wfe2

package
v0.0.0-...-1dfffa3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 2, 2018 License: MPL-2.0 Imports: 37 Imported by: 0

README

WFE v2

The wfe2 package is copied from the wfe package in order to implement the "ACME v2" API. This design choice was made to facilitate a clean separation between v1 and v2 code and to support running a separate API process on a different port alongside the v1 API process.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type WebFrontEndImpl

type WebFrontEndImpl struct {
	RA core.RegistrationAuthority
	SA core.StorageGetter

	// URL configuration parameters
	BaseURL string

	// Issuer certificate (DER) for /acme/issuer-cert
	IssuerCert []byte

	// URL to the current subscriber agreement (should contain some version identifier)
	SubscriberAgreementURL string

	// CORS settings
	AllowOrigins []string

	// Maximum duration of a request
	RequestTimeout time.Duration

	AcceptRevocationReason bool
	AllowAuthzDeactivation bool
	// contains filtered or unexported fields
}

WebFrontEndImpl provides all the logic for Boulder's web-facing interface, i.e., ACME. Its members configure the paths for various ACME functions, plus a few other data items used in ACME. Its methods are primarily handlers for HTTPS requests for the various ACME functions.

func NewWebFrontEndImpl

func NewWebFrontEndImpl(
	scope metrics.Scope,
	clk clock.Clock,
	keyPolicy goodkey.KeyPolicy,
	certificateChains map[string][]byte,
	logger blog.Logger,
) (WebFrontEndImpl, error)

NewWebFrontEndImpl constructs a web service for Boulder

func (*WebFrontEndImpl) Account

func (wfe *WebFrontEndImpl) Account(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

Account is used by a client to submit an update to their account.

func (*WebFrontEndImpl) Authorization

func (wfe *WebFrontEndImpl) Authorization(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Authorization is used by clients to submit an update to one of their authorizations.

func (*WebFrontEndImpl) BuildID

func (wfe *WebFrontEndImpl) BuildID(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

BuildID tells the requestor what build we're running.

func (*WebFrontEndImpl) Certificate

func (wfe *WebFrontEndImpl) Certificate(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Certificate is used by clients to request a copy of their current certificate, or to request a reissuance of the certificate.

func (*WebFrontEndImpl) Challenge

func (wfe *WebFrontEndImpl) Challenge(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

Challenge handles POST requests to challenge URLs. Such requests are clients' responses to the server's challenges.

func (*WebFrontEndImpl) Directory

func (wfe *WebFrontEndImpl) Directory(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

Directory is an HTTP request handler that provides the directory object stored in the WFE's DirectoryEndpoints member with paths prefixed using the `request.Host` of the HTTP request.

func (*WebFrontEndImpl) HandleFunc

func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h web.WFEHandlerFunc, methods ...string)

HandleFunc registers a handler at the given path. It's http.HandleFunc(), but with a wrapper around the handler that provides some generic per-request functionality:

* Set a Replay-Nonce header.

* Respond to OPTIONS requests, including CORS preflight requests.

* Set a no cache header

* Respond http.StatusMethodNotAllowed for HTTP methods other than those listed.

* Set CORS headers when responding to CORS "actual" requests.

* Never send a body in response to a HEAD request. Anything written by the handler will be discarded if the method is HEAD. Also, all handlers that accept GET automatically accept HEAD.

func (*WebFrontEndImpl) Handler

func (wfe *WebFrontEndImpl) Handler() http.Handler

Handler returns an http.Handler that uses various functions for various ACME-specified paths.

func (*WebFrontEndImpl) Index

func (wfe *WebFrontEndImpl) Index(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Index serves a simple identification page. It is not part of the ACME spec.

func (*WebFrontEndImpl) Issuer

func (wfe *WebFrontEndImpl) Issuer(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Issuer obtains the issuer certificate used by this instance of Boulder.

func (*WebFrontEndImpl) KeyRollover

func (wfe *WebFrontEndImpl) KeyRollover(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

KeyRollover allows a user to change their signing key

func (*WebFrontEndImpl) NewAccount

func (wfe *WebFrontEndImpl) NewAccount(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

NewAccount is used by clients to submit a new account

func (*WebFrontEndImpl) NewOrder

func (wfe *WebFrontEndImpl) NewOrder(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

NewOrder is used by clients to create a new order object from a CSR

func (*WebFrontEndImpl) Nonce

func (wfe *WebFrontEndImpl) Nonce(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

Nonce is an endpoint for getting a fresh nonce with an HTTP GET or HEAD request. This endpoint only returns a no content header - the `HandleFunc` wrapper ensures that a nonce is written in the correct response header.

func (*WebFrontEndImpl) Options

func (wfe *WebFrontEndImpl) Options(response http.ResponseWriter, request *http.Request, methodsStr string, methodsMap map[string]bool)

Options responds to an HTTP OPTIONS request.

func (*WebFrontEndImpl) Order

func (wfe *WebFrontEndImpl) Order(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Order is used to retrieve a existing order object

func (*WebFrontEndImpl) RevokeCertificate

func (wfe *WebFrontEndImpl) RevokeCertificate(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

RevokeCertificate is used by clients to request the revocation of a cert. The revocation request is handled uniquely based on the method of authentication used.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL