From c3338c920d6123174000ea11243cb7dc285cee03 Mon Sep 17 00:00:00 2001 From: Vladimir Shushlin Date: Thu, 6 Jun 2019 18:55:31 +0000 Subject: Add pages domains acme orders Extract acme double to helper Create ACME challanges for pages domains * Create order & challange through API * save them to database * request challenge validation We're saving order and challenge as one entity, that wouldn't be correct if we would order certificates for several domains simultaneously, but we always order certificate per domain Add controller for processing acme challenges redirected from pages Don't save acme challenge url - we don't use it Validate acme challenge attributes Encrypt private_key in acme orders --- app/models/pages_domain_acme_order.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 app/models/pages_domain_acme_order.rb (limited to 'app/models/pages_domain_acme_order.rb') diff --git a/app/models/pages_domain_acme_order.rb b/app/models/pages_domain_acme_order.rb new file mode 100644 index 00000000000..63d7fbc8206 --- /dev/null +++ b/app/models/pages_domain_acme_order.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +class PagesDomainAcmeOrder < ApplicationRecord + belongs_to :pages_domain + + scope :expired, -> { where("expires_at < ?", Time.now) } + + validates :pages_domain, presence: true + validates :expires_at, presence: true + validates :url, presence: true + validates :challenge_token, presence: true + validates :challenge_file_content, presence: true + validates :private_key, presence: true + + attr_encrypted :private_key, + mode: :per_attribute_iv, + key: Settings.attr_encrypted_db_key_base_truncated, + algorithm: 'aes-256-gcm', + encode: true + + def self.find_by_domain_and_token(domain_name, challenge_token) + joins(:pages_domain).find_by(pages_domains: { domain: domain_name }, challenge_token: challenge_token) + end +end -- cgit v1.2.3