2016-11-01 17:27:57 +00:00
|
|
|
"use strict";
|
2016-11-01 19:16:43 +00:00
|
|
|
const plugins = require("./smartacme.plugins");
|
2016-11-01 17:27:57 +00:00
|
|
|
const https = require("https");
|
|
|
|
let jwa = require('jwa');
|
|
|
|
const url = require("url");
|
|
|
|
/**
|
|
|
|
* json_to_utf8base64url
|
|
|
|
* @private
|
|
|
|
* @description convert JSON to base64-url encoded string using UTF-8 encoding
|
|
|
|
* @param {Object} obj
|
|
|
|
* @return {string}
|
|
|
|
* @throws Exception if object cannot be stringified or contains cycle
|
|
|
|
*/
|
|
|
|
let json_to_utf8base64url = function (obj) {
|
2016-11-01 19:16:43 +00:00
|
|
|
return plugins.smartstring.base64.encodeUri(JSON.stringify(obj));
|
2016-11-01 17:27:57 +00:00
|
|
|
};
|
|
|
|
/**
|
|
|
|
* @class JWebClient
|
|
|
|
* @constructor
|
|
|
|
* @description Implementation of HTTPS-based JSON-Web-Client
|
|
|
|
*/
|
|
|
|
class JWebClient {
|
|
|
|
constructor() {
|
|
|
|
/**
|
|
|
|
* @member {Object} module:JWebClient~JWebClient#key_pair
|
|
|
|
* @desc User account key pair
|
|
|
|
*/
|
2016-11-01 19:16:43 +00:00
|
|
|
this.key_pair = {};
|
2016-11-01 17:27:57 +00:00
|
|
|
/**
|
|
|
|
* @member {string} module:JWebClient~JWebClient#last_nonce
|
|
|
|
* @desc Cached nonce returned with last request
|
|
|
|
*/
|
2016-11-01 19:16:43 +00:00
|
|
|
this.last_nonce = null;
|
2016-11-01 17:27:57 +00:00
|
|
|
/**
|
|
|
|
* @member {boolean} module:JWebClient~JWebClient#verbose
|
|
|
|
* @desc Determines verbose mode
|
|
|
|
*/
|
2016-11-01 19:16:43 +00:00
|
|
|
this.verbose = false;
|
2016-11-01 17:27:57 +00:00
|
|
|
}
|
|
|
|
/**
|
|
|
|
* createJWT
|
|
|
|
* @description create JSON-Web-Token signed object
|
|
|
|
* @param {string|undefined} nonce
|
|
|
|
* @param {Object|string|number|boolean} payload
|
|
|
|
* @param {string} alg
|
|
|
|
* @param {Object|string} key
|
|
|
|
* @param {Object} jwk
|
|
|
|
* @return {string}
|
|
|
|
*/
|
|
|
|
createJWT(nonce, payload, alg, key, jwk) {
|
|
|
|
/*jshint -W069 */
|
|
|
|
// prepare key
|
|
|
|
if (key instanceof Object) {
|
2016-11-01 19:16:43 +00:00
|
|
|
key = new Buffer(plugins.smartstring.base64.decode(key['k']));
|
2016-11-01 17:27:57 +00:00
|
|
|
}
|
|
|
|
// prepare header
|
|
|
|
let header = {
|
|
|
|
typ: 'JWT',
|
|
|
|
alg: alg,
|
|
|
|
jwk: jwk,
|
|
|
|
nonce: null
|
|
|
|
};
|
|
|
|
if (nonce !== void 0) {
|
|
|
|
header.nonce = nonce;
|
|
|
|
}
|
|
|
|
// concatenate header and payload
|
|
|
|
let input = [
|
|
|
|
json_to_utf8base64url(header),
|
|
|
|
json_to_utf8base64url(payload)
|
|
|
|
].join('.');
|
|
|
|
// sign input
|
|
|
|
let hmac = jwa(alg);
|
|
|
|
let sig = hmac.sign(input, key);
|
|
|
|
// concatenate input and signature
|
|
|
|
let output = [
|
|
|
|
input,
|
|
|
|
sig
|
|
|
|
].join('.');
|
|
|
|
// output
|
|
|
|
return output;
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* request
|
|
|
|
* @description make GET or POST request over HTTPS and use JOSE as payload type
|
|
|
|
* @param {string} query
|
|
|
|
* @param {string} payload
|
|
|
|
* @param {function} callback
|
|
|
|
* @param {function} errorCallback
|
|
|
|
*/
|
|
|
|
request(query, payload, callback, errorCallback) {
|
|
|
|
/*jshint -W069 */
|
|
|
|
if (typeof query !== 'string') {
|
|
|
|
query = ''; // ensure query is string
