Public/Publish-Challenge.ps1

function Publish-Challenge {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory,Position=0)]
        [string]$Domain,
        [Parameter(Mandatory,Position=1)]
        [PSTypeName('PoshACME.PAAccount')]$Account,
        [Parameter(Mandatory,Position=2)]
        [string]$Token,
        [Parameter(Mandatory,Position=3)]
        [ValidateScript({Test-ValidPlugin $_ -ThrowOnFail})]
        [string]$Plugin,
        [Parameter(Position=4)]
        [hashtable]$PluginArgs,
        [string]$DnsAlias
    )

    # dot source the plugin file
    $pluginDetail = $script:Plugins.$Plugin
    . $pluginDetail.Path

    # All plugins in $script:Plugins should have been validated during module
    # load. So we're not going to do much plugin-specific validation here.
    Write-Verbose "Publishing challenge for Domain $Domain with Token $Token using Plugin $Plugin and DnsAlias '$DnsAlias'."

    # sanitize the $Domain if it was passed in as a wildcard on accident
    if ($Domain -and $Domain.StartsWith('*.')) {
        Write-Warning "Stripping wildcard characters from domain name. Not required for publishing."
        $Domain = $Domain.Substring(2)
    }

    # do stuff appropriate for the challenge type
    if ('dns-01' -eq $pluginDetail.ChallengeType) {

        # determine the appropriate record name
        if (-not [String]::IsNullOrWhiteSpace($DnsAlias)) {
            # always use the alias if it was specified
            $recordName = $DnsAlias
        } else {
            # use Domain
            $recordName = "_acme-challenge.$($Domain)"
        }

        $txtValue = Get-KeyAuthorization $Token $Account -ForDNS

        # call the function with the required parameters and splatting the rest
        Write-Debug "Calling $Plugin plugin to add $recordName TXT with value $txtValue"
        Add-DnsTxt -RecordName $recordName -TxtValue $txtValue @PluginArgs

    } else { # http-01 is the only other challenge type we support at the moment

        $keyAuth = Get-KeyAuthorization $Token $Account

        # call the function with the required parameters and splatting the rest
        Write-Debug "Calling $Plugin plugin to add challenge for $Domain with token $Token and key auth $keyAuth"
        Add-HttpChallenge -Domain $Domain -Token $Token -Body $keyAuth @PluginArgs

    }



    <#
    .SYNOPSIS
        Publish a challenge using the specified plugin.
 
    .DESCRIPTION
        Based on the type of validation plugin specified, this function will publish either a DNS TXT record or an HTTP challenge file for the given domain and token value that satisfies the dns-01 or http-01 challenge specification.
 
        Depending on the plugin, calling Save-Challenge may be required to commit changes made by Publish-Challenge. If multiple challenges are being published, make all Publish-Challenge calls first. Then, Save-Challenge once to commit them all.
 
    .PARAMETER Domain
        The domain name that the challenge will be published for. Wildcard domains should have the "*." removed and can only be used with DNS based validation plugins.
 
    .PARAMETER Account
        The account object associated with the order that requires the challenge.
 
    .PARAMETER Token
        The token value from the appropriate challenge in an authorization object that matches the plugin type.
 
    .PARAMETER Plugin
        The name of the validation plugin to use. Use Get-PAPlugin to display a list of available plugins.
 
    .PARAMETER PluginArgs
        A hashtable containing the plugin arguments to use with the specified plugin. So if a plugin has a -MyText string and -MyNumber integer parameter, you could specify them as @{MyText='text';MyNumber=1234}.
 
    .PARAMETER DnsAlias
        When using DNS Alias support with DNS validation plugins, the alias domain that the TXT record will be written to. This should be the complete FQDN including the '_acme-challenge.' prefix if necessary. This field is ignored for non-DNS validation plugins.
 
    .EXAMPLE
        $auths = Get-PAOrder | Get-PAAuthorization
        PS C:\>Publish-Challenge $auths[0].DNSId (Get-PAAccount) $auths[0].DNS01Token Manual @{}
 
        Publish a DNS challenge for the first authorization in the current order using the Manual DNS plugin.
 
    .EXAMPLE
        $pArgs = @{Param1='asdf';Param2=1234}
        PS C:\>$acct = Get-PAAccount
        PS C:\>Publish-Challenge example.com $acct MyPlugin $pArgs -Token faketoken
 
        Publish a challenge for example.com using a fictitious plugin and arguments.
 
    .LINK
        Project: https://github.com/rmbolger/Posh-ACME
 
    .LINK
        Unpublish-Challenge
 
    .LINK
        Save-Challenge
 
    .LINK
        Get-PAPlugin
 
    #>

}