wfe

package

v0.0.0-...-30a5167 Latest Latest Go to latest Published: Apr 20, 2021 License: MPL-2.0 Imports: 35 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/letsencrypt/boulder

Documentation ¶

Index ¶

type WebFrontEndImpl
- func NewWebFrontEndImpl(stats prometheus.Registerer, clk clock.Clock, keyPolicy goodkey.KeyPolicy, ...) (WebFrontEndImpl, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type WebFrontEndImpl ¶

type WebFrontEndImpl struct {
	RA core.RegistrationAuthority
	SA core.StorageGetter

	// URL configuration parameters
	BaseURL string

	// Issuer certificate for /acme/issuer-cert
	IssuerCert *issuance.Certificate

	// URL to the current subscriber agreement (should contain some version identifier)
	SubscriberAgreementURL string

	// DirectoryCAAIdentity is used for the /directory response's "meta"
	// element's "caaIdentities" field. It should match the VA's issuerDomain
	// field value.
	DirectoryCAAIdentity string

	// DirectoryWebsite is used for the /directory response's "meta" element's
	// "website" field.
	DirectoryWebsite string

	// CORS settings
	AllowOrigins []string

	// Maximum duration of a request
	RequestTimeout time.Duration
	// contains filtered or unexported fields
}

WebFrontEndImpl provides all the logic for Boulder's web-facing interface, i.e., ACME. Its members configure the paths for various ACME functions, plus a few other data items used in ACME. Its methods are primarily handlers for HTTPS requests for the various ACME functions.

func NewWebFrontEndImpl ¶

func NewWebFrontEndImpl(
	stats prometheus.Registerer,
	clk clock.Clock,
	keyPolicy goodkey.KeyPolicy,
	remoteNonceService noncepb.NonceServiceClient,
	noncePrefixMap map[string]noncepb.NonceServiceClient,
	logger blog.Logger,
) (WebFrontEndImpl, error)

NewWebFrontEndImpl constructs a web service for Boulder

func (*WebFrontEndImpl) Authorization ¶

func (wfe *WebFrontEndImpl) Authorization(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Authorization is used by clients to submit an update to an authorization.

func (*WebFrontEndImpl) BuildID ¶

func (wfe *WebFrontEndImpl) BuildID(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

BuildID tells the requestor what build we're running.

func (*WebFrontEndImpl) Certificate ¶

func (wfe *WebFrontEndImpl) Certificate(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Certificate is used by clients to request a copy of their current certificate, or to request a reissuance of the certificate.

func (*WebFrontEndImpl) Challenge ¶

func (wfe *WebFrontEndImpl) Challenge(
	ctx context.Context,
	logEvent *web.RequestEvent,
	response http.ResponseWriter,
	request *http.Request)

Challenge handles POST requests to challenge URLs. Such requests are clients' responses to the server's challenges.

func (*WebFrontEndImpl) Directory ¶

func (wfe *WebFrontEndImpl) Directory(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Directory is an HTTP request handler that provides the directory object stored in the WFE's DirectoryEndpoints member with paths prefixed using the `request.Host` of the HTTP request.

func (*WebFrontEndImpl) HandleFunc ¶

func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h web.WFEHandlerFunc, methods ...string)

HandleFunc registers a handler at the given path. It's http.HandleFunc(), but with a wrapper around the handler that provides some generic per-request functionality:

* Set a Replay-Nonce header.

* Respond to OPTIONS requests, including CORS preflight requests.

* Set a no cache header

* Respond http.StatusMethodNotAllowed for HTTP methods other than those listed.

* Set CORS headers when responding to CORS "actual" requests.

* Never send a body in response to a HEAD request. Anything written by the handler will be discarded if the method is HEAD. Also, all handlers that accept GET automatically accept HEAD.

func (*WebFrontEndImpl) Handler ¶

func (wfe *WebFrontEndImpl) Handler(stats prometheus.Registerer) http.Handler

Handler returns an http.Handler that uses various functions for various ACME-specified paths.

func (*WebFrontEndImpl) Index ¶

func (wfe *WebFrontEndImpl) Index(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Index serves a simple identification page. It is not part of the ACME spec.

func (*WebFrontEndImpl) Issuer ¶

func (wfe *WebFrontEndImpl) Issuer(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Issuer obtains the issuer certificate used by this instance of Boulder.

func (*WebFrontEndImpl) KeyRollover ¶

func (wfe *WebFrontEndImpl) KeyRollover(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

KeyRollover allows a user to change their signing key

func (*WebFrontEndImpl) NewAuthorization ¶

func (wfe *WebFrontEndImpl) NewAuthorization(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

NewAuthorization is used by clients to submit a new ID Authorization

func (*WebFrontEndImpl) NewCertificate ¶

func (wfe *WebFrontEndImpl) NewCertificate(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

NewCertificate is used by clients to request the issuance of a cert for an authorized identifier.

func (*WebFrontEndImpl) NewRegistration ¶

func (wfe *WebFrontEndImpl) NewRegistration(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

NewRegistration is used by clients to submit a new registration/account

func (*WebFrontEndImpl) Options ¶

func (wfe *WebFrontEndImpl) Options(response http.ResponseWriter, request *http.Request, methodsStr string, methodsMap map[string]bool)

Options responds to an HTTP OPTIONS request.

func (*WebFrontEndImpl) Registration ¶

func (wfe *WebFrontEndImpl) Registration(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Registration is used by a client to submit an update to their registration.

func (*WebFrontEndImpl) RevokeCertificate ¶

func (wfe *WebFrontEndImpl) RevokeCertificate(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

RevokeCertificate is used by clients to request the revocation of a cert.

func (*WebFrontEndImpl) Terms ¶

func (wfe *WebFrontEndImpl) Terms(ctx context.Context, logEvent *web.RequestEvent, response http.ResponseWriter, request *http.Request)

Terms is used by the client to obtain the current Terms of Service / Subscriber Agreement to which the subscriber must agree.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL