Merge pull request #1670 from smallstep/herman/remove-rusty-cli

Remove `rusty-jwt-cli`

acme/api/order.go

@@ -54,7 +54,7 @@ func (n *NewOrderRequest) Validate() error {
 			if err != nil {
 				return acme.WrapError(acme.ErrorMalformedType, err, "failed parsing Wire ID")
 			}
-			if _, err = wire.ParseClientID(wireID.ClientID); err != nil {
+			if _, err := wire.ParseClientID(wireID.ClientID); err != nil {
 				return acme.WrapError(acme.ErrorMalformedType, err, "invalid Wire client ID %q", wireID.ClientID)
 			}
 		default:
@@ -282,18 +282,21 @@ func newAuthorization(ctx context.Context, az *acme.Authorization) error {
 			if err != nil {
 				return acme.WrapError(acme.ErrorMalformedType, err, "failed parsing ClientID")
 			}
-
-			var targetProvider interface{ GetTarget(string) (string, error) }
+			wireOptions, err := prov.GetOptions().GetWireOptions()
+			if err != nil {
+				return acme.WrapErrorISE(err, "failed getting Wire options")
+			}
+			var targetProvider interface{ EvaluateTarget(string) (string, error) }
 			switch typ {
 			case acme.WIREOIDC01:
-				targetProvider = prov.GetOptions().GetOIDCOptions()
+				targetProvider = wireOptions.GetOIDCOptions()
 			case acme.WIREDPOP01:
-				targetProvider = prov.GetOptions().GetDPOPOptions()
+				targetProvider = wireOptions.GetDPOPOptions()
 			default:
 				return acme.NewError(acme.ErrorMalformedType, "unsupported type %q", typ)
 			}
 
-			target, err = targetProvider.GetTarget(clientID.DeviceID)
+			target, err = targetProvider.EvaluateTarget(clientID.DeviceID)
 			if err != nil {
 				return acme.WrapError(acme.ErrorMalformedType, err, "invalid Go template registered for 'target'")
 			}

acme/api/order_test.go

@@ -24,6 +24,7 @@ import (
 	"github.com/smallstep/certificates/acme"
 	"github.com/smallstep/certificates/authority/policy"
 	"github.com/smallstep/certificates/authority/provisioner"
+	"github.com/smallstep/certificates/authority/provisioner/wire"
 )
 
 func TestNewOrderRequest_Validate(t *testing.T) {
@@ -884,6 +885,10 @@ func TestHandler_NewOrder(t *testing.T) {
 	u := fmt.Sprintf("%s/acme/%s/order/ordID",
 		baseURL.String(), escProvName)
 
+	fakeWireSigningKey := `-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
+-----END PUBLIC KEY-----`
+
 	type test struct {
 		ca         acme.CertificateAuthority
 		db         acme.DB
@@ -1716,27 +1721,29 @@ func TestHandler_NewOrder(t *testing.T) {
 		},
 		"ok/default-naf-nbf-wireapp": func(t *testing.T) test {
 			acmeWireProv := newWireProvisionerWithOptions(t, &provisioner.Options{
-				OIDC: &provisioner.OIDCOptions{
-					Provider: provisioner.ProviderJSON{
-						IssuerURL:   "",
-						AuthURL:     "",
-						TokenURL:    "",
-						JWKSURL:     "",
-						UserInfoURL: "",
-						Algorithms:  []string{},
-					},
-					Config: provisioner.ConfigJSON{
-						ClientID:                   "integration test",
-						SupportedSigningAlgs:       []string{},
-						SkipClientIDCheck:          true,
-						SkipExpiryCheck:            true,
-						SkipIssuerCheck:            true,
-						InsecureSkipSignatureCheck: true,
-						Now:                        time.Now,
-					},
-				},
-				DPOP: &provisioner.DPOPOptions{
-					ValidationExecPath: "true", // true will always exit with code 0
+				Wire: &wire.Options{
+					OIDC: &wire.OIDCOptions{
+						Provider: &wire.Provider{
+							IssuerURL:   "https://issuer.example.com",
+							AuthURL:     "",
+							TokenURL:    "",
+							JWKSURL:     "",
+							UserInfoURL: "",
+							Algorithms:  []string{"ES256"},
+						},
+						Config: &wire.Config{
+							ClientID:                   "integration test",
+							SignatureAlgorithms:        []string{"ES256"},
+							SkipClientIDCheck:          true,
+							SkipExpiryCheck:            true,
+							SkipIssuerCheck:            true,
+							InsecureSkipSignatureCheck: true,
+							Now:                        time.Now,
+						},
+					},
+					DPOP: &wire.DPOPOptions{
+						SigningKey: []byte(fakeWireSigningKey),
+					},
 				},
 			})
 			acc := &acme.Account{ID: "accID"}