/**
* Send a request encoded in the format defined by the ACME protocol.
*
* @param string $method
* @param string $endpoint
* @param array $payload
* @param bool $returnJson
*
* @throws AcmeCoreServerException When the ACME server returns an error HTTP status code.
* @throws AcmeCoreClientException When an error occured during response parsing.
*
* @return array|string Array of parsed JSON if $returnJson = true, string otherwise
*/
public function signedRequest($method, $endpoint, array $payload = [], $returnJson = true)
{
$privateKey = $this->accountKeyPair->getPrivateKey();
$parsedKey = $this->keyParser->parse($privateKey);
$header = ['alg' => 'RS256', 'jwk' => ['kty' => 'RSA', 'n' => $this->base64Encoder->encode($parsedKey->getDetail('n')), 'e' => $this->base64Encoder->encode($parsedKey->getDetail('e'))]];
$protected = $header;
if ($this->lastResponse) {
$protected['nonce'] = $this->lastResponse->getHeaderLine('Replay-Nonce');
}
$protected = $this->base64Encoder->encode(json_encode($protected));
$payload = $this->base64Encoder->encode(json_encode($payload, JSON_UNESCAPED_SLASHES));
$signature = $this->base64Encoder->encode($this->dataSigner->signData($protected . '.' . $payload, $privateKey));
$payload = ['header' => $header, 'protected' => $protected, 'payload' => $payload, 'signature' => $signature];
return $this->unsignedRequest($method, $endpoint, $payload, $returnJson);
}
/**
* Retrieves the value of the TXT record to register.
*
* @param AuthorizationChallenge $authorizationChallenge
*
* @return string
*/
public function getRecordValue(AuthorizationChallenge $authorizationChallenge)
{
return $this->encoder->encode(hash('sha256', $authorizationChallenge->getPayload(), true));
}