/** * {@inheritdoc} */ public function requestAuthorization($domain) { Assert::string($domain, 'requestAuthorization::$domain expected a string. Got: %s'); $payload = ['resource' => ResourcesDirectory::NEW_AUTHORIZATION, 'identifier' => ['type' => 'dns', 'value' => $domain]]; $response = $this->requestResource('POST', ResourcesDirectory::NEW_AUTHORIZATION, $payload); if (!isset($response['challenges']) || !$response['challenges']) { throw new ChallengeNotSupportedException(); } $base64encoder = $this->httpClient->getBase64Encoder(); $keyParser = $this->httpClient->getKeyParser(); $accountKeyPair = $this->httpClient->getAccountKeyPair(); $parsedKey = $keyParser->parse($accountKeyPair->getPrivateKey()); $header = json_encode(['e' => $base64encoder->encode($parsedKey->getDetail('e')), 'kty' => 'RSA', 'n' => $base64encoder->encode($parsedKey->getDetail('n'))]); $encodedHeader = $base64encoder->encode(hash('sha256', $header, true)); $authorizationChallenges = []; foreach ($response['challenges'] as $challenge) { $authorizationChallenges[] = new AuthorizationChallenge($domain, $challenge['type'], $challenge['uri'], $challenge['token'], $challenge['token'] . '.' . $encodedHeader); } return $authorizationChallenges; }