From f5437632f486b7d0a0a181c58f113c86d032b02c Mon Sep 17 00:00:00 2001
From: Christopher Speller <crspeller@gmail.com>
Date: Mon, 24 Apr 2017 20:11:36 -0400
Subject: Upgrading server dependancies (#6215)

---
 vendor/github.com/xenolf/lego/acme/client.go       |  5 +---
 vendor/github.com/xenolf/lego/acme/http.go         | 33 +++++++++++++++++++++-
 vendor/github.com/xenolf/lego/acme/jws.go          | 16 +----------
 vendor/github.com/xenolf/lego/cli.go               |  2 +-
 .../xenolf/lego/providers/dns/azure/azure.go       |  5 ++--
 .../xenolf/lego/providers/dns/dnsimple/dnsimple.go |  4 +--
 .../lego/providers/dns/dnsimple/dnsimple_test.go   |  4 +--
 7 files changed, 42 insertions(+), 27 deletions(-)

(limited to 'vendor/github.com/xenolf')

diff --git a/vendor/github.com/xenolf/lego/acme/client.go b/vendor/github.com/xenolf/lego/acme/client.go
index ee519f2e2..ef0f80b7f 100644
--- a/vendor/github.com/xenolf/lego/acme/client.go
+++ b/vendor/github.com/xenolf/lego/acme/client.go
@@ -529,10 +529,7 @@ func (c *Client) chooseSolvers(auth authorization, domain string) map[int]solver
 func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[string]error) {
 	resc, errc := make(chan authorizationResource), make(chan domainError)
 
-	var delay time.Duration
-	if len(domains) > overallRequestLimit {
-		delay = time.Second / overallRequestLimit
-	}
+	delay := time.Second / overallRequestLimit
 
 	for _, domain := range domains {
 		time.Sleep(delay)
diff --git a/vendor/github.com/xenolf/lego/acme/http.go b/vendor/github.com/xenolf/lego/acme/http.go
index dc958046a..a858b5a75 100644
--- a/vendor/github.com/xenolf/lego/acme/http.go
+++ b/vendor/github.com/xenolf/lego/acme/http.go
@@ -97,10 +97,41 @@ func postJSON(j *jws, uri string, reqBody, respBody interface{}) (http.Header, e
 	if err != nil {
 		return nil, fmt.Errorf("Failed to post JWS message. -> %v", err)
 	}
+
 	defer resp.Body.Close()
 
 	if resp.StatusCode >= http.StatusBadRequest {
-		return resp.Header, handleHTTPError(resp)
+
+		err := handleHTTPError(resp)
+
+		switch err.(type) {
+
+		case NonceError:
+
+			// Retry once if the nonce was invalidated
+
+			retryResp, err := j.post(uri, jsonBytes)
+			if err != nil {
+				return nil, fmt.Errorf("Failed to post JWS message. -> %v", err)
+			}
+
+			defer retryResp.Body.Close()
+
+			if retryResp.StatusCode >= http.StatusBadRequest {
+				return retryResp.Header, handleHTTPError(retryResp)
+			}
+
+			if respBody == nil {
+				return retryResp.Header, nil
+			}
+
+			return retryResp.Header, json.NewDecoder(retryResp.Body).Decode(respBody)
+
+		default:
+			return resp.Header, err
+
+		}
+
 	}
 
 	if respBody == nil {
diff --git a/vendor/github.com/xenolf/lego/acme/jws.go b/vendor/github.com/xenolf/lego/acme/jws.go
index 3b77cd491..a39434342 100644
--- a/vendor/github.com/xenolf/lego/acme/jws.go
+++ b/vendor/github.com/xenolf/lego/acme/jws.go
@@ -44,26 +44,12 @@ func (j *jws) post(url string, content []byte) (*http.Response, error) {
 	if err != nil {
 		return nil, fmt.Errorf("Failed to HTTP POST to %s -> %s", url, err.Error())
 	}
-	
-	// Even in case of an error, the response should still contain a nonce.
+
 	nonce, nonceErr := getNonceFromResponse(resp)
 	if nonceErr == nil {
 		j.nonces.Push(nonce)
 	}
 
