From 26074c1399503ce19f78a07da5a8ad16d79d343a Mon Sep 17 00:00:00 2001 From: James Kasten Date: Mon, 30 Mar 2015 17:13:27 -0700 Subject: [PATCH] rid project of refs to client challenges --- docs/contributing.rst | 17 ++++---- letsencrypt/acme/challenges.py | 8 ++-- letsencrypt/client/auth_handler.py | 60 +++++++++++++-------------- letsencrypt/client/continuity_auth.py | 4 +- letsencrypt/client/tests/acme_util.py | 4 +- 5 files changed, 47 insertions(+), 46 deletions(-) diff --git a/docs/contributing.rst b/docs/contributing.rst index e3b81b3d4..e899f36a0 100644 --- a/docs/contributing.rst +++ b/docs/contributing.rst @@ -98,15 +98,16 @@ the ACME server. From the protocol, there are essentially two different types of challenges. Challenges that must be solved by individual plugins in order to satisfy domain validation (subclasses of `~.DVChallenge`, i.e. `~.challenges.DVSNI`, -`~.challenges.SimpleHTTPS`, `~.challenges.DNS`) and client specific -challenges (subclasses of `~.ClientChallenge`, +`~.challenges.SimpleHTTPS`, `~.challenges.DNS`) and continuity specific +challenges (subclasses of `~.ContinuityChallenge`, i.e. `~.challenges.RecoveryToken`, `~.challenges.RecoveryContact`, -`~.challenges.ProofOfPossession`). Client specific challenges are -always handled by the `~.ClientAuthenticator`. Right now we have two -DV Authenticators, `~.ApacheConfigurator` and the -`~.StandaloneAuthenticator`. The Standalone and Apache authenticators -only solve the `~.challenges.DVSNI` challenge currently. (You can set -which challenges your authenticator can handle through the +`~.challenges.ProofOfPossession`). Continuity challenges are +always handled by the `~.ContinuityAuthenticator`, while plugins are +expected to handle `~.DVChallenge` types. +Right now, we have two authenticator plugins, the `~.ApacheConfigurator` +and the `~.StandaloneAuthenticator`. The Standalone and Apache +authenticators only solve the `~.challenges.DVSNI` challenge currently. +(You can set which challenges your authenticator can handle through the :meth:`~.IAuthenticator.get_chall_pref`. (FYI: We also have a partial implementation for a `~.DNSAuthenticator` diff --git a/letsencrypt/acme/challenges.py b/letsencrypt/acme/challenges.py index 0ff4306a5..7a51d7447 100644 --- a/letsencrypt/acme/challenges.py +++ b/letsencrypt/acme/challenges.py @@ -18,7 +18,7 @@ class Challenge(jose.TypedJSONObjectWithFields): TYPES = {} -class ClientChallenge(Challenge): # pylint: disable=abstract-method +class ContinuityChallenge(Challenge): # pylint: disable=abstract-method """Client validation challenges.""" @@ -139,7 +139,7 @@ class DVSNIResponse(ChallengeResponse): return self.z(chall) + self.DOMAIN_SUFFIX @Challenge.register -class RecoveryContact(ClientChallenge): +class RecoveryContact(ContinuityChallenge): """ACME "recoveryContact" challenge.""" typ = "recoveryContact" @@ -156,7 +156,7 @@ class RecoveryContactResponse(ChallengeResponse): @Challenge.register -class RecoveryToken(ClientChallenge): +class RecoveryToken(ContinuityChallenge): """ACME "recoveryToken" challenge.""" typ = "recoveryToken" @@ -169,7 +169,7 @@ class RecoveryTokenResponse(ChallengeResponse): @Challenge.register -class ProofOfPossession(ClientChallenge): +class ProofOfPossession(ContinuityChallenge): """ACME "proofOfPossession" challenge. :ivar str nonce: Random data, **not** base64-encoded. diff --git a/letsencrypt/client/auth_handler.py b/letsencrypt/client/auth_handler.py index 72843332b..571c51927 100644 --- a/letsencrypt/client/auth_handler.py +++ b/letsencrypt/client/auth_handler.py @@ -17,12 +17,12 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes """ACME Authorization Handler for a client. :ivar dv_auth: Authenticator capable of solving - :const:`~letsencrypt.client.constants.DV_CHALLENGES` + :const:`~letsencrypt.acme.challenges.DVChallenge`(s) :type dv_auth: :class:`letsencrypt.client.interfaces.IAuthenticator` - :ivar client_auth: Authenticator capable of solving - :const:`~letsencrypt.client_auth.constants.CLIENT_CHALLENGES` - :type client_auth: :class:`letsencrypt.client.interfaces.IAuthenticator` + :ivar cont_auth: Authenticator capable of solving + :const:`~letsencrypt.acme.challenges.ContinuityChallenge`(s) + :type cont_auth: :class:`letsencrypt.client.interfaces.IAuthenticator` :ivar network: Network object for sending and receiving authorization messages @@ -37,13 +37,13 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes :ivar dict paths: optimal path for authorization. eg. paths[domain] :ivar dict dv_c: Keys - domain, Values are DV challenges in the form of :class:`letsencrypt.client.achallenges.Indexed` - :ivar dict client_c: Keys - domain, Values are Client challenges in the form - of :class:`letsencrypt.client.achallenges.Indexed` + :ivar dict cont_c: Keys - domain, Values are Continuity challenges in the + form of :class:`letsencrypt.client.achallenges.Indexed` """ - def __init__(self, dv_auth, client_auth, network): + def __init__(self, dv_auth, cont_auth, network): self.dv_auth = dv_auth - self.client_auth = client_auth + self.cont_auth = cont_auth self.network = network self.domains = [] @@ -53,7 +53,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes self.paths = dict() self.dv_c = dict() - self.client_c = dict() + self.cont_c = dict() def add_chall_msg(self, domain, msg, authkey): """Add a challenge message to the AuthHandler. @@ -77,7 +77,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes self.authkey[domain] = authkey def get_authorizations(self): - """Retreive all authorizations for challenges. + """Retrieve all authorizations for challenges. :raises LetsEncryptAuthHandlerError: If unable to retrieve all authorizations @@ -148,24 +148,24 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes self._get_chall_pref(dom), self.msgs[dom].combinations) - self.dv_c[dom], self.client_c[dom] = self._challenge_factory( + self.dv_c[dom], self.cont_c[dom] = self._challenge_factory( dom, self.paths[dom]) # Flatten challs for authenticator functions and remove index # Order is important here as we will not expose the outside # Authenticator to our own indices. - flat_client = [] + flat_cont = [] flat_dv = [] for dom in self.domains: - flat_client.extend(ichall.achall for ichall in self.client_c[dom]) + flat_cont.extend(ichall.achall for ichall in self.cont_c[dom]) flat_dv.extend(ichall.achall for ichall in self.dv_c[dom]) - client_resp = [] + cont_resp = [] dv_resp = [] try: - if flat_client: - client_resp = self.client_auth.perform(flat_client) + if flat_cont: + cont_resp = self.cont_auth.perform(flat_cont) if flat_dv: dv_resp = self.dv_auth.perform(flat_dv) # This will catch both specific types of errors. @@ -182,8 +182,8 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes logging.info("Ready for verification...") # Assemble Responses - if client_resp: - self._assign_responses(client_resp, self.client_c) + if cont_resp: + self._assign_responses(cont_resp, self.cont_c) if dv_resp: self._assign_responses(dv_resp, self.dv_c) @@ -192,7 +192,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes :param list flat_list: flat_list of responses from an IAuthenticator :param dict ichall_dict: Master dict mapping all domains to a list of - their associated 'client' and 'dv' Indexed challenges, or their + their associated 'continuity' and 'dv' Indexed challenges, or their :class:`letsencrypt.client.achallenges.Indexed` list """ @@ -214,7 +214,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes """ chall_prefs = [] - chall_prefs.extend(self.client_auth.get_chall_pref(domain)) + chall_prefs.extend(self.cont_auth.get_chall_pref(domain)) chall_prefs.extend(self.dv_auth.get_chall_pref(domain)) return chall_prefs @@ -229,11 +229,11 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes # Chose to make these lists instead of a generator to make it easier to # work with... dv_list = [ichall.achall for ichall in self.dv_c[domain]] - client_list = [ichall.achall for ichall in self.client_c[domain]] + cont_list = [ichall.achall for ichall in self.cont_c[domain]] if dv_list: self.dv_auth.cleanup(dv_list) - if client_list: - self.client_auth.cleanup(client_list) + if cont_list: + self.cont_auth.cleanup(cont_list) def _cleanup_state(self, delete_list): """Cleanup state after an authorization is received. @@ -248,7 +248,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes del self.authkey[domain] - del self.client_c[domain] + del self.cont_c[domain] del self.dv_c[domain] self.domains.remove(domain) @@ -260,9 +260,9 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes :param list path: List of indices from `challenges`. - :returns: dv_chall, list of + :returns: dv_chall, list of DVChallenge type :class:`letsencrypt.client.achallenges.Indexed` - client_chall, list of + cont_chall, list of ContinuityChallenge type :class:`letsencrypt.client.achallenges.Indexed` :rtype: tuple @@ -271,7 +271,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes """ dv_chall = [] - client_chall = [] + cont_chall = [] for index in path: chall = self.msgs[domain].challenges[index] @@ -305,12 +305,12 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes ichall = achallenges.Indexed(achall=achall, index=index) - if isinstance(chall, challenges.ClientChallenge): - client_chall.append(ichall) + if isinstance(chall, challenges.ContinuityChallenge): + cont_chall.append(ichall) elif isinstance(chall, challenges.DVChallenge): dv_chall.append(ichall) - return dv_chall, client_chall + return dv_chall, cont_chall def gen_challenge_path(challs, preferences, combinations): diff --git a/letsencrypt/client/continuity_auth.py b/letsencrypt/client/continuity_auth.py index 4db5a177e..7603ad166 100644 --- a/letsencrypt/client/continuity_auth.py +++ b/letsencrypt/client/continuity_auth.py @@ -1,4 +1,4 @@ -"""Client Authenticator""" +"""Continuity Authenticator""" import zope.interface from letsencrypt.acme import challenges @@ -11,7 +11,7 @@ from letsencrypt.client import recovery_token class ContinuityAuthenticator(object): """IAuthenticator for - :const:`~letsencrypt.client.constants.CLIENT_CHALLENGES`. + :const:`~letsencrypt.acme.challenges.ContinuityChallenge`s. :ivar rec_token: Performs "recoveryToken" challenges :type rec_token: :class:`letsencrypt.client.recovery_token.RecoveryToken` diff --git a/letsencrypt/client/tests/acme_util.py b/letsencrypt/client/tests/acme_util.py index 98bf20937..12bb6f775 100644 --- a/letsencrypt/client/tests/acme_util.py +++ b/letsencrypt/client/tests/acme_util.py @@ -48,8 +48,8 @@ POP = challenges.ProofOfPossession( CHALLENGES = [SIMPLE_HTTPS, DVSNI, DNS, RECOVERY_CONTACT, RECOVERY_TOKEN, POP] DV_CHALLENGES = [chall for chall in CHALLENGES if isinstance(chall, challenges.DVChallenge)] -CLIENT_CHALLENGES = [chall for chall in CHALLENGES - if isinstance(chall, challenges.ClientChallenge)] +CONT_CHALLENGES = [chall for chall in CHALLENGES + if isinstance(chall, challenges.ContinuityChallenge)] def gen_combos(challs):