Use of ACMEDirectory instead of CAUrl part 2/3

This part use ACMEDirectory in requests to ACME server. Next part will remove last remaining CAUrl code and enable dynamic agreement url.

Use of ACMEDirectory instead of CAUrl part 2/3
This part use ACMEDirectory in requests to ACME server. Next part will remove last remaining CAUrl code and enable dynamic agreement url.
86b18e09 · Adrien Dorsaz · 5a53c425 · 86b18e09 · 86b18e09
Commit 86b18e09 authored Sep 08, 2016 by Adrien Dorsaz
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 3 deletions

acme_dns_tiny.py acme_dns_tiny.py +6 -2

tests/acme_account_delete.py tests/acme_account_delete.py +5 -1

No files found.
--- a/acme_dns_tiny.py
+++ b/acme_dns_tiny.py
@@ -52,6 +52,10 @@ def get_crt(config, log=LOGGER):
        except IOError as e:
            return getattr(e, "code", None), getattr(e, "read", e.__str__)(), None

+    # get ACME server configuration from the directory
+    directory = urlopen(config["acmednstiny"]["ACMEDirectory"])
+    acme_config = json.loads(directory.read().decode("utf8"))
+
    # create DNS keyring and resolver
    log.info("Prepare DNS tools...")
    keyring = dns.tsigkeyring.from_text({config["TSIGKeyring"]["KeyName"]: config["TSIGKeyring"]["KeyValue"]})
@@ -122,7 +126,7 @@ def get_crt(config, log=LOGGER):
        log.info("Verifying {0}...".format(domain))

        # get new challenge
-        code, result, headers = _send_signed_request(config["acmednstiny"]["CAUrl"] + "/acme/new-authz", {
+        code, result, headers = _send_signed_request(acme_config["new-authz"], {
            "resource": "new-authz",
            "identifier": {"type": "dns", "value": domain},
        })
@@ -194,7 +198,7 @@ def get_crt(config, log=LOGGER):
    # get the new certificate
    log.info("Signing certificate...")
    csr_der = _openssl("req", ["-in", config["acmednstiny"]["CSRFile"], "-outform", "DER"])
-    code, result, headers = _send_signed_request(config["acmednstiny"]["CAUrl"] + "/acme/new-cert", {
+    code, result, headers = _send_signed_request(acme_config["new-cert"], {
        "resource": "new-cert",
        "csr": _b64(csr_der),
    })

--- a/tests/acme_account_delete.py
+++ b/tests/acme_account_delete.py
@@ -57,9 +57,13 @@ def delete_account(accountkeypath, log=LOGGER):
        },
    }
    
+    # get ACME server configuration from the directory
+    directory = urlopen(ACMEDirectory)
+    acme_config = json.loads(directory.read().decode("utf8"))
+    
    # send request to delete account key
    log.info("Delete account...")
-    code, result = _send_signed_request(CAURL + "/acme/new-reg", {
+    code, result = _send_signed_request(acme_config["new-reg"], {
        "resource": "reg",
        "delete": True,
    })