diff --git a/lib/acme/client.rb b/lib/acme/client.rb index f948253..1919347 100644 --- a/lib/acme/client.rb +++ b/lib/acme/client.rb @@ -19,6 +19,7 @@ class Acme::Client; end require 'acme/client/faraday_middleware' require 'acme/client/jwk' require 'acme/client/error' +require 'acme/client/error/rate_limited' require 'acme/client/util' class Acme::Client diff --git a/lib/acme/client/error.rb b/lib/acme/client/error.rb index 2b35623..4b039a1 100644 --- a/lib/acme/client/error.rb +++ b/lib/acme/client/error.rb @@ -1,4 +1,9 @@ class Acme::Client::Error < StandardError + def initialize(message = nil, env = nil) + super(message) + @env = env + end + class NotFound < Acme::Client::Error; end class BadCSR < Acme::Client::Error; end class BadNonce < Acme::Client::Error; end @@ -10,7 +15,6 @@ class Acme::Tls < Acme::Client::Error; end class Unauthorized < Acme::Client::Error; end class UnknownHost < Acme::Client::Error; end class Timeout < Acme::Client::Error; end - class RateLimited < Acme::Client::Error; end class RejectedIdentifier < Acme::Client::Error; end class UnsupportedIdentifier < Acme::Client::Error; end end diff --git a/lib/acme/client/error/rate_limited.rb b/lib/acme/client/error/rate_limited.rb new file mode 100644 index 0000000..a618e57 --- /dev/null +++ b/lib/acme/client/error/rate_limited.rb @@ -0,0 +1,7 @@ +class Acme::Client::Error::RateLimited < Acme::Client::Error + DEFAULT_RETRY_AFTER = 10 + + def retry_after + @env.response_headers.fetch('Retry-After', DEFAULT_RETRY_AFTER).to_i + end +end diff --git a/lib/acme/client/faraday_middleware.rb b/lib/acme/client/faraday_middleware.rb index c9c5ae2..966f583 100644 --- a/lib/acme/client/faraday_middleware.rb +++ b/lib/acme/client/faraday_middleware.rb @@ -40,7 +40,7 @@ def raise_on_not_found! end def raise_on_error! - raise error_class, error_message + raise error_class.new(error_message, env) end def error_message diff --git a/spec/cassettes/new_certificate_success.yml b/spec/cassettes/new_certificate_success.yml index a9793a1..800a3be 100644 --- a/spec/cassettes/new_certificate_success.yml +++ b/spec/cassettes/new_certificate_success.yml @@ -1,275 +1,5 @@ --- http_interactions: -- request: - method: head - uri: http://127.0.0.1:4000/acme/new-reg - body: - encoding: US-ASCII - string: '' - headers: - User-Agent: - - Faraday v0.9.2 - Accept: - - "*/*" - response: - status: - code: 405 - message: Method Not Allowed - headers: - Allow: - - POST - Content-Type: - - application/problem+json - Replay-Nonce: - - Xsc9DH7mcHfRb-SoDaMz0rWdOHVD2ajC8DaUjBg22bc - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - body: - encoding: UTF-8 - string: '' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: post - uri: http://127.0.0.1:4000/acme/new-reg - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiWHNjOURIN21jSGZSYi1Tb0RhTXowcldkT0hWRDJhakM4RGFVakJnMjJiYyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzppbmZvQGV4YW1wbGUuY29tIl19","signature":"Wcew_pVwPzjdGvfReNuyEjXTR3bMz8o7LYvnHFT5nljKmiyIZG3BeBjj90blczf1VcAh54tXLim8TChTUkOYOU7ReVJ_3epxI0hkqIunhSPRyvIew0rKSwYFg3UyG-8hsvGrwUtEax4JJMVenhZoyoHIwZEE_LMIasfSyQru3YtsOyIfdYec9uzfDNovFfQwCqH-dWiZOldHY68Ln1Tlgz4q3h8qhvCwoA-Na6i8tlrAYoptUGxtQeMoHKJcIgfWHLMsh3xWGwfjudjfvQEb2IfmZLBymlf1hRc7Kg1A927gps8ZCn9I8X-VKd4ulz2Ox2G-EqBvgLiwOkT9eRdc5w"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 201 - message: Created - headers: - Content-Type: - - application/json - Link: - - ;rel="next" - - ;rel="terms-of-service" - Location: - - http://127.0.0.1:4000/acme/reg/17 - Replay-Nonce: - - VJGr5fKbdkvT1eCZFSAQW70nRHTHtK8ph3JfjXOY7OI - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '495' - body: - encoding: UTF-8 - string: '{"id":17,"key":{"kty":"RSA","n":"u6yApfc4FhVqGUgodtJgXfGr2xlWshDupW6QggquCaOykBpiEVGxrZHIPOtKQeqxwqL_TDKOXnTPdm8ATVRVuhglqnwGVpLK2yWHk5-qFAIJ9LARHibLbrvLxo6zcXyjvWEvVUob0ziWeLjAKNC4_Bh-f-nCkN6qZn29oC6LQu2UFKfT6upMZhKpLt_amKJiaaoJDEvtanTEsnaWeq6mjpM9czezjZSKVgHuEO1fpyhX8N8yWju88xmurb_S26hgFpEpnUVkYjqptyHxV5VrY4_X3II4ex_K6HK-bfnsnvSuIlMERlUxdpj0NcoC2MIXddZ_wT19b6m70UuhjUEb-w","e":"AQAB"},"contact":["mailto:info@example.com"],"initialIp":"10.0.2.2","createdAt":"2015-12-07T21:33:46.651350817Z"}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: post - uri: http://127.0.0.1:4000/acme/reg/17 - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiVkpHcjVmS2Jka3ZUMWVDWkZTQVFXNzBuUkhUSHRLOHBoM0pmalhPWTdPSSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6InJlZyIsImFncmVlbWVudCI6Imh0dHA6Ly8xMjcuMC4wLjE6NDAwMS90ZXJtcy92MSJ9","signature":"X_xU0ef16bFJWN7f1rKuWHsFA5cQNkhHy8EIiNFeHp8W9qqvy8OciQxOhXcQzIoLA3ugBQHdI0IGPz4Dtdg462GuQ3aN0jhg4dmSk5XtBupzUQlYwerYNSDZ8HsnUR78s34DL3ToJt65uAjZuWPNdYSc8pIUzQVWke7Nm0OVQUpYts9xM8BzuLBcBaRrWxNkxVKHlMoKUIfKv_jA4iv7wkeHRork5a-BopgB1Dh_zMUr8zwFpILVPXAI9JDZDBVYyK-yyBDgQ8lZ9LNiTJiyazmabammsZWVkrx9pI-zzwi2ph6Yy3wO1J_6RuEzlBtxcorTl6VU1pKu6g-v5HBNPQ"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 202 - message: Accepted - headers: - Content-Type: - - application/json - Link: - - ;rel="next" - - ;rel="terms-of-service" - Replay-Nonce: - - Y1LVpZ6llaj3ZQX8Bv94XswJa6fXU6QLzZXTA7d763E - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '530' - body: - encoding: UTF-8 - string: '{"id":17,"key":{"kty":"RSA","n":"u6yApfc4FhVqGUgodtJgXfGr2xlWshDupW6QggquCaOykBpiEVGxrZHIPOtKQeqxwqL_TDKOXnTPdm8ATVRVuhglqnwGVpLK2yWHk5-qFAIJ9LARHibLbrvLxo6zcXyjvWEvVUob0ziWeLjAKNC4_Bh-f-nCkN6qZn29oC6LQu2UFKfT6upMZhKpLt_amKJiaaoJDEvtanTEsnaWeq6mjpM9czezjZSKVgHuEO1fpyhX8N8yWju88xmurb_S26hgFpEpnUVkYjqptyHxV5VrY4_X3II4ex_K6HK-bfnsnvSuIlMERlUxdpj0NcoC2MIXddZ_wT19b6m70UuhjUEb-w","e":"AQAB"},"contact":["mailto:info@example.com"],"agreement":"http://127.0.0.1:4001/terms/v1","initialIp":"10.0.2.2","createdAt":"2015-12-07T21:33:46Z"}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: post - uri: http://127.0.0.1:4000/acme/new-authz - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiWTFMVnBaNmxsYWozWlFYOEJ2OTRYc3dKYTZmWFU2UUx6WlhUQTdkNzYzRSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoidGVzdC5leGFtcGxlLm9yZyJ9fQ","signature":"d2Z9sb_Y-cUGn2goAPHKLBdIGOdPOVFmKs8T7KV8Is0NL4JIBHHUDUrYEFe46JmWObDiAPeZI9m6dKKHSA74Mj1vgFg05GlC_RY4_Yt70UhxK7IoTqWPWCTXHqkuQEwxrXg2Ae8bfaUeke-fWiO94mZpVazod6XxDE94NLYXqOa7n7DlHRa6EycR43QzR0smvBbvk4CGtYy0QE7odYQJ9tTdJFNcm-rxzvQ__ClfoNw-pebilhKE22vpKHLVoo9HSFRluDmGs3CaChTHMlIIHFgz_PpaGYZ2xGBiirzso4aX4sTacy9RlbK9l15jJULFdSHtd4c6rK3h7Ws2Nte5fQ"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 201 - message: Created - headers: - Content-Type: - - application/json - Link: - - ;rel="next" - Location: - - http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc - Replay-Nonce: - - xYua4dtB9fmToTw5Ju6MmRrL4vwK7Q85ubvN4mLJkwY - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '1104' - body: - encoding: UTF-8 - string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"pending","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c"},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: post - uri: http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoieFl1YTRkdEI5Zm1Ub1R3NUp1Nk1tUnJMNHZ3SzdRODV1YnZONG1MSmt3WSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6ImNoYWxsZW5nZSIsInR5cGUiOiJodHRwLTAxIiwia2V5QXV0aG9yaXphdGlvbiI6Inl5ZW02TkkxbFEycVo1MEc5OFZ5ZmtfSU9lU1JfcmZQVjJWOXM1cTlOMGMuejJOMTBfMS1tVDllRlR1NGVfTk9peWt0SFN6LVhqY1M4Y2ZfcWFIazIwOCJ9","signature":"C4CoCxvptqfgP5X59wMWINBfvkgKEQk4-ZIhii_SlvMCB41jF7NfmVyNG-XFJDSTnbdJT6CK0UoLRJAO90M6UCZj2S31mLSdA9PU5WZevnmvWNNbGiMbAvRsXA0GathtT5EnLZrws-YIDaZQ_7Oe1dPyOIeegStLR1zF9-6eBTLtqx5FiENuY0yuo2wDa7uei8posItlqGlsAo64WDuoLdiKQuKZWeHQgDWLWArLGqvY4dv-mA0ePkSfbZJuwJZ-1EWzCRaOfPa8R8itBnwyLfdSs9Zbk_cuttEBz0tXWpCq_U2XpEQEvNlYZfprKcYfeMaj22wpDDdW4qRohH3QLA"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 202 - message: Accepted - headers: - Content-Type: - - application/json - Link: - - ;rel="up" - Location: - - http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 - Replay-Nonce: - - xrGRGFxdchqWuVvWMgkBq5N7DeNhjJMk8NWats_343s - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '292' - body: - encoding: UTF-8 - string: '{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208"}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: get - uri: http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoieHJHUkdGeGRjaHFXdVZ2V01na0JxNU43RGVOaGpKTWs4TldhdHNfMzQzcyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"XvyS_k0GkplLzPvY5tP5fABX1h-94weRRvNq9LGWDtVgr2Zaprkc2gsfRGiVx4Da0Qaksuf7-i3QIbcsl_NurgOb-1EzcN1D9qUoNffPWe7oQWR_46EVlg73FwUvUED_rxqkiHi74MEVEF0PoHzIOzXezzqpNs2tkyAMbf0kmtceee4CkmCtliYcv0F3E5BMJf2npNcMFLd8OjmIoTLQgSC1MH8v8l2g5X43UB2SkGcXIdR0B1IGwiO-XYJrF8PimmWo-8uBvnxu6XvN9o4bo3aoTKK38K46zshcB4lkSebDe5hJQgLMl9AEB86GH4Gd8jy7ShHShK5bQPyvkFgBcw"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 200 - message: OK - headers: - Content-Type: - - application/json - Link: - - ;rel="next" - Replay-Nonce: - - hVpY1ph-7-fJhZc20-9p5BtP1p47WWI6aoXcl6DTQXc - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '1104' - body: - encoding: UTF-8 - string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"pending","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c"},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: get - uri: http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiaFZwWTFwaC03LWZKaFpjMjAtOXA1QnRQMXA0N1dXSTZhb1hjbDZEVFFYYyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"ijXs8aBCM9Hxr6TTizgqJTJk9SIyxrBZiIj-JyqQKuL0f9ZewuvX3vua499LApUzZeg072sDPa0o534mNsNJaBlZJuMxHQ7vIcX_rDOiSwulLWkLT93hwcXKv2y0CTj3KSqWGYIdo0e-wu2Ayb5lyVfU-YNTc0q4bJl-7jq0Eq2dEkwCAZG21H0wTtoNx67UZ3gQsOShR4xBSGTOGZpxoXYpetq-7NmHjmVQNn-kj7b8FwYM_WCac6GCmqiMYYxKo89R86YxCfTFK3sdBZX4aKQzlDr037ZbLQ58tnzJ9I4D1KxAzjOAKH1eagrr8puzn96jmPPfwTLfAD0ckbx8hQ"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 202 - message: Accepted - headers: - Content-Type: - - application/json - Link: - - ;rel="up" - Location: - - http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 - Replay-Nonce: - - 1OPtyNrmhc6lN__r7JGWpnPSaQfwmyecUr6g8Eb0k2E - Date: - - Mon, 07 Dec 2015 21:33:46 GMT - Content-Length: - - '292' - body: - encoding: UTF-8 - string: '{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208"}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:46 GMT -- request: - method: get - uri: http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc - body: - encoding: UTF-8 - string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiS1FINW5vSFN2cEpCYzM4NE4wWG0zVE1TWEotb3ZJZWxWWkhPUTZfXzM1MCIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"imZ01yOwSxb0SJClYZH_MUo7qZY61xyuSxqZXg3ZTDUzww1yCnbXYjDh4dIYtRQ_y2-LoFeTXmTjxygMIcWjo8FiovVGP8o7DgofUKka3JM-JTCjcFKzSrsUA5lSjfmXhm99j4lw0UGZXQy6XVvJSZKu8sT86xEXsG4XT2spp32wY5cN_MEbTkxNjcktCUjx957C1dbP_U35H7IUJ6i2DY0iG6HwFt1YgauWnYy8Zmw1TdnPJyEIVaTvTNWS0tTdJl6Tuw9LGnfs4bTTNsBvVNi1Q02kXcnx2d5SSQloHSuGU22a80ZAU7Vwc146MxZ6hvHmQWKCMmEWnIaGVJOVtA"}' - headers: - User-Agent: - - Faraday v0.9.2 - Accept-Encoding: - - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 - Accept: - - "*/*" - response: - status: - code: 200 - message: OK - headers: - Content-Type: - - application/json - Link: - - ;rel="next" - Replay-Nonce: - - lY2qr73KGablPgbpdSzW-XzYTOllw13ayMuvYptVPrI - Date: - - Mon, 07 Dec 2015 21:33:47 GMT - Content-Length: - - 1448 - body: - encoding: UTF-8 - string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"valid","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"valid","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208","validationRecord":[{"url":"http://test.example.org:5002/.well-known/acme-challenge/yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","hostname":"test.example.org","port":"5002","addressesResolved":["192.168.1.2"],"addressUsed":"192.168.1.2"}]},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' - http_version: - recorded_at: Mon, 07 Dec 2015 21:33:47 GMT - request: method: post uri: http://127.0.0.1:4000/acme/new-cert diff --git a/spec/cassettes/new_reg_success.yml b/spec/cassettes/new_reg_success.yml new file mode 100644 index 0000000..db25327 --- /dev/null +++ b/spec/cassettes/new_reg_success.yml @@ -0,0 +1,272 @@ +--- +http_interactions: +- request: + method: head + uri: http://127.0.0.1:4000/acme/new-reg + body: + encoding: US-ASCII + string: '' + headers: + User-Agent: + - Faraday v0.9.2 + Accept: + - "*/*" + response: + status: + code: 405 + message: Method Not Allowed + headers: + Allow: + - POST + Content-Type: + - application/problem+json + Replay-Nonce: + - Xsc9DH7mcHfRb-SoDaMz0rWdOHVD2ajC8DaUjBg22bc + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + body: + encoding: UTF-8 + string: '' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: