src/PVE/ACME/Challenge.pm

   1 package PVE::ACME::Challenge;
   2
   3 use strict;
   4 use warnings;
   5
   6 use PVE::JSONSchema qw(get_standard_option);
   7
   8 use base qw(PVE::SectionConfig);
   9
  10 my $defaultData = {
  11     additionalProperties => 0,
  12     propertyList => {
  13         id => {
  14             description => "ACME Plugin ID name",
  15             type => 'string',
  16         },
  17         type => {
  18             description => "ACME challenge type.",
  19             type => 'string',
  20         },
  21         disable => {
  22             description => "Flag to disable the config.",
  23             type => 'boolean',
  24             optional => 1,
  25         },
  26         nodes => get_standard_option('pve-node-list', { optional => 1 }),
  27     },
  28 };
  29
  30 sub private {
  31     return $defaultData;
  32 }
  33
  34 sub parse_config {
  35     my ($class, $filename, $raw) = @_;
  36
  37     my $cfg = $class->SUPER::parse_config($filename, $raw);
  38     my $ids = $cfg->{ids};
  39
  40     # make sure we have a standalone plugin definition as fallback!
  41     if (!$ids->{standalone} || $ids->{standalone}->{type} ne 'standalone') {
  42         $ids->{standalone} = {
  43             type => 'standalone',
  44         };
  45     }
  46
  47     return $cfg;
  48 }
  49
  50 sub encode_value {
  51     my ($self, $type, $key, $value) = @_;
  52
  53     if ($key eq 'data') {
  54         $value = MIME::Base64::encode_base64url($value);
  55     }
  56
  57     return $value;
  58 };
  59
  60 sub decode_value {
  61     my ($self, $type, $key, $value) = @_;
  62
  63     if ($key eq 'data') {
  64         $value = MIME::Base64::decode_base64url($value);
  65     }
  66
  67     return $value;
  68 };
  69
  70 sub supported_challenge_types {
  71     return [];
  72 }
  73
  74 sub extract_challenge {
  75     my ($self, $challenges) = @_;
  76
  77     die "no challenges defined\n" if !$challenges;
  78
  79     my $supported_types = $self->supported_challenge_types();
  80
  81     # preference returned by plugin!
  82     foreach my $supported_type (@$supported_types) {
  83         foreach my $challenge (@$challenges) {
  84             next if $challenge->{type} ne $supported_type;
  85
  86             return $challenge;
  87         }
  88     }
  89
  90     die "plugin does not support any of the requested challenge types\n";
  91 }
  92
  93 # acme => PVE::ACME instance
  94 # auth => authorization object returned by ACME server
  95 # $data => {
  96 #   plugin => plugin config data
  97 #   alias => optional domain alias
  98 # }
  99 # needs to set $data->{url} to URL of the challenge which has been set up
 100 # can set other $data keys needed by teardown sub
 101 sub setup {
 102     my ($self, $acme, $auth, $data) = @_;
 103
 104     die "implement me\n";
 105 }
 106
 107 # see setup
 108 sub teardown {
 109     my ($self, $acme, $auth, $data) = @_;
 110
 111     die "implement me\n";
 112 }
 113
 114 1;