How to use the certbot.interfaces.IAuthenticator function in certbot

To help you get started, we’ve selected a few certbot examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github EFForg / starttls-everywhere / certbot / certbot-nginx / certbot_nginx / configurator.py View on Github external
from certbot import interfaces
from certbot import le_util
from certbot import reverter

from certbot.plugins import common

from certbot_nginx import constants
from certbot_nginx import tls_sni_01
from certbot_nginx import obj
from certbot_nginx import parser


logger = logging.getLogger(__name__)


@zope.interface.implementer(interfaces.IAuthenticator, interfaces.IInstaller)
@zope.interface.provider(interfaces.IPluginFactory)
class NginxConfigurator(common.Plugin):
    # pylint: disable=too-many-instance-attributes,too-many-public-methods
    """Nginx configurator.

    .. todo:: Add proper support for comments in the config. Currently,
        config files modified by the configurator will lose all their comments.

    :ivar config: Configuration.
    :type config: :class:`~certbot.interfaces.IConfig`

    :ivar parser: Handles low level parsing
    :type parser: :class:`~certbot_nginx.parser`

    :ivar str save_notes: Human-readable config change notes
github certbot / certbot / certbot-apache / certbot_apache / _internal / configurator.py View on Github external
# Note: FILEPATHS and changes to files are transactional.  They are copied
# over before the updates are made to the existing files. NEW_FILES is
# transactional due to the use of register_file_creation()


# TODO: Verify permissions on configuration root... it is easier than
#     checking permissions on each of the relative directories and less error
#     prone.
# TODO: Write a server protocol finder. Listen   or
#     Protocol .  This can verify partial setups are correct
# TODO: Add directives to sites-enabled... not sites-available.
#     sites-available doesn't allow immediate find_dir search even with save()
#     and load()

@zope.interface.implementer(interfaces.IAuthenticator, interfaces.IInstaller)
@zope.interface.provider(interfaces.IPluginFactory)
class ApacheConfigurator(common.Installer):
    """Apache configurator.

    :ivar config: Configuration.
    :type config: :class:`~certbot.interfaces.IConfig`

    :ivar parser: Handles low level parsing
    :type parser: :class:`~certbot_apache._internal.parser`

    :ivar tup version: version of Apache
    :ivar list vhosts: All vhosts found in the configuration
        (:class:`list` of :class:`~certbot_apache._internal.obj.VirtualHost`)

    :ivar dict assoc: Mapping between domains and vhosts
github certbot / certbot / certbot / certbot / _internal / plugins / selection.py View on Github external
def pick_authenticator(
        config, default, plugins, question="How would you "
        "like to authenticate with the ACME CA?"):
    """Pick authentication plugin."""
    return pick_plugin(
        config, default, plugins, question, (interfaces.IAuthenticator,))
github certbot / certbot / certbot-dns-luadns / certbot_dns_luadns / _internal / dns_luadns.py View on Github external
import logging

from lexicon.providers import luadns
import zope.interface

from certbot import errors
from certbot import interfaces
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon

logger = logging.getLogger(__name__)

ACCOUNT_URL = 'https://api.luadns.com/settings'


@zope.interface.implementer(interfaces.IAuthenticator)
@zope.interface.provider(interfaces.IPluginFactory)
class Authenticator(dns_common.DNSAuthenticator):
    """DNS Authenticator for LuaDNS

    This Authenticator uses the LuaDNS API to fulfill a dns-01 challenge.
    """

    description = 'Obtain certificates using a DNS TXT record (if you are using LuaDNS for DNS).'
    ttl = 60

    def __init__(self, *args, **kwargs):
        super(Authenticator, self).__init__(*args, **kwargs)
        self.credentials = None

    @classmethod
    def add_parser_arguments(cls, add):  # pylint: disable=arguments-differ
github certbot / certbot / certbot / cli.py View on Github external
"subcommand will attempt to renew undeleted revoked "
                     "certificates.")
    helpful.add("rollback",
                "--checkpoints", type=int, metavar="N",
                default=flag_default("rollback_checkpoints"),
                help="Revert configuration N number of checkpoints.")
    helpful.add("plugins",
                "--init", action="store_true", default=flag_default("init"),
                help="Initialize plugins.")
    helpful.add("plugins",
                "--prepare", action="store_true", default=flag_default("prepare"),
                help="Initialize and prepare plugins.")
    helpful.add("plugins",
                "--authenticators", action="append_const", dest="ifaces",
                default=flag_default("ifaces"),
                const=interfaces.IAuthenticator, help="Limit to authenticator plugins only.")
    helpful.add("plugins",
                "--installers", action="append_const", dest="ifaces",
                default=flag_default("ifaces"),
                const=interfaces.IInstaller, help="Limit to installer plugins only.")
github certbot / certbot / certbot / certbot / _internal / plugins / manual.py View on Github external
"""Manual authenticator plugin"""
import zope.component
import zope.interface

from acme import challenges
from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
from certbot import achallenges  # pylint: disable=unused-import
from certbot import errors
from certbot import interfaces
from certbot import reverter
from certbot._internal import hooks
from certbot.compat import os
from certbot.plugins import common


@zope.interface.implementer(interfaces.IAuthenticator)
@zope.interface.provider(interfaces.IPluginFactory)
class Authenticator(common.Plugin):
    """Manual authenticator

    This plugin allows the user to perform the domain validation
    challenge(s) themselves. This either be done manually by the user or
    through shell scripts provided to Certbot.

    """

    description = 'Manual configuration or run your own shell scripts'
    hidden = True
    long_description = (
        'Authenticate through manual configuration or custom shell scripts. '
        'When using shell scripts, an authenticator script must be provided. '
        'The environment variables available to this script depend on the '
github EnigmaBridge / certbot-external-auth / certbot_external_auth / plugin.py View on Github external
return obj.to_json()
        except AttributeError:
            return self.default_classic(obj)

    def default_classic(self, o):
        if isinstance(o, set):
            return list(o)
        elif isinstance(o, datetime.datetime):
            return (o - datetime.datetime(1970, 1, 1)).total_seconds()
        elif isinstance(o, bytes):
            return o.decode('UTF-8')
        else:
            return super(AutoJSONEncoder, self).default(o)


@zope.interface.implementer(interfaces.IAuthenticator)
@zope.interface.implementer(interfaces.IInstaller)
@zope.interface.provider(interfaces.IPluginFactory)
@zope.interface.implementer(interfaces.IReporter)
class AuthenticatorOut(common.Plugin):
    """Manual Authenticator.

    This plugin requires user's manual intervention in setting up a HTTP
    server for solving http-01 challenges and thus does not need to be
    run as a privileged process. Alternatively shows instructions on how
    to use Python's built-in HTTP server.

    Script is also based on https://github.com/marcan/certbot-external

    """
    hidden = True
github JackOfMostTrades / catlog / src / catlog / le_client.py View on Github external
def load(self, account_id: str) -> certbot.account.Account:
        account_row = self._db.load_account(self._staging, account_id)
        if account_row is None:
            raise certbot.errors.AccountNotFound("Could not find account id " + account_id)
        return certbot.account.Account(
            acme.messages.RegistrationResource.json_loads(account_row[1]),
            jose.JWK.json_loads(account_row[2]))

    def save(self, account: certbot.account.Account, client) -> None:
        self._db.save_account(self._staging,
                              account.id,
                              account.regr.json_dumps(),
                              account.key.json_dumps())


@implementer(certbot.interfaces.IAuthenticator)
class SimpleAuthenticator:

    def __init__(self, catlog_resolver: CatlogResolver):
        self._catlog_resolver = catlog_resolver

    def get_chall_pref(self, domain):
        return [acme.challenges.DNS01]

    def perform(self, achalls):
        responses = []
        for achall in achalls:
            # if type(achall) is not acme.challenges.DNS01:
            #    raise Exception("All challanges must be DNS01")
            result = achall.response_and_validation()
            responses.append(result[0])
            verification = result[1]
github oGGy990 / certbot-dns-inwx / certbot_inwx / inwxauth.py View on Github external
import configparser
else:
    import ConfigParser as configparser

from acme import challenges

from certbot import errors
from certbot import interfaces

from certbot.plugins import common

from inwx import domrobot, getOTP, prettyprint

logger = logging.getLogger(__name__)

@zope.interface.implementer(interfaces.IAuthenticator)
@zope.interface.provider(interfaces.IPluginFactory)
class InwxDnsAuth(common.Plugin):
    """INWX DNS Authenticator"""

    description = "Authentication via INWX's XML-RPC API"

    @classmethod
    def add_parser_arguments(cls, add):
        add("cfgfile", default="/etc/letsencrypt/inwx.cfg",
            help="INWX API Configuration")

    def __init__(self, *args, **kwargs):
        """Initialize an INWX Authenticator"""
        super(InwxDnsAuth, self).__init__(*args, **kwargs)
        
        self.nsIds = {}