wfe

package
v0.0.0-...-3ed7988 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 14, 2016 License: MPL-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DirectoryPath  = "/directory"
	NewRegPath     = "/acme/new-reg"
	RegPath        = "/acme/reg/"
	NewAuthzPath   = "/acme/new-authz"
	AuthzPath      = "/acme/authz/"
	ChallengePath  = "/acme/challenge/"
	NewCertPath    = "/acme/new-cert"
	CertPath       = "/acme/cert/"
	RevokeCertPath = "/acme/revoke-cert"
	TermsPath      = "/terms"
	IssuerPath     = "/acme/issuer-cert"
	BuildIDPath    = "/build"
)

Paths are the ACME-spec identified URL path-segments for various methods

Variables

This section is empty.

Functions

This section is empty.

Types

type WebFrontEndImpl

type WebFrontEndImpl struct {
	RA core.RegistrationAuthority
	SA core.StorageGetter

	// URL configuration parameters
	BaseURL       string
	NewReg        string
	RegBase       string
	NewAuthz      string
	AuthzBase     string
	ChallengeBase string
	NewCert       string
	CertBase      string

	// JSON encoded endpoint directory
	DirectoryJSON []byte

	// Issuer certificate (DER) for /acme/issuer-cert
	IssuerCert []byte

	// URL to the current subscriber agreement (should contain some version identifier)
	SubscriberAgreementURL string

	// Cache settings
	CertCacheDuration           time.Duration
	CertNoCacheExpirationWindow time.Duration
	IndexCacheDuration          time.Duration
	IssuerCacheDuration         time.Duration

	// CORS settings
	AllowOrigins []string

	// Graceful shutdown settings
	ShutdownStopTimeout time.Duration
	ShutdownKillTimeout time.Duration
	// contains filtered or unexported fields
}

WebFrontEndImpl provides all the logic for Boulder's web-facing interface, i.e., ACME. Its members configure the paths for various ACME functions, plus a few other data items used in ACME. Its methods are primarily handlers for HTTPS requests for the various ACME functions.

func NewWebFrontEndImpl

func NewWebFrontEndImpl(stats statsd.Statter, clk clock.Clock, keyPolicy core.KeyPolicy) (WebFrontEndImpl, error)

NewWebFrontEndImpl constructs a web service for Boulder

func (*WebFrontEndImpl) Authorization

func (wfe *WebFrontEndImpl) Authorization(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Authorization is used by clients to submit an update to one of their authorizations.

func (*WebFrontEndImpl) BuildID

func (wfe *WebFrontEndImpl) BuildID(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

BuildID tells the requestor what build we're running.

func (*WebFrontEndImpl) Certificate

func (wfe *WebFrontEndImpl) Certificate(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Certificate is used by clients to request a copy of their current certificate, or to request a reissuance of the certificate.

func (*WebFrontEndImpl) Challenge

func (wfe *WebFrontEndImpl) Challenge(
	logEvent *requestEvent,
	response http.ResponseWriter,
	request *http.Request)

Challenge handles POST requests to challenge URLs. Such requests are clients' responses to the server's challenges.

func (*WebFrontEndImpl) Directory

func (wfe *WebFrontEndImpl) Directory(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Directory is an HTTP request handler that simply provides the directory object stored in the WFE's DirectoryJSON member.

func (*WebFrontEndImpl) HandleFunc

func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h wfeHandlerFunc, methods ...string)

HandleFunc registers a handler at the given path. It's http.HandleFunc(), but with a wrapper around the handler that provides some generic per-request functionality:

* Set a Replay-Nonce header.

* Respond to OPTIONS requests, including CORS preflight requests.

* Respond http.StatusMethodNotAllowed for HTTP methods other than those listed.

* Set CORS headers when responding to CORS "actual" requests.

* Never send a body in response to a HEAD request. Anything written by the handler will be discarded if the method is HEAD. Also, all handlers that accept GET automatically accept HEAD.

func (*WebFrontEndImpl) Handler

func (wfe *WebFrontEndImpl) Handler() (http.Handler, error)

Handler returns an http.Handler that uses various functions for various ACME-specified paths.

func (*WebFrontEndImpl) Index

func (wfe *WebFrontEndImpl) Index(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Index serves a simple identification page. It is not part of the ACME spec.

func (*WebFrontEndImpl) Issuer

func (wfe *WebFrontEndImpl) Issuer(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Issuer obtains the issuer certificate used by this instance of Boulder.

func (*WebFrontEndImpl) NewAuthorization

func (wfe *WebFrontEndImpl) NewAuthorization(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

NewAuthorization is used by clients to submit a new ID Authorization

func (*WebFrontEndImpl) NewCertificate

func (wfe *WebFrontEndImpl) NewCertificate(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

NewCertificate is used by clients to request the issuance of a cert for an authorized identifier.

func (*WebFrontEndImpl) NewRegistration

func (wfe *WebFrontEndImpl) NewRegistration(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

NewRegistration is used by clients to submit a new registration/account

func (*WebFrontEndImpl) Options

func (wfe *WebFrontEndImpl) Options(response http.ResponseWriter, request *http.Request, methodsStr string, methodsMap map[string]bool)

Options responds to an HTTP OPTIONS request.

func (*WebFrontEndImpl) Registration

func (wfe *WebFrontEndImpl) Registration(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Registration is used by a client to submit an update to their registration.

func (*WebFrontEndImpl) RevokeCertificate

func (wfe *WebFrontEndImpl) RevokeCertificate(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

RevokeCertificate is used by clients to request the revocation of a cert.

func (*WebFrontEndImpl) Terms

func (wfe *WebFrontEndImpl) Terms(logEvent *requestEvent, response http.ResponseWriter, request *http.Request)

Terms is used by the client to obtain the current Terms of Service / Subscriber Agreement to which the subscriber must agree.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL