public async Task UpdateAccount_ShoudUpdateSuccessfully() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directory; AcmeApiResponse nonceResponse = null; AcmeApiResponse <AcmeAccount> accountResponse = null; AcmeApiResponse updateAccountResponse = null; //EXECUTE directory = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directory.Data); accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount() { Contact = new List <string>() { "mailto:[email protected]" }, TermsOfServiceAgreed = true }); updateAccountResponse = await api.UpdateAccountAsync(directory.Data, accountResponse.Nonce, accountResponse.Data); //ASSERT updateAccountResponse.ShouldNotBeNull(); updateAccountResponse.Status.ShouldBe(AcmeApiResponseStatus.Success); updateAccountResponse.Nonce.Length.ShouldBeGreaterThan(0); }
public async Task VerifyChallenge_ShouldVerifyTheChallenge() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directory; AcmeApiResponse nonceResponse = null; AcmeApiResponse <AcmeAccount> accountResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null; List <AcmeApiResponse <AcmeAuthorization> > authorizations = null; AcmeApiResponse <AcmeChallengeStatus> challengeStatusResponse; AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest() { Identifiers = new List <DnsCertificateIdentifier>() { new DnsCertificateIdentifier() { Value = "taco.com" }, new DnsCertificateIdentifier() { Value = "www.taco.com" } } }; //EXECUTE directory = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directory.Data); accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount() { Contact = new List <string>() { "mailto:[email protected]" }, TermsOfServiceAgreed = true }); certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest); authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data); AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01")); string authKey = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token); challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey); //ASSERT challengeStatusResponse.ShouldNotBeNull(); challengeStatusResponse.Status.ShouldBe(AcmeApiResponseStatus.Success); challengeStatusResponse.Data.ShouldNotBeNull(); challengeStatusResponse.Data.Status.ShouldBe("pending"); }
public async Task RequestCertificate_ShouldGetPromiseBack() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directory; AcmeApiResponse nonceResponse = null; AcmeApiResponse <AcmeAccount> accountResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null; AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest() { Identifiers = new List <DnsCertificateIdentifier>() { new DnsCertificateIdentifier() { Value = "taco.com" }, new DnsCertificateIdentifier() { Value = "www.taco.com" } } }; //EXECUTE directory = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directory.Data); accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount() { Contact = new List <string>() { "mailto:[email protected]" }, TermsOfServiceAgreed = true }); certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest); //ASSERT certificateFulfillmentPromise.ShouldNotBeNull(); certificateFulfillmentPromise.Status.ShouldBe(AcmeApiResponseStatus.Success); certificateFulfillmentPromise.Data.ShouldNotBeNull(); certificateFulfillmentPromise.Data.Status.ShouldBe("pending"); certificateFulfillmentPromise.Data.Identifiers.ShouldNotBeNull(); certificateFulfillmentPromise.Data.Identifiers.Count.ShouldBe(2); certificateFulfillmentPromise.Data.Authorizations.ShouldNotBeNull(); certificateFulfillmentPromise.Data.Authorizations.Count.ShouldBe(2); certificateFulfillmentPromise.Data.Finalize.ShouldNotBeNull(); certificateFulfillmentPromise.Data.Finalize.Length.ShouldBeGreaterThan(0); }
public async Task GetNewNonce_ShouldReturnNewReplayNonce() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directoryResponse; AcmeApiResponse nonceResponse = null; //EXECUTE directoryResponse = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directoryResponse.Data); //ASSERT nonceResponse.ShouldNotBeNull(); nonceResponse.Status.ShouldBe(AcmeApiResponseStatus.Success); nonceResponse.Nonce.Length.ShouldBeGreaterThan(0); }
public async Task ChangeKey_ShouldUpdateLastNonce() { //ARRANGE var acmeApiMock = new Mock <IAcmeRestApi>(); var directoryCacheMock = new Mock <ICachedRepository <AcmeDirectory> >(); var nonceCacheMock = new Mock <ICachedRepository <string> >(); AcmeApiResponse successResponse = TestHelpers.AcmeEmptyResponseWithNonce; AcmeAccount account = TestHelpers.AcmeAccountResponse.Data; acmeApiMock.Setup(method => method.RollOverAccountKeyAsync(It.IsAny <AcmeDirectory>(), It.IsAny <string>(), It.IsAny <AcmeAccount>())) .ReturnsAsync(successResponse); AcmeAccountService srv = new AcmeAccountService(acmeApiMock.Object, directoryCacheMock.Object, nonceCacheMock.Object); //ACT await srv.ChangeKeyAsync(account); //ASSERT nonceCacheMock.Verify(method => method.Update(successResponse.Nonce), Times.Once()); }
public async Task CreateAccount_ShouldReturnExpectedNewAccount() { //ARRANGE var acmeApiMock = new Mock <IAcmeRestApi>(); var directoryCacheMock = new Mock <ICachedRepository <AcmeDirectory> >(); var nonceCacheMock = new Mock <ICachedRepository <string> >(); AcmeCreateAccount inputAccount = TestHelpers.CreateAccount; AcmeApiResponse <AcmeAccount> accountResponse = TestHelpers.AcmeAccountResponse; acmeApiMock.Setup(method => method.CreateAccountAsync(It.IsAny <AcmeDirectory>(), It.IsAny <string>(), It.IsAny <AcmeCreateAccount>())) .ReturnsAsync(accountResponse); AcmeAccountService srv = new AcmeAccountService(acmeApiMock.Object, directoryCacheMock.Object, nonceCacheMock.Object); //ACT var expected = await srv.CreateAsync(inputAccount); //ASSERT expected.ShouldBe(accountResponse.Data); }
public async Task CreateAccount_ShouldUpdateLastNonce() { //ARRANGE var acmeApiMock = new Mock <IAcmeRestApi>(); var directoryCacheMock = new Mock <ICachedRepository <AcmeDirectory> >(); var nonceCacheMock = new Mock <ICachedRepository <string> >(); AcmeCreateAccount inputAccount = TestHelpers.CreateAccount; AcmeApiResponse <AcmeAccount> accountResponse = TestHelpers.AcmeAccountResponse; acmeApiMock.Setup(method => method.CreateAccountAsync(It.IsAny <AcmeDirectory>(), It.IsAny <string>(), It.IsAny <AcmeCreateAccount>())) .ReturnsAsync(accountResponse); AcmeAccountService srv = new AcmeAccountService(acmeApiMock.Object, directoryCacheMock.Object, nonceCacheMock.Object); //ACT await srv.CreateAsync(inputAccount); //ASSERT nonceCacheMock.Verify(method => method.Update(accountResponse.Nonce), Times.Once()); }
/// <summary> /// Gets challenges used to verify domain ownership. /// </summary> /// <param name="acmeCertificateFulfillmentPromise">The certificate fulfillment promise retrieved from the RequestCertificate call.</param> /// <returns>An authorization object containing the available challenge types. Wrapped by a response object.</returns> public async Task <List <AcmeApiResponse <AcmeAuthorization> > > GetChallengesAsync(AcmeCertificateFulfillmentPromise acmeCertificateFulfillmentPromise) { List <AcmeApiResponse <AcmeAuthorization> > response = new List <AcmeApiResponse <AcmeAuthorization> >(); if (acmeCertificateFulfillmentPromise == null) { throw new ArgumentNullException("acmeCertificateFulfillmentPromise"); } if (acmeCertificateFulfillmentPromise.Authorizations == null || !acmeCertificateFulfillmentPromise.Authorizations.Any()) { throw new ArgumentException("No Authorizations exist in the Acme Certification Fulfillment Promise"); } foreach (string authUrl in acmeCertificateFulfillmentPromise.Authorizations) { AcmeApiResponse <AcmeAuthorization> result = new AcmeApiResponse <AcmeAuthorization>(); var apiResp = await _httpClient.GetAsync(authUrl); string apiRespString = await apiResp.Content?.ReadAsStringAsync(); if (!apiResp.IsSuccessStatusCode) { result.Status = AcmeApiResponseStatus.Error; result.Message = apiRespString; } else { result.Status = AcmeApiResponseStatus.Success; result.Data = JsonConvert.DeserializeObject <AcmeAuthorization>(apiRespString); } response.Add(result); } return(response); }
