Ejemplo n.º 1
0
        /// <summary>
        /// Validates the http challenge
        /// </summary>
        /// <param name="challenge"><see cref="IChallenge"/></param>
        private void ValidateHttpChallenge(IChallenge challenge)
        {
            var authz   = AuthorizationRepository.GetById(challenge.AuthorizationId) ?? throw new MalformedException("Cannot get Authorization by Id");
            var url     = $"http://{authz.Identifier.Value}/.well-known/acme-challenge/{challenge.Token}";
            var request = (HttpWebRequest)WebRequest.Create(url);

#if !DEBUG
            var response = (HttpWebResponse)request.GetResponse();
            if (response.StatusCode == HttpStatusCode.OK)
            {
                var stream = response.GetResponseStream();
                var reader = new StreamReader(stream);
                var text   = reader.ReadToEnd();

                //Accounts.GetById(challenge.Authorization.AccountId
                var account      = AccountService.GetById(authz.AccountId);
                var thumbprint   = Base64Url.Encode(account.Key.GetThumbprint());
                var controlValue = $"{challenge.Token}.{thumbprint}";

                if (!controlValue.Equals(text))
                {
                    var errMessage = "The key authorization file from the server did not match this challenge.";
                    throw new UnauthorizedException(errMessage);
                }
            }
            else
            {
                throw new Exception("Respons status is not 200(OK)");
            }
#else
            Logger.Warn("HTTP challenge validation is disabled fo DEBUG mode");
#endif
        }
        public void GetById_Null()
        {
            // Init
            var repo = new AuthorizationRepository();

            // Create authz
            var authz = repo.Create();

            authz.Identifier.Type  = "dns";
            authz.Identifier.Value = "some.test.com";
            authz.Status           = AuthorizationStatus.Pending;
            repo.Add(authz);

            // Get authz by Id
            var authz2 = repo.GetById(9); // wrong id

            Assert.Null(authz2);
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Assign values from <see cref="IOrder"/> to JSON <see cref="Order"/>.
        /// For expended objects need add assign values
        /// </summary>
        /// <param name="order">JSON <see cref="Order"/></param>
        /// <param name="data"><see cref="IOrder"/></param>
        protected virtual Order OnToOrderConvert(Order order, IOrder data)
        {
            var authzs = OrderAuthorizationRepository.GetByOrder(data.Id)
                         .Select(o => AuthorizationRepository.GetById(o.AuthorizationId))
                         .ToArray();

            order.Identifiers = authzs.Select(o =>
                                              new Identifier(o.Identifier.Type, o.Identifier.Value)).ToArray();
            order.Authorizations = authzs.Select(o => $"{Options.BaseAddress}authz/{o.Id}").ToArray();
            order.Status         = data.Status;
            order.NotBefore      = data.NotBefore;
            order.NotAfter       = data.NotAfter;
            order.Expires        = data.Expires;
            order.Error          = data.Error == null ? null : ToError(data.Error);
            order.Finalize       = $"{Options.BaseAddress}finalize/{data.Id}";
            order.Certificate    = data.Certificate?.RawData == null ? null : $"{Options.BaseAddress}cert/{data.Certificate.Thumbprint}";
            return(order);
        }
        /// <inheritdoc/>
        public IAuthorization GetById(int accountId, int authzId)
        {
            var authz = AuthorizationRepository.GetById(authzId);

            if (authz == null)
            {
                throw new MalformedException("Authorization doesn't exist");
            }

            var updatedAuthz = RefreshStatus(authz);

            AccountSecurityService.CheckAccess(new AccountAccess
            {
                Account = AccountService.GetById(accountId),
                Target  = updatedAuthz,
            });

            return(updatedAuthz);
        }