acme: new HTTP and TLS challenges implementations.

2020-10-29 15:40:04 +01:00 · 2020-10-29 15:40:04 +01:00 · 05333b9579
commit 05333b9579
parent 49cdb67ddc
13 changed files with 398 additions and 254 deletions
--- a/pkg/provider/acme/local_store.go
+++ b/pkg/provider/acme/local_store.go
@ -2,7 +2,6 @@ package acme

 import (
 	"encoding/json"
-	"fmt"
 	"io/ioutil"
 	"os"
 	"sync"
@ -171,112 +170,3 @@ func (s *LocalStore) SaveCertificates(resolverName string, certificates []*CertA

 	return nil
 }
-
-// LocalChallengeStore is an implementation of the ChallengeStore in memory.
-type LocalChallengeStore struct {
-	storedData *StoredChallengeData
-	lock       sync.RWMutex
-}
-
-// NewLocalChallengeStore initializes a new LocalChallengeStore.
-func NewLocalChallengeStore() *LocalChallengeStore {
-	return &LocalChallengeStore{
-		storedData: &StoredChallengeData{
-			HTTPChallenges: make(map[string]map[string][]byte),
-			TLSChallenges:  make(map[string]*Certificate),
-		},
-	}
-}
-
-// GetHTTPChallengeToken Get the http challenge token from the store.
-func (s *LocalChallengeStore) GetHTTPChallengeToken(token, domain string) ([]byte, error) {
-	s.lock.RLock()
-	defer s.lock.RUnlock()
-
-	if s.storedData.HTTPChallenges == nil {
-		s.storedData.HTTPChallenges = map[string]map[string][]byte{}
-	}
-
-	if _, ok := s.storedData.HTTPChallenges[token]; !ok {
-		return nil, fmt.Errorf("cannot find challenge for token %v", token)
-	}
-
-	result, ok := s.storedData.HTTPChallenges[token][domain]
-	if !ok {
-		return nil, fmt.Errorf("cannot find challenge for token %v", token)
-	}
-	return result, nil
-}
-
-// SetHTTPChallengeToken Set the http challenge token in the store.
-func (s *LocalChallengeStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error {
-	s.lock.Lock()
-	defer s.lock.Unlock()
-
-	if s.storedData.HTTPChallenges == nil {
-		s.storedData.HTTPChallenges = map[string]map[string][]byte{}
-	}
-
-	if _, ok := s.storedData.HTTPChallenges[token]; !ok {
-		s.storedData.HTTPChallenges[token] = map[string][]byte{}
-	}
-
-	s.storedData.HTTPChallenges[token][domain] = keyAuth
-	return nil
-}
-
-// RemoveHTTPChallengeToken Remove the http challenge token in the store.
-func (s *LocalChallengeStore) RemoveHTTPChallengeToken(token, domain string) error {
-	s.lock.Lock()
-	defer s.lock.Unlock()
-
-	if s.storedData.HTTPChallenges == nil {
-		return nil
-	}
-
-	if _, ok := s.storedData.HTTPChallenges[token]; ok {
-		delete(s.storedData.HTTPChallenges[token], domain)
-		if len(s.storedData.HTTPChallenges[token]) == 0 {
-			delete(s.storedData.HTTPChallenges, token)
-		}
-	}
-	return nil
-}
-
-// AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage.
-func (s *LocalChallengeStore) AddTLSChallenge(domain string, cert *Certificate) error {
-	s.lock.Lock()
-	defer s.lock.Unlock()
-
-	if s.storedData.TLSChallenges == nil {
-		s.storedData.TLSChallenges = make(map[string]*Certificate)
-	}
-
-	s.storedData.TLSChallenges[domain] = cert
-	return nil
-}
-
-// GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage.
-func (s *LocalChallengeStore) GetTLSChallenge(domain string) (*Certificate, error) {
-	s.lock.Lock()
-	defer s.lock.Unlock()
-
-	if s.storedData.TLSChallenges == nil {
-		s.storedData.TLSChallenges = make(map[string]*Certificate)
-	}
-
-	return s.storedData.TLSChallenges[domain], nil
-}
-
-// RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage.
-func (s *LocalChallengeStore) RemoveTLSChallenge(domain string) error {
-	s.lock.Lock()
-	defer s.lock.Unlock()
-
-	if s.storedData.TLSChallenges == nil {
-		return nil
-	}
-
-	delete(s.storedData.TLSChallenges, domain)
-	return nil
-}