Remove some debugging functions

author: Konstantinos Kallas <konstantinos.kallas@hotmail.com> 2017-08-08 18:00:37 +0300
committer: Konstantinos Kallas <konstantinos.kallas@hotmail.com> 2017-08-08 18:00:37 +0300
commit: 97a4d57f2efebb93ded29fcab9b326a76534070b (patch)
tree: 3cdbec4e650b3e410f19ab470fa47e4f51f2b01e /src/ejabberd_acme.erl
parent: Implement renew_certificate command (diff)
1 files changed, 1 insertions, 211 deletions
diff --git a/src/ejabberd_acme.erl b/src/ejabberd_acme.erl
index c9e50c67..9a09211b 100644
--- a/src/ejabberd_acme.erl
+++ b/src/ejabberd_acme.erl
@@ -10,11 +10,7 @@
 	 is_valid_verbose_opt/1,
 	 %% Misc
 	 generate_key/0,
-	 to_public/1,
-	 %% Debugging Scenarios
-	 scenario/3,
-	 scenario0/2,
-	 new_user_scenario/2
+	 to_public/1
 	]).
 
 -include("ejabberd.hrl").
@@ -945,152 +941,6 @@ get_config_cert_dir() ->
 	    CertDir
     end.
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%
-%% Transaction Fun
-%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-transaction([{Fun, Rollback} | Rest]) ->
-    try
-        {ok, Result} = Fun(),
-        [Result | transaction(Rest)]
-    catch Type:Reason ->
-	    Rollback(),
-	    erlang:raise(Type, Reason, erlang:get_stacktrace())
-    end;
-transaction([Fun | Rest]) ->
-						% not every action require cleanup on error
-    transaction([{Fun, fun () -> ok end} | Rest]);
-transaction([]) -> [].
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%
-%% Debugging Funcs -- They are only used for the development phase
-%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-%% A typical acme workflow
-scenario(CAUrl, AccId, PrivateKey) ->
-    {ok, Dirs, Nonce0} = ejabberd_acme_comm:directory(CAUrl),
-
-    {ok, {_TOS, Account}, Nonce1} = 
-	ejabberd_acme_comm:get_account({CAUrl, AccId}, PrivateKey, Nonce0),
-    ?INFO_MSG("Account: ~p~n", [Account]),
-
-    Req =
-	[{<<"identifier">>,
-	  {[{<<"type">>, <<"dns">>},
-	    {<<"value">>, <<"my-acme-test-ejabberd.com">>}]}},
-	 {<<"existing">>, <<"accept">>}
-	],
-    {ok, Authz, Nonce2} = ejabberd_acme_comm:new_authz(Dirs, PrivateKey, Req, Nonce1),
-
-    {Account, Authz, PrivateKey}.
-
-
-new_user_scenario(CAUrl, HttpDir) ->
-    PrivateKey = generate_key(),
-
-    {ok, Dirs, Nonce0} = ejabberd_acme_comm:directory(CAUrl),
-    %% ?INFO_MSG("Directories: ~p", [Dirs]),
-
-    Req0 = [{ <<"contact">>, [<<"mailto:cert-example-admin@example2.com">>]}],
-    {ok, {TOS, Account}, Nonce1} = ejabberd_acme_comm:new_account(Dirs, PrivateKey, Req0, Nonce0),
-
-    {_, AccIdInt} = proplists:lookup(<<"id">>, Account),
-    AccId = integer_to_list(AccIdInt),
-    {ok, {_TOS, Account1}, Nonce2} = 
-	ejabberd_acme_comm:get_account({CAUrl, AccId}, PrivateKey, Nonce1),
-    %% ?INFO_MSG("Old account: ~p~n", [Account1]),
-
-    Req1 = [{ <<"agreement">>, list_to_bitstring(TOS)}],
-    {ok, Account2, Nonce3} = 
-	ejabberd_acme_comm:update_account({CAUrl, AccId}, PrivateKey, Req1, Nonce2),
-
-    %% NewKey = generate_key(),
-    %% KeyChangeUrl = CAUrl ++ "/acme/key-change/",
-    %% {ok, Account3, Nonce4} = key_roll_over(KeyChangeUrl, AccURL, PrivateKey, NewKey, Nonce3),
-    %% ?INFO_MSG("Changed key: ~p~n", [Account3]),
-
-    %% {ok, {_TOS, Account4}, Nonce5} = get_account(AccURL, NewKey, Nonce4),
-    %% ?INFO_MSG("New account:~p~n", [Account4]),
-    %% {Account4, PrivateKey}.
