diff --git a/src/ejabberd_acme.erl b/src/ejabberd_acme.erl index e84493beb..2370dc906 100644 --- a/src/ejabberd_acme.erl +++ b/src/ejabberd_acme.erl @@ -1,7 +1,7 @@ -module (ejabberd_acme). -export([%% Ejabberdctl Commands - get_certificates/3, + get_certificates/2, renew_certificates/1, list_certificates/1, revoke_certificate/2, @@ -60,10 +60,10 @@ is_valid_domain_opt(DomainString) -> %% Get Certificate %% --spec get_certificates(url(), domains_opt(), account_opt()) -> string() | {'error', _}. -get_certificates(CAUrl, Domains, NewAccountOpt) -> +-spec get_certificates(url(), domains_opt()) -> string() | {'error', _}. +get_certificates(CAUrl, Domains) -> try - get_certificates0(CAUrl, Domains, NewAccountOpt) + get_certificates0(CAUrl, Domains) catch throw:Throw -> Throw; @@ -72,19 +72,23 @@ get_certificates(CAUrl, Domains, NewAccountOpt) -> {error, get_certificates} end. --spec get_certificates0(url(), domains_opt(), account_opt()) -> string(). -get_certificates0(CAUrl, Domains, "old-account") -> - %% Get the current account - {ok, _AccId, PrivateKey} = ensure_account_exists(), - - get_certificates1(CAUrl, Domains, PrivateKey); - -get_certificates0(CAUrl, Domains, "new-account") -> - %% Create a new account and save it to disk - {ok, _Id, PrivateKey} = create_save_new_account(CAUrl), +-spec get_certificates0(url(), domains_opt()) -> string(). +get_certificates0(CAUrl, Domains) -> + %% Check if an account exists or create another one + {ok, _AccId, PrivateKey} = retrieve_or_create_account(CAUrl), get_certificates1(CAUrl, Domains, PrivateKey). + +retrieve_or_create_account(CAUrl) -> + case read_account_persistent() of + none -> + create_save_new_account(CAUrl); + {ok, AccId, PrivateKey} -> + {ok, AccId, PrivateKey} + end. + + -spec get_certificates1(url(), domains_opt(), jose_jwk:key()) -> string(). get_certificates1(CAUrl, "all", PrivateKey) -> Hosts = get_config_hosts(), diff --git a/src/ejabberd_admin.erl b/src/ejabberd_admin.erl index 5a313511f..e41a53994 100644 --- a/src/ejabberd_admin.erl +++ b/src/ejabberd_admin.erl @@ -45,7 +45,7 @@ %% Migration jabberd1.4 import_file/1, import_dir/1, %% Acme - get_certificate/2, + get_certificate/1, renew_certificate/0, list_certificates/1, revoke_certificate/1, @@ -248,13 +248,11 @@ get_commands_spec() -> args = [{file, string}], result = {res, restuple}}, #ejabberd_commands{name = get_certificate, tags = [acme], - desc = "Gets a certificate for all or the specified domains {all|domain1;domain2;...}. Can be used with {old-account|new-account}.", + desc = "Gets a certificate for all or the specified domains {all|domain1;domain2;...}.", module = ?MODULE, function = get_certificate, - args_desc = ["Domains for which to acquire a certificate", - "Whether to create a new account or use the existing one"], - args_example = ["all | www.example.com;www.example1.net", - "old-account | new-account"], - args = [{domains, string}, {option, string}], + args_desc = ["Domains for which to acquire a certificate"], + args_example = ["all | www.example.com;www.example1.net"], + args = [{domains, string}], result = {certificates, string}}, #ejabberd_commands{name = renew_certificate, tags = [acme], desc = "Renews all certificates that are close to expiring", @@ -577,15 +575,10 @@ import_dir(Path) -> %%% Acme %%% -get_certificate(Domains, UseNewAccount) -> +get_certificate(Domains) -> case ejabberd_acme:is_valid_domain_opt(Domains) of true -> - case ejabberd_acme:is_valid_account_opt(UseNewAccount) of - true -> - ejabberd_acme:get_certificates("http://localhost:4000", Domains, UseNewAccount); - false -> - io_lib:format("Invalid account option: ~p", [UseNewAccount]) - end; + ejabberd_acme:get_certificates("http://localhost:4000", Domains); false -> String = io_lib:format("Invalid domains: ~p", [Domains]) end.