mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-22 17:28:25 +01:00
Indent using Emacs
This commit is contained in:
parent
396bd5eb3d
commit
330456bcf0
@ -1,7 +1,7 @@
|
||||
-module(acme_challenge).
|
||||
|
||||
-export ([ key_authorization/2
|
||||
, solve_challenge/3
|
||||
-export ([ key_authorization/2,
|
||||
solve_challenge/3
|
||||
]).
|
||||
%% Challenge Types
|
||||
%% ================
|
||||
@ -19,7 +19,7 @@
|
||||
-spec key_authorization(string(), jose_jwk:key()) -> bitstring().
|
||||
key_authorization(Token, Key) ->
|
||||
Thumbprint = jose_jwk:thumbprint(Key),
|
||||
% ?INFO_MSG("Thumbprint: ~p~n", [Thumbprint]),
|
||||
%% ?INFO_MSG("Thumbprint: ~p~n", [Thumbprint]),
|
||||
KeyAuthorization = erlang:iolist_to_binary([Token, <<".">>, Thumbprint]),
|
||||
KeyAuthorization.
|
||||
|
||||
@ -31,7 +31,8 @@ parse_challenge(Challenge0) ->
|
||||
{<<"status">>,Status} = proplists:lookup(<<"status">>, Challenge),
|
||||
{<<"uri">>,Uri} = proplists:lookup(<<"uri">>, Challenge),
|
||||
{<<"token">>,Token} = proplists:lookup(<<"token">>, Challenge),
|
||||
Res = #challenge{
|
||||
Res =
|
||||
#challenge{
|
||||
type = Type,
|
||||
status = list_to_atom(bitstring_to_list(Status)),
|
||||
uri = bitstring_to_list(Uri),
|
||||
|
@ -1,21 +1,17 @@
|
||||
-module (ejabberd_acme).
|
||||
|
||||
-export([ directory/1
|
||||
|
||||
, get_account/3
|
||||
, new_account/4
|
||||
, update_account/4
|
||||
, delete_account/3
|
||||
% , key_roll_over/5
|
||||
|
||||
, new_authz/4
|
||||
, get_authz/1
|
||||
, complete_challenge/4
|
||||
|
||||
, new_cert/4
|
||||
|
||||
, scenario/3
|
||||
, scenario0/2
|
||||
-export([directory/1,
|
||||
get_account/3,
|
||||
new_account/4,
|
||||
update_account/4,
|
||||
delete_account/3,
|
||||
new_authz/4,
|
||||
get_authz/1,
|
||||
complete_challenge/4,
|
||||
new_cert/4,
|
||||
scenario/3,
|
||||
scenario0/2
|
||||
%% , key_roll_over/5
|
||||
]).
|
||||
|
||||
-include("ejabberd.hrl").
|
||||
@ -36,8 +32,7 @@
|
||||
%%
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
|
||||
-spec directory(url()) ->
|
||||
{ok, map(), nonce()} | {error, _}.
|
||||
-spec directory(url()) -> {ok, map(), nonce()} | {error, _}.
|
||||
directory(Url) ->
|
||||
prepare_get_request(Url, fun get_dirs/1).
|
||||
|
||||
@ -71,10 +66,9 @@ get_account(Url, PrivateKey, Nonce) ->
|
||||
-spec delete_account(url(), jose_jwk:key(), nonce()) ->
|
||||
{ok, proplist(), nonce()} | {error, _}.
|
||||
delete_account(Url, PrivateKey, Nonce) ->
|
||||
EJson = {
|
||||
[ {<<"resource">>, <<"reg">>}
|
||||
, {<<"status">>, <<"deactivated">>}
|
||||
]},
|
||||
EJson =
|
||||
{[{<<"resource">>, <<"reg">>},
|
||||
{<<"status">>, <<"deactivated">>}]},
|
||||
prepare_post_request(Url, PrivateKey, EJson, Nonce, fun get_response/1).