-
-    AccIdBin = list_to_bitstring(integer_to_list(AccIdInt)),
-    DomainName = << <<"my-acme-test-ejabberd">>/binary, AccIdBin/binary, <<".com">>/binary >>,
-    Req2 =
-	[{<<"identifier">>,
-	  {[{<<"type">>, <<"dns">>},
-	    {<<"value">>, DomainName}]}},
-	 {<<"existing">>, <<"accept">>}
-	],
-    {ok, {AuthzUrl, Authz}, Nonce4} = 
-	ejabberd_acme_comm:new_authz(Dirs, PrivateKey, Req2, Nonce3),
-
-    {ok, AuthzId} = location_to_id(AuthzUrl),
-    {ok, Authz2, Nonce5} = ejabberd_acme_comm:get_authz({CAUrl, AuthzId}),
-    ?INFO_MSG("AuthzUrl: ~p~n", [AuthzUrl]),
-
-    Challenges = get_challenges(Authz2),
-    ?INFO_MSG("Challenges: ~p~n", [Challenges]),
-
-    {ok, ChallengeUrl, KeyAuthz} =
-	acme_challenge:solve_challenge(<<"http-01">>, Challenges, {PrivateKey, HttpDir}),
-    ?INFO_MSG("File for http-01 challenge written correctly", []),
-
-    {ok, ChallengeId} = location_to_id(ChallengeUrl),
-    Req3 =
-	[ {<<"type">>, <<"http-01">>}
-	, {<<"keyAuthorization">>, KeyAuthz}
-	],
-    {ok, SolvedChallenge, Nonce6} = ejabberd_acme_comm:complete_challenge(
-				      {CAUrl, AuthzId, ChallengeId}, PrivateKey, Req3, Nonce5),
-    %% ?INFO_MSG("SolvedChallenge: ~p~n", [SolvedChallenge]),
-
-    %% timer:sleep(2000),
-    {ok, Authz3, Nonce7} = ejabberd_acme_comm:get_authz_until_valid({CAUrl, AuthzId}),
-
-    #{"new-cert" := NewCert} = Dirs,
-    CSRSubject = [{commonName, bitstring_to_list(DomainName)}],
-    {CSR, CSRKey} = make_csr(CSRSubject),
-    {MegS, Sec, MicS} = erlang:timestamp(),
-    NotBefore = xmpp_util:encode_timestamp({MegS-1, Sec, MicS}),
-    NotAfter = xmpp_util:encode_timestamp({MegS+1, Sec, MicS}),
-    Req4 =
-	[{<<"csr">>, CSR},
-	 {<<"notBefore">>, NotBefore},
-	 {<<"NotAfter">>, NotAfter}
-	],
-    {ok, {CertUrl, Certificate}, Nonce8} = 
-	ejabberd_acme_comm:new_cert(Dirs, PrivateKey, Req4, Nonce7),
-    ?INFO_MSG("CertUrl: ~p~n", [CertUrl]),
-
-    {ok, CertId} = location_to_id(CertUrl),
-    {ok, Certificate2, Nonce9} = ejabberd_acme_comm:get_cert({CAUrl, CertId}),
-
-    DecodedCert = public_key:pkix_decode_cert(list_to_binary(Certificate2), plain),
-    %% ?INFO_MSG("DecodedCert: ~p~n", [DecodedCert]),
-    PemEntryCert = public_key:pem_entry_encode('Certificate', DecodedCert),
-    %% ?INFO_MSG("PemEntryCert: ~p~n", [PemEntryCert]),
-
-    {_, CSRKeyKey} = jose_jwk:to_key(CSRKey),
-    PemEntryKey = public_key:pem_entry_encode('ECPrivateKey', CSRKeyKey),
-    %% ?INFO_MSG("PemKey: ~p~n", [jose_jwk:to_pem(CSRKey)]),
-    %% ?INFO_MSG("PemEntryKey: ~p~n", [PemEntryKey]),
-
-    PemCert = public_key:pem_encode([PemEntryKey, PemEntryCert]),
-    %% ?INFO_MSG("PemCert: ~p~n", [PemCert]),
-
-    ok = file:write_file(HttpDir ++ "/my_server.pem", PemCert),
-
-    Base64Cert = base64url:encode(Certificate2),
-    Req5 = [{<<"certificate">>, Base64Cert}],
-    {ok, [], Nonce10} = ejabberd_acme_comm:revoke_cert(Dirs, PrivateKey, Req5, Nonce9),
-
-    {ok, Certificate3, Nonce11} = ejabberd_acme_comm:get_cert({CAUrl, CertId}),
-
-    {Account2, Authz3, CSR, Certificate, PrivateKey}.
