Merge pull request #24 from Daanra/feat/subject-alternative-names

Daanra · web-flow · commit a077905dcdf5 · 2022-09-16T13:04:54.000+02:00
Add Subject Alternative Names support
diff --git a/README.md b/README.md
@@ -111,6 +111,17 @@ $certificate->delete();
 $certificate->forceDelete();
 ```
 
+
+## Subject Alternative Names
+
+It's also possible to specify Subject Alternative Names as below (requires >= 0.5.0):
+
+```php
+LetsEncrypt::certificate('mydomain.com')
+        ->setSubjectAlternativeNames(['mydomain2.com'])
+        ->create(); 
+```
+
 ## Failure events
 
 If one of the jobs fails, one of the following events will be dispatched:
diff --git a/database/migrations/add_lets_encrypt_certificates_subject_alternative_names.php.stub b/database/migrations/add_lets_encrypt_certificates_subject_alternative_names.php.stub
@@ -0,0 +1,22 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddLetsEncryptCertificatesSubjectAlternativeNames extends Migration
+{
+    public function up()
+    {
+        Schema::table('lets_encrypt_certificates', function (Blueprint $table) {
+            $table->json('subject_alternative_names')->default('[]')->after('domain');
+        });
+    }
+
+    public function down()
+    {
+        Schema::table('lets_encrypt_certificates', function (Blueprint $table) {
+            $table->dropColumn('subject_alternative_names');
+        });
+    }
+}
diff --git a/src/Jobs/RequestCertificate.php b/src/Jobs/RequestCertificate.php
@@ -38,7 +38,7 @@ public function __construct(LetsEncryptCertificate $certificate, int $tries = nu
 
     public function handle()
     {
-        $distinguishedName = new DistinguishedName($this->certificate->domain);
+        $distinguishedName = new DistinguishedName($this->certificate->domain, null, null, null, null, null, null, $this->certificate->subject_alternative_names);
         $csr = new CertificateRequest($distinguishedName, (new KeyPairGenerator())->generateKeyPair());
         $client = LetsEncrypt::createClient();
         $certificateResponse = $client->requestCertificate($this->certificate->domain, $csr);
diff --git a/src/LetsEncryptServiceProvider.php b/src/LetsEncryptServiceProvider.php
@@ -26,6 +26,13 @@ public function boot()
                     __DIR__ . "/../database/migrations/{$migrationFileName}.stub" => database_path('migrations/' . date('Y_m_d_His', time()) . '_' . $migrationFileName),
                 ], 'lets-encrypt');
             }
+
+            $sanMigrationFileName = 'add_lets_encrypt_certificates_subject_alternative_names.php';
+            if (! $this->migrationFileExists($sanMigrationFileName)) {
+                $this->publishes([
+                    __DIR__ . "/../database/migrations/{$sanMigrationFileName}.stub" => database_path('migrations/' . date('Y_m_d_His', time() + 1) . '_' . $sanMigrationFileName),
+                ], ['lets-encrypt', 'lets-encrypt-0.5']);
+            }
         }
 
         $this->commands([
diff --git a/src/Models/LetsEncryptCertificate.php b/src/Models/LetsEncryptCertificate.php
@@ -20,6 +20,7 @@
  * @property \Illuminate\Support\Carbon|null $created_at
  * @property \Illuminate\Support\Carbon|null $updated_at
  * @property \Illuminate\Support\Carbon|null $deleted_at
+ * @property array $subject_alternative_names
  * @property-read bool $has_expired
  * @method static \Daanra\LaravelLetsEncrypt\Builders\LetsEncryptCertificateBuilder|\Daanra\LaravelLetsEncrypt\Models\LetsEncryptCertificate query()
  * @method static \Daanra\LaravelLetsEncrypt\Builders\LetsEncryptCertificateBuilder|\Daanra\LaravelLetsEncrypt\Models\LetsEncryptCertificate newQuery()
@@ -42,6 +43,7 @@ class LetsEncryptCertificate extends Model
 
     protected $casts = [
         'created' => 'boolean',
+        'subject_alternative_names' => 'array',
     ];
 
     public function newEloquentBuilder($query): LetsEncryptCertificateBuilder
diff --git a/src/PendingCertificate.php b/src/PendingCertificate.php
@@ -12,7 +12,6 @@
 
 class PendingCertificate
 {
-
     /**
      * @var string
      */
@@ -43,6 +42,11 @@ class PendingCertificate
      */
     protected $delay = 0;
 
+    /**
+     * @var array
+     */
+    protected $subjectAlternativeNames = [];
+
     /**
      * PendingCertificate constructor.
      * @param string $domain
@@ -67,6 +71,7 @@ public function create(): LetsEncryptCertificate
 
         $certificate = LetsEncryptCertificate::create([
             'domain' => $this->domain,
+            'subject_alternative_names' => $this->subjectAlternativeNames,
         ]);
 
         RegisterAccount::withChain(array_merge([
@@ -118,6 +123,18 @@ public function renew(): LetsEncryptCertificate
         return $certificate;
     }
 
+
+    /**
+     * @param array $domains
+     * @return static
+     */
+    public function setSubjectAlternativeNames(array $domains): self
+    {
+        $this->subjectAlternativeNames = $domains;
+
+        return $this;
+    }
+
     /**
      * @param int $tries
      * @return static
diff --git a/src/Traits/Retryable.php b/src/Traits/Retryable.php
@@ -4,7 +4,6 @@
 
 trait Retryable
 {
-
     /**
      * The number of times the job may be attempted.
      *
diff --git a/tests/Facades/LetsEncryptTest.php b/tests/Facades/LetsEncryptTest.php
@@ -69,10 +69,26 @@ public function test_can_create_pending()
         $certificate = LetsEncrypt::certificate('test.test')->create();
 
         $this->assertEquals('test.test', $certificate->domain);
+        $this->assertEquals([], $certificate->subject_alternative_names);
 
         Queue::assertPushedWithChain(RegisterAccount::class, [
             RequestAuthorization::class,
             RequestCertificate::class,
         ]);
     }
+
+    /** @test */
+    public function test_can_create_now_with_san()
+    {
+        Bus::fake();
+
+        $certificate = LetsEncrypt::certificate('somedomain.com')
+            ->setSubjectAlternativeNames(['other.somedomain.com'])
+            ->create();
+
+        $this->assertEquals('somedomain.com', $certificate->domain);
+        $this->assertEquals(['other.somedomain.com'], $certificate->subject_alternative_names);
+
+        Bus::assertDispatched(RegisterAccount::class);
+    }
 }
diff --git a/tests/TestCase.php b/tests/TestCase.php
@@ -29,6 +29,8 @@ public function getEnvironmentSetUp($app)
         ]);
 
         include_once __DIR__.'/../database/migrations/create_lets_encrypt_certificates_table.php.stub';
+        include_once __DIR__.'/../database/migrations/add_lets_encrypt_certificates_subject_alternative_names.php.stub';
         (new \CreateLetsEncryptCertificatesTable())->up();
+        (new \AddLetsEncryptCertificatesSubjectAlternativeNames())->up();
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ public function __construct(LetsEncryptCertificate $certificate, int $tries = nu`
`38`	`38`
`39`	`39`	`public function handle()`
`40`	`40`	`{`
`41`		`- $distinguishedName = new DistinguishedName($this->certificate->domain);`
	`41`	`+ $distinguishedName = new DistinguishedName($this->certificate->domain, null, null, null, null, null, null, $this->certificate->subject_alternative_names);`
`42`	`42`	`$csr = new CertificateRequest($distinguishedName, (new KeyPairGenerator())->generateKeyPair());`
`43`	`43`	`$client = LetsEncrypt::createClient();`
`44`	`44`	`$certificateResponse = $client->requestCertificate($this->certificate->domain, $csr);`
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,13 @@ public function boot()`
`26`	`26`	`__DIR__ . "/../database/migrations/{$migrationFileName}.stub" => database_path('migrations/' . date('Y_m_d_His', time()) . '_' . $migrationFileName),`
`27`	`27`	`], 'lets-encrypt');`
`28`	`28`	`}`
	`29`	`+`
	`30`	`+ $sanMigrationFileName = 'add_lets_encrypt_certificates_subject_alternative_names.php';`
	`31`	`+ if (! $this->migrationFileExists($sanMigrationFileName)) {`
	`32`	`+ $this->publishes([`
	`33`	`+ __DIR__ . "/../database/migrations/{$sanMigrationFileName}.stub" => database_path('migrations/' . date('Y_m_d_His', time() + 1) . '_' . $sanMigrationFileName),`
	`34`	`+ ], ['lets-encrypt', 'lets-encrypt-0.5']);`
	`35`	`+ }`
`29`	`36`	`}`
`30`	`37`
`31`	`38`	`$this->commands([`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,6 @@`
`4`	`4`
`5`	`5`	`trait Retryable`
`6`	`6`	`{`
`7`		`-`
`8`	`7`	`/**`
`9`	`8`	`* The number of times the job may be attempted.`
`10`	`9`	`*`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,8 @@ public function getEnvironmentSetUp($app)`
`29`	`29`	`]);`
`30`	`30`
`31`	`31`	`include_once __DIR__.'/../database/migrations/create_lets_encrypt_certificates_table.php.stub';`
	`32`	`+ include_once __DIR__.'/../database/migrations/add_lets_encrypt_certificates_subject_alternative_names.php.stub';`
`32`	`33`	`(new \CreateLetsEncryptCertificatesTable())->up();`
	`34`	`+ (new \AddLetsEncryptCertificatesSubjectAlternativeNames())->up();`
`33`	`35`	`}`
`34`	`36`	`}`