|
||||
|
||||
|
||||
@ -90,8 +84,7 @@ new_authz(Url, PrivateKey, Req, Nonce) ->
|
||||
EJson = {[{<<"resource">>, <<"new-authz">>}] ++ Req},
|
||||
prepare_post_request(Url, PrivateKey, EJson, Nonce, fun get_response_location/1).
|
||||
|
||||
-spec get_authz(url()) ->
|
||||
{ok, proplist(), nonce()} | {error, _}.
|
||||
-spec get_authz(url()) -> {ok, proplist(), nonce()} | {error, _}.
|
||||
get_authz(Url) ->
|
||||
prepare_get_request(Url, fun get_response/1).
|
||||
|
||||
@ -310,8 +303,7 @@ attribute_oid(_) -> error(bad_attributes).
|
||||
%%
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
|
||||
-spec get_authz_until_valid(url()) ->
|
||||
{ok, proplist(), nonce()} | {error, _}.
|
||||
-spec get_authz_until_valid(url()) -> {ok, proplist(), nonce()} | {error, _}.
|
||||
get_authz_until_valid(Url) ->
|
||||
get_authz_until_valid(Url, ?MAX_POLL_REQUESTS).
|
||||
|
||||
@ -428,9 +420,9 @@ sign_json_jose(Key, Json, Nonce) ->
|
||||
%% TODO: Ensure this works for all cases
|
||||
AlgMap = jose_jwk:signer(Key),
|
||||
JwsMap =
|
||||
#{ <<"jwk">> => PubKeyJson
|
||||
% , <<"b64">> => true
|
||||
, <<"nonce">> => list_to_bitstring(Nonce)
|
||||
#{ <<"jwk">> => PubKeyJson,
|
||||
%% <<"b64">> => true,
|
||||
<<"nonce">> => list_to_bitstring(Nonce)
|
||||
},
|
||||
JwsObj0 = maps:merge(JwsMap, AlgMap),
|
||||
JwsObj = jose_jws:from(JwsObj0),
|
||||
@ -469,7 +461,8 @@ get_location(Head) ->
|
||||
get_tos(Head) ->
|
||||
try
|
||||
[{_, Link}] = [{K, V} || {K, V} <- Head,
|
||||
K =:= "link" andalso lists:suffix("\"terms-of-service\"", V)],
|
||||
K =:= "link" andalso
|
||||
lists:suffix("\"terms-of-service\"", V)],
|
||||
[Link1, _] = string:tokens(Link, ";"),
|
||||
Link2 = string:strip(Link1, left, $<),
|
||||
string:strip(Link2, right, $>)
|
||||
@ -549,11 +542,10 @@ scenario(CAUrl, AccId, PrivateKey) ->
|
||||
|
||||
#{"new-authz" := NewAuthz} = Dirs,
|
||||
Req =
|
||||
[ { <<"identifier">>, {
|
||||
[ {<<"type">>, <<"dns">>}
|
||||
, {<<"value">>, <<"my-acme-test-ejabberd.com">>}
|
||||
] }}
|
||||
, {<<"existing">>, <<"accept">>}
|
||||
[{<<"identifier">>,
|
||||
{[{<<"type">>, <<"dns">>},
|
||||
{<<"value">>, <<"my-acme-test-ejabberd.com">>}]}},
|
||||
{<<"existing">>, <<"accept">>}
|
||||
],
|
||||
