Richard Körber 49677d8dbc
Add support for Proxy connections 2018-03-06 22:11:05 +01:00
Richard Körber b4374dbf6d
Add support for wildcard flag 2018-03-06 22:10:55 +01:00
Richard Körber 09abb23599
Add SpotBugs and fix reported issues 2018-03-06 22:10:18 +01:00
Richard Körber 69a23e7bf6
Avoid unnecessary de/encoding of nonces 2018-03-06 22:10:08 +01:00
Richard Körber 1972d52bed
Review documentation, update to ACME v2 2018-02-21 20:04:59 +01:00
Richard Körber dadaf2493f
Separate Login from Session 
This involves a lot of refactoring and some API changes. However, it allows to clean up some parts of the code that I always considered ugly.
 2018-02-21 20:01:51 +01:00
Richard Körber a111187245
Relax HTTP status handling 2018-02-21 19:59:01 +01:00
Richard Körber 0d42089318
Return nonce header 2018-02-21 19:58:50 +01:00
Richard Körber b690e0ab45
Session contains account location instead of abstract key identifier 2018-02-21 19:56:59 +01:00
Richard Körber 431a5cf313
Update dependencies 2018-02-12 15:29:26 +01:00
Richard Körber 137c2c7dd0
Remove tls-sni-02 challenge 2018-01-23 18:03:55 +01:00
Richard Körber 472f1497db
Change challenge errors to error 2018-01-20 13:19:30 +01:00
Robert Kästel f42e783760 Remove code that replaces account key kid with external account binding 
kid after the external account binding process is done.

Relevant discussion on IETF ACME mailing list: https://mailarchive.ietf.org/arch/search/?email_list=acme&gbt=1&index=_j_xfYp9rlLeAtOWtSuQ-UtX3k0
 2018-01-16 11:24:03 +01:00
Richard Körber f37b14b55c
Add test for a missing branch 2018-01-14 14:42:09 +01:00
Richard Körber e528cad215
Minor code cleanup 2018-01-14 14:41:44 +01:00
Richard Körber 1eb56ed8d6
Move generic challenge generation to AbstractAcmeProvider 2018-01-14 14:18:39 +01:00
Richard Körber 3f8299c004
Rename respond method to prepareResponse 2018-01-14 14:16:29 +01:00
Richard Körber 8923e35d21
Challenge constructor requires JSON data 2018-01-14 14:16:20 +01:00
Richard Körber 252d886b3f
Refactor ACME resource classes 
A new AcmeJsonResource takes care of fetching and keeping the resource state.
A lot of boilerplate code could be removed that way.
 2018-01-14 14:07:25 +01:00
Richard Körber 816f0825c0
Get a JSON Value as Optional 
This enables further filtering and mapping of a JSON Value.
 2018-01-14 13:22:49 +01:00
Richard Körber 9a483fd4d1
Remove authorize method from challenges 2018-01-14 13:15:56 +01:00
Richard Körber 70d089c94d
Use Pebble minica in truststore 2018-01-13 13:51:50 +01:00
Richard Körber ae7e0da342
Bump to version 2.0, to emphasize the relation to ACMEv2 2018-01-07 22:49:52 +01:00
Richard Körber 92fff2379e
Set the LetsEncrypt ACMEv2 staging server URL 2018-01-05 07:40:05 +01:00
Richard Körber a7ea703e93
Remove unnecessary type from challenge response 2017-12-28 00:07:58 +01:00
Richard Körber 22975dc844
Support problem title. Enhance returned problem message. 2017-12-22 17:33:55 +01:00
Richard Körber 8c26cf869d
CamelCase JSON keys 2017-12-16 11:43:37 +01:00
Richard Körber 2ab4038bd5
Support external-account-required metadata 2017-12-14 00:06:03 +01:00
Richard Körber 173aa14e40
Set default value for optional JSON keys 2017-12-14 00:05:59 +01:00
Richard Körber 2ceffa42e3
