Merge v1.1.1

- Self check URL now handled by `shelf_letsencrypt`: - Using path: `/.well-known/check/`
gmpassos · Feb 26, 2023 · ff311ac · ff311ac
2 parents 1b590d9 + 69fe599
commit ff311ac
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## 1.1.1
+
+- Self check URL now handled by `shelf_letsencrypt`:
+  - Using path: `/.well-known/check/`
+
 ## 1.1.0
 
 - `README.md`: fix Dart CI badge

diff --git a/lib/src/letsencrypt.dart b/lib/src/letsencrypt.dart
@@ -10,10 +10,18 @@ import 'certs_handler.dart';
 
 /// Let's Encrypt certificate tool.
 class LetsEncrypt {
+  /// Returns `true` if [path] starts with `/.well-known/`.
+  static bool isWellknownPath(String path) => path.startsWith('/.well-known/');
+
   /// Returns `true` if [path] is an `ACME` request path.
   ///
   /// Usually a path starting with: `/.well-known/`
-  static bool isACMEPath(String path) => path.startsWith('/.well-known/');
+  static bool isACMEPath(String path) =>
+      path.startsWith('/.well-known/acme-challenge/');
+
+  /// Returns `true` if [path] is a self check path.
+  static bool isSelfCheckPath(String path) =>
+      path.startsWith('/.well-known/check/');
 
   /// The certificate handler to use.
   final CertificatesHandler certificatesHandler;
@@ -213,6 +221,13 @@ class LetsEncrypt {
     return match;
   }
 
+  /// A helper method to process a self check [Request].
+  ///
+  /// See [isSelfCheckPath].
+  Response processSelfCheckRequest(Request request) {
+    return Response.ok('OK');
+  }
+
   /// A helper method to process an ACME `shelf` [Request].
   ///
   /// See [isACMEPath].
@@ -252,18 +267,24 @@ class LetsEncrypt {
         'Starting server> port: $port ; domainAndEmails: $domainsAndEmails');
 
     FutureOr<Response> handlerWithChallenge(r) {
-      if (LetsEncrypt.isACMEPath(r.requestedUri.path)) {
-        return processACMEChallengeRequest(r);
-      } else {
-        return handler(r);
+      final path = r.requestedUri.path;
+
+      if (LetsEncrypt.isSelfCheckPath(path)) {
+        if (LetsEncrypt.isACMEPath(path)) {
+          return processACMEChallengeRequest(r);
+        } else if (LetsEncrypt.isSelfCheckPath(path)) {
+          return processSelfCheckRequest(r);
+        }
       }
+
+      return handler(r);
     }
 
     var server = await serve(handlerWithChallenge, bindingAddress, port,
         backlog: backlog, shared: shared);
 
     Future<HttpServer> startSecureServer(SecurityContext securityContext) {
-      return serve(handler, bindingAddress, securePort,
+      return serve(handlerWithChallenge, bindingAddress, securePort,
           securityContext: securityContext, backlog: backlog, shared: shared);
     }
 
@@ -412,7 +433,8 @@ class LetsEncrypt {
       retryInterval = Duration(milliseconds: 10);
     }
 
-    var domainURL = Uri.parse('https://$domain/');
+    var domainURL =
+        Uri.parse('https://$domain/.well-known/check/${DateTime.now()}');
 
     for (var i = 0; i < maxRetries; ++i) {
       if (i > 0) {

diff --git a/pubspec.yaml b/pubspec.yaml
@@ -1,6 +1,6 @@
 name: shelf_letsencrypt
 description: Let's Encrypt support for the shelf package (free and automatic HTTPS certificate support).
-version: 1.1.0
+version: 1.1.1
 homepage: https://github.com/gmpassos/shelf_letsencrypt
 
 environment:

diff --git a/test/shelf_letsencrypt_test.dart b/test/shelf_letsencrypt_test.dart
@@ -92,7 +92,16 @@ void main() {
           LetsEncrypt.isACMEPath(
               '/.well-known/acme-challenge/Y73s3McbchxLs_NklRfW6HebjYrBmbVeKm0c9jbn3QI'),
           isTrue);
+
+      expect(
+          LetsEncrypt.isWellknownPath(
+              '/.well-known/acme-challenge/Y73s3McbchxLs_NklRfW6HebjYrBmbVeKm0c9jbn3QI'),
+          isTrue);
+
+      expect(LetsEncrypt.isACMEPath('/.well-known/foo/123'), isFalse);
+
       expect(LetsEncrypt.isACMEPath('/well-known/'), isFalse);
+      expect(LetsEncrypt.isWellknownPath('/well-known/'), isFalse);
       expect(LetsEncrypt.isACMEPath('/any/path'), isFalse);
 
       {
@@ -116,6 +125,31 @@ void main() {
       }
     });
 
+    test('Self check path', () async {
+      var certificatesHandler = CertificatesHandlerIO(
+          Directory(pack_path.join(tmpDir.path, 'certs-3')));
+
+      var letsEncrypt = LetsEncrypt(certificatesHandler);
+
+      expect(
+          LetsEncrypt.isWellknownPath('/.well-known/check/123456789'), isTrue);
+
+      expect(
+          LetsEncrypt.isSelfCheckPath('/.well-known/check/123456789'), isTrue);
+
+      expect(LetsEncrypt.isSelfCheckPath('/well-known/'), isFalse);
+      expect(LetsEncrypt.isWellknownPath('/well-known/'), isFalse);
+      expect(LetsEncrypt.isSelfCheckPath('/any/path'), isFalse);
+
+      {
+        var uri = Uri.parse('http://foo.com/.well-known/check/123456789');
+        var request = Request('GET', uri, headers: {'host': 'foo.com'});
+
+        var response = letsEncrypt.processSelfCheckRequest(request);
+        expect(response.statusCode, equals(200));
+      }
+    });
+
     test('serve', () async {
       var certificatesHandler = CertificatesHandlerIO(
           Directory(pack_path.join(tmpDir.path, 'certs-4')));