Skip to content

Commit

Permalink
No reason we cant deprecate the old constructor and use the new one
Browse files Browse the repository at this point in the history
  • Loading branch information
zendern committed Jul 19, 2021

Unverified

This commit is not signed, but one or more authors requires that any commit attributed to them is signed.
1 parent ed03562 commit dc952a7
Showing 3 changed files with 17 additions and 6 deletions.
13 changes: 11 additions & 2 deletions acme/src/main/java/io/micronaut/acme/events/CertificateEvent.java
Original file line number Diff line number Diff line change
@@ -27,19 +27,28 @@ public class CertificateEvent {
private boolean validationCert;

/**
* @deprecated See constructor that takes full certificate chain instead.
*
* Creates a new CertificateEvent.
* @param certificate X509 certificate file
* @param domainKeyPair key pair used to encrypt the certificate
* @param validationCert if this certificate is to be used for tls-apln-01 account validation
*/
@Deprecated
public CertificateEvent(X509Certificate certificate, KeyPair domainKeyPair, boolean validationCert) {
this.domainKeyPair = domainKeyPair;
this.validationCert = validationCert;
this.fullCertificateChain = new X509Certificate[]{certificate};
}

public CertificateEvent(KeyPair domainKeyPair, X509Certificate... fullCertificateChain) {
this.validationCert = false;
/**
* Creates a new CertificateEvent containing the full certificate chain
* @param domainKeyPair key pair used to encrypt the certificate
* @param validationCert if this certificate is to be used for tls-apln-01 account validation
* @param fullCertificateChain X509 certificate file
*/
public CertificateEvent(KeyPair domainKeyPair, boolean validationCert, X509Certificate... fullCertificateChain) {
this.validationCert = validationCert;
this.domainKeyPair = domainKeyPair;
this.fullCertificateChain = fullCertificateChain;
}
Original file line number Diff line number Diff line change
@@ -285,7 +285,7 @@ public void run() {
try (BufferedWriter writer = Files.newBufferedWriter(domainCsr.toPath(), WRITE, CREATE, TRUNCATE_EXISTING)) {
certificate.writeCertificate(writer);
}
eventPublisher.publishEvent(new CertificateEvent(domainKeyPair, getFullCertificateChain()));
eventPublisher.publishEvent(new CertificateEvent(domainKeyPair, false, getFullCertificateChain()));
if (LOG.isInfoEnabled()) {
LOG.info("ACME certificate order success! Certificate URL: {}", certificate.getLocation());
}
@@ -448,7 +448,7 @@ private void doChallengeSpecificSetup(Authorization auth, Challenge challenge) t
}
KeyPair domainKeyPair = getDomainKeyPair();
X509Certificate tlsAlpn01Certificate = CertificateUtils.createTlsAlpn01Certificate(domainKeyPair, auth.getIdentifier(), ((TlsAlpn01Challenge) challenge).getAcmeValidation());
eventPublisher.publishEvent(new CertificateEvent(tlsAlpn01Certificate, domainKeyPair, true));
eventPublisher.publishEvent(new CertificateEvent(domainKeyPair, true, tlsAlpn01Certificate));
} else if (challenge instanceof Http01Challenge) {
Http01Challenge http01Challenge = (Http01Challenge) challenge;
eventPublisher.publishEvent(new HttpChallengeDetails(http01Challenge.getToken(), http01Challenge.getAuthorization()));
@@ -468,7 +468,7 @@ private void doChallengeSpecificSetup(Authorization auth, Challenge challenge) t
* Setup the certificate that has been saved to disk and configures it for use.
*/
public void setupCurrentCertificate() {
eventPublisher.publishEvent(new CertificateEvent(getDomainKeyPair(), getFullCertificateChain()));
eventPublisher.publishEvent(new CertificateEvent(getDomainKeyPair(), false, getFullCertificateChain()));
}

/**
Original file line number Diff line number Diff line change
@@ -108,12 +108,14 @@ ${DOMAIN_CERT}
X509Certificate domainCert = cf.generateCertificate(new ByteArrayInputStream(FULL_CHAIN_CERT.bytes))
Collection<X509Certificate> certs = cf.generateCertificates(new ByteArrayInputStream(FULL_CHAIN_CERT.bytes))
KeyPair keyPair = KeyPairUtils.createKeyPair(2048)
def expectedValidationCert = new Random().nextBoolean()

when :
CertificateEvent event = new CertificateEvent(keyPair, certs as X509Certificate[])
CertificateEvent event = new CertificateEvent(keyPair, expectedValidationCert, certs as X509Certificate[])

then:
event.getCert() == domainCert
event.isValidationCert() == expectedValidationCert
event.getFullCertificateChain().length == 2
event.getFullCertificateChain() == certs.toArray()
}

0 comments on commit dc952a7

Please sign in to comment.