post + uri: http://127.0.0.1:4000/acme/new-reg + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiWHNjOURIN21jSGZSYi1Tb0RhTXowcldkT0hWRDJhakM4RGFVakJnMjJiYyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzppbmZvQGV4YW1wbGUuY29tIl19","signature":"Wcew_pVwPzjdGvfReNuyEjXTR3bMz8o7LYvnHFT5nljKmiyIZG3BeBjj90blczf1VcAh54tXLim8TChTUkOYOU7ReVJ_3epxI0hkqIunhSPRyvIew0rKSwYFg3UyG-8hsvGrwUtEax4JJMVenhZoyoHIwZEE_LMIasfSyQru3YtsOyIfdYec9uzfDNovFfQwCqH-dWiZOldHY68Ln1Tlgz4q3h8qhvCwoA-Na6i8tlrAYoptUGxtQeMoHKJcIgfWHLMsh3xWGwfjudjfvQEb2IfmZLBymlf1hRc7Kg1A927gps8ZCn9I8X-VKd4ulz2Ox2G-EqBvgLiwOkT9eRdc5w"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 201 + message: Created + headers: + Content-Type: + - application/json + Link: + - ;rel="next" + - ;rel="terms-of-service" + Location: + - http://127.0.0.1:4000/acme/reg/17 + Replay-Nonce: + - VJGr5fKbdkvT1eCZFSAQW70nRHTHtK8ph3JfjXOY7OI + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '495' + body: + encoding: UTF-8 + string: '{"id":17,"key":{"kty":"RSA","n":"u6yApfc4FhVqGUgodtJgXfGr2xlWshDupW6QggquCaOykBpiEVGxrZHIPOtKQeqxwqL_TDKOXnTPdm8ATVRVuhglqnwGVpLK2yWHk5-qFAIJ9LARHibLbrvLxo6zcXyjvWEvVUob0ziWeLjAKNC4_Bh-f-nCkN6qZn29oC6LQu2UFKfT6upMZhKpLt_amKJiaaoJDEvtanTEsnaWeq6mjpM9czezjZSKVgHuEO1fpyhX8N8yWju88xmurb_S26hgFpEpnUVkYjqptyHxV5VrY4_X3II4ex_K6HK-bfnsnvSuIlMERlUxdpj0NcoC2MIXddZ_wT19b6m70UuhjUEb-w","e":"AQAB"},"contact":["mailto:info@example.com"],"initialIp":"10.0.2.2","createdAt":"2015-12-07T21:33:46.651350817Z"}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: post + uri: http://127.0.0.1:4000/acme/reg/17 + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiVkpHcjVmS2Jka3ZUMWVDWkZTQVFXNzBuUkhUSHRLOHBoM0pmalhPWTdPSSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6InJlZyIsImFncmVlbWVudCI6Imh0dHA6Ly8xMjcuMC4wLjE6NDAwMS90ZXJtcy92MSJ9","signature":"X_xU0ef16bFJWN7f1rKuWHsFA5cQNkhHy8EIiNFeHp8W9qqvy8OciQxOhXcQzIoLA3ugBQHdI0IGPz4Dtdg462GuQ3aN0jhg4dmSk5XtBupzUQlYwerYNSDZ8HsnUR78s34DL3ToJt65uAjZuWPNdYSc8pIUzQVWke7Nm0OVQUpYts9xM8BzuLBcBaRrWxNkxVKHlMoKUIfKv_jA4iv7wkeHRork5a-BopgB1Dh_zMUr8zwFpILVPXAI9JDZDBVYyK-yyBDgQ8lZ9LNiTJiyazmabammsZWVkrx9pI-zzwi2ph6Yy3wO1J_6RuEzlBtxcorTl6VU1pKu6g-v5HBNPQ"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 202 + message: Accepted + headers: + Content-Type: + - application/json + Link: + - ;rel="next" + - ;rel="terms-of-service" + Replay-Nonce: + - Y1LVpZ6llaj3ZQX8Bv94XswJa6fXU6QLzZXTA7d763E + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '530' + body: + encoding: UTF-8 + string: '{"id":17,"key":{"kty":"RSA","n":"u6yApfc4FhVqGUgodtJgXfGr2xlWshDupW6QggquCaOykBpiEVGxrZHIPOtKQeqxwqL_TDKOXnTPdm8ATVRVuhglqnwGVpLK2yWHk5-qFAIJ9LARHibLbrvLxo6zcXyjvWEvVUob0ziWeLjAKNC4_Bh-f-nCkN6qZn29oC6LQu2UFKfT6upMZhKpLt_amKJiaaoJDEvtanTEsnaWeq6mjpM9czezjZSKVgHuEO1fpyhX8N8yWju88xmurb_S26hgFpEpnUVkYjqptyHxV5VrY4_X3II4ex_K6HK-bfnsnvSuIlMERlUxdpj0NcoC2MIXddZ_wT19b6m70UuhjUEb-w","e":"AQAB"},"contact":["mailto:info@example.com"],"agreement":"http://127.0.0.1:4001/terms/v1","initialIp":"10.0.2.2","createdAt":"2015-12-07T21:33:46Z"}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: post + uri: http://127.0.0.1:4000/acme/new-authz + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiWTFMVnBaNmxsYWozWlFYOEJ2OTRYc3dKYTZmWFU2UUx6WlhUQTdkNzYzRSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoidGVzdC5leGFtcGxlLm9yZyJ9fQ","signature":"d2Z9sb_Y-cUGn2goAPHKLBdIGOdPOVFmKs8T7KV8Is0NL4JIBHHUDUrYEFe46JmWObDiAPeZI9m6dKKHSA74Mj1vgFg05GlC_RY4_Yt70UhxK7IoTqWPWCTXHqkuQEwxrXg2Ae8bfaUeke-fWiO94mZpVazod6XxDE94NLYXqOa7n7DlHRa6EycR43QzR0smvBbvk4CGtYy0QE7odYQJ9tTdJFNcm-rxzvQ__ClfoNw-pebilhKE22vpKHLVoo9HSFRluDmGs3CaChTHMlIIHFgz_PpaGYZ2xGBiirzso4aX4sTacy9RlbK9l15jJULFdSHtd4c6rK3h7Ws2Nte5fQ"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 201 + message: Created + headers: + Content-Type: + - application/json + Link: + - ;rel="next" + Location: + - http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc + Replay-Nonce: + - xYua4dtB9fmToTw5Ju6MmRrL4vwK7Q85ubvN4mLJkwY + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '1104' + body: + encoding: UTF-8 + string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"pending","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c"},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: post + uri: http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoieFl1YTRkdEI5Zm1Ub1R3NUp1Nk1tUnJMNHZ3SzdRODV1YnZONG1MSmt3WSIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"eyJyZXNvdXJjZSI6ImNoYWxsZW5nZSIsInR5cGUiOiJodHRwLTAxIiwia2V5QXV0aG9yaXphdGlvbiI6Inl5ZW02TkkxbFEycVo1MEc5OFZ5ZmtfSU9lU1JfcmZQVjJWOXM1cTlOMGMuejJOMTBfMS1tVDllRlR1NGVfTk9peWt0SFN6LVhqY1M4Y2ZfcWFIazIwOCJ9","signature":"C4CoCxvptqfgP5X59wMWINBfvkgKEQk4-ZIhii_SlvMCB41jF7NfmVyNG-XFJDSTnbdJT6CK0UoLRJAO90M6UCZj2S31mLSdA9PU5WZevnmvWNNbGiMbAvRsXA0GathtT5EnLZrws-YIDaZQ_7Oe1dPyOIeegStLR1zF9-6eBTLtqx5FiENuY0yuo2wDa7uei8posItlqGlsAo64WDuoLdiKQuKZWeHQgDWLWArLGqvY4dv-mA0ePkSfbZJuwJZ-1EWzCRaOfPa8R8itBnwyLfdSs9Zbk_cuttEBz0tXWpCq_U2XpEQEvNlYZfprKcYfeMaj22wpDDdW4qRohH3QLA"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 202 + message: Accepted + headers: + Content-Type: + - application/json + Link: + - ;rel="up" + Location: + - http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 + Replay-Nonce: + - xrGRGFxdchqWuVvWMgkBq5N7DeNhjJMk8NWats_343s + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '292' + body: + encoding: UTF-8 + string: '{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208"}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: get + uri: http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoieHJHUkdGeGRjaHFXdVZ2V01na0JxNU43RGVOaGpKTWs4TldhdHNfMzQzcyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"XvyS_k0GkplLzPvY5tP5fABX1h-94weRRvNq9LGWDtVgr2Zaprkc2gsfRGiVx4Da0Qaksuf7-i3QIbcsl_NurgOb-1EzcN1D9qUoNffPWe7oQWR_46EVlg73FwUvUED_rxqkiHi74MEVEF0PoHzIOzXezzqpNs2tkyAMbf0kmtceee4CkmCtliYcv0F3E5BMJf2npNcMFLd8OjmIoTLQgSC1MH8v8l2g5X43UB2SkGcXIdR0B1IGwiO-XYJrF8PimmWo-8uBvnxu6XvN9o4bo3aoTKK38K46zshcB4lkSebDe5hJQgLMl9AEB86GH4Gd8jy7ShHShK5bQPyvkFgBcw"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 200 + message: OK + headers: + Content-Type: + - application/json + Link: + - ;rel="next" + Replay-Nonce: + - hVpY1ph-7-fJhZc20-9p5BtP1p47WWI6aoXcl6DTQXc + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '1104' + body: + encoding: UTF-8 + string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"pending","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c"},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: get + uri: http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiaFZwWTFwaC03LWZKaFpjMjAtOXA1QnRQMXA0N1dXSTZhb1hjbDZEVFFYYyIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"ijXs8aBCM9Hxr6TTizgqJTJk9SIyxrBZiIj-JyqQKuL0f9ZewuvX3vua499LApUzZeg072sDPa0o534mNsNJaBlZJuMxHQ7vIcX_rDOiSwulLWkLT93hwcXKv2y0CTj3KSqWGYIdo0e-wu2Ayb5lyVfU-YNTc0q4bJl-7jq0Eq2dEkwCAZG21H0wTtoNx67UZ3gQsOShR4xBSGTOGZpxoXYpetq-7NmHjmVQNn-kj7b8FwYM_WCac6GCmqiMYYxKo89R86YxCfTFK3sdBZX4aKQzlDr037ZbLQ58tnzJ9I4D1KxAzjOAKH1eagrr8puzn96jmPPfwTLfAD0ckbx8hQ"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 202 + message: Accepted + headers: + Content-Type: + - application/json + Link: + - ;rel="up" + Location: + - http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56 + Replay-Nonce: + - 1OPtyNrmhc6lN__r7JGWpnPSaQfwmyecUr6g8Eb0k2E + Date: + - Mon, 07 Dec 2015 21:33:46 GMT + Content-Length: + - '292' + body: + encoding: UTF-8 + string: '{"type":"http-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208"}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:46 GMT +- request: + method: get + uri: http://127.0.0.1:4000/acme/authz/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc + body: + encoding: UTF-8 + string: '{"protected":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiS1FINW5vSFN2cEpCYzM4NE4wWG0zVE1TWEotb3ZJZWxWWkhPUTZfXzM1MCIsImp3ayI6eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJ1NnlBcGZjNEZoVnFHVWdvZHRKZ1hmR3IyeGxXc2hEdXBXNlFnZ3F1Q2FPeWtCcGlFVkd4clpISVBPdEtRZXF4d3FMX1RES09YblRQZG04QVRWUlZ1aGdscW53R1ZwTEsyeVdIazUtcUZBSUo5TEFSSGliTGJydkx4bzZ6Y1h5anZXRXZWVW9iMHppV2VMakFLTkM0X0JoLWYtbkNrTjZxWm4yOW9DNkxRdTJVRktmVDZ1cE1aaEtwTHRfYW1LSmlhYW9KREV2dGFuVEVzbmFXZXE2bWpwTTljemV6alpTS1ZnSHVFTzFmcHloWDhOOHlXanU4OHhtdXJiX1MyNmhnRnBFcG5VVmtZanFwdHlIeFY1VnJZNF9YM0lJNGV4X0s2SEstYmZuc252U3VJbE1FUmxVeGRwajBOY29DMk1JWGRkWl93VDE5YjZtNzBVdWhqVUViLXcifX0","payload":"e30","signature":"imZ01yOwSxb0SJClYZH_MUo7qZY61xyuSxqZXg3ZTDUzww1yCnbXYjDh4dIYtRQ_y2-LoFeTXmTjxygMIcWjo8FiovVGP8o7DgofUKka3JM-JTCjcFKzSrsUA5lSjfmXhm99j4lw0UGZXQy6XVvJSZKu8sT86xEXsG4XT2spp32wY5cN_MEbTkxNjcktCUjx957C1dbP_U35H7IUJ6i2DY0iG6HwFt1YgauWnYy8Zmw1TdnPJyEIVaTvTNWS0tTdJl6Tuw9LGnfs4bTTNsBvVNi1Q02kXcnx2d5SSQloHSuGU22a80ZAU7Vwc146MxZ6hvHmQWKCMmEWnIaGVJOVtA"}' + headers: + User-Agent: + - Faraday v0.9.2 + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - "*/*" + response: + status: + code: 200 + message: OK + headers: + Content-Type: + - application/json + Link: + - ;rel="next" + Replay-Nonce: + - lY2qr73KGablPgbpdSzW-XzYTOllw13ayMuvYptVPrI + Date: + - Mon, 07 Dec 2015 21:33:47 GMT + Content-Length: + - 1448 + body: + encoding: UTF-8 + string: '{"identifier":{"type":"dns","value":"test.example.org"},"status":"valid","expires":"2015-12-14T21:33:46.775082271Z","challenges":[{"type":"http-01","status":"valid","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/56","token":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","keyAuthorization":"yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c.z2N10_1-mT9eFTu4e_NOiyktHSz-XjcS8cf_qaHk208","validationRecord":[{"url":"http://test.example.org:5002/.well-known/acme-challenge/yyem6NI1lQ2qZ50G98Vyfk_IOeSR_rfPV2V9s5q9N0c","hostname":"test.example.org","port":"5002","addressesResolved":["192.168.1.2"],"addressUsed":"192.168.1.2"}]},{"type":"dvsni","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/57","token":"YLFt7hjzXF0Qfwi_EUvoQu4xrJiPWT9tuAOJrUSuUO0"},{"type":"dns-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/58","token":"1vvUtLFyHJ6UNlZIkGjScuU2kUInz7OKxd1jmg1fZwo"},{"type":"simpleHttp","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/59","token":"L_Qf7ys9P_YtGvdaYdFOp1fD0MA5Ky4pMcKi_4j7Nmo","tls":true},{"type":"tls-sni-01","status":"pending","uri":"http://127.0.0.1:4000/acme/challenge/8uXA9djMuerEwykns1-ohGOfD52SWyy-VVuY45LlWPc/60","token":"dGratfHQez0ikYHTxdaPhefkw9nF6RMUZwNiVkssRx0"}],"combinations":[[0],[3],[4],[2],[1]]}' + http_version: + recorded_at: Mon, 07 Dec 2015 21:33:47 GMT \ No newline at end of file diff --git a/spec/client_spec.rb b/spec/client_spec.rb index 93fa1cd..8bad486 100644 --- a/spec/client_spec.rb +++ b/spec/client_spec.rb @@ -126,15 +126,17 @@ let(:request) { Acme::Client::CertificateRequest.new(common_name: domain, private_key: generate_private_key) } before(:each) do - registration = client.register(contact: 'mailto:info@example.com') - registration.agree_terms - authorization = client.authorize(domain: domain) - http01 = authorization.http01 - - serve_once(http01.file_content) do - http01.request_verification - retry_until(condition: lambda { http01.status != 'pending' }) do - http01.verify_status + VCR.use_cassette 'new_reg_success' do + registration = client.register(contact: 'mailto:info@example.com') + registration.agree_terms + authorization = client.authorize(domain: domain) + http01 = authorization.http01 + + serve_once(http01.file_content) do + http01.request_verification + retry_until(condition: lambda { http01.status != 'pending' }) do + http01.verify_status + end end end end @@ -169,6 +171,34 @@ expect(certificate.x509_fullchain.first).to be(certificate.x509) expect(certificate.url).to eq('http://127.0.0.1:4000/acme/cert/ff87f2112cf6596eddb5df39113701b1572a') end + + it 'fails to create when rate limited and raises the proper exception' do + seven_days = 7 * 24 * 60 * 60 # 7 days + error_message = "Error creating new cert :: too many certificates already issued for exact set of domains: #{domain}" + + stub_request(:post, 'http://127.0.0.1:4000/acme/new-cert').with( + headers: { + 'Accept' => '*/*', + 'User-Agent' => Acme::Client::FaradayMiddleware::USER_AGENT + } + ).to_return( + body: { + type: 'urn:acme:error:rateLimited', + detail: error_message + }.to_json, + status: 429, + headers: { + 'Content-Type' => 'application/problem+json', + 'Retry-After' => seven_days.to_s + } + ) + + expect { client.new_certificate(request) }.to raise_error { |error| + expect(error).to be_a(Acme::Client::Error::RateLimited) + expect(error.retry_after).to eq(seven_days) + expect(error.message).to eq(error_message) + } + end end context '#revoke_certificate' do