org.shredzone.acme4j.challenge.Http01Challenge Java Examples

The following examples show how to use org.shredzone.acme4j.challenge.Http01Challenge. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CertificateCommand.java    From acme_client with MIT License 5 votes vote down vote up 
void writeChallengeByAuthorization(AuthorizationManager authorizationManagement) throws Exception {
    switch (getChallengeType()) {
        case Http01Challenge.TYPE:
            Http01Challenge http01Challenge = authorizationManagement.getHttp01Challenge();
            if(http01Challenge.getStatus()== Status.INVALID){
                throw new ChallengeInvalidException(http01Challenge.getLocation().toString());
            }
            String path;
            if (getParameters().isOneDirForWellKnown()) {
                path = Paths.get(getParameters().getWellKnownDir(), http01Challenge.getToken()).toString();
            } else {
                String subdir = authorizationManagement.getAuthorization().getIdentifier().getDomain()+
                        returnIfWildcard(authorizationManagement.getAuthorization());
                path = Paths.get(getParameters().getWellKnownDir(), subdir).toString();
                IOManager.createDirectories(path);
                path = Paths.get(path, http01Challenge.getToken()).toString();
            }
            IOManager.writeString(path, http01Challenge.getAuthorization());
            break;
        case Dns01Challenge.TYPE:
            Dns01Challenge dns01Challenge = authorizationManagement.getDns01Challenge();
            if(dns01Challenge.getStatus()== Status.INVALID){
                throw new ChallengeInvalidException(dns01Challenge.getLocation().toString());
            }
            Authorization authorization = authorizationManagement.getAuthorization();
            String fileSuffix = "_dns_digest"+returnIfWildcard(authorization);
            IOManager.writeString(
                    Paths.get(getParameters().getDnsDigestDir(),
                            authorizationManagement.getAuthorization().getIdentifier().getDomain() + fileSuffix).toString(),
                    dns01Challenge.getDigest()
            );
            break;
    }
}
Example #2
Source File: CertificateCommand.java    From acme_client with MIT License 5 votes vote down vote up 
String getChallengeType() {
    String challengeType = null;
    if (getParameters().getChallengeType().equalsIgnoreCase(Parameters.CHALLENGE_HTTP01)) {
        challengeType = Http01Challenge.TYPE;
    } else if (getParameters().getChallengeType().equalsIgnoreCase(Parameters.CHALLENGE_DNS01)) {
        challengeType = Dns01Challenge.TYPE;
    }
    return challengeType;
}
Example #3
Source File: LetsEncryptReloadLifecycle.java    From openwebbeans-meecrowave with Apache License 2.0 5 votes vote down vote up 
private Challenge httpChallenge(final Authorization auth) throws AcmeException {
    final Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
    if (challenge == null) {
        throw new AcmeException("Challenge is null");
    }

    challengeUpdater.accept("/.well-known/acme-challenge/" + challenge.getToken(), challenge.getAuthorization());
    return challenge;
}
Example #4
Source File: AcmeClient.java    From blynk-server with GNU General Public License v3.0 5 votes vote down vote up 
private Http01Challenge httpChallenge(Authorization auth) throws AcmeException {
    // Find a single http-01 challenge
    Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
    if (challenge == null) {
        throw new AcmeException("Found no " + Http01Challenge.TYPE + " challenge, don't know what to do...");
    }

    // Output the challenge, wait for acknowledge...
    log.debug("http://{}/.well-known/acme-challenge/{}", auth.getIdentifier().getDomain(), challenge.getToken());
    log.debug("Content: {}", challenge.getAuthorization());

    return challenge;
}
Example #5
Source File: AcmeClient.java    From r2cloud with Apache License 2.0 4 votes vote down vote up 
private void authorize(Registration reg, String domain) throws AcmeException, IOException {
	messages.add("authorizing domain: " + domain, LOG);
	Authorization auth = reg.authorizeDomain(domain);
	messages.add("find http challenge", LOG);
	Http01Challenge challenge1 = auth.findChallenge(Http01Challenge.TYPE);
	if (challenge1 == null) {
		throw new AcmeException("Found no " + Http01Challenge.TYPE + " challenge, don't know what to do...");
	}
	messages.add("saving challenge request", LOG);
	try (FileOutputStream fos = new FileOutputStream(new File(challengePath, challenge1.getToken()))) {
		fos.write(challenge1.getAuthorization().getBytes(StandardCharsets.UTF_8));
	}

