@@ -12,11 +12,13 @@ class Lescript
1212
1313 private $ certificatesDir
1414 private $ webRootDir
15+
16+ /** @var \Psr\Log\LoggerInterface */
1517 private $ logger
1618 private $ client
1719 private $ accountKeyPath
1820
19- public function __construct ($ certificatesDir$ webRootDir$ logger
21+ public function __construct ($ certificatesDir$ webRootDir$ logger = null )
2022 {
2123 $ this certificatesDir = $ certificatesDir
2224 $ this webRootDir = $ webRootDir
@@ -32,25 +34,23 @@ public function initAccount()
3234 // generate and save new private key for account
3335 // ---------------------------------------------
3436
35- $ this logger -> info ('Starting new account registration ' );
37+ $ this log ('Starting new account registration ' );
3638 $ this generateKey (dirname ($ this accountKeyPath ));
3739 $ this postNewReg ();
38- $ this logger -> info ('New account certificate registered ' );
40+ $ this log ('New account certificate registered ' );
3941
4042 } else {
4143
42- $ this logger -> info ('Account already registered. Continuing. ' );
44+ $ this log ('Account already registered. Continuing. ' );
4345
4446 }
4547 }
4648
4749 public function signDomains (array $ domains
4850 {
49- $ this logger -> info ('Starting certificate generation process for domains ' );
51+ $ this log ('Starting certificate generation process for domains ' );
5052
51- if (($ privateAccountKeyopenssl_pkey_get_private ('file:// ' .$ this accountKeyPath )) === FALSE ) {
52- throw new \RuntimeException (openssl_error_string ());
53- }
53+ $ privateAccountKey$ this readPrivateKey ($ this accountKeyPath );
5454 $ accountKeyDetailsopenssl_pkey_get_details ($ privateAccountKey
5555
5656 // start domains authentication
@@ -61,7 +61,7 @@ public function signDomains(array $domains)
6161 // 1. getting available authentication options
6262 // -------------------------------------------
6363
64- $ this logger -> info ("Requesting challenge for $ domain );
64+ $ this log ("Requesting challenge for $ domain );
6565
6666 $ response$ this signedRequest (
6767 "/acme/new-authz " ,
@@ -70,9 +70,9 @@ public function signDomains(array $domains)
7070
7171 // choose http-01 challange only
7272 $ challengearray_reduce ($ response'challenges ' ], function ($ v$ wreturn $ v$ v$ w'type ' ] == 'http-01 ' ? $ wfalse ); });
73- if (!$ challengethrow new \RuntimeException ("HTTP Challenge for $ domain is not available " );
73+ if (!$ challengethrow new \RuntimeException ("HTTP Challenge for $ domain is not available. Whole response: " . json_encode ( $ response ) );
7474
75- $ this logger -> info ("Got challenge token for $ domain );
75+ $ this log ("Got challenge token for $ domain );
7676 $ location$ this client ->getLastLocation ();
7777
7878
@@ -103,14 +103,14 @@ public function signDomains(array $domains)
103103
104104 $ uri"http:// $ {domain}/.well-known/acme-challenge/ $ {challenge['token ' ]}" ;
105105
106- $ this logger -> info ("Token for $ domain saved at $ tokenPath and should be available at $ uri );
106+ $ this log ("Token for $ domain saved at $ tokenPath and should be available at $ uri );
107107
108108 // simple self check
109109 if ($ payloadtrim (@file_get_contents ($ uri
110110 throw new \RuntimeException ("Please check $ uri - token not available " );
111111 }
112112
113- $ this logger -> info ("Sending request to challenge " );
113+ $ this log ("Sending request to challenge " );
114114
115115 // send request to challenge
116116 $ result$ this signedRequest (
@@ -131,15 +131,15 @@ public function signDomains(array $domains)
131131 $ ended$ result'status ' ] === "pending " );
132132
133133 if (!$ ended
134- $ this logger -> info ("Verification pending, sleeping 1s " );
134+ $ this log ("Verification pending, sleeping 1s " );
135135 sleep (1 );
136136 }
137137
138138 $ result$ this client ->get ($ location
139139
140140 } while (!$ ended
141141
142- $ this logger -> info ("Verification ended with status: $ {result['status ' ]}" );