|
|
|
|
}
|
|
|
|
if (typeof callback !== 'function') {
|
|
|
|
callback = this.emptyCallback; // ensure callback is function
|
|
|
|
}
|
|
|
|
if (typeof errorCallback !== 'function') {
|
|
|
|
errorCallback = this.emptyCallback; // ensure callback is function
|
|
|
|
}
|
|
|
|
// prepare options
|
|
|
|
let uri = url.parse(query);
|
|
|
|
let options = {
|
|
|
|
hostname: uri.hostname,
|
|
|
|
port: parseInt(uri.port, 10),
|
|
|
|
path: uri.path,
|
|
|
|
method: null,
|
|
|
|
headers: {}
|
|
|
|
};
|
|
|
|
if (typeof payload === 'string') {
|
|
|
|
options.method = 'POST';
|
|
|
|
options.headers = {
|
|
|
|
'Content-Type': 'application/jose',
|
|
|
|
'Content-Length': payload.length
|
|
|
|
};
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
options.method = 'GET';
|
|
|
|
}
|
|
|
|
// prepare request
|
|
|
|
let req = https.request(options, function (res) {
|
|
|
|
// receive data
|
|
|
|
let data = [];
|
|
|
|
res.on('data', function (block) {
|
|
|
|
if (block instanceof Buffer) {
|
|
|
|
data.push(block);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
res.on('end', function () {
|
|
|
|
let buf = Buffer.concat(data);
|
|
|
|
let isJSON = ((res instanceof Object)
|
|
|
|
&& (res['headers'] instanceof Object)
|
|
|
|
&& (typeof res.headers['content-type'] === 'string')
|
|
|
|
&& (res.headers['content-type'].indexOf('json') > -1));
|
|
|
|
if (isJSON && buf.length > 0) {
|
|
|
|
try {
|
|
|
|
// convert to JSON
|
|
|
|
let json = JSON.parse(buf.toString('utf8'));
|
|
|
|
callback(json, res);
|
|
|
|
}
|
|
|
|
catch (e) {
|
|
|
|
// error (if empty or invalid JSON)
|
|
|
|
errorCallback(void 0, e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
callback(buf, res);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}).on('error', function (e) {
|
|
|
|
console.error('Error occured', e);
|
|
|
|
// error
|
|
|
|
errorCallback(void 0, e);
|
|
|
|
});
|
|
|
|
// write POST body if payload was specified
|
|
|
|
if (typeof payload === 'string') {
|
|
|
|
req.write(payload);
|
|
|
|
}
|
|
|
|
// make request
|
|
|
|
req.end();
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* get
|
|
|
|
* @description make GET request
|
|
|
|
* @param {string} uri
|
|
|
|
* @param {function} callback
|
|
|
|
* @param {function} errorCallback
|
|
|
|
*/
|
|
|
|
get(uri, callback, errorCallback) {
|
|
|
|
/*jshint -W069 */
|
|
|
|
let ctx = this;
|
|
|
|
if (typeof callback !== 'function') {
|
|
|
|
callback = this.emptyCallback; // ensure callback is function
|
|
|
|
}
|
|
|
|
this.request(uri, void 0, function (ans, res) {
|
|
|
|
ctx.evaluateStatus(uri, null, ans, res);
|
|
|
|
// save replay nonce for later requests
|
|
|
|
if ((res instanceof Object) && (res['headers'] instanceof Object)) {
|
|
|
|
ctx.last_nonce = res.headers['replay-nonce'];
|
|
|
|
}
|
|
|
|
callback(ans, res);
|
|
|
|
// dereference
|
|
|
|
ans = null;
|
|
|
|
callback = null;
|
|
|
|
ctx = null;
|
|
|
|
res = null;
|
|
|
|
}, errorCallback);
|
|
|
|
// dereference
|
|
|
|
errorCallback = null;
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* post
|
|
|
|
* @description make POST request
|
|
|
|
* @param {string} uri
|
|
|
|
* @param {Object|string|number|boolean} payload
|
|
|
|
* @param {function} callback
|
|
|
|
* @param {function} errorCallback
|
|
|
|
*/
|
|
|
|
post(uri, payload, callback, errorCallback) {
|
|
|
|
/*jshint -W069 */
|
|
|
|
let ctx = this;
|
|
|
|
if (typeof callback !== 'function') {
|
|
|
|
callback = this.emptyCallback; // ensure callback is function
|
|
|
|
}
|
2016-11-01 19:16:43 +00:00
|
|
|
let jwt = this.createJWT(this.last_nonce, payload, 'RS256', this.key_pair['private_pem'], this.key_pair['public_jwk']);
|
2016-11-01 17:27:57 +00:00
|
|
|
this.request(uri, jwt, (ans, res) => {
|
|
|
|
ctx.evaluateStatus(uri, payload, ans, res);
|
|
|
|
// save replay nonce for later requests
|
|
|
|
if ((res instanceof Object) && (res['headers'] instanceof Object)) {
|
|
|
|
ctx.last_nonce = res.headers['replay-nonce'];
|
|
|
|
}
|
|
|
|
callback(ans, res);
|
|
|
|
}, errorCallback);
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* evaluateStatus
|
|
|
|
* @description check if status is expected and log errors
|
|
|
|
* @param {string} uri
|
|
|
|
* @param {Object|string|number|boolean} payload
|
|
|
|
* @param {Object|string} ans
|
|
|
|
* @param {Object} res
|
|
|
|
*/
|
|
|
|
evaluateStatus(uri, payload, ans, res) {
|
|
|
|
/*jshint -W069 */
|
|
|
|
if (this.verbose) {
|
|
|
|
if ((payload instanceof Object)
|
|
|
|
|| (typeof payload === 'string')
|
|
|
|
|| (typeof payload === 'number')
|
|
|
|
|| (typeof payload === 'boolean')) {
|
|
|
|
console.error('Send :', payload); // what has been sent
|
|
|
|
}
|
|
|
|
}
|
|
|
|
let uri_parsed = url.parse(uri);
|
|
|
|
if (res['statusCode'] >= 100 && res['statusCode'] < 400) {
|
|
|
|
console.error('HTTP :', res['statusCode'], uri_parsed.path); // response code if successful
|
|
|
|
}
|
|
|
|
if (res['statusCode'] >= 400 && res['statusCode'] < 500) {
|
|
|
|
console.error('HTTP :', res['statusCode'], uri_parsed.path); // response code if error
|
|
|
|
if (ans instanceof Object) {
|
|
|
|
if (typeof ans['detail'] === 'string') {
|
|
|
|
console.error('Message:', ans.detail.split(' :: ').pop()); // error message if any
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (this.verbose) {
|
|
|
|
console.error('Receive:', res['headers']); // received headers
|
|
|
|
console.error('Receive:', ans); // received data
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Helper: Empty callback
|
|
|
|
*/
|
|
|
|
emptyCallback() {
|
|
|
|
// nop
|
|
|
|
}
|
|
|
|
}
|
|
|
|
exports.JWebClient = JWebClient;
|
2016-11-01 19:16:43 +00:00
|
|
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuandlYmNsaWVudC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL3NtYXJ0YWNtZS5jbGFzc2VzLmp3ZWJjbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLCtDQUE4QztBQUM5QywrQkFBOEI7QUFDOUIsSUFBSSxHQUFHLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3hCLDJCQUEwQjtBQUUxQjs7Ozs7OztHQU9HO0FBQ0gsSUFBSSxxQkFBcUIsR0FBRyxVQUFVLEdBQUc7SUFDckMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUE7QUFDcEUsQ0FBQyxDQUFBO0FBRUQ7Ozs7R0FJRztBQUNIO0lBSUk7UUFDSTs7O1dBR0c7UUFDSCxJQUFJLENBQUMsUUFBUSxHQUFHLEVBQUUsQ0FBQTtRQUNsQjs7O1dBR0c7UUFDSCxJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQTtRQUN0Qjs7O1dBR0c7UUFDSCxJQUFJLENBQUMsT0FBTyxHQUFHLEtBQUssQ0FBQTtJQUN4QixDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0gsU0FBUyxDQUFDLEtBQUssRUFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHO1FBQ25DLGlCQUFpQjtRQUNqQixjQUFjO1FBQ2QsRUFBRSxDQUFDLENBQUMsR0FBRyxZQUFZLE1BQU0sQ0FBQyxDQUFDLENBQUM7WUFDeEIsR0FBRyxHQUFHLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFBO1FBQ2pFLENBQUM7UUFDRCxpQkFBaUI7UUFDakIsSUFBSSxNQUFNLEdBQUc7WUFDVCxHQUFHLEVBQUUsS0FBSztZQUNWLEdBQUcsRUFBRSxHQUFHO1lBQ1IsR0FBRyxFQUFFLEdBQUc7WUFDUixLQUFLLEVBQUUsSUFBSTtTQUNkLENBQUE7UUFFRCxFQUFFLENBQUMsQ0FBQyxLQUFLLEtBQUssS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ25CLE1BQU0sQ0FBQyxLQUFLLEdBQUcsS0FBSyxDQUFBO1FBQ3hCLENBQUM7UUFDRCxpQ0FBaUM7UUFDakMsSUFBSSxLQUFLLEdBQUc7WUFDUixxQkFBcUIsQ0FBQyxNQUFNLENBQUM7WUFDN0IscUJBQXFCLENBQUMsT0FBTyxDQUFDO1NBQ2pDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1FBQ1gsYUFBYTtRQUNiLElBQUksSUFBSSxHQUFHLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtRQUNuQixJQUFJLEdBQUcsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQTtRQUMvQixrQ0FBa0M7UUFDbEMsSUFBSSxNQUFNLEdBQUc7WUFDVCxLQUFLO1lBQ0wsR0FBRztTQUNOLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1FBQ1gsU0FBUztRQUNULE1BQU0sQ0FBQyxNQUFNLENBQUE7SUFDakIsQ0FBQztJQUVEOzs7Ozs7O09BT0c7SUFDSCxPQUFPLENBQUMsS0FBSyxFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsYUFBYTtRQUMzQyxpQkFBaUI7UUFDakIsRUFBRSxDQUFDLENBQUMsT0FBTyxLQUFLLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQztZQUM1QixLQUFLLEdBQUcsRUFBRSxDQUFBLENBQUMseUJBQXlCO1FBQ3hDLENBQUM7UUFDRCxFQUFFLENBQUMsQ0FBQyxPQUFPLFFBQVEsS0FBSyxVQUFVLENBQUMsQ0FBQyxDQUFDO1lBQ2pDLFFBQVEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFBLENBQUMsOEJBQThCO1FBQ2hFLENBQUM7UUFDRCxFQUFFLENBQUMsQ0FBQyxPQUFPLGFBQWEsS0FBSyxVQUFVLENBQUMsQ0FBQyxDQUFDO1lBQ3RDLGFBQWEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFBLENBQUMsOEJBQThCO1FBQ3JFLENBQUM7UUFDRCxrQkFBa0I7UUFDbEIsSUFBSSxHQUFHLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUMxQixJQUFJLE9BQU8sR0FBRztZQUNWLFFBQVEsRUFBRSxHQUFHLENBQUMsUUFBUTtZQUN0QixJQUFJLEVBQUUsUUFBUSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDO1lBQzVCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTtZQUNkLE1BQU0sRUFBRSxJQUFJO1lBQ1osT0FBTyxFQUFFLEVBQUU7U0FDZCxDQUFBO1FBQ0QsRUFBRSxDQUFDLENBQUMsT0FBTyxPQUFPLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQztZQUM5QixPQUFPLENBQUMsTUFBTSxHQUFHLE1BQU0sQ0FBQTtZQUN2QixPQUFPLENBQUMsT0FBTyxHQUFHO2dCQUNkLGNBQWMsRUFBRSxrQkFBa0I7Z0JBQ2xDLGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxNQUFNO2FBQ25DLENBQUE7UUFDTCxDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDSixPQUFPLENBQUMsTUFBTSxHQUFHLEtBQUssQ0FBQTtRQUMxQixDQUFDO1FBQ0Qsa0JBQWtCO1FBQ2xCLElBQUksR0FBRyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLFVBQVUsR0FBRztZQUMxQyxlQUFlO1lBQ2YsSUFBSSxJQUFJLEdBQUcsRUFBRSxDQUFBO1lBQ2IsR0FBRyxDQUFDLEVBQUUsQ0FBQyxNQUFNLEVBQUUsVUFBVSxLQUFLO2dCQUMxQixFQUFFLENBQUMsQ0FBQyxLQUFLLFlBQVksTUFBTSxDQUFDLENBQUMsQ0FBQztvQkFDMUIsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQTtnQkFDcEIsQ0FBQztZQUNMLENBQUMsQ0FBQyxDQUFBO1lBQ0YsR0FBRyxDQUFDLEVBQUUsQ0FBQyxLQUFLLEVBQUU7Z0JBQ1YsSUFBSSxHQUFHLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQTtnQkFDN0IsSUFBSSxNQUFNLEdBQUcsQ0FDVCxDQUFDLEdBQUcsWUFBWSxNQUFNLENBQUM7dUJBQ3BCLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxZQUFZLE1BQU0sQ0FBQzt1QkFDbEMsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLEtBQUssUUFBUSxDQUFDO3VCQUNqRCxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQ3hELENBQUE7Z0JBQ0QsRUFBRSxDQUFDLENBQUMsTUFBTSxJQ
|