Esempio n. 1
0
        public async Task TestStoreCredential()
        {
            var testSecret = "This is a secret";
            var test       = new StoredCredential
            {
                ProviderType = "DNS01.API.Route53",
                Title        = "A test credential",
                StorageKey   = Guid.NewGuid().ToString(),
                Secret       = testSecret
            };
            var credentialsManager = new CredentialsManager();

            credentialsManager.StorageSubfolder = "Tests\\credentials";
            var result = await credentialsManager.UpdateCredential(test);

            Assert.IsNotNull(result, "Credential stored OK");

            var list = await credentialsManager.GetStoredCredentials();

            Assert.IsTrue(list.Any(l => l.StorageKey == test.StorageKey), "Credential retrieved");

            var secret = await credentialsManager.GetUnlockedCredential(test.StorageKey);

            Assert.IsNotNull(secret);
            Assert.IsTrue(secret == testSecret, "Credential decrypted");
        }
Esempio n. 2
0
        public async Task <ChallengeHelperResult> CompleteDNSChallenge(ManagedSite managedsite, string domain, string txtRecordName, string txtRecordValue)
        {
            // for a given managed site configuration, attempt to complete the required challenge by
            // creating the required TXT record

            // if provider is python based

            // get stored credentials, for passing as arguments to script

            // run script dns_helper_init.py -p <providername> -c <user,pwd> -d <domain> -n <record
            // name> -v <record value>
            string providerType           = "PythonHelper";
            string providerSpecificConfig = "ROUTE53";
            string credentials            = "user,pwd";

            var credentialsManager = new CredentialsManager();

            if (!String.IsNullOrEmpty(managedsite.RequestConfig.ChallengeProvider))
            {
                var providerDetails = Models.Config.ChallengeProviders.Providers.FirstOrDefault(p => p.Id == managedsite.RequestConfig.ChallengeProvider);
                var config          = providerDetails.Config.Split(';');
                //get our driver type
                providerSpecificConfig = config.First(c => c.StartsWith("Driver")).Replace("Driver=", "");
            }

            if (!String.IsNullOrEmpty(managedsite.RequestConfig.ChallengeCredentialKey))
            {
                // decode credentials string array
                string credentialsJson = await credentialsManager.GetUnlockedCredential(managedsite.RequestConfig.ChallengeCredentialKey);

                string[] credentialArray = JsonConvert.DeserializeObject <string[]>(credentialsJson);
                credentials = String.Join(",", credentialArray);
            }

            // Run python helper, specifying driver to use
            var helperResult = RunPythonScript($"dns_helper_util.py -p {providerSpecificConfig} -c {credentials} -d {domain} -n {txtRecordName} -v {txtRecordValue}");

            if (helperResult.IsSuccess)
            {
                // test - wait for DNS changes
                await Task.Delay(15000);

                // do our own txt record query before proceeding with challenge completion

                /*
                 * int attempts = 3;
                 * bool recordCheckedOK = false;
                 * var networkUtil = new NetworkUtils(false);
                 *
                 * while (attempts > 0 && !recordCheckedOK)
                 * {
                 *  recordCheckedOK = networkUtil.CheckDNSRecordTXT(domain, txtRecordName, txtRecordValue);
                 *  attempts--;
                 *  if (!recordCheckedOK)
                 *  {
                 *      await Task.Delay(1000); // hold on a sec
                 *  }
                 * }
                 */
                return(helperResult);
            }
            else
            {
                return(helperResult);
            }
        }