armature-acme 0.1.1

ACME protocol support for automatic TLS certificates in Armature
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

/// ACME order management
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};

/// ACME order
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Order {
    /// Order status
    pub status: OrderStatus,

    /// Expiration timestamp
    #[serde(skip_serializing_if = "Option::is_none")]
    pub expires: Option<DateTime<Utc>>,

    /// List of identifier objects
    pub identifiers: Vec<Identifier>,

    /// Authorization URLs
    pub authorizations: Vec<String>,

    /// Finalize URL
    pub finalize: String,

    /// Certificate URL (available when status is valid)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub certificate: Option<String>,
}

/// Order status
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
#[serde(rename_all = "camelCase")]
pub enum OrderStatus {
    /// Order is pending authorization
    Pending,
    /// Order is ready for finalization
    Ready,
    /// Order is processing
    Processing,
    /// Order is valid and certificate is available
    Valid,
    /// Order is invalid
    Invalid,
}

/// Domain identifier
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Identifier {
    /// Identifier type (usually "dns")
    #[serde(rename = "type")]
    pub id_type: String,

    /// Identifier value (domain name)
    pub value: String,
}

impl Identifier {
    /// Create a DNS identifier
    pub fn dns(domain: impl Into<String>) -> Self {
        Self {
            id_type: "dns".to_string(),
            value: domain.into(),
        }
    }
}

/// Order creation request
#[derive(Debug, Clone, Serialize)]
pub struct OrderCreate {
    /// List of identifiers to order
    pub identifiers: Vec<Identifier>,

    /// Optional: Not before timestamp
    #[serde(rename = "notBefore", skip_serializing_if = "Option::is_none")]
    pub not_before: Option<DateTime<Utc>>,

    /// Optional: Not after timestamp
    #[serde(rename = "notAfter", skip_serializing_if = "Option::is_none")]
    pub not_after: Option<DateTime<Utc>>,
}

impl OrderCreate {
    /// Create a new order for domains
    pub fn new(domains: Vec<String>) -> Self {
        Self {
            identifiers: domains.into_iter().map(Identifier::dns).collect(),
            not_before: None,
            not_after: None,
        }
    }

    /// Set not before timestamp
    pub fn with_not_before(mut self, timestamp: DateTime<Utc>) -> Self {
        self.not_before = Some(timestamp);
        self
    }

    /// Set not after timestamp
    pub fn with_not_after(mut self, timestamp: DateTime<Utc>) -> Self {
        self.not_after = Some(timestamp);
        self
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_identifier_dns() {
        let identifier = Identifier::dns("example.com");
        assert_eq!(identifier.id_type, "dns");
        assert_eq!(identifier.value, "example.com");
    }

    #[test]
    fn test_order_create() {
        let order = OrderCreate::new(vec![
            "example.com".to_string(),
            "www.example.com".to_string(),
        ]);

        assert_eq!(order.identifiers.len(), 2);
        assert_eq!(order.identifiers[0].value, "example.com");
        assert_eq!(order.identifiers[1].value, "www.example.com");
    }

    #[test]
    fn test_order_status_serialization() {
        let status = OrderStatus::Valid;
        let json = serde_json::to_string(&status).unwrap();
        assert_eq!(json, "\"valid\"");
    }
}