def register(user_id=1, email: str = None, server: str = None, rsa_key=None, organization: str = None, organizational_unit: str = None, country: str = None, state: str = None, location: str = None): email = email if email else config.CERTIFIRE_EMAIL server = server if server else config.LETS_ENCRYPT_PRODUCTION organization = organization if organization else config.CERTIFIRE_ORGANIZATION organizational_unit = organizational_unit if organizational_unit else config.CERTIFIRE_ORGANIZATIONAL_UNIT country = country if country else config.CERTIFIRE_COUNTRY state = state if state else config.CERTIFIRE_STATE location = location if location else config.CERTIFIRE_LOCATION check = database.get_all(Account, email, 'email') for act in check: if email == act.email and server == act.server and user_id == act.user_id: print("Account {} exists for given email {}.".format(act.uri, email)) return False, act.id acme = AcmeDnsHandler() account = acme.setup_acme_account(user_id, email, server, rsa_key, organization, organizational_unit, country, state, location) print("Account {} created for given email {}.".format( account.uri, account.email)) return True, account.id
def deregister(user_id:int, account_id: int): account = Account.query.get(account_id) if account.user_id != user_id: print("This account does not belong to this user") return False, account_id print("Deleting ACME account and revoking all certificates associated with it") orders = database.get_all(Order, account_id, 'account_id') for order in orders: if order.resolved_cert_id: revoke_certificate(account_id, order.resolved_cert_id) print("Deregistering acme account with email: {}".format(account.email)) acme = AcmeDnsHandler(account.id) if acme.deregister_acme_account(): database.delete(account) print("Done") return True, account_id
def get_all_destinations(): data = {} dests = database.get_all(Destination, g.user.id, 'user_id') for dest in dests: data[dest.id] = json.loads(dest.json) return jsonify(data)
def get_all_acme_account(): data = {} accounts = database.get_all(Account, g.user.id, 'user_id') for act in accounts: data[act.id] = json.loads(act.json) return jsonify(data)
def get_all_certificates(): data = {} certs = database.get_all(Certificate, g.user.id, 'user_id') for cert in certs: data[cert.id] = json.loads(cert.json) return jsonify(data)
def get_all_orders(): data = {} orders = database.get_all(Order, g.user.id, 'user_id') for order in orders: data[order.id] = json.loads(order.json) return jsonify(data)
def create_order(account_id: int, destination_id: int = None, domains: list = None, type: str = None, provider: str = None, email: str = None, organization: str = None, organizational_unit: str = None, country: str = None, state: str = None, location: str = None, reissue: bool = False, csr: str = None, key: str = None): account = Account.query.get(account_id) if not account: print("Account {} not found".format(account_id)) return False, 0 type = type if type else config.DEFAULT_AUTH_TYPE provider = provider if provider else config.DEFAULT_DNS email = email if email else account.email organization = organization if organization else account.organization organizational_unit = organizational_unit if organizational_unit else account.organizational_unit country = country if country else account.country state = state if state else account.state location = location if location else account.location if type == 'dns': if provider not in config.VALID_DNS_PROVIDERS: print("Invalid DNS Provider") return False, 0 acme = AcmeDnsHandler(account.id) if type == 'sftp': acme = AcmeHttpHandler(account.id) if not domains: if not destination_id: print("No domains or destinations provided") return False, 0 destination_db = Destination.query.get(destination_id) domains = [destination_db.host] else: if destination_id: destination_db = Destination.query.get(destination_id) if destination_db.host not in domains: domains = [destination_db.host] + domains domains_hash = hashlib.sha256( "_".join(domains).encode("ascii")).hexdigest() check = database.get_all(Order, domains_hash, 'hash') for order in check: if order.email == email and order.type == type and order.account_id == account.id: print("Order {} exists for given email: {} and account_id: {}.".format( order.uri, email, account.id)) #acme_order = acme.create_order(order.csr, order.provider, order.id) AppContextThread(target=acme.create_order, args=( order.csr, order.provider, order.id, destination_id, reissue)).start() return False, order.id if not csr or key: csr, key = acme.generate_csr( domains, email, organization, organizational_unit, country, state, location) order = Order(destination_id, domains, type, provider, account.id, account.user_id, domains_hash, csr, key, email, organization, organizational_unit, country, state, location) database.add(order) #acme_order = acme.create_order(csr, provider, order.id) AppContextThread(target=acme.create_order, args=( csr, provider, order.id, destination_id)).start() return True, order.id