Merge pull request #17 from xenolf/errorhandling

Replaced fatal with print; return errors from NewClient

README.md

@@ -103,7 +103,10 @@ myUser := MyUser{
 // configured for a local dev instance of Boulder running in Docker in a VM.
 // We specify an optPort of 5001 because we aren't running as root and can't
 // bind a listener to port 443 (used later when we attempt to pass challenge).
-client := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize, "5001")
+client, err := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize, "5001")
+if err != inl {
+  log.Fatal(err)
+}
 
 // New users will need to register; be sure to save it
 reg, err := client.Register()

acme/client.go

@@ -54,13 +54,19 @@ type Client struct {
 // NewClient creates a new client for the set user.
 // caURL - The root url to the boulder instance you want certificates from
 // usr - A filled in user struct
+// keyBits - Size of the key in bits
 // optPort - The alternative port to listen on for challenges.
-// devMode - If set to true, all CanSolve() checks are skipped.
+func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, error) {
-func NewClient(caURL string, usr User, keyBits int, optPort string) *Client {
+	privKey := usr.GetPrivateKey()
-	if err := usr.GetPrivateKey().Validate(); err != nil {
+	if privKey == nil {
-		logger().Fatalf("Could not validate the private account key of %s\n\t%v", usr.GetEmail(), err)
+		return nil, errors.New("private key was nil")
 	}
-	jws := &jws{privKey: usr.GetPrivateKey()}
+
+	if err := privKey.Validate(); err != nil {
+		return nil, fmt.Errorf("invalid private key: %v", err)
+	}
+
+	jws := &jws{privKey: privKey}
 
 	// REVIEW: best possibility?
 	// Add all available solvers with the right index as per ACME
@@ -68,23 +74,33 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) *Client {
 	solvers := make(map[string]solver)
 	solvers["simpleHttp"] = &simpleHTTPChallenge{jws: jws, optPort: optPort}
 
-	dirResp, err := http.Get(caURL + "/directory")
+	dirURL := caURL + "/directory"
+	dirResp, err := http.Get(dirURL)
 	if err != nil {
-		logger().Fatalf("Could not get directory from CA URL. Please check the URL.\n\t%v", err)
+		return nil, fmt.Errorf("get directory at '%s': %v", dirURL, err)
 	}
 	defer dirResp.Body.Close()
 
 	var dir directory
-	decoder := json.NewDecoder(dirResp.Body)
+	err = json.NewDecoder(dirResp.Body).Decode(&dir)
-	err = decoder.Decode(&dir)
 	if err != nil {
-		logger().Fatalf("Could not parse directory response from CA URL.\n\t%v", err)
+		return nil, fmt.Errorf("decode directory: %v", err)
-	}
-	if dir.NewRegURL == "" || dir.NewAuthzURL == "" || dir.NewCertURL == "" || dir.RevokeCertURL == "" {
-		logger().Fatal("The directory returned by the server was invalid.")
 	}
 
-	return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}
+	if dir.NewRegURL == "" {
+		return nil, errors.New("directory missing new registration URL")
+	}
+	if dir.NewAuthzURL == "" {
+		return nil, errors.New("directory missing new authz URL")
+	}
+	if dir.NewCertURL == "" {
+		return nil, errors.New("directory missing new certificate URL")
+	}
+	if dir.RevokeCertURL == "" {
+		return nil, errors.New("directory missing revoke certificate URL")
+	}
+
+	return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}, nil
 }
 
 // Register the current account to the ACME server.
@@ -359,7 +375,8 @@ func (c *Client) getChallenges(domains []string) []*authorizationResource {
 
 			links := parseLinks(resp.Header["Link"])
 			if links["next"] == "" {
-				logger().Fatalln("The server did not provide enough information to proceed.")
+				logger().Println("The server did not provide enough information to proceed.")
+				return
 			}
 
 			var authz authorization
@@ -506,7 +523,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
 
 			break
 		default:
-			logger().Fatalf("[%s] The server returned an unexpected status code %d.", authz.Domain, resp.StatusCode)
+			logger().Printf("[%s] The server returned an unexpected status code %d.", authz.Domain, resp.StatusCode)
 			return
 		}
 

acme/client_test.go

@@ -27,7 +27,10 @@ func TestNewClient(t *testing.T) {
 	}))
 
 	caURL, optPort := ts.URL, "1234"
-	client := NewClient(caURL, user, keyBits, optPort)
+	client, err := NewClient(caURL, user, keyBits, optPort)
+	if err != nil {
+		t.Fatalf("Could not create client: %v", err)
+	}
 
 	if client.jws == nil {
 		t.Fatalf("Expected client.jws to not be nil")

cli_handlers.go

@@ -32,7 +32,13 @@ func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
 
 	//TODO: move to account struct? Currently MUST pass email.
 	acc := NewAccount(c.GlobalString("email"), conf)
-	return conf, acc, acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort())
+
+	client, err := acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort())
+	if err != nil {
+		logger().Fatal("Could not create client:", err)
+	}
+
+	return conf, acc, client
 }
 
 func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {