- if ($challenge->{type} eq 'http-01') {
- $self->{challenges}{$_}{http_uri} = $challenge->{uri};
- $self->{challenges}{$_}{http_token} = $challenge->{token};
- } elsif ($challenge->{type} eq 'dns-01') {
- $self->{challenges}{$_}{dns_uri} = $challenge->{uri};
- $self->{challenges}{$_}{dns_token} = $challenge->{token};
+ # One test already validated this auth request
+ if ($self->{challenges}{$_}{status} eq 'valid') {
+ next;
+ } elsif ($challenge->{status} eq 'valid') {
+ $self->{challenges}{$_}{status} = $challenge->{status};
+ next;
+ } elsif ($challenge->{status} eq 'pending') {
+ # Handle check
+ if (
+ ($challenge->{type} =~ /^http-[0-9]+$/ and $self->_httpCheck($_, $challenge->{token})) or
+ ($challenge->{type} =~ /^dns-[0-9]+$/ and $self->_dnsCheck($_, $challenge->{token}))
+ ) {
+ # Post challenge request
+ my $res = $self->_post($challenge->{uri}, {resource => 'challenge', keyAuthorization => $challenge->{token}.'.'.$self->{account}{thumbprint}});
+
+ # Handle error
+ unless ($res->is_success) {
+ confess 'POST '.$challenge->{uri}.' failed: '.$res->status_line;
+ }
+
+ # Extract content
+ my $content = decode_json($res->content);
+
+ # Save if valid
+ if ($content->{status} eq 'valid') {
+ $self->{challenges}{$_}{status} = $content->{status};
+ # Check is still polling
+ } elsif ($content->{status} eq 'pending') {
+ # Add to poll list for later use
+ push(@{$self->{challenges}{$_}{polls}}, {
+ type => (split(/-/, $challenge->{type}))[0],
+ status => $content->{status},
+ poll => $content->{uri}
+ });
+ }
+ # Print http help
+ } elsif ($challenge->{type} =~ /^http-[0-9]+$/) {
+ print STDERR 'Create URI http://'.$_.'/.well-known/acme-challenge/'.$challenge->{token}.' with content '.$challenge->{token}.'.'.$self->{account}{thumbprint}."\n";
+ # Print dns help
+ } elsif ($challenge->{type} =~ /^dns-[0-9]+$/) {
+ print STDERR 'Create TXT record _acme-challenge.'.$_.'. with value '.(((sha256_base64($challenge->{token}.'.'.$self->{account}{thumbprint})) =~ s/=+\z//r) =~ tr[+/][-_]r)."\n";
+ }