Class: Acmesmith::OrderingService

Inherits:
Object
  • Object
show all
Defined in:
lib/acmesmith/ordering_service.rb

Defined Under Namespace

Classes: NotCompleted

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(acme:, identifiers:, private_key:, challenge_responder_rules:, chain_preferences:, not_before: nil, not_after: nil) ⇒ OrderingService

Returns a new instance of OrderingService.

Parameters:

  • acme (Acme::Client)

    ACME client

  • identifiers (Array<String>)

    Array of domain names for a ordering certificate. The first item will be a common name.

  • private_key (OpenSSL::PKey::PKey)

    Private key

  • challenge_responder_rules (Array<Acmesmith::Config::ChallengeResponderRule>)

    responders

  • chain_preferences (Array<Acmesmith::Config::ChainPreference>)

    chain_preferences

  • not_before (Time) (defaults to: nil)
  • not_after (Time) (defaults to: nil) 


16
17
18
19
20
21
22
23
24
 
# File 'lib/acmesmith/ordering_service.rb', line 16

def initialize(acme:, identifiers:, private_key:, challenge_responder_rules:, chain_preferences:, not_before: nil, not_after: nil)
  @acme = acme
  @identifiers = identifiers
  @private_key = private_key
  @challenge_responder_rules = challenge_responder_rules
  @chain_preferences = chain_preferences
  @not_before = not_before
  @not_after = not_after
end

Instance Attribute Details

#acmeObject (readonly)

Returns the value of attribute acme.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def acme
  @acme
end

#chain_preferencesObject (readonly)

Returns the value of attribute chain_preferences.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def chain_preferences
  @chain_preferences
end

#challenge_responder_rulesObject (readonly)

Returns the value of attribute challenge_responder_rules.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def challenge_responder_rules
  @challenge_responder_rules
end

#identifiersObject (readonly)

Returns the value of attribute identifiers.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def identifiers
  @identifiers
end

#not_afterObject (readonly)

Returns the value of attribute not_after.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def not_after
  @not_after
end

#not_beforeObject (readonly)

Returns the value of attribute not_before.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def not_before
  @not_before
end

#private_keyObject (readonly)

Returns the value of attribute private_key.



26
27
28
 
# File 'lib/acmesmith/ordering_service.rb', line 26

def private_key
  @private_key
end

Instance Method Details

#certificateObject 



91
92
93
 
# File 'lib/acmesmith/ordering_service.rb', line 91

def certificate
  @certificate or raise NotCompleted, "not completed yet"
end

#common_nameString

Returns:

  • (String) 


101
102
103
 
# File 'lib/acmesmith/ordering_service.rb', line 101

def common_name
  identifiers.first
end

#csrAcme::Client::CertificateRequest

Returns:

  • (Acme::Client::CertificateRequest) 


111
112
113
 
# File 'lib/acmesmith/ordering_service.rb', line 111

def csr
  @csr ||= Acme::Client::CertificateRequest.new(subject: { common_name: common_name }, names: sans, private_key: private_key)
end

#ensure_authorizationObject 



53
54
55
56
57
58
59
60
61
62
63
 
# File 'lib/acmesmith/ordering_service.rb', line 53

def ensure_authorization
  return if order.authorizations.empty? || order.status == 'ready'
  puts "=> Looking for required domain authorizations"
  puts
  order.authorizations.map(&:domain).each do |domain|
    puts " * #{domain}"
  end
  puts

  AuthorizationService.new(challenge_responder_rules, order.authorizations).perform!
end

#finalize_orderObject 



65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/acmesmith/ordering_service.rb', line 65

def finalize_order
  puts
  puts "=> Finalizing the order"
  puts
  puts csr.csr.to_pem
  puts

  print " * Requesting..."
  order.finalize(csr: csr)
  puts" [ ok ]"
end

#orderObject

Returns Acme::Client::Resources::Order[].

Returns:

  • Acme::Client::Resources::Order[]



96
97
98
 
# File 'lib/acmesmith/ordering_service.rb', line 96

def order
  @order or raise "BUG: order not yet generated"
end

#pem_chainObject

Returns String.

Returns:

  • String



86
87
88
89
 
# File 'lib/acmesmith/ordering_service.rb', line 86

def pem_chain
  url = order.certificate_url or raise NotCompleted, "not completed yet"
  CertificateRetrievingService.new(acme, common_name, url, chain_preferences: chain_preferences).pem_chain
end

#perform!Object 



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def perform!
  puts "=> Ordering a certificate for the following identifiers:"
  puts
  puts " * CN:  #{common_name}"
  sans.each do |san|
    puts " * SAN: #{san}"
  end

  puts
  puts "=> Placing an order"
  @order = acme.new_order(identifiers: identifiers, not_before: not_before, not_after: not_after)
  puts " * URL: #{order.url}"

  ensure_authorization()

  finalize_order()
  wait_order_for_complete()

  @certificate = Certificate.by_issuance(pem_chain, csr)

  puts
  puts "=> Certificate issued"
  nil
end

#sansArray<String>

Returns:

  • (Array<String>) 


106
107
108
 
# File 'lib/acmesmith/ordering_service.rb', line 106

def sans
  identifiers[1..-1]
end

#wait_order_for_completeObject 



77
78
79
80
81
82
83
 
# File 'lib/acmesmith/ordering_service.rb', line 77

def wait_order_for_complete
  while %w(ready processing).include?(order.status)
    order.reload()
    puts " * Waiting for complete: status=#{order.status}"
    sleep 2
  end
end