1 files changed, 23 insertions, 1 deletions
diff --git a/acme.hs b/acme.hs
index f8e92e3..b755f19 100644
--- a/acme.hs
+++ b/acme.hs
@@ -24,7 +24,11 @@ import OpenSSL.RSA
 import System.Process (readProcess)
 import Network.Wreq hiding (header)
 import Control.Lens hiding ((.=))
+import Data.Aeson.Lens hiding (key)
+import qualified Data.Aeson.Lens as JSON
+directoryUrl :: String
+directoryUrl =  "https://acme-v01.api.letsencrypt.org/directory"
 main :: IO ()
 main = do
@@ -33,7 +37,7 @@ main = do
    Nothing -> error "Not a public RSA key."
    Just (userKey :: RSAPubKey) -> do
-      nonce_ <- view (responseHeader "Replay-Nonce" . to (T.unpack . decodeUtf8)) <$> get "https://acme-v01.api.letsencrypt.org/directory"
+      Just nonce_ <- getNonce
      let protected = b64 (header userKey nonce_)
@@ -72,6 +76,24 @@ main = do
    terms :: String
    terms = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
+data Directory = Directory {
+  _newCert :: String,
+  _newAuthz :: String,
+  _revokeCert :: String,
+  _newReg :: String,
+  _nonce :: String
+}
+getDirectory :: String -> IO (Maybe Directory)
+getDirectory url = do
+  r <- get url
+  let nonce = r ^? responseHeader "Replay-Nonce" . to (T.unpack . decodeUtf8)
+      k x   = r ^? responseBody . JSON.key x . _String . to T.unpack
+  return $ Directory <$> k "new-cert" <*> k "new-authz" <*> k "revoke-cert" <*> k "new-reg" <*> nonce
+getNonce :: IO (Maybe String)
+getNonce = fmap _nonce <$> getDirectory directoryUrl
 --------------------------------------------------------------------------------
 -- | Sign and write a payload to a file with a nonce-protected header.
 signPayload :: RSAKey k => String -> k -> ByteString -> ByteString -> IO ()

diff --git a/acme.hs b/acme.hs index f8e92e3..b755f19 100644 --- a/acme.hs +++ b/acme.hs
@@ -24,7 +24,11 @@ import OpenSSL.RSA
24	import System.Process (readProcess)	24	import System.Process (readProcess)
25	import Network.Wreq hiding (header)	25	import Network.Wreq hiding (header)
26	import Control.Lens hiding ((.=))	26	import Control.Lens hiding ((.=))
		27	import Data.Aeson.Lens hiding (key)
		28	import qualified Data.Aeson.Lens as JSON
27		29
		30	directoryUrl :: String
		31	directoryUrl = "https://acme-v01.api.letsencrypt.org/directory"
28		32
29	main :: IO ()	33	main :: IO ()
30	main = do	34	main = do
@@ -33,7 +37,7 @@ main = do
33	Nothing -> error "Not a public RSA key."	37	Nothing -> error "Not a public RSA key."
34	Just (userKey :: RSAPubKey) -> do	38	Just (userKey :: RSAPubKey) -> do
35		39
36	nonce_ <- view (responseHeader "Replay-Nonce" . to (T.unpack . decodeUtf8)) <$> get "https://acme-v01.api.letsencrypt.org/directory"	40	Just nonce_ <- getNonce
37		41
38	let protected = b64 (header userKey nonce_)	42	let protected = b64 (header userKey nonce_)
39		43
@@ -72,6 +76,24 @@ main = do
72	terms :: String	76	terms :: String
73	terms = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"	77	terms = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
74		78
		79	data Directory = Directory {
		80	_newCert :: String,
		81	_newAuthz :: String,
		82	_revokeCert :: String,
		83	_newReg :: String,
		84	_nonce :: String
		85	}
		86
		87	getDirectory :: String -> IO (Maybe Directory)
		88	getDirectory url = do
		89	r <- get url
		90	let nonce = r ^? responseHeader "Replay-Nonce" . to (T.unpack . decodeUtf8)
		91	k x = r ^? responseBody . JSON.key x . _String . to T.unpack
		92	return $ Directory <$> k "new-cert" <> k "new-authz" <> k "revoke-cert" <> k "new-reg" <> nonce
		93
		94	getNonce :: IO (Maybe String)
		95	getNonce = fmap _nonce <$> getDirectory directoryUrl
		96
75	--------------------------------------------------------------------------------	97	--------------------------------------------------------------------------------
76	-- \| Sign and write a payload to a file with a nonce-protected header.	98	-- \| Sign and write a payload to a file with a nonce-protected header.
77	signPayload :: RSAKey k => String -> k -> ByteString -> ByteString -> IO ()	99	signPayload :: RSAKey k => String -> k -> ByteString -> ByteString -> IO ()