Retry on bad nonce error 2017-12-14 00:05:46 +01:00
Richard Körber 2b61478f13
Remove oob-01 challenge 
It is not part of the ACME specs any more
 2017-12-14 00:03:13 +01:00
Richard Körber 4c4cf5b5cf
Connect to Pebble via https 2017-12-06 22:55:00 +01:00
Richard Körber 827e1277ef
Use an OrderBuilder for collecting order parameters 2017-12-05 22:26:28 +01:00
Richard Körber e0673c93bd
Implement new order finalization 
Replaces the "CSR first" new-order flow, see ietf-wg-acme/acme#342
 2017-12-05 22:26:27 +01:00
Richard Körber e386994fe5 Fix detail key in sub-problem 2017-12-01 00:09:15 +01:00
Richard Körber d6fb218a27 Add support for sub-problems 2017-11-29 01:28:14 +01:00
Richard Körber 1eedc755ea Remove Authorization scope 2017-11-29 00:36:59 +01:00
Richard Körber ed543bc0b7 Sonar fixes 2017-11-04 13:26:41 +01:00
Richard Körber 529eb13e3f Don't fail if version.properties is unreadable 
Fixes issue #42
 2017-11-04 13:18:52 +01:00
Richard Körber e9a330b3a2 Avoid URI to URL conversion 2017-11-04 11:40:20 +01:00
Richard Körber 42541ac299 Accept Content-Type header with charset parameter 2017-11-02 23:19:31 +01:00
Richard Körber a32c7bac03 Do not accept contacts with multiple email addresses 2017-11-01 17:42:09 +01:00
Richard Körber f36294eabd Rename internal util package in client module 
Avoids a split package in Java 9.
 2017-10-07 18:08:16 +02:00
Richard Körber 2a5075dd5a Fix unit tests for Java 9 2017-10-07 18:08:04 +02:00
Richard Körber 148c98d673 Remove local truststore for Let's Encrypt servers 2017-09-20 20:58:52 +02:00
Richard Körber e15abb0ca0 Remove Pebble workarounds 2017-08-29 00:04:47 +02:00
Richard Körber b708b2f199 Build json string in order of entry appearance 2017-08-17 22:39:30 +02:00
Richard Körber f434fd70b4 Fix a style warning 2017-08-17 22:39:19 +02:00
Richard Körber 2eb59ef364 Do not use compact JWS serialization 2017-08-17 22:38:56 +02:00
Richard Körber 3ce832d83e Review URI/URL use 2017-08-13 14:18:44 +02:00
Richard Körber a30caaa664 Challenge.trigger can be re-invoked 2017-08-13 14:18:43 +02:00
Richard Körber f3735e6ec1 Add a way to revoke a certificate without account key pair 2017-08-13 14:18:43 +02:00
Richard Körber 3881669e22 Fix setting the account's key identifier 2017-08-13 14:13:56 +02:00
Richard Körber 7c88a2cdac Rename to AcmeRateLimitedException 2017-08-13 14:08:37 +02:00
Richard Körber 64abe3d96e Do not expect a response body on existing accounts 2017-07-30 15:59:07 +02:00
Richard Körber dfb40edc12 Challenge can have multiple errors 2017-07-30 15:57:58 +02:00
Richard Körber dcdf240804 Add support for only-return-existing flag 2017-07-30 15:57:44 +02:00
Richard Körber d43b16bb2c Remove pebble workaround for kid field 2017-05-31 19:31:40 +02:00
Richard Körber f852cdaecd Remove pebble workaround for uri field 2017-05-31 19:31:08 +02:00
Richard Körber e8790e8446 Rename Registration resource to Account 2017-05-03 13:42:38 +02:00
Richard Körber 7e58017347 Do not send the token on challenge response 2017-05-03 13:42:34 +02:00
Richard Körber 8e1563a410 Remove new-reg workaround 2017-05-03 13:42:22 +02:00
Richard Körber cdb2362892 Fix challenge fields 
- use "url" instead of "uri"
- add support for "error" field
 2017-05-03 13:42:17 +02:00
Richard Körber 7b6582ad78 revoke-cert sends JWK header 2017-05-03 13:42:09 +02:00
Richard Körber 0a63c65885 Update resource status after authorization deactivation 2017-05-03 13:41:18 +02:00
Richard Körber 300c9dd06c Remove all uses of HTTP_ACCEPTED 2017-05-03 13:39:59 +02:00
Richard Körber 4c34f9afb5 Add alternate certificates support 2017-05-03 13:37:28 +02:00
Richard Körber 7d83ef0e80 Add pre-authorization support 2017-05-03 13:37:22 +02:00
Richard Körber 4e1ad652b0 Account deactivation returns HTTP_OK and current account data 2017-05-03 13:37:15 +02:00
Richard Körber c4f75497c7 Set individual key identifier on account creation 2017-05-03 13:37:08 +02:00
Richard Körber f841daa5b6 Remove resource field from payload 2017-05-03 13:36:55 +02:00
Richard Körber 053b1750e8 DefaultConnection test coverage 2017-05-01 18:17:31 +02:00
Richard Körber 090bbdd34a Fix NPE when server sent no TOS header 2017-05-01 18:17:28 +02:00
Richard Körber cf5b05bf73 Add unit test for Registration orderCertificate 2017-05-01 18:17:24 +02:00
Richard Körber 231198992a Use constants for PEM labels 2017-05-01 18:17:20 +02:00
Richard Körber fdc05ba70b Code style fixes 2017-05-01 18:17:12 +02:00
Richard Körber 8819558b3f Authorization returns scope Order 2017-05-01 16:20:07 +02:00
Richard Körber 02cedf9935 Use Problem in AcmeServerException 2017-05-01 16:20:04 +02:00
Richard Körber c623d72426 Order returns an error document 2017-05-01 16:20:00 +02:00
Richard Körber 4e1d173cc3 Add Problem object for JSON problem documents 2017-05-01 16:19:57 +02:00
Richard Körber e192f300b4 Account returns a list of orders 2017-05-01 16:19:31 +02:00
Richard Körber 4b96878688 Do not return shortened error type any more 2017-05-01 16:18:39 +02:00
Richard Körber 896269ec33 Read rate limit documentation from links 2017-05-01 16:18:34 +02:00
Richard Körber 94ee501811 Remove unused AcmeConflictException 2017-05-01 16:18:07 +02:00
Richard Körber e748df364d Rename to AcmeUserActionRequiredException 2017-05-01 16:17:50 +02:00
Richard Körber 25b13a74e4 Fix misleading exception message 2017-05-01 16:17:29 +02:00
Richard Körber 203c986522 Remove status GOOD 2017-05-01 16:17:25 +02:00
Richard Körber 710e876585 Use system property for enabling Pebble workarounds 2017-05-01 16:17:01 +02:00
Richard Körber 1c75d28dae Use new-account instead of new-reg 
Remove unused resource keys
 2017-05-01 16:15:52 +02:00
Richard Körber 809978d188 Use Pebble for integration tests 
- Build and run Pebble in a docker container
- Move integration tests into a separate module
- Add simple servers for http, dns, and tls-sni challenges
- Add integration tests for ordering a certificate
- Documentation
 2017-04-30 11:57:11 +02:00
Richard Körber 34f17a7e6f Throw AcmeLazyLoadingException when lazy loading of a resource failed 2017-04-27 22:42:38 +02:00
Richard Körber 846e200e62 Change Certificate resource 2017-04-27 22:42:18 +02:00
Richard Körber 3951577708 Bump snapshot version for draft branch 2017-04-27 22:40:55 +02:00
Richard Körber a953e87b1b Put test JSONs in separate files 2017-04-27 22:40:40 +02:00
Richard Körber 77b0d4217d Mark other Pebble todos 2017-04-27 22:40:27 +02:00
Richard Körber ee3765e543 Pebble does not support kid header yet 2017-04-27 22:38:54 +02:00
