instant-labs
/
instant-acme
mirror of https://github.com/instant-labs/instant-acme.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Provide better error message after failing to acquire nonce

This commit is contained in:
Dirkjan Ochtman 2023-07-26 10:27:34 +02:00
parent c0b449dd52
commit a8ccff7a1c
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/lib.rs
View File

@ -14,7 +14,7 @@ use hyper::client::connect::Connect;
#[cfg(feature = "hyper-rustls")]
use hyper::client::HttpConnector;
use hyper::header::{CONTENT_TYPE, LOCATION};
use hyper::{Body, Method, Request, Response};
use hyper::{Body, Method, Request, Response, StatusCode};
use ring::digest::{digest, SHA256};
use ring::hmac;
use ring::rand::SystemRandom;
@ -446,7 +446,17 @@ impl Client {
.unwrap();
let rsp = self.http.request(request).await?;
Ok(nonce_from_response(&rsp).ok_or("no nonce found")?)
// https://datatracker.ietf.org/doc/html/rfc8555#section-7.2
// "The server's response MUST include a Replay-Nonce header field containing a fresh
// nonce and SHOULD have status code 200 (OK)."
if rsp.status() != StatusCode::OK {
return Err("error response from newNonce resource".into());
}
match nonce_from_response(&rsp) {
Some(nonce) => Ok(nonce),
None => Err("no nonce found in newNonce response".into()),
}
}
}