Send a POST-as-GET request to query registration in ACME v2 (#6993)

* Send a post-as-get request to query registration * Add changelog * Add comments. Add again a line. * Prepare code for future PR about post-as-get
2026-06-03 13:59:02 -04:00 · 2019-05-01 00:37:23 +02:00 · 2019-05-01 00:37:23 +02:00 · b0d960f102
commit b0d960f102
parent 3900e56b52
2 changed files with 18 additions and 13 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -31,6 +31,8 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
  https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/,
  however, these warnings can be disabled as necessary with the flag
  --no-permissions-check.
+* `acme` module uses now a POST-as-GET request to retrieve the registration
+  from an ACME v2 server

 ### Fixed

--- a/acme/acme/client.py
+++ b/acme/acme/client.py
@ -123,15 +123,6 @@ class ClientBase(object):  # pylint: disable=too-many-instance-attributes
        """
        return self.update_registration(regr, update={'status': 'deactivated'})

-    def query_registration(self, regr):
-        """Query server about registration.
-
-        :param messages.RegistrationResource: Existing Registration
-            Resource.
-
-        """
-        return self._send_recv_regr(regr, messages.UpdateRegistration())
-
    def _authzr_from_response(self, response, identifier=None, uri=None):
        authzr = messages.AuthorizationResource(
            body=messages.Authorization.from_json(response.json()),
@ -276,6 +267,15 @@ class Client(ClientBase):
        # pylint: disable=no-member
        return self._regr_from_response(response)

+    def query_registration(self, regr):
+        """Query server about registration.
+
+        :param messages.RegistrationResource: Existing Registration
+            Resource.
+
+        """
+        return self._send_recv_regr(regr, messages.UpdateRegistration())
+
    def agree_to_tos(self, regr):
        """Agree to the terms-of-service.

@ -603,10 +603,13 @@ class ClientV2(ClientBase):
            Resource.

        """
-        self.net.account = regr
-        updated_regr = super(ClientV2, self).query_registration(regr)
-        self.net.account = updated_regr
-        return updated_regr
+        self.net.account = regr  # See certbot/certbot#6258
+        # ACME v2 requires to use a POST-as-GET request (POST an empty JWS) here.
+        # This is done by passing None instead of an empty UpdateRegistration to _post().
+        response = self._post(regr.uri, None)
+        self.net.account = self._regr_from_response(response, uri=regr.uri,
+                                                    terms_of_service=regr.terms_of_service)
+        return self.net.account

    def update_registration(self, regr, update=None):
        """Update registration.