	Challenge challenge = challenge1;
	if (challenge.getStatus() == Status.VALID) {
		messages.add("challenge already successeded", LOG);
		return;
	}
	messages.add("trigger challenge", LOG);
	challenge.trigger();

	// Poll for the challenge to complete.
	long retryTimeout = INITIAL_RETRY;
	while (challenge.getStatus() != Status.VALID && !Thread.currentThread().isInterrupted()) {
		// Did the authorization fail?
		if (challenge.getStatus() == Status.INVALID) {
			messages.add("Authorization failed: " + challenge.getError().getDetail());
			throw new AcmeException("Challenge failed...");
		}

		try {
			Thread.sleep(retryTimeout);
		} catch (InterruptedException ex) {
			Thread.currentThread().interrupt();
			break;
		}

		try {
			messages.add("update challenge", LOG);
			challenge.update();
		} catch (AcmeRetryAfterException e) {
			retryTimeout = e.getRetryAfter().toEpochMilli() - System.currentTimeMillis();
			messages.add("not ready. retry after: " + retryTimeout + " millis", LOG);
		}
	}

	// All reattempts are used up and there is still no valid authorization?
	if (challenge.getStatus() != Status.VALID) {
		throw new AcmeException("Failed to pass the challenge for domain " + domain + ", ... Giving up.");
	}
}
Example #6
Source File: AcmeClient.java    From blynk-server with GNU General Public License v3.0 4 votes vote down vote up 
/**
 * Authorize a domain. It will be associated with your account, so you will be able to
 * retrieve a signed certificate for the domain later.
 *
 * @param auth
 *            {@link Authorization} to perform
 */
private void authorize(Authorization auth) throws AcmeException {
    log.info("Starting authorization for domain {}", auth.getIdentifier().getDomain());

    // Find the desired challenge and prepare it.
    Http01Challenge challenge = httpChallenge(auth);

    if (challenge == null) {
        throw new AcmeException("No challenge found");
    }

    contentHolder.content = challenge.getAuthorization();

    // If the challenge is already verified, there's no need to execute it again.
    if (challenge.getStatus() == Status.VALID) {
        return;
    }

    // Now trigger the challenge.
    challenge.trigger();

    // Poll for the challenge to complete.
    try {
        int attempts = ATTEMPTS;
        while (challenge.getStatus() != Status.VALID && attempts-- > 0) {
            if (challenge.getStatus() == Status.INVALID) {
                throw new AcmeException("Challenge failed... Giving up.");
            }
            Thread.sleep(WAIT_MILLIS);
            challenge.update();
        }
    } catch (InterruptedException ex) {
        log.error("interrupted", ex);
        return;
    }

    // All reattempts are used up and there is still no valid authorization?
    if (challenge.getStatus() != Status.VALID) {
        throw new AcmeException("Failed to pass the challenge for domain "
                + auth.getIdentifier().getDomain() + ", ... Giving up.");
    }
}
Example #7
Source File: CertGenerator.java    From spring-boot-starter-acme with Apache License 2.0 3 votes vote down vote up 
/**
 * Prepares a HTTP challenge.
 * <p>
 * The verification of this challenge expects a file with a certain content to be
 * reachable at a given path under the domain to be tested.
 * </p>
 *
 * @param aAuthorization
 *            {@link Authorization} to find the challenge in
 * @param aDomainName
 *            Domain name to be authorized
 * @return {@link Challenge} to verify
 */
private Challenge httpChallenge(Authorization aAuthorization, String aDomainName) throws AcmeException {
  // Find a single http-01 challenge
  Http01Challenge challenge = aAuthorization.findChallenge(Http01Challenge.TYPE);
  
  if (challenge == null) {
    throw new AcmeException("Found no " + Http01Challenge.TYPE + " challenge, don't know what to do...");
  }
  
  challengeStore.put(challenge.getToken(), challenge.getAuthorization());

  return challenge;
}
Example #8
Source File: AuthorizationManager.java    From acme_client with MIT License 2 votes vote down vote up 
/**
 * Your challenge should be accessible via next url:
 * http://${domain}/.well-known/acme-challenge/${token}
 * it must contain "content" of the challenge.
 * <p>
 * Content-Type of the header must be "text/plain" or absent
 * <p>
 * The challenge is completed when the CA was able to download that file and found content in it.
 *
 * @return HTTP01 Challenge
 */
public Http01Challenge getHttp01Challenge() {
    return this.authorization.findChallenge(Http01Challenge.TYPE);
}