 
 -ifdef(GENERATE_RSA_KEY).
 generate_key() ->
@@ -1105,63 +955,3 @@ generate_key() ->
     jose_jwk:generate_key({ec, secp256r1}).
 -endif.
 
-
-scenario3() ->
-    CSRSubject = [{commonName, "my-acme-test-ejabberd.com"},
-		  {organizationName, "Example Corp"}],
-    {CSR, CSRKey} = make_csr(CSRSubject).
-
-
-%% It doesn't seem to work, The user can get a new authorization even though the account has been deleted
-delete_account_scenario(CAUrl) ->
-    PrivateKey = generate_key(),
-
-    DirURL = CAUrl ++ "/directory",
-    {ok, Dirs, Nonce0} = ejabberd_acme_comm:directory(DirURL),
-    %% ?INFO_MSG("Directories: ~p", [Dirs]),
-
-    Req0 = [{ <<"contact">>, [<<"mailto:cert-example-admin@example2.com">>]}],
-    {ok, {TOS, Account}, Nonce1} = ejabberd_acme_comm:new_account(Dirs, PrivateKey, Req0, Nonce0),
-
-    {_, AccIdInt} = proplists:lookup(<<"id">>, Account),
-    AccId = integer_to_list(AccIdInt),
-    {ok, {_TOS, Account1}, Nonce2} = 
-	ejabberd_acme_comm:get_account({CAUrl, AccId}, PrivateKey, Nonce1),
-    %% ?INFO_MSG("Old account: ~p~n", [Account1]),
-
-    Req1 = [{ <<"agreement">>, list_to_bitstring(TOS)}],
-    {ok, Account2, Nonce3} = 
-	ejabberd_acme_comm:update_account({CAUrl, AccId}, PrivateKey, Req1, Nonce2),
-
-    %% Delete account
-    {ok, Account3, Nonce4} = 
-	ejabberd_acme_comm:delete_account({CAUrl, AccId}, PrivateKey, Nonce3),
-
-    timer:sleep(3000),
-
-    {ok, {_TOS, Account4}, Nonce5} = 
-	ejabberd_acme_comm:get_account({CAUrl, AccId}, PrivateKey, Nonce4),
-    ?INFO_MSG("New account: ~p~n", [Account4]),
-
-    AccIdBin = list_to_bitstring(integer_to_list(AccIdInt)),
-    DomainName = << <<"my-acme-test-ejabberd">>/binary, AccIdBin/binary, <<".com">>/binary >>,
-    Req2 =
-        [{<<"identifier">>,
-          {[{<<"type">>, <<"dns">>},
-            {<<"value">>, DomainName}]}},
-         {<<"existing">>, <<"accept">>}
-        ],
-    {ok, {AuthzUrl, Authz}, Nonce6} = 
-	ejabberd_acme_comm:new_authz(Dirs, PrivateKey, Req2, Nonce5),
-
-    {ok, Account1, Account3, Authz}.
-
-%% Just a test
-scenario0(KeyFile, HttpDir) ->
-    PrivateKey = jose_jwk:from_file(KeyFile),
-    %% scenario("http://localhost:4000", "2", PrivateKey).
-    %% delete_account_scenario("http://localhost:4000").
-    new_user_scenario("http://localhost:4000", HttpDir).
-
-%% scenario3().
-
author	Konstantinos Kallas <konstantinos.kallas@hotmail.com>	2017-08-08 18:00:37 +0300
committer	Konstantinos Kallas <konstantinos.kallas@hotmail.com>	2017-08-08 18:00:37 +0300
commit	97a4d57f2efebb93ded29fcab9b326a76534070b (patch)
tree	3cdbec4e650b3e410f19ab470fa47e4f51f2b01e /src/ejabberd_acme.erl
parent	Implement renew_certificate command (diff)