Class: Acmesmith::CertificateRetrievingService

Inherits:

Object

Object
Acmesmith::CertificateRetrievingService

show all

Defined in:: lib/acmesmith/certificate_retrieving_service.rb

Defined Under Namespace

Classes: CertificateChain

Instance Attribute Summary collapse

#acme ⇒ Object readonly

Returns the value of attribute acme.
#chain_preferences ⇒ Object readonly

Returns the value of attribute chain_preferences.
#url ⇒ Object readonly

Returns the value of attribute url.

Instance Method Summary collapse

#initialize(acme, common_name, url, chain_preferences: []) ⇒ CertificateRetrievingService constructor

A new instance of CertificateRetrievingService.
#pem_chain ⇒ Object

Constructor Details

#initialize(acme, common_name, url, chain_preferences: []) ⇒ `CertificateRetrievingService`

Returns a new instance of CertificateRetrievingService.

Parameters:

acme (Acme::Client)
common_name (String)
url (String) —

ACME Certificate URL
chain_preferences (Array<Acmesmith::Config::ChainPreference>) (defaults to: [])

# File 'lib/acmesmith/certificate_retrieving_service.rb', line 9

def initialize(acme, common_name, url, chain_preferences: [])
  @acme = acme
  @url = url
  @chain_preferences = chain_preferences.select { |_| _.filter.match?(common_name) }
end

Instance Attribute Details

#acme ⇒ `Object` (readonly)

Returns the value of attribute acme.



15
16
17

# File 'lib/acmesmith/certificate_retrieving_service.rb', line 15

def acme
  @acme
end

#chain_preferences ⇒ `Object` (readonly)

Returns the value of attribute chain_preferences.



17
18
19

# File 'lib/acmesmith/certificate_retrieving_service.rb', line 17

def chain_preferences
  @chain_preferences
end

#url ⇒ `Object` (readonly)

Returns the value of attribute url.



16
17
18

# File 'lib/acmesmith/certificate_retrieving_service.rb', line 16

def url
  @url
end

Instance Method Details

#pem_chain ⇒ `Object`

# File 'lib/acmesmith/certificate_retrieving_service.rb', line 19

def pem_chain
  response = download(url, format: :pem)
  pem = response.body

  return pem if chain_preferences.empty?

  puts " * Retrieving all chains..."
  alternative_urls = Array(response.headers.dig('link', 'alternate'))
  alternative_chains = alternative_urls.map { |_| CertificateChain.new(download(_, format: :pem).body) }

  chains = [CertificateChain.new(pem), *alternative_chains]

  chains.each_with_index do |chain, i|
    puts "   #{i.succ}. #{chain.to_s}"
  end
  puts

  chain_preferences.each do |rule|
    chains.each_with_index do |chain, i|
      if chain.match?(name: rule.root_issuer_name, key_id: rule.root_issuer_key_id)
        puts " * Chain chosen: ##{i.succ}"
        return chain.pem_chain
      end
    end
  end

  warn " ! Preferred chain is not available, chain chosen: #1"
  chains.first.pem_chain
end