private String getEncodedProtectedHeader(boolean useJwk, String resourceUrl, AcmeAccount account, boolean staging) throws AcmeException { JsonObjectBuilder protectedHeaderBuilder = Json.createObjectBuilder().add(ALG, account.getAlgHeader()); if (useJwk) { protectedHeaderBuilder.add(JWK, getJwk(account.getPublicKey(), account.getAlgHeader())); } else { protectedHeaderBuilder.add(KID, getAccountUrl(account, staging)); } protectedHeaderBuilder .add(NONCE, base64UrlEncode(getNonce(account, staging))) .add(URL, resourceUrl); return getEncodedJson(protectedHeaderBuilder.build()); }
/** * Deactivate the given ACME account. It is not possible to reactivate an ACME account after it has * been deactivated. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to deactivate the given ACME account */ public void deactivateAccount(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObject payload = Json.createObjectBuilder() .add(STATUS, DEACTIVATED) .build(); sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payload), HttpURLConnection.HTTP_OK); }
String[] queryAccountContactUrls(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostAsGetRequest(account, staging, getAccountUrl(account, staging), null, HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); JsonArray contactsArray = jsonResponse.getJsonArray(CONTACT); if (contactsArray != null && contactsArray.size() > 0) { List<String> contacts = new ArrayList<>(contactsArray.size()); for (JsonString contact : contactsArray.getValuesAs(JsonString.class)) { contacts.add(contact.getString()); } return contacts.toArray(new String[contacts.size()]); } return null; }
String queryAccountStatus(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostAsGetRequest(account, staging, getAccountUrl(account, staging), null, HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); return jsonResponse.getString(STATUS); }
/** * Update an account with an ACME server using the given account information. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @param termsOfServiceAgreed the new value for whether or not the terms of service have been agreed to * @param contactUrls the new account contact URLs * @throws AcmeException if an error occurs while attempting to update the account */ public void updateAccount(AcmeAccount account, boolean staging, boolean termsOfServiceAgreed, String[] contactUrls) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObjectBuilder payloadBuilder = Json.createObjectBuilder() .add(TERMS_OF_SERVICE_AGREED, termsOfServiceAgreed); if (contactUrls != null && ! (contactUrls.length == 0)) { JsonArrayBuilder contactBuilder = Json.createArrayBuilder(); for (String contactUrl : contactUrls) { contactBuilder.add(contactUrl); } payloadBuilder.add(CONTACT, contactBuilder.build()); } sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payloadBuilder.build()), HttpURLConnection.HTTP_OK); account.setTermsOfServiceAgreed(termsOfServiceAgreed); if (contactUrls != null && ! (contactUrls.length == 0)) { account.setContactUrls(contactUrls); } }
/** * Change the key that is associated with the given ACME account. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @param certificate the new certificate to associate with the given ACME account (must not be {@code null}) * @param privateKey the new private key to associate with the given ACME account (must not be {@code null}) * @throws AcmeException if an error occurs while attempting to change the key that is associated with the given ACME account */ public void changeAccountKey(AcmeAccount account, boolean staging, X509Certificate certificate, PrivateKey privateKey) throws AcmeException { Assert.checkNotNullParam("account", account); Assert.checkNotNullParam("certificate", certificate); Assert.checkNotNullParam("privateKey", privateKey); final String keyChangeUrl = getResourceUrl(account, AcmeResource.KEY_CHANGE, staging).toString(); final String signatureAlgorithm = getDefaultCompatibleSignatureAlgorithmName(privateKey); final String algHeader = getAlgHeaderFromSignatureAlgorithm(signatureAlgorithm); final String innerEncodedProtectedHeader = getEncodedProtectedHeader(algHeader, certificate.getPublicKey(), keyChangeUrl); JsonObjectBuilder innerPayloadBuilder = Json.createObjectBuilder() .add(ACCOUNT, getAccountUrl(account, staging)) .add(OLD_KEY, getJwk(account.getPublicKey(), account.getAlgHeader())); final String innerEncodedPayload = getEncodedJson(innerPayloadBuilder.build()); final String innerEncodedSignature = getEncodedSignature(privateKey, signatureAlgorithm, innerEncodedProtectedHeader, innerEncodedPayload); final String outerEncodedPayload = getEncodedJson(getJws(innerEncodedProtectedHeader, innerEncodedPayload, innerEncodedSignature)); sendPostRequestWithRetries(account, staging, keyChangeUrl, false, outerEncodedPayload, HttpURLConnection.HTTP_OK); account.changeCertificateAndPrivateKey(certificate, privateKey); // update account info }
private String getEncodedProtectedHeader(boolean useJwk, String resourceUrl, AcmeAccount account, boolean staging) throws AcmeException { JsonObjectBuilder protectedHeaderBuilder = Json.createObjectBuilder().add(ALG, account.getAlgHeader()); if (useJwk) { protectedHeaderBuilder.add(JWK, getJwk(account.getPublicKey(), account.getAlgHeader())); } else { protectedHeaderBuilder.add(KID, getAccountUrl(account, staging)); } protectedHeaderBuilder .add(NONCE, base64UrlEncode(getNonce(account, staging))) .add(URL, resourceUrl); return getEncodedJson(protectedHeaderBuilder.build()); }
private String getEncodedProtectedHeader(boolean useJwk, String resourceUrl, AcmeAccount account, boolean staging) throws AcmeException { JsonObjectBuilder protectedHeaderBuilder = Json.createObjectBuilder().add(ALG, account.getAlgHeader()); if (useJwk) { protectedHeaderBuilder.add(JWK, getJwk(account.getPublicKey(), account.getAlgHeader())); } else { protectedHeaderBuilder.add(KID, getAccountUrl(account, staging)); } protectedHeaderBuilder .add(NONCE, base64UrlEncode(getNonce(account, staging))) .add(URL, resourceUrl); return getEncodedJson(protectedHeaderBuilder.build()); }
private String getEncodedProtectedHeader(boolean useJwk, String resourceUrl, AcmeAccount account, boolean staging) throws AcmeException { JsonObjectBuilder protectedHeaderBuilder = Json.createObjectBuilder().add(ALG, account.getAlgHeader()); if (useJwk) { protectedHeaderBuilder.add(JWK, getJwk(account.getPublicKey(), account.getAlgHeader())); } else { protectedHeaderBuilder.add(KID, getAccountUrl(account, staging)); } protectedHeaderBuilder .add(NONCE, base64UrlEncode(getNonce(account, staging))) .add(URL, resourceUrl); return getEncodedJson(protectedHeaderBuilder.build()); }
/** * Deactivate the given ACME account. It is not possible to reactivate an ACME account after it has * been deactivated. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to deactivate the given ACME account */ public void deactivateAccount(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObject payload = Json.createObjectBuilder() .add(STATUS, DEACTIVATED) .build(); sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payload), HttpURLConnection.HTTP_OK); }
/** * Deactivate the given ACME account. It is not possible to reactivate an ACME account after it has * been deactivated. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to deactivate the given ACME account */ public void deactivateAccount(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObject payload = Json.createObjectBuilder() .add(STATUS, DEACTIVATED) .build(); sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payload), HttpURLConnection.HTTP_OK); }
/** * Deactivate the given ACME account. It is not possible to reactivate an ACME account after it has * been deactivated. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to deactivate the given ACME account */ public void deactivateAccount(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObject payload = Json.createObjectBuilder() .add(STATUS, DEACTIVATED) .build(); sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payload), HttpURLConnection.HTTP_OK); }
String[] queryAccountContactUrls(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostAsGetRequest(account, staging, getAccountUrl(account, staging), null, HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); JsonArray contactsArray = jsonResponse.getJsonArray(CONTACT); if (contactsArray != null && contactsArray.size() > 0) { List<String> contacts = new ArrayList<>(contactsArray.size()); for (JsonString contact : contactsArray.getValuesAs(JsonString.class)) { contacts.add(contact.getString()); } return contacts.toArray(new String[contacts.size()]); } return null; }
String queryAccountStatus(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostAsGetRequest(account, staging, getAccountUrl(account, staging), null, HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); return jsonResponse.getString(STATUS); }