-	if err != nil {
-		switch err.(type) {
-		case NonceError:
-			// In case of a nonce error - retry once
-			resp, err = httpPost(url, "application/jose+json", bytes.NewBuffer([]byte(signedContent.FullSerialize())))
-			if err != nil {
-				return nil, fmt.Errorf("Failed to HTTP POST to %s -> %s", url, err.Error())
-			}
-		default:
-			return nil, fmt.Errorf("Failed to HTTP POST to %s -> %s", url, err.Error())
-		}
-	}
-
 	return resp, nil
 }
 
diff --git a/vendor/github.com/xenolf/lego/cli.go b/vendor/github.com/xenolf/lego/cli.go
index 61c08d455..03589a233 100644
--- a/vendor/github.com/xenolf/lego/cli.go
+++ b/vendor/github.com/xenolf/lego/cli.go
@@ -205,7 +205,7 @@ Here is an example bash command using the CloudFlare DNS provider:
 	fmt.Fprintln(w, "\tauroradns:\tAURORA_USER_ID, AURORA_KEY, AURORA_ENDPOINT")
 	fmt.Fprintln(w, "\tcloudflare:\tCLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY")
 	fmt.Fprintln(w, "\tdigitalocean:\tDO_AUTH_TOKEN")
-	fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_EMAIL, DNSIMPLE_API_KEY")
+	fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_EMAIL, DNSIMPLE_OAUTH_TOKEN")
 	fmt.Fprintln(w, "\tdnsmadeeasy:\tDNSMADEEASY_API_KEY, DNSMADEEASY_API_SECRET")
 	fmt.Fprintln(w, "\texoscale:\tEXOSCALE_API_KEY, EXOSCALE_API_SECRET, EXOSCALE_ENDPOINT")
 	fmt.Fprintln(w, "\tgandi:\tGANDI_API_KEY")
diff --git a/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go b/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
index 9d281cd69..d079d5e13 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
@@ -10,10 +10,11 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/arm/dns"
 
+	"strings"
+
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/xenolf/lego/acme"
-	"strings"
 )
 
 // DNSProvider is an implementation of the acme.ChallengeProvider interface
@@ -74,7 +75,7 @@ func (c *DNSProvider) Present(domain, token, keyAuth string) error {
 		Name: &relative,
 		RecordSetProperties: &dns.RecordSetProperties{
 			TTL:        to.Int64Ptr(60),
-			TXTRecords: &[]dns.TxtRecord{dns.TxtRecord{Value: &[]string{value}}},
+			TxtRecords: &[]dns.TxtRecord{dns.TxtRecord{Value: &[]string{value}}},
 		},
 	}
 	_, err = rsc.CreateOrUpdate(c.resourceGroup, zone, relative, dns.TXT, rec, "", "")
diff --git a/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple.go b/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple.go
index 155cacd25..e3fea79ec 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple.go
@@ -32,7 +32,7 @@ func NewDNSProvider() (*DNSProvider, error) {
 // DNSProvider instance configured for dnsimple.
 func NewDNSProviderCredentials(accessToken, baseUrl string) (*DNSProvider, error) {
 	if accessToken == "" {
-		return nil, fmt.Errorf("DNSimple OAuth token missing")
+		return nil, fmt.Errorf("DNSimple OAuth token is missing")
 	}
 
 	client := dnsimple.NewClient(dnsimple.NewOauthTokenCredentials(accessToken))
@@ -173,7 +173,7 @@ func (c *DNSProvider) getAccountID() (string, error) {
 	}
 
 	if whoamiResponse.Data.Account == nil {
-		return "", fmt.Errorf("DNSimple API returned empty account ID")
+		return "", fmt.Errorf("DNSimple user tokens are not supported, please use an account token.")
 	}
 
 	return strconv.Itoa(whoamiResponse.Data.Account.ID), nil
diff --git a/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple_test.go b/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple_test.go
index ee65dd42b..bd35790d7 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple_test.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/dnsimple/dnsimple_test.go
@@ -74,7 +74,7 @@ func TestNewDNSProviderInvalidWithMissingOauthToken(t *testing.T) {
 	provider, err := NewDNSProvider()
 
 	assert.Nil(t, provider)
-	assert.EqualError(t, err, "DNSimple OAuth token missing")
+	assert.EqualError(t, err, "DNSimple OAuth token is missing")
 }
 
 //
@@ -102,7 +102,7 @@ func TestNewDNSProviderCredentialsInvalidWithMissingOauthToken(t *testing.T) {
 	provider, err := NewDNSProviderCredentials("", "")
 
 	assert.Nil(t, provider)
-	assert.EqualError(t, err, "DNSimple OAuth token missing")
+	assert.EqualError(t, err, "DNSimple OAuth token is missing")
 }
 
 //
-- 
cgit v1.2.3-1-g7c22