diff options
author | Andrew Cady <d@jerkface.net> | 2016-01-20 14:14:54 -0500 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2016-01-20 14:14:54 -0500 |
commit | c1dc81d18cc381d0b09147d0dbb778bbfd86f4da (patch) | |
tree | a08c6568f12a5913e9c39826f4d9a9722ac077d5 | |
parent | a00019a64306bcbc1597b016f72eaafda72e0f4b (diff) |
Use a Wreq session.
Configure Wreq not to throw exceptions for non-200 status codes.
-rw-r--r-- | acme.hs | 27 |
1 files changed, 17 insertions, 10 deletions
@@ -24,8 +24,8 @@ import Data.Digest.Pure.SHA (bytestringDigest, sha256) | |||
24 | import Data.Maybe | 24 | import Data.Maybe |
25 | import qualified Data.Text as T | 25 | import qualified Data.Text as T |
26 | import Data.Text.Encoding (decodeUtf8) | 26 | import Data.Text.Encoding (decodeUtf8) |
27 | import Network.Wreq hiding (header, get, post, put) | 27 | import Network.Wreq (Response, responseHeader, responseBody, defaults, checkStatus) |
28 | import qualified Network.Wreq as W | 28 | import qualified Network.Wreq.Session as WS |
29 | import OpenSSL | 29 | import OpenSSL |
30 | import OpenSSL.EVP.Digest | 30 | import OpenSSL.EVP.Digest |
31 | import OpenSSL.EVP.PKey | 31 | import OpenSSL.EVP.PKey |
@@ -107,13 +107,13 @@ go (CmdOpts privKeyFile domain email termOverride) = do | |||
107 | 107 | ||
108 | return () | 108 | return () |
109 | 109 | ||
110 | data Env = Env { getDir :: Directory, getKeys :: Keys } | 110 | data Env = Env { getDir :: Directory, getKeys :: Keys, getSession :: WS.Session } |
111 | 111 | ||
112 | type ACME a = RWST Env () Nonce IO a | 112 | type ACME a = RWST Env () Nonce IO a |
113 | runACME :: String -> Keys -> ACME a -> IO a | 113 | runACME :: String -> Keys -> ACME a -> IO a |
114 | runACME url keys f = do | 114 | runACME url keys f = WS.withSession $ \sess -> do |
115 | Just (dir, nonce) <- getDirectory url | 115 | Just (dir, nonce) <- getDirectory sess url |
116 | fst <$> evalRWST f (Env dir keys) nonce | 116 | fst <$> evalRWST f (Env dir keys sess) nonce |
117 | 117 | ||
118 | data Directory = Directory { | 118 | data Directory = Directory { |
119 | _newCert :: String, | 119 | _newCert :: String, |
@@ -125,9 +125,9 @@ newtype Nonce = Nonce String | |||
125 | testRegister :: String -> IO (Response LC.ByteString) | 125 | testRegister :: String -> IO (Response LC.ByteString) |
126 | testRegister email = readKeys "rsa.key" >>= flip (runACME directoryUrl) (register email defaultTerms) | 126 | testRegister email = readKeys "rsa.key" >>= flip (runACME directoryUrl) (register email defaultTerms) |
127 | 127 | ||
128 | getDirectory :: String -> IO (Maybe (Directory, Nonce)) | 128 | getDirectory :: WS.Session -> String -> IO (Maybe (Directory, Nonce)) |
129 | getDirectory url = do | 129 | getDirectory sess url = do |
130 | r <- W.get url | 130 | r <- WS.get sess url |
131 | let nonce = r ^? responseHeader "Replay-Nonce" . to (Nonce . T.unpack . decodeUtf8) | 131 | let nonce = r ^? responseHeader "Replay-Nonce" . to (Nonce . T.unpack . decodeUtf8) |
132 | k x = r ^? responseBody . JSON.key x . _String . to T.unpack | 132 | k x = r ^? responseBody . JSON.key x . _String . to T.unpack |
133 | return $ (,) <$> (Directory <$> k "new-cert" <*> k "new-authz" <*> k "revoke-cert" <*> k "new-reg") <*> nonce | 133 | return $ (,) <$> (Directory <$> k "new-cert" <*> k "new-authz" <*> k "revoke-cert" <*> k "new-reg") <*> nonce |
@@ -141,10 +141,17 @@ sendPayload reqType payload = do | |||
141 | dir <- asks getDir | 141 | dir <- asks getDir |
142 | nonce <- gets coerce | 142 | nonce <- gets coerce |
143 | signed <- liftIO $ signPayload keys nonce payload | 143 | signed <- liftIO $ signPayload keys nonce payload |
144 | post (reqType dir) signed | ||
144 | 145 | ||
145 | r <- liftIO $ W.post (reqType dir) signed | 146 | -- post :: (MonadReader Env m, MonadState Nonce m, MonadIO m, Postable a) => String -> a -> m (Response LC.ByteString) |
147 | post url payload = do | ||
148 | sess <- asks getSession | ||
149 | r <- liftIO $ WS.postWith noStatusCheck sess url payload | ||
146 | put $ r ^?! responseHeader "Replay-Nonce" . to (Nonce . T.unpack . decodeUtf8) | 150 | put $ r ^?! responseHeader "Replay-Nonce" . to (Nonce . T.unpack . decodeUtf8) |
147 | return r | 151 | return r |
152 | where | ||
153 | noStatusCheck = defaults & checkStatus .~ Just nullChecker | ||
154 | nullChecker _ _ _ = Nothing | ||
148 | 155 | ||
149 | -------------------------------------------------------------------------------- | 156 | -------------------------------------------------------------------------------- |
150 | -- | Sign return a payload with a nonce-protected header. | 157 | -- | Sign return a payload with a nonce-protected header. |