142+ $ this log ("Verification ended with status: $ {result['status ' ]}" );
143143 @unlink ($ tokenPath
144144 }
145145
@@ -153,9 +153,7 @@ public function signDomains(array $domains)
153153 }
154154
155155 // load domain key
156- if (($ privateDomainKeyopenssl_pkey_get_private ('file:// ' .$ domainPath'/private.pem ' )) === FALSE ) {
157- throw new \RuntimeException (openssl_error_string ());
158- }
156+ $ privateDomainKey$ this readPrivateKey ($ domainPath'/private.pem ' );
159157
160158 $ this client ->getLastLinks ();
161159
@@ -178,17 +176,17 @@ public function signDomains(array $domains)
178176
179177 if ($ this client ->getLastCode () == 202 ) {
180178
181- $ this logger -> info ("Certificate generation pending, sleeping 1s " );
179+ $ this log ("Certificate generation pending, sleeping 1s " );
182180 sleep (1 );
183181
184182 } else if ($ this client ->getLastCode () == 200 ) {
185183
186- $ this logger -> info ("Got certificate! YAY! " );
184+ $ this log ("Got certificate! YAY! " );
187185 $ certificates$ this parsePemFromBody ($ result
188186
189187
190188 foreach ($ this client ->getLastLinks () as $ link
191- $ this logger -> info ("Requesting chained cert at $ link );
189+ $ this log ("Requesting chained cert at $ link );
192190 $ result$ this client ->get ($ link
193191 $ certificates$ this parsePemFromBody ($ result
194192 }
@@ -203,16 +201,25 @@ public function signDomains(array $domains)
203201
204202 if (empty ($ certificatesthrow new \RuntimeException ('No certificates generated ' );
205203
206- $ this logger -> info ("Saving fullchain.pem " );
204+ $ this log ("Saving fullchain.pem " );
207205 file_put_contents ($ domainPath'/fullchain.pem ' , implode ("\n" , $ certificates
208206
209- $ this logger -> info ("Saving cert.pem " );
207+ $ this log ("Saving cert.pem " );
210208 file_put_contents ($ domainPath'/cert.pem ' , array_shift ($ certificates
211209
212- $ this logger -> info ("Saving chain.pem " );
210+ $ this log ("Saving chain.pem " );
213211 file_put_contents ($ domainPath"/chain.pem " , implode ("\n" , $ certificates
214212
215- $ this logger ->info ("Done !!§§! " );
213+ $ this log ("Done !!§§! " );
214+ }
215+
216+ private function readPrivateKey ($ path
217+ {
218+ if (($ keyopenssl_pkey_get_private ('file:// ' .$ pathFALSE ) {
219+ throw new \RuntimeException (openssl_error_string ());
220+ }
221+
222+ return $ key
216223 }
217224
218225 private function parsePemFromBody ($ body
@@ -228,7 +235,7 @@ private function getDomainPath($domain)
228235
229236 private function postNewReg ()
230237 {
231- $ this logger -> info ('Sending registration to letsencrypt server ' );
238+ $ this log ('Sending registration to letsencrypt server ' );
232239
233240 return $ this signedRequest (
234241 '/acme/new-reg ' ,
@@ -305,12 +312,9 @@ private function generateKey($outputDirectory)
305312 file_put_contents ($ outputDirectory'/public.pem ' , $ details'key ' ]);
306313 }
307314
308- private function signedRequest ($ uriarray $ payload
309-
310- if (($ privateKeyopenssl_pkey_get_private ('file:// ' .$ this accountKeyPath )) === FALSE ) {
311- throw new \RuntimeException (openssl_error_string ());
312- }
313-
315+ private function signedRequest ($ uriarray $ payload
316+ {
317+ $ privateKey$ this readPrivateKey ($ this accountKeyPath );
314318 $ detailsopenssl_pkey_get_details ($ privateKey
315319
316320 $ headerarray (
@@ -340,10 +344,19 @@ private function signedRequest($uri, array $payload) {
340344 'signature ' => $ signed64
341345 );
342346
343- $ this logger -> info ("Sending signed request to $ uri );
347+ $ this log ("Sending signed request to $ uri );
344348
345349 return $ this client ->post ($ urijson_encode ($ data
346350 }
351+
352+ protected function log ($ message
353+ {
354+ if ($ this logger ) {
355+ $ this logger ->info ($ message
356+ } else {
357+ echo $ message"\n" ;
358+ }
359+ }
347360}
348361
349362class Client
0 commit comments