public async Task DownloadCertificate_ShouldComplete() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directory; AcmeApiResponse nonceResponse = null; AcmeApiResponse <AcmeAccount> accountResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null; List <AcmeApiResponse <AcmeAuthorization> > authorizations = null; AcmeApiResponse <AcmeChallengeStatus> challengeStatusResponse = null; AcmeApiResponse <AcmeChallengeVerificationStatus> challengeVerificationResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificatePromiseResult = null; AcmeApiResponse <ArraySegment <byte> > certificateResult = null; AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest() { Identifiers = new List <DnsCertificateIdentifier>() { new DnsCertificateIdentifier() { Value = "test.com" } } }; //EXECUTE directory = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directory.Data); accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount() { Contact = new List <string>() { "mailto:[email protected]" }, TermsOfServiceAgreed = true }); certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest); authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data); AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01")); string authKey = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token); challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey); while ( challengeVerificationResponse == null || challengeVerificationResponse.Data.Status == "pending") { challengeVerificationResponse = await api.GetChallengeVerificationStatusAsync(httpChallenge); await Task.Delay(3000); } string csr = GenerateCSR(accountResponse.Data, "test.com"); certificatePromiseResult = await api.FinalizeCertificatePromiseAsync(accountResponse.Data, challengeStatusResponse.Nonce, certificateFulfillmentPromise.Data, csr); certificateResult = await api.GetCertificateAsync(certificatePromiseResult.Data, CertificateType.Cert); //We will write the cert out to a temp directory if it exists. Otherwise, forget it. if (Directory.Exists(@"c:\temp")) { using (FileStream fs = new FileStream(@"c:\temp\mycert.cer", FileMode.Create)) { byte[] bytes = certificateResult.Data.Array; fs.Write(bytes, 0, bytes.Length); } } //ASSERT (Cant really assert anything here. This call will mostlikey fail. There is no way to validate the domain here) }
public async Task FinalizeChallenge_ShouldComplete() { //SETUP AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT); AcmeApiResponse <AcmeDirectory> directory; AcmeApiResponse nonceResponse = null; AcmeApiResponse <AcmeAccount> accountResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null; List <AcmeApiResponse <AcmeAuthorization> > authorizations = null; AcmeApiResponse <AcmeChallengeStatus> challengeStatusResponse = null; AcmeApiResponse <AcmeChallengeVerificationStatus> challengeVerificationResponse = null; AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificatePromiseResult = null; AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest() { Identifiers = new List <DnsCertificateIdentifier>() { new DnsCertificateIdentifier() { Value = "test.com" } } }; //EXECUTE directory = await api.GetDirectoryAsync(); nonceResponse = await api.GetNonceAsync(directory.Data); accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount() { Contact = new List <string>() { "mailto:[email protected]" }, TermsOfServiceAgreed = true }); certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest); authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data); AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01")); string authKey = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token); challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey); while ( challengeVerificationResponse == null || challengeVerificationResponse.Data.Status == "pending") { challengeVerificationResponse = await api.GetChallengeVerificationStatusAsync(httpChallenge); await Task.Delay(3000); } string csr = GenerateCSR(accountResponse.Data, "test.com"); certificatePromiseResult = await api.FinalizeCertificatePromiseAsync(accountResponse.Data, challengeStatusResponse.Nonce, certificateFulfillmentPromise.Data, csr); //ASSERT (Cant really assert anything here. This call will mostlikey fail. There is no way to validate the domain here) certificatePromiseResult.ShouldNotBeNull(); }