String[] queryAccountContactUrls(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(EMPTY_PAYLOAD), HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); JsonArray contactsArray = jsonResponse.getJsonArray(CONTACT); if (contactsArray != null && contactsArray.size() > 0) { List<String> contacts = new ArrayList<>(contactsArray.size()); for (JsonString contact : contactsArray.getValuesAs(JsonString.class)) { contacts.add(contact.getString()); } return contacts.toArray(new String[contacts.size()]); } return null; }
String[] queryAccountContactUrls(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(EMPTY_PAYLOAD), HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); JsonArray contactsArray = jsonResponse.getJsonArray(CONTACT); if (contactsArray != null && contactsArray.size() > 0) { List<String> contacts = new ArrayList<>(contactsArray.size()); for (JsonString contact : contactsArray.getValuesAs(JsonString.class)) { contacts.add(contact.getString()); } return contacts.toArray(new String[contacts.size()]); } return null; }
String queryAccountStatus(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(EMPTY_PAYLOAD), HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); return jsonResponse.getString(STATUS); }
String queryAccountStatus(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); HttpURLConnection connection = sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(EMPTY_PAYLOAD), HttpURLConnection.HTTP_OK); JsonObject jsonResponse = getJsonResponse(connection); return jsonResponse.getString(STATUS); }
/** * Update an account with an ACME server using the given account information. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @param termsOfServiceAgreed the new value for whether or not the terms of service have been agreed to * @param contactUrls the new account contact URLs * @throws AcmeException if an error occurs while attempting to update the account */ public void updateAccount(AcmeAccount account, boolean staging, boolean termsOfServiceAgreed, String[] contactUrls) throws AcmeException { Assert.checkNotNullParam("account", account); JsonObjectBuilder payloadBuilder = Json.createObjectBuilder() .add(TERMS_OF_SERVICE_AGREED, termsOfServiceAgreed); if (contactUrls != null && ! (contactUrls.length == 0)) { JsonArrayBuilder contactBuilder = Json.createArrayBuilder(); for (String contactUrl : contactUrls) { contactBuilder.add(contactUrl); } payloadBuilder.add(CONTACT, contactBuilder.build()); } sendPostRequestWithRetries(account, staging, getAccountUrl(account, staging), false, getEncodedJson(payloadBuilder.build()), HttpURLConnection.HTTP_OK); account.setTermsOfServiceAgreed(termsOfServiceAgreed); if (contactUrls != null && ! (contactUrls.length == 0)) { account.setContactUrls(contactUrls); } }
/** * Change the key that is associated with the given ACME account. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @param certificate the new certificate to associate with the given ACME account (must not be {@code null}) * @param privateKey the new private key to associate with the given ACME account (must not be {@code null}) * @throws AcmeException if an error occurs while attempting to change the key that is associated with the given ACME account */ public void changeAccountKey(AcmeAccount account, boolean staging, X509Certificate certificate, PrivateKey privateKey) throws AcmeException { Assert.checkNotNullParam("account", account); Assert.checkNotNullParam("certificate", certificate); Assert.checkNotNullParam("privateKey", privateKey); final String keyChangeUrl = getResourceUrl(account, AcmeResource.KEY_CHANGE, staging).toString(); final String signatureAlgorithm = getDefaultCompatibleSignatureAlgorithmName(privateKey); final String algHeader = getAlgHeaderFromSignatureAlgorithm(signatureAlgorithm); final String innerEncodedProtectedHeader = getEncodedProtectedHeader(algHeader, certificate.getPublicKey(), keyChangeUrl); JsonObjectBuilder innerPayloadBuilder = Json.createObjectBuilder() .add(ACCOUNT, getAccountUrl(account, staging)) .add(OLD_KEY, getJwk(account.getPublicKey(), account.getAlgHeader())); final String innerEncodedPayload = getEncodedJson(innerPayloadBuilder.build()); final String innerEncodedSignature = getEncodedSignature(privateKey, signatureAlgorithm, innerEncodedProtectedHeader, innerEncodedPayload); final String outerEncodedPayload = getEncodedJson(getJws(innerEncodedProtectedHeader, innerEncodedPayload, innerEncodedSignature)); sendPostRequestWithRetries(account, staging, keyChangeUrl, false, outerEncodedPayload, HttpURLConnection.HTTP_OK); account.changeCertificateAndPrivateKey(certificate, privateKey); // update account info }