mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Using correct content type (as per version 10 of ACME draft). (#37165)
* Using correct content type (as per version 10 of ACME draft). * Another incompatibility with ACME v2: body must be {} and not contain v1 data (Pebble fails otherwise). * Fixing bug: self.args in a subclass of Exception is apparently always a tuple.
This commit is contained in:
parent
02999b77a4
commit
155adb1631
1 changed files with 13 additions and 10 deletions
|
@ -361,10 +361,10 @@ class ModuleFailException(Exception):
|
||||||
def __init__(self, msg, **args):
|
def __init__(self, msg, **args):
|
||||||
super(ModuleFailException, self).__init__(self, msg)
|
super(ModuleFailException, self).__init__(self, msg)
|
||||||
self.msg = msg
|
self.msg = msg
|
||||||
self.args = args
|
self.module_fail_args = args
|
||||||
|
|
||||||
def do_fail(self, module):
|
def do_fail(self, module):
|
||||||
module.fail_json(msg=self.msg, **self.args)
|
module.fail_json(msg=self.msg, other=self.module_fail_args)
|
||||||
|
|
||||||
|
|
||||||
def _lowercase_fetch_url(*args, **kwargs):
|
def _lowercase_fetch_url(*args, **kwargs):
|
||||||
|
@ -675,7 +675,7 @@ class ACMEAccount(object):
|
||||||
'''
|
'''
|
||||||
Sends a JWS signed HTTP POST request to the ACME server and returns
|
Sends a JWS signed HTTP POST request to the ACME server and returns
|
||||||
the response as dictionary
|
the response as dictionary
|
||||||
https://tools.ietf.org/html/draft-ietf-acme-acme-09#section-6.2
|
https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-6.2
|
||||||
'''
|
'''
|
||||||
failed_tries = 0
|
failed_tries = 0
|
||||||
while True:
|
while True:
|
||||||
|
@ -719,7 +719,10 @@ class ACMEAccount(object):
|
||||||
data["header"] = self.jws_header
|
data["header"] = self.jws_header
|
||||||
data = self.module.jsonify(data)
|
data = self.module.jsonify(data)
|
||||||
|
|
||||||
resp, info = fetch_url(self.module, url, data=data, method='POST')
|
headers = {
|
||||||
|
'Content-Type': 'application/jose+json',
|
||||||
|
}
|
||||||
|
resp, info = fetch_url(self.module, url, data=data, headers=headers, method='POST')
|
||||||
result = {}
|
result = {}
|
||||||
try:
|
try:
|
||||||
content = resp.read()
|
content = resp.read()
|
||||||
|
@ -979,13 +982,13 @@ class ACMEClient(object):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
uri = challenge['uri'] if self.version == 1 else challenge['url']
|
uri = challenge['uri'] if self.version == 1 else challenge['url']
|
||||||
token = re.sub(r"[^A-Za-z0-9_\-]", "_", challenge['token'])
|
|
||||||
keyauthorization = self.account.get_keyauthorization(token)
|
|
||||||
|
|
||||||
challenge_response = {
|
challenge_response = {}
|
||||||
"resource": "challenge",
|
if self.version == 1:
|
||||||
"keyAuthorization": keyauthorization,
|
token = re.sub(r"[^A-Za-z0-9_\-]", "_", challenge['token'])
|
||||||
}
|
keyauthorization = self.account.get_keyauthorization(token)
|
||||||
|
challenge_response["resource"] = "challenge"
|
||||||
|
challenge_response["keyAuthorization"] = keyauthorization
|
||||||
result, info = self.account.send_signed_request(uri, challenge_response)
|
result, info = self.account.send_signed_request(uri, challenge_response)
|
||||||
if info['status'] not in [200, 202]:
|
if info['status'] not in [200, 202]:
|
||||||
raise ModuleFailException("Error validating challenge: CODE: {0} RESULT: {1}".format(info['status'], result))
|
raise ModuleFailException("Error validating challenge: CODE: {0} RESULT: {1}".format(info['status'], result))
|
||||||
|
|
Loading…
Reference in a new issue