From d04b4fa2cc2d56010ac4cfe2a9ba3da472e59e6c Mon Sep 17 00:00:00 2001 From: NicoMen Date: Wed, 8 Aug 2018 07:58:03 +0200 Subject: [PATCH] Set a keyType to ACME if the account is stored with no KeyType --- acme/acme.go | 3 ++ provider/acme/provider.go | 6 +++ provider/acme/provider_test.go | 80 ++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+) diff --git a/acme/acme.go b/acme/acme.go index 492439d83..3a7317562 100644 --- a/acme/acme.go +++ b/acme/acme.go @@ -202,6 +202,9 @@ func (a *ACME) leadershipListener(elected bool) error { } needRegister = true + } else if len(account.KeyType) == 0 { + // Set the KeyType if not already defined in the account + account.KeyType = acmeprovider.GetKeyType(a.KeyType) } a.client, err = a.buildACMEClient(account) diff --git a/provider/acme/provider.go b/provider/acme/provider.go index 4a3ccdec2..95b816b24 100644 --- a/provider/acme/provider.go +++ b/provider/acme/provider.go @@ -309,6 +309,12 @@ func (p *Provider) initAccount() (*Account, error) { return nil, err } } + + // Set the KeyType if not already defined in the account + if len(p.account.KeyType) == 0 { + p.account.KeyType = GetKeyType(p.KeyType) + } + return p.account, nil } diff --git a/provider/acme/provider_test.go b/provider/acme/provider_test.go index abbe34a0f..e2c948e36 100644 --- a/provider/acme/provider_test.go +++ b/provider/acme/provider_test.go @@ -8,6 +8,7 @@ import ( traefiktls "github.com/containous/traefik/tls" "github.com/containous/traefik/types" "github.com/stretchr/testify/assert" + "github.com/xenolf/lego/acme" ) func TestGetUncheckedCertificates(t *testing.T) { @@ -562,3 +563,82 @@ func TestUseBackOffToObtainCertificate(t *testing.T) { }) } } + +func TestInitAccount(t *testing.T) { + testCases := []struct { + desc string + account *Account + email string + keyType string + expectedAccount *Account + }{ + { + desc: "Existing account with all information", + account: &Account{ + Email: "foo@foo.net", + KeyType: acme.EC256, + }, + expectedAccount: &Account{ + Email: "foo@foo.net", + KeyType: acme.EC256, + }, + }, + { + desc: "Account nil", + email: "foo@foo.net", + keyType: "EC256", + expectedAccount: &Account{ + Email: "foo@foo.net", + KeyType: acme.EC256, + }, + }, + { + desc: "Existing account with no email", + account: &Account{ + KeyType: acme.RSA4096, + }, + email: "foo@foo.net", + keyType: "EC256", + expectedAccount: &Account{ + Email: "foo@foo.net", + KeyType: acme.EC256, + }, + }, + { + desc: "Existing account with no key type", + account: &Account{ + Email: "foo@foo.net", + }, + email: "bar@foo.net", + keyType: "EC256", + expectedAccount: &Account{ + Email: "foo@foo.net", + KeyType: acme.EC256, + }, + }, + { + desc: "Existing account and provider with no key type", + account: &Account{ + Email: "foo@foo.net", + }, + email: "bar@foo.net", + expectedAccount: &Account{ + Email: "foo@foo.net", + KeyType: acme.RSA4096, + }, + }, + } + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + acmeProvider := Provider{account: test.account, Configuration: &Configuration{Email: test.email, KeyType: test.keyType}} + + actualAccount, err := acmeProvider.initAccount() + assert.Nil(t, err, "Init account in error") + assert.Equal(t, test.expectedAccount.Email, actualAccount.Email, "unexpected email account") + assert.Equal(t, test.expectedAccount.KeyType, actualAccount.KeyType, "unexpected keyType account") + }) + } +}