Richard Körber 4772488896 Add Order resource 2017-04-27 22:36:46 +02:00
Richard Körber 4fe4c12c62 Use returned Registration object after creation 2017-04-19 00:49:07 +02:00
Richard Körber b40861c66c Key identifier was set on every setLocation, fixed 2017-04-19 00:48:34 +02:00
Richard Körber 7d822e106c Debug output of JWS header, payload and JSON response 2017-04-19 00:48:21 +02:00
Richard Körber 5de6efce95 Key identifier is a String 2017-04-19 00:48:05 +02:00
Richard Körber f2cd592b2e Make URL conversion null-safe 2017-04-19 00:47:57 +02:00
Richard Körber f38002ca06 Use URL instead of URI for accessible resources 2017-04-18 01:17:58 +02:00
Richard Körber d1b313a149 Return empty JSON array for easier processing 2017-04-18 01:13:58 +02:00
Richard Körber 4426a4a210 Read base64 encoded binary from JSON 2017-04-18 01:13:43 +02:00
Richard Körber e52a900001 Use JSON parser for Status 2017-04-18 01:08:11 +02:00
Richard Körber 698d25fd14 Merge master v0.10 into draft 2017-04-15 17:37:25 +02:00
Richard Körber 1b058f2753 Key-Identifier is part of the session 2017-04-15 17:20:31 +02:00
Richard Körber 30257d0529 [maven-release-plugin] prepare for next development iteration 2017-04-14 12:32:55 +02:00
Richard Körber 47827fb148 [maven-release-plugin] prepare release v0.10 2017-04-14 12:32:54 +02:00
Richard Körber f3dc04f2ea Certificate URL is available even on unparseable certs 2017-04-14 12:04:05 +02:00
Richard Körber 1f6d8aea0b Fix potential race condition when threads share a session 2017-04-14 12:03:50 +02:00
Richard Körber 08eaa61f75 No need to lazy-load provider in session 2017-04-14 12:03:41 +02:00
Richard Körber c667aba488 Update ITs to latest Pebble 2017-02-15 01:09:34 +01:00
Richard Körber 8d3d034103 Add Registration ITs 2017-02-15 01:08:35 +01:00
Richard Körber 8782787343 Show debug log when running tests 2017-02-15 01:08:26 +01:00
Richard Körber 75383ca794 Add integration tests against a Pebble test server 2017-02-15 01:07:47 +01:00
Richard Körber 3b3f379be2 Use terms-of-service-agreed to agree to TOS 2017-02-15 01:07:30 +01:00
Richard Körber d6d7e04ea5 Add JSON boolean type 2017-02-15 01:07:25 +01:00
Richard Körber 7aeb439a62 Use new-nonce resource for fetching initial nonce 2017-02-15 01:07:19 +01:00
Richard Körber be6b511085 Remove support for deprecated urn:acme:error prefix 2017-02-15 01:03:33 +01:00
Richard Körber 76ccb4587c Remove deprecated tls-sni-01 challenge 2017-02-15 01:03:27 +01:00
Richard Körber 4312331fd9 Add a provider for Pebble test servers 2017-02-15 01:03:18 +01:00
Richard Körber 1f4faf803b Use functional programming for challenge class generation 2017-02-11 11:57:37 +01:00
Richard Körber 898c552f77 Add stream method to JSON.Array 2017-02-11 11:57:06 +01:00
Richard Körber eedc2ae68c Use functional interface for ResourceIterator 2017-02-11 11:56:40 +01:00
Richard Körber c1b677f310 Use new date/time API 2017-02-11 11:56:26 +01:00
Richard Körber 0ed0a9219f Move to Java 8 2017-02-11 11:55:51 +01:00
Richard Körber e0e99850f2 [maven-release-plugin] prepare for next development iteration 2016-12-25 14:37:29 +01:00
Richard Körber fccfb73430 [maven-release-plugin] prepare release v0.9 2016-12-25 14:37:28 +01:00