Replaced fatal with print; return errors from NewClient
This commit is contained in:
parent
65b62b5670
commit
56d50cebd8
3 changed files with 41 additions and 18 deletions
|
@ -103,7 +103,10 @@ myUser := MyUser{
|
||||||
// configured for a local dev instance of Boulder running in Docker in a VM.
|
// configured for a local dev instance of Boulder running in Docker in a VM.
|
||||||
// We specify an optPort of 5001 because we aren't running as root and can't
|
// We specify an optPort of 5001 because we aren't running as root and can't
|
||||||
// bind a listener to port 443 (used later when we attempt to pass challenge).
|
// bind a listener to port 443 (used later when we attempt to pass challenge).
|
||||||
client := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize, "5001")
|
client, err := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize, "5001")
|
||||||
|
if err != inl {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
// New users will need to register; be sure to save it
|
// New users will need to register; be sure to save it
|
||||||
reg, err := client.Register()
|
reg, err := client.Register()
|
||||||
|
|
|
@ -54,13 +54,19 @@ type Client struct {
|
||||||
// NewClient creates a new client for the set user.
|
// NewClient creates a new client for the set user.
|
||||||
// caURL - The root url to the boulder instance you want certificates from
|
// caURL - The root url to the boulder instance you want certificates from
|
||||||
// usr - A filled in user struct
|
// usr - A filled in user struct
|
||||||
|
// keyBits - Size of the key in bits
|
||||||
// optPort - The alternative port to listen on for challenges.
|
// optPort - The alternative port to listen on for challenges.
|
||||||
// devMode - If set to true, all CanSolve() checks are skipped.
|
func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, error) {
|
||||||
func NewClient(caURL string, usr User, keyBits int, optPort string) *Client {
|
privKey := usr.GetPrivateKey()
|
||||||
if err := usr.GetPrivateKey().Validate(); err != nil {
|
if privKey == nil {
|
||||||
logger().Fatalf("Could not validate the private account key of %s\n\t%v", usr.GetEmail(), err)
|
return nil, errors.New("private key was nil")
|
||||||
}
|
}
|
||||||
jws := &jws{privKey: usr.GetPrivateKey()}
|
|
||||||
|
if err := privKey.Validate(); err != nil {
|
||||||
|
return nil, fmt.Errorf("invalid private key: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
jws := &jws{privKey: privKey}
|
||||||
|
|
||||||
// REVIEW: best possibility?
|
// REVIEW: best possibility?
|
||||||
// Add all available solvers with the right index as per ACME
|
// Add all available solvers with the right index as per ACME
|
||||||
|
@ -68,23 +74,33 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) *Client {
|
||||||
solvers := make(map[string]solver)
|
solvers := make(map[string]solver)
|
||||||
solvers["simpleHttp"] = &simpleHTTPChallenge{jws: jws, optPort: optPort}
|
solvers["simpleHttp"] = &simpleHTTPChallenge{jws: jws, optPort: optPort}
|
||||||
|
|
||||||
dirResp, err := http.Get(caURL + "/directory")
|
dirURL := caURL + "/directory"
|
||||||
|
dirResp, err := http.Get(dirURL)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not get directory from CA URL. Please check the URL.\n\t%v", err)
|
return nil, fmt.Errorf("get directory at '%s': %v", dirURL, err)
|
||||||
}
|
}
|
||||||
defer dirResp.Body.Close()
|
defer dirResp.Body.Close()
|
||||||
|
|
||||||
var dir directory
|
var dir directory
|
||||||
decoder := json.NewDecoder(dirResp.Body)
|
err = json.NewDecoder(dirResp.Body).Decode(&dir)
|
||||||
err = decoder.Decode(&dir)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not parse directory response from CA URL.\n\t%v", err)
|
return nil, fmt.Errorf("decode directory: %v", err)
|
||||||
}
|
|
||||||
if dir.NewRegURL == "" || dir.NewAuthzURL == "" || dir.NewCertURL == "" || dir.RevokeCertURL == "" {
|
|
||||||
logger().Fatal("The directory returned by the server was invalid.")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}
|
if dir.NewRegURL == "" {
|
||||||
|
return nil, errors.New("directory missing new registration URL")
|
||||||
|
}
|
||||||
|
if dir.NewAuthzURL == "" {
|
||||||
|
return nil, errors.New("directory missing new authz URL")
|
||||||
|
}
|
||||||
|
if dir.NewCertURL == "" {
|
||||||
|
return nil, errors.New("directory missing new certificate URL")
|
||||||
|
}
|
||||||
|
if dir.RevokeCertURL == "" {
|
||||||
|
return nil, errors.New("directory missing revoke certificate URL")
|
||||||
|
}
|
||||||
|
|
||||||
|
return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Register the current account to the ACME server.
|
// Register the current account to the ACME server.
|
||||||
|
@ -359,7 +375,8 @@ func (c *Client) getChallenges(domains []string) []*authorizationResource {
|
||||||
|
|
||||||
links := parseLinks(resp.Header["Link"])
|
links := parseLinks(resp.Header["Link"])
|
||||||
if links["next"] == "" {
|
if links["next"] == "" {
|
||||||
logger().Fatalln("The server did not provide enough information to proceed.")
|
logger().Println("The server did not provide enough information to proceed.")
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var authz authorization
|
var authz authorization
|
||||||
|
@ -506,7 +523,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
||||||
|
|
||||||
break
|
break
|
||||||
default:
|
default:
|
||||||
logger().Fatalf("[%s] The server returned an unexpected status code %d.", authz.Domain, resp.StatusCode)
|
logger().Printf("[%s] The server returned an unexpected status code %d.", authz.Domain, resp.StatusCode)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,10 @@ func TestNewClient(t *testing.T) {
|
||||||
}))
|
}))
|
||||||
|
|
||||||
caURL, optPort := ts.URL, "1234"
|
caURL, optPort := ts.URL, "1234"
|
||||||
client := NewClient(caURL, user, keyBits, optPort)
|
client, err := NewClient(caURL, user, keyBits, optPort)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Could not create client: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
if client.jws == nil {
|
if client.jws == nil {
|
||||||
t.Fatalf("Expected client.jws to not be nil")
|
t.Fatalf("Expected client.jws to not be nil")
|
||||||
|
|
Loading…
Reference in a new issue