Add ZeroSSL provider

As ZeroSSL makes use of the Retry-After header, the example implementation has also been changed accordingly.
2025-12-16 11:24:01 +08:00 · 2024-02-26 18:15:40 +01:00
parent 7118a454b2
commit 60342c435f
16 changed files with 384 additions and 119 deletions
--- a/acme4j-client/src/main/java/module-info.java
+++ b/acme4j-client/src/main/java/module-info.java
@@ -37,6 +37,7 @@ module org.shredzone.acme4j {
    provides org.shredzone.acme4j.provider.AcmeProvider
            with org.shredzone.acme4j.provider.GenericAcmeProvider,
                 org.shredzone.acme4j.provider.letsencrypt.LetsEncryptAcmeProvider,
+                 org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider,
                 org.shredzone.acme4j.provider.sslcom.SslComAcmeProvider,
-                 org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider;
+                 org.shredzone.acme4j.provider.zerossl.ZeroSSLAcmeProvider;
 }
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/letsencrypt/LetsEncryptAcmeProvider.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/letsencrypt/LetsEncryptAcmeProvider.java
@@ -46,7 +46,7 @@ public class LetsEncryptAcmeProvider extends AbstractAcmeProvider {
    public URL resolve(URI serverUri) {
        var path = serverUri.getPath();
        String directoryUrl;
-        if (path == null || "".equals(path) || "/".equals(path) || "/v02".equals(path)) {
+        if (path == null || path.isEmpty() || "/".equals(path) || "/v02".equals(path)) {
            directoryUrl = V02_DIRECTORY_URL;
        } else if ("/staging".equals(path)) {
            directoryUrl = STAGING_DIRECTORY_URL;
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/zerossl/ZeroSSLAcmeProvider.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/zerossl/ZeroSSLAcmeProvider.java
@@ -0,0 +1,59 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2024 Richard "Shred" Körber
+ *   http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+package org.shredzone.acme4j.provider.zerossl;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+
+import org.shredzone.acme4j.exception.AcmeProtocolException;
+import org.shredzone.acme4j.provider.AbstractAcmeProvider;
+import org.shredzone.acme4j.provider.AcmeProvider;
+
+/**
+ * An {@link AcmeProvider} for <em>ZeroSSL</em>.
+ * <p>
+ * The {@code serverUri} is {@code "acme://zerossl.com"} for the production server.
+ *
+ * @see <a href="https://zerossl.com/">ZeroSSL</a>
+ * @since 3.2.0
+ */
+public class ZeroSSLAcmeProvider extends AbstractAcmeProvider {
+
+    private static final String V02_DIRECTORY_URL = "https://acme.zerossl.com/v2/DV90";
+
+    @Override
+    public boolean accepts(URI serverUri) {
+        return "acme".equals(serverUri.getScheme())
+                && "zerossl.com".equals(serverUri.getHost());
+    }
+
+    @Override
+    public URL resolve(URI serverUri) {
+        var path = serverUri.getPath();
+        String directoryUrl;
+        if (path == null || path.isEmpty() || "/".equals(path)) {
+            directoryUrl = V02_DIRECTORY_URL;
+        } else {
+            throw new IllegalArgumentException("Unknown URI " + serverUri);
+        }
+
+        try {
+            return new URL(directoryUrl);
+        } catch (MalformedURLException ex) {
+            throw new AcmeProtocolException(directoryUrl, ex);
+        }
+    }
+
+}
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/zerossl/package-info.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/zerossl/package-info.java
@@ -0,0 +1,28 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2024 Richard "Shred" Körber
+ *   http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/**
+ * This package contains the ZeroSSL {@link org.shredzone.acme4j.provider.AcmeProvider}.
+ *
+ * @see <a href="https://zerossl.com/">ZeroSSL</a>
+ */
+@ReturnValuesAreNonnullByDefault
+@DefaultAnnotationForParameters(NonNull.class)
+@DefaultAnnotationForFields(NonNull.class)
+package org.shredzone.acme4j.provider.zerossl;
+
+import edu.umd.cs.findbugs.annotations.DefaultAnnotationForFields;
+import edu.umd.cs.findbugs.annotations.DefaultAnnotationForParameters;
+import edu.umd.cs.findbugs.annotations.NonNull;
+import edu.umd.cs.findbugs.annotations.ReturnValuesAreNonnullByDefault;
--- a/acme4j-client/src/main/resources/META-INF/services/org.shredzone.acme4j.provider.AcmeProvider
+++ b/acme4j-client/src/main/resources/META-INF/services/org.shredzone.acme4j.provider.AcmeProvider
@@ -7,3 +7,7 @@ org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider

 # SSL.com: https://ssl.com
 org.shredzone.acme4j.provider.sslcom.SslComAcmeProvider
+
+# ZeroSSL: https://zerossl.com
+org.shredzone.acme4j.provider.zerossl.ZeroSSLAcmeProvider
+
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/provider/zerossl/ZeroSSLAcmeProviderTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/provider/zerossl/ZeroSSLAcmeProviderTest.java
@@ -0,0 +1,62 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2024 Richard "Shred" Körber
+ *   http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+package org.shredzone.acme4j.provider.zerossl;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.shredzone.acme4j.toolbox.TestUtils.url;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import org.assertj.core.api.AutoCloseableSoftAssertions;
+import org.junit.jupiter.api.Test;
+
+/**
+ * Unit tests for {@link ZeroSSLAcmeProvider}.
+ */
+public class ZeroSSLAcmeProviderTest {
+
+    private static final String V02_DIRECTORY_URL = "https://acme.zerossl.com/v2/DV90";
+
+    /**
+     * Tests if the provider accepts the correct URIs.
+     */
+    @Test
+    public void testAccepts() throws URISyntaxException {
+        var provider = new ZeroSSLAcmeProvider();
+
+        try (var softly = new AutoCloseableSoftAssertions()) {
+            softly.assertThat(provider.accepts(new URI("acme://zerossl.com"))).isTrue();
+            softly.assertThat(provider.accepts(new URI("acme://zerossl.com/"))).isTrue();
+            softly.assertThat(provider.accepts(new URI("acme://example.com"))).isFalse();
+            softly.assertThat(provider.accepts(new URI("http://example.com/acme"))).isFalse();
+            softly.assertThat(provider.accepts(new URI("https://example.com/acme"))).isFalse();
+        }
+    }
+
+    /**
+     * Test if acme URIs are properly resolved.
+     */
+    @Test
+    public void testResolve() throws URISyntaxException {
+        var provider = new ZeroSSLAcmeProvider();
+
+        assertThat(provider.resolve(new URI("acme://zerossl.com"))).isEqualTo(url(V02_DIRECTORY_URL));
+        assertThat(provider.resolve(new URI("acme://zerossl.com/"))).isEqualTo(url(V02_DIRECTORY_URL));
+
+        assertThrows(IllegalArgumentException.class, () -> provider.resolve(new URI("acme://zerossl.com/v99")));
+    }
+
+}