aboutsummaryrefslogtreecommitdiff
path: root/authorize.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-01-31 23:15:27 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-01-31 23:15:27 +0100
commitc49a0bf48ea10b54dbac3480716d9786a0ce8411 (patch)
tree3ce88f2422f3484aa95f77669fdafdfb6b2e63d9 /authorize.go
parentc9038d2f35945774f6cd32ade7b3abd1cd5ba952 (diff)
Split files (experimental)
Diffstat (limited to 'authorize.go')
-rw-r--r--authorize.go79
1 files changed, 79 insertions, 0 deletions
diff --git a/authorize.go b/authorize.go
new file mode 100644
index 0000000..0dc82a2
--- /dev/null
+++ b/authorize.go
@@ -0,0 +1,79 @@
+package acme
+
+import "time"
+
+// Authorization request
+type Authorization struct {
+ Resource Resource `json:"resource"` // new-authz
+ Identifier Identifier `json:"identifier"`
+ Status Status `json:"status,omitempty"` // e.g. valid
+ Expires *time.Time `json:"expires,omitempty"`
+ Challenges []Challenge `json:"challenges,omitempty"`
+ Combinations [][]int `json:"combinations,omitempty"`
+}
+
+// Identifier ...
+type Identifier struct {
+ Type IdentType `json:"type"` // dns
+ Value string `json:"value"` // example.com
+}
+
+type IdentType string
+
+const IdentDNS IdentType = "dns"
+
+func (a Authorization) Supported(sol map[ChalType]Solver) []Challenge {
+ supported := func(com []int) bool {
+ for _, n := range com {
+ if _, ok := sol[a.Challenges[n].Type]; !ok {
+ return false
+ }
+ }
+ return true
+ }
+ for _, com := range a.Combinations {
+ if supported(com) {
+ c := make([]Challenge, len(com))
+ for i, n := range com {
+ c[i] = a.Challenges[n]
+ }
+ return c
+ }
+ }
+ return nil
+}
+
+func (p *Provider) authz(s Signer, domain string, sol map[ChalType]Solver) error {
+ // first step: pocke
+ req := &Authorization{
+ Resource: ResNewAuthz,
+ Identifier: Identifier{
+ Type: IdentDNS,
+ Value: domain,
+ },
+ }
+ resp, err := p.post(p.NewAuthz, s, req)
+ if err != nil {
+ return err
+ }
+ err = parseJson(resp, req)
+ if err != nil {
+ return err
+ }
+ // second step: choose and start solver
+ for _, ch := range req.Supported(sol) {
+ if err = p.solve(s, ch, sol[ch.Type]); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (p *Provider) Authorize(s Signer, d *Desire) error {
+ for _, domain := range d.altnames {
+ if err := p.authz(s, domain, d.solver); err != nil {
+ return err
+ }
+ }
+ return nil
+}