{ok, Authz, Nonce2} = new_authz(NewAuthz, PrivateKey, Req, Nonce1),
|
||||
|
||||
@ -565,7 +557,7 @@ new_user_scenario(CAUrl, HttpDir) ->
|
||||
|
||||
DirURL = CAUrl ++ "/directory",
|
||||
{ok, Dirs, Nonce0} = directory(DirURL),
|
||||
% ?INFO_MSG("Directories: ~p", [Dirs]),
|
||||
%% ?INFO_MSG("Directories: ~p", [Dirs]),
|
||||
|
||||
#{"new-reg" := NewAccURL} = Dirs,
|
||||
Req0 = [{ <<"contact">>, [<<"mailto:cert-example-admin@example2.com">>]}],
|
||||
@ -574,41 +566,40 @@ new_user_scenario(CAUrl, HttpDir) ->
|
||||
{_, AccId} = proplists:lookup(<<"id">>, Account),
|
||||
AccURL = CAUrl ++ "/acme/reg/" ++ integer_to_list(AccId),
|
||||
{ok, {_TOS, Account1}, Nonce2} = get_account(AccURL, PrivateKey, Nonce1),
|
||||
% ?INFO_MSG("Old account: ~p~n", [Account1]),
|
||||
%% ?INFO_MSG("Old account: ~p~n", [Account1]),
|
||||
|
||||
Req1 = [{ <<"agreement">>, list_to_bitstring(TOS)}],
|
||||
{ok, Account2, Nonce3} = update_account(AccURL, PrivateKey, Req1, Nonce2),
|
||||
|
||||
% %% Delete account
|
||||
% {ok, Account3, Nonce4} = delete_account(AccURL, PrivateKey, Nonce3),
|
||||
% {ok, {_TOS, Account4}, Nonce5} = get_account(AccURL, PrivateKey, Nonce4),
|
||||
% ?INFO_MSG("New account: ~p~n", [Account4]),
|
||||
%% Delete account
|
||||
%% {ok, Account3, Nonce4} = delete_account(AccURL, PrivateKey, Nonce3),
|
||||
%% {ok, {_TOS, Account4}, Nonce5} = get_account(AccURL, PrivateKey, Nonce4),
|
||||
%% ?INFO_MSG("New account: ~p~n", [Account4]),
|
||||
|
||||
% NewKey = generate_key(),
|
||||
% KeyChangeUrl = CAUrl ++ "/acme/key-change/",
|
||||
% {ok, Account3, Nonce4} = key_roll_over(KeyChangeUrl, AccURL, PrivateKey, NewKey, Nonce3),
|
||||
% ?INFO_MSG("Changed key: ~p~n", [Account3]),
|
||||
%% NewKey = generate_key(),
|
||||
%% KeyChangeUrl = CAUrl ++ "/acme/key-change/",
|
||||
%% {ok, Account3, Nonce4} = key_roll_over(KeyChangeUrl, AccURL, PrivateKey, NewKey, Nonce3),
|
||||
%% ?INFO_MSG("Changed key: ~p~n", [Account3]),
|
||||
|
||||
% {ok, {_TOS, Account4}, Nonce5} = get_account(AccURL, NewKey, Nonce4),
|
||||
% ?INFO_MSG("New account:~p~n", [Account4]),
|
||||
% {Account4, PrivateKey}.
|
||||
%% {ok, {_TOS, Account4}, Nonce5} = get_account(AccURL, NewKey, Nonce4),
|
||||
%% ?INFO_MSG("New account:~p~n", [Account4]),
|
||||
%% {Account4, PrivateKey}.
|
||||
|
||||
AccIdBin = list_to_bitstring(integer_to_list(AccId)),
|
||||
#{"new-authz" := NewAuthz} = Dirs,
|
||||
DomainName = << <<"my-acme-test-ejabberd">>/binary, AccIdBin/binary, <<".com">>/binary >>,
|
||||
Req2 =
|
||||
[ { <<"identifier">>, {
|
||||
[ {<<"type">>, <<"dns">>}
|
||||
, {<<"value">>, DomainName}
|
||||
] }}
|
||||
, {<<"existing">>, <<"accept">>}
|
||||
[{<<"identifier">>,
|
||||
{[{<<"type">>, <<"dns">>},
|
||||
{<<"value">>, DomainName}]}},
|
||||
{<<"existing">>, <<"accept">>}
|
||||
],
|
||||
{ok, {AuthzUrl, Authz}, Nonce4} = new_authz(NewAuthz, PrivateKey, Req2, Nonce3),
|
||||
|
||||
{ok, Authz2, Nonce5} = get_authz(AuthzUrl),
|
||||
|
||||
Challenges = get_challenges(Authz2),
|
||||
% ?INFO_MSG("Challenges: ~p~n", [Challenges]),
|
||||
%% ?INFO_MSG("Challenges: ~p~n", [Challenges]),
|
||||
|
||||
{ok, ChallengeUrl, KeyAuthz} =
|
||||
acme_challenge:solve_challenge(<<"http-01">>, Challenges, {PrivateKey, HttpDir}),
|
||||
@ -619,22 +610,22 @@ new_user_scenario(CAUrl, HttpDir) ->
|
||||
, {<<"keyAuthorization">>, KeyAuthz}
|
||||
],
|
||||
{ok, SolvedChallenge, Nonce6} = complete_challenge(ChallengeUrl, PrivateKey, Req3, Nonce5),
|
||||
% ?INFO_MSG("SolvedChallenge: ~p~n", [SolvedChallenge]),
|
||||
%% ?INFO_MSG("SolvedChallenge: ~p~n", [SolvedChallenge]),
|
||||
|
||||
% timer:sleep(2000),
|
||||
%% timer:sleep(2000),
|
||||
{ok, Authz3, Nonce7} = get_authz_until_valid(AuthzUrl),
|
||||
|
||||
#{"new-cert" := NewCert} = Dirs,
|
||||
CSRSubject = [ {commonName, bitstring_to_list(DomainName)}
|
||||
, {organizationName, "Example Corp"}],
|
||||
CSRSubject = [{commonName, bitstring_to_list(DomainName)},
|
||||
{organizationName, "Example Corp"}],
|
||||
CSR = make_csr(CSRSubject),
|
||||
{MegS, Sec, MicS} = erlang:timestamp(),
|
||||
NotBefore = xmpp_util:encode_timestamp({MegS-1, Sec, MicS}),
|
||||
NotAfter = xmpp_util:encode_timestamp({MegS+1, Sec, MicS}),
|
||||
Req4 =
|
||||
[ {<<"csr">>, CSR}
|
||||
, {<<"notBefore">>, NotBefore}
|
||||
, {<<"NotAfter">>, NotAfter}
|
||||
[{<<"csr">>, CSR},
|
||||
{<<"notBefore">>, NotBefore},
|
||||
{<<"NotAfter">>, NotAfter}
|
||||
],
|
||||
{ok, Certificate, Nonce8} = new_cert(NewCert, PrivateKey, Req4, Nonce7),
|
||||
|
||||
@ -645,8 +636,8 @@ generate_key() ->
|
||||
jose_jwk:generate_key({ec, secp256r1}).
|
||||
|
||||
scenario3() ->
|
||||
CSRSubject = [ {commonName, "my-acme-test-ejabberd.com"}
|
||||
, {organizationName, "Example Corp"}],
|
||||
CSRSubject = [{commonName, "my-acme-test-ejabberd.com"},
|
||||
{organizationName, "Example Corp"}],
|
||||
CSR = make_csr(CSRSubject).
|
||||
|
||||
|
||||
@ -654,7 +645,7 @@ scenario3() ->
|
||||
%% Just a test
|
||||
scenario0(KeyFile, HttpDir) ->
|
||||
PrivateKey = jose_jwk:from_file(KeyFile),
|
||||
% scenario("http://localhost:4000", "2", PrivateKey).
|
||||
%% scenario("http://localhost:4000", "2", PrivateKey).
|
||||
new_user_scenario("http://localhost:4000", HttpDir).
|
||||
% scenario3().
|
||||
%% scenario3().
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user