letsencrypt::Client method send_signed_request (protected)

 <instance of letsencrypt::Client[i]> send_signed_request [ -nolog ] \
    [ -method method ] url payload

Defined in /usr/local/ns/tcl/letsencrypt/letsencrypt-procs.tcl

Switches:
-nolog (optional, defaults to "false")
-method (optional, defaults to "POST")
Parameters:
url (required)
payload (required)

Testcases:
No testcase defined.
Source code:
set payload64 [ns_base64urlencode -binary $payload]
#
# "kid" and "jwk" are mutually exclusive
# (https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-6.2)
#
if {[info exists :kid]} {
    set protected [subst {{"url":"$url","alg":"RS256","nonce":"${:nonce}","kid":"${:kid}"}}]
} else {
    #
    # "jwk" only for newAccount and revokeCert requests
    set protected [subst {{"url":"$url","alg":"RS256","nonce":"${:nonce}","jwk":${:jwk}}}]
}
set protected64 [ns_base64urlencode $protected]

set siginput [subst {$protected64.$payload64}]
set signature64 [::ns_crypto::md string  -digest sha256  -sign ${:accoutKeyFile}  -encoding base64url  $siginput]
set data [subst {{
    "protected""$protected64",
    "payload":   "$payload64",
    "signature""$signature64"
}}]
#:log "<pre>POST $url\n$data</pre>"

set queryHeaders [ns_set create]
ns_set update $queryHeaders "Content-type" "application/jose+json"
set d [ns_http run -method POST -headers $queryHeaders -body $data $url]

#
# Get headers, body and nonce into instance variables,
# since these are used later to understand what the server
# replied.
#
set :replyHeaders [dict get $d headers]
set :replyText [dict get $d body]
set :nonce [ns_set iget ${:replyHeaders} "replay-nonce"]

if {$nolog} {
    :log "<p>reply from letsencrypt [string length ${:replyText}] bytes</p>"
    #ns_log notice "letsencrypt: reply from letsencrypt:\n${:replyText}"
} else {
    :log "<pre>reply from letsencrypt:\n${:replyText}</pre>"
}
return [dict get $d status]
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: