switch to acme core
This commit is contained in:
parent
7bfc4e279f
commit
4dc88996e5
1
LICENSE
1
LICENSE
@ -1,5 +1,4 @@
|
|||||||
Copyright (C) 2016, Lossless GmbH
|
Copyright (C) 2016, Lossless GmbH
|
||||||
Copyright (C) 2016, Martin Springwald
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||||
this software and associated documentation files (the "Software"), to deal in
|
this software and associated documentation files (the "Software"), to deal in
|
||||||
|
27
assets/private.pem
Normal file
27
assets/private.pem
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIEpQIBAAKCAQEAyocFq3vvbiRNCsEcXtsqimIi6UM1OmxiYVQ0NoLvBtpaWk+E
|
||||||
|
TvNIjmUgh5QQaQfRyRGoWvhskp+E8p6go4GsbRtzx0TvL8uINTcC3SHHo6Qvl599
|
||||||
|
4QUUPUrioHdh+lX1oj+zIPVUOaL4dl0US1Ebs5vrZVbCfNXSm86vBaPIj6IkWEkj
|
||||||
|
4S5xGsYlVaQUI8Tvv2fbPziIivbkxS1v/EEMnfk6i5PWgCsnMupYxz58WaVp9xyu
|
||||||
|
+v/DMPB09mqo4DzchtUNF/b5eOWh3pDJoewYyRVMDDPJoQiTKkJn3kt64EaQuZK2
|
||||||
|
nUXcihlmaKIx5ayxirsgfvIvxidHnkQcluvciQIDAQABAoIBAQCTPUKz/3B8pMuW
|
||||||
|
C/syQyhUXzB+YawrA20q0Wr8Toi0dL7HdZP9SgXv8DmMF+suUM8F3V6GdKGKn4qq
|
||||||
|
UQT8mmPfFtw/fTBfkRs/hPUCC3L214D6PKvpkiW6wdytSN3kf+YKxUDXr0RCeuck
|
||||||
|
NltwvlDjbXHfxQm0dEefms3HzeEb+jwCyyLVLv+cDly7w7Qqq+67A6mduV/hb53p
|
||||||
|
92VFm36r7njr+1CYHq+ixV+oyUrEue7yW7w1SjZRkii3AY8Tbvk1f0lVw+XkyYf7
|
||||||
|
bQvmGSGJh1FmBi7Lytc2hKnqBLTn+iWx3S5pdPhcKTMwC/OD8p+r/DfyqThW/KVa
|
||||||
|
aaXdoY/5AoGBAO4uAcmHOhR+M/Jnue4srZJ82EkNOQy+zaFlg9KCU9R4qZ59/klH
|
||||||
|
fp0PkOw3bDFT4/1i12nm4XXqhI9Z7nsKdAoajOYpnifJVEAwQh9MlRBM7Lw+ZS0q
|
||||||
|
IcH7dvvP1XQ7E2U4C0cWUMcpWNpnmwV67gtqy0KZwk5i+WlFuugQzmhbAoGBANmu
|
||||||
|
JX6bPKUx0kBJLWhJeAxsk0OoHJ4uGihs1zxT6gl6s+AKQG4db9vU2w99lJ0nR3Aw
|
||||||
|
MLA4evSMFa5Od96W4KnoiMNHS4c5QiiVKsRSU1losWfwq0jyg406oyTh8rd0eOQn
|
||||||
|
LDOKP7nDTij8A6l0/t5a2MCu4bLQQXTedPrX+wPrAoGBAM/XO94Fb+xUGLaOR1SM
|
||||||
|
jkaHRSGyNTdnBP+zGy5GZirBxJo2rgB6MAWUgM1wq6v73bbOWtXiEJqaNGT3gEDE
|
||||||
|
ZXAvrQZoCMgFSszcj8bKSEW6Ktc1x4p6+oxRCIpC2aycpJcuKcE1uvWgohWsVT2a
|
||||||
|
AUHbRlXu4P0QJz7zB1/c0pGDAoGAbIvSVpfCXf3CAhx7cA1yt39Mz+f8nUQP9yiP
|
||||||
|
C54sjh2JpKZ4CnDTXqN9uPO+L79ueBsPrE/9wAQ6q3ilfXFvBkrWJ8pdd0iuHN6F
|
||||||
|
PPBwb50tGc+BGhcUUlBzGekxxxllTx/ZgrnlnRQu3XENwmp8zRQwEaUjFq+SdFyZ
|
||||||
|
qJwap5ECgYEA7UGxxRXAjfStTLnsrnr9svvr3QhwnZBg5JAjeR6FKC0cGFzdBrJ5
|
||||||
|
rV/Zy4mGbTBBVh5oU3MplB3AUHejuFv+8eCik2mJug8k3G8KQAk9mB8oV97k0cp+
|
||||||
|
bdlu9vlutIoCG9RXxCHdgRVLiLK+OkLv6p7hQOIY7fsIRaAuI+vPKSk=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
9
assets/public.pem
Normal file
9
assets/public.pem
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyocFq3vvbiRNCsEcXtsq
|
||||||
|
imIi6UM1OmxiYVQ0NoLvBtpaWk+ETvNIjmUgh5QQaQfRyRGoWvhskp+E8p6go4Gs
|
||||||
|
bRtzx0TvL8uINTcC3SHHo6Qvl5994QUUPUrioHdh+lX1oj+zIPVUOaL4dl0US1Eb
|
||||||
|
s5vrZVbCfNXSm86vBaPIj6IkWEkj4S5xGsYlVaQUI8Tvv2fbPziIivbkxS1v/EEM
|
||||||
|
nfk6i5PWgCsnMupYxz58WaVp9xyu+v/DMPB09mqo4DzchtUNF/b5eOWh3pDJoewY
|
||||||
|
yRVMDDPJoQiTKkJn3kt64EaQuZK2nUXcihlmaKIx5ayxirsgfvIvxidHnkQcluvc
|
||||||
|
iQIDAQAB
|
||||||
|
-----END PUBLIC KEY-----
|
199
dist/smartacme.classes.acmeclient.d.ts
vendored
199
dist/smartacme.classes.acmeclient.d.ts
vendored
@ -1,199 +0,0 @@
|
|||||||
/// <reference types="q" />
|
|
||||||
import * as q from 'q';
|
|
||||||
import { JWebClient } from './smartacme.classes.jwebclient';
|
|
||||||
import { IReqResArg } from './smartacme.classes.jwebclient';
|
|
||||||
/**
|
|
||||||
* @class AcmeClient
|
|
||||||
* @constructor
|
|
||||||
* @description ACME protocol implementation from client perspective
|
|
||||||
* @param {string} directory_url - Address of directory
|
|
||||||
* @param {module:JWebClient~JWebClient} jWebClient - Reference to JSON-Web-Client
|
|
||||||
*/
|
|
||||||
export declare class AcmeClient {
|
|
||||||
clientProfilePubKey: any;
|
|
||||||
daysValid: number;
|
|
||||||
directory: any;
|
|
||||||
directoryUrl: string;
|
|
||||||
emailDefaultPrefix: string;
|
|
||||||
emailOverride: string;
|
|
||||||
jWebClient: JWebClient;
|
|
||||||
regLink: string;
|
|
||||||
tosLink: string;
|
|
||||||
webroot: string;
|
|
||||||
wellKnownPath: string;
|
|
||||||
withInteraction: boolean;
|
|
||||||
constructor(directoryUrlArg: any);
|
|
||||||
/**
|
|
||||||
* getDirectory
|
|
||||||
* @description retrieve directory entries (directory url must be set prior to execution)
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getDirectory(): q.Promise<IReqResArg>;
|
|
||||||
/**
|
|
||||||
* newRegistration
|
|
||||||
* @description try to register (directory lookup must have occured prior to execution)
|
|
||||||
* @param {Object} payload
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
newRegistration(payload: any): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* getRegistration
|
|
||||||
* @description get information about registration
|
|
||||||
* @param {string} uri - will be exposed when trying to register
|
|
||||||
* @param {Object} payload - update information
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getRegistration(uri: any, payload: any): q.Promise<IReqResArg>;
|
|
||||||
/**
|
|
||||||
* authorizeDomain
|
|
||||||
* @description authorize domain using challenge-response-method
|
|
||||||
* @param {string} domain
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
authorizeDomain(domain: any): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* acceptChallenge
|
|
||||||
* @description tell server which challenge will be accepted
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
acceptChallenge(challenge?: {}): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* pollUntilValid
|
|
||||||
* @description periodically (with exponential back-off) check status of challenge
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
* @param {number} retry - factor of delay
|
|
||||||
*/
|
|
||||||
pollUntilValid(uri: any, retry?: number): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* pollUntilIssued
|
|
||||||
* @description periodically (with exponential back-off) check status of CSR
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
* @param {number} retry - factor of delay
|
|
||||||
*/
|
|
||||||
pollUntilIssued(uri: any, retry?: number): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* requestSigning
|
|
||||||
* @description send CSR
|
|
||||||
* @param {string} domain - expected to be already sanitized
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
requestSigning(commonName: any): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* retrieves profile of user (will make directory lookup and registration check)
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getProfile(): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* createAccount
|
|
||||||
* @description create new account (assumes directory lookup has already occured)
|
|
||||||
* @param {string} email
|
|
||||||
* @param {function} callback - first argument will be the registration URI
|
|
||||||
*/
|
|
||||||
createAccount(email: string): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* agreeTos
|
|
||||||
* @description agree with terms of service (update agreement status in profile)
|
|
||||||
* @param {string} tosLink
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
agreeTos(tosLink: any): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* Entry-Point: Request certificate
|
|
||||||
*/
|
|
||||||
requestCertificate(domainArg: string, organizationArg: string, countryCodeArg: string): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* External: Create key pair
|
|
||||||
* @param {number} bit - key strength, expected to be already sanitized
|
|
||||||
* @param {string} c - country code, expected to be already sanitized
|
|
||||||
* @param {string} o - organization, expected to be already sanitized
|
|
||||||
* @param {string} cn - common name (domain name), expected to be already sanitized
|
|
||||||
* @param {string} e - email address, expected to be already sanitized
|
|
||||||
* @param {function} callback
|
|
||||||
*/
|
|
||||||
createKeyPair(optionsArg: {
|
|
||||||
keyBitSize: number;
|
|
||||||
countryCode: string;
|
|
||||||
organization: string;
|
|
||||||
commonName: string;
|
|
||||||
emailAddress: string;
|
|
||||||
}): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* Helper: Empty callback
|
|
||||||
*/
|
|
||||||
emptyCallback(): void;
|
|
||||||
/**
|
|
||||||
* Helper: Make safe file name or path from string
|
|
||||||
* @param {string} name
|
|
||||||
* @param {boolean} withPath - optional, default false
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
makeSafeFileName(name: any, withPath?: boolean): any;
|
|
||||||
/**
|
|
||||||
* Helper: Prepare challenge
|
|
||||||
* @param {string} domain
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @param {function} callback
|
|
||||||
*/
|
|
||||||
prepareChallenge(domain: any, challenge: any, callback: any): void;
|
|
||||||
/**
|
|
||||||
* Helper: Extract TOS Link, e.g. from "<http://...>;rel="terms-of-service"
|
|
||||||
* @param {string} linkStr
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
getTosLink(linkStr: any): string;
|
|
||||||
/**
|
|
||||||
* Helper: Select challenge by type
|
|
||||||
* @param {Object} ans
|
|
||||||
* @param {string} challenge_type
|
|
||||||
* @return {Object}
|
|
||||||
*/
|
|
||||||
selectChallenge(ans: any, challengeType: string): any;
|
|
||||||
/**
|
|
||||||
* Helper: Extract first found email from profile (without mailto prefix)
|
|
||||||
* @param {Object} profile
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
extractEmail(profile: any): string;
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: Domain-Authorization Request - Object: resource, identifier
|
|
||||||
* @param {string} domain
|
|
||||||
* @return {{resource: string, identifier: Object}}
|
|
||||||
*/
|
|
||||||
makeDomainAuthorizationRequest(domain: any): {
|
|
||||||
'resource': string;
|
|
||||||
'identifier': {
|
|
||||||
'type': string;
|
|
||||||
'value': any;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
/**
|
|
||||||
* Make ACME-Object: Key-Authorization (encoded) - String: Challenge-Token . Encoded-Account-Key-Hash
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
makeKeyAuthorization(challenge: any): string;
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: Challenge-Response - Object: resource, keyAuthorization
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @return {{resource: string, keyAuthorization: string}}
|
|
||||||
*/
|
|
||||||
makeChallengeResponse(challenge: any): {
|
|
||||||
'resource': string;
|
|
||||||
'keyAuthorization': string;
|
|
||||||
};
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: CSR - Object: resource, csr, notBefore, notAfter
|
|
||||||
* @param {string} csr
|
|
||||||
* @param {number} days_valid
|
|
||||||
* @return {{resource: string, csr: string, notBefore: string, notAfter: string}}
|
|
||||||
*/
|
|
||||||
makeCertRequest(csr: string, DAYS_VALID: number): {
|
|
||||||
'resource': string;
|
|
||||||
'csr': any;
|
|
||||||
'notBefore': string;
|
|
||||||
'notAfter': string;
|
|
||||||
};
|
|
||||||
}
|
|
717
dist/smartacme.classes.acmeclient.js
vendored
717
dist/smartacme.classes.acmeclient.js
vendored
File diff suppressed because one or more lines are too long
71
dist/smartacme.classes.jwebclient.d.ts
vendored
71
dist/smartacme.classes.jwebclient.d.ts
vendored
@ -1,71 +0,0 @@
|
|||||||
/// <reference types="q" />
|
|
||||||
import * as q from 'q';
|
|
||||||
export interface IReqResArg {
|
|
||||||
ans: any;
|
|
||||||
res: any;
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* @class JWebClient
|
|
||||||
* @constructor
|
|
||||||
* @description Implementation of HTTPS-based JSON-Web-Client
|
|
||||||
*/
|
|
||||||
export declare class JWebClient {
|
|
||||||
/**
|
|
||||||
* User account key pair
|
|
||||||
*/
|
|
||||||
keyPair: any;
|
|
||||||
/**
|
|
||||||
* Cached nonce returned with last request
|
|
||||||
*/
|
|
||||||
lastNonce: string;
|
|
||||||
/**
|
|
||||||
* @member {boolean} module:JWebClient~JWebClient#verbose
|
|
||||||
* @desc Determines verbose mode
|
|
||||||
*/
|
|
||||||
verbose: boolean;
|
|
||||||
constructor();
|
|
||||||
/**
|
|
||||||
* createJWT
|
|
||||||
* @description create JSON-Web-Token signed object
|
|
||||||
* @param {string|undefined} nonce
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {string} alg
|
|
||||||
* @param {Object|string} key
|
|
||||||
* @param {Object} jwk
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
createJWT(nonce: any, payload: any, alg: any, key: any, jwk: any): string;
|
|
||||||
/**
|
|
||||||
* request
|
|
||||||
* @description make GET or POST request over HTTPS and use JOSE as payload type
|
|
||||||
* @param {string} query
|
|
||||||
* @param {string} payload
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
request(query: string, payload?: string): q.Promise<{}>;
|
|
||||||
/**
|
|
||||||
* get
|
|
||||||
* @description make GET request
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
get(uri: string): q.Promise<IReqResArg>;
|
|
||||||
/**
|
|
||||||
* make POST request
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
post(uri: string, payload: any): q.Promise<IReqResArg>;
|
|
||||||
/**
|
|
||||||
* checks if status is expected and log errors
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {Object|string} ans
|
|
||||||
* @param {Object} res
|
|
||||||
*/
|
|
||||||
evaluateStatus(uri: any, payload: any, ans: any, res: any): void;
|
|
||||||
}
|
|
222
dist/smartacme.classes.jwebclient.js
vendored
222
dist/smartacme.classes.jwebclient.js
vendored
File diff suppressed because one or more lines are too long
33
dist/smartacme.classes.smartacme.d.ts
vendored
33
dist/smartacme.classes.smartacme.d.ts
vendored
@ -1,16 +1,29 @@
|
|||||||
import * as acmeclient from './smartacme.classes.acmeclient';
|
/// <reference types="q" />
|
||||||
|
import 'typings-global';
|
||||||
|
import * as q from 'q';
|
||||||
|
/**
|
||||||
|
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||||
|
*/
|
||||||
export declare class SmartAcme {
|
export declare class SmartAcme {
|
||||||
acmeAccount: AcmeAccount;
|
preparedBool: boolean;
|
||||||
acmeClient: acmeclient.AcmeClient;
|
acmeUrls: any;
|
||||||
constructor(directoryUrlArg?: string);
|
productionBool: boolean;
|
||||||
|
keyPair: any;
|
||||||
|
constructor(productionArg?: boolean);
|
||||||
/**
|
/**
|
||||||
* creates an account
|
* prepares the SmartAcme class
|
||||||
*/
|
*/
|
||||||
createAccount(): void;
|
prepareAcme(): q.Promise<{}>;
|
||||||
/**
|
/**
|
||||||
* returns the openssl key pair for
|
* creates an account if not currently present in module
|
||||||
*/
|
*/
|
||||||
getKeyPair(): any;
|
createAccount(): q.Promise<{}>;
|
||||||
}
|
/**
|
||||||
export declare class AcmeAccount {
|
* creates a keyPair
|
||||||
|
*/
|
||||||
|
createKeyPair(): q.Promise<{}>;
|
||||||
|
/**
|
||||||
|
* gets the Acme Urls
|
||||||
|
*/
|
||||||
|
getAcmeUrls(): q.Promise<{}>;
|
||||||
}
|
}
|
||||||
|
106
dist/smartacme.classes.smartacme.js
vendored
106
dist/smartacme.classes.smartacme.js
vendored
@ -1,26 +1,104 @@
|
|||||||
"use strict";
|
"use strict";
|
||||||
const acmeclient = require("./smartacme.classes.acmeclient");
|
require("typings-global");
|
||||||
|
const q = require("q");
|
||||||
|
let ACME = require('le-acme-core').ACME.create();
|
||||||
|
let RSA = require('rsa-compat').RSA;
|
||||||
|
let bitlen = 1024;
|
||||||
|
let exp = 65537;
|
||||||
|
let options = {
|
||||||
|
public: true,
|
||||||
|
pem: true,
|
||||||
|
internal: true
|
||||||
|
};
|
||||||
|
/**
|
||||||
|
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||||
|
*/
|
||||||
class SmartAcme {
|
class SmartAcme {
|
||||||
constructor(directoryUrlArg = 'https://acme-staging.api.letsencrypt.org/directory') {
|
constructor(productionArg = false) {
|
||||||
this.acmeClient = new acmeclient.AcmeClient(directoryUrlArg);
|
this.preparedBool = false;
|
||||||
|
this.productionBool = productionArg;
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* creates an account
|
* prepares the SmartAcme class
|
||||||
|
*/
|
||||||
|
prepareAcme() {
|
||||||
|
let done = q.defer();
|
||||||
|
if (this.preparedBool === false) {
|
||||||
|
this.getAcmeUrls()
|
||||||
|
.then(() => {
|
||||||
|
return this.createKeyPair();
|
||||||
|
})
|
||||||
|
.then((x) => {
|
||||||
|
console.log('prepared smartacme instance');
|
||||||
|
done.resolve();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
done.resolve();
|
||||||
|
}
|
||||||
|
return done.promise;
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* creates an account if not currently present in module
|
||||||
*/
|
*/
|
||||||
createAccount() {
|
createAccount() {
|
||||||
this.acmeClient.createAccount('test@bleu.de', (answer) => {
|
let done = q.defer();
|
||||||
console.log(answer);
|
this.prepareAcme()
|
||||||
});
|
.then(() => {
|
||||||
|
return this.createKeyPair();
|
||||||
|
})
|
||||||
|
.then(() => {
|
||||||
|
let options = {
|
||||||
|
newRegUrl: this.acmeUrls.newReg,
|
||||||
|
email: 'domains@lossless.org',
|
||||||
|
accountKeypair: {
|
||||||
|
privateKeyPem: this.keyPair
|
||||||
|
},
|
||||||
|
agreeToTerms: function (tosUrl, done) {
|
||||||
|
done(null, tosUrl);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
ACME.registerNewAccount(options, (err, regr) => {
|
||||||
|
if (err) {
|
||||||
|
console.log(err);
|
||||||
|
done.reject(err);
|
||||||
|
}
|
||||||
|
done.resolve(regr);
|
||||||
|
}); // returns "regr" registration data
|
||||||
|
}).catch(err => { console.log(err); });
|
||||||
|
return done.promise;
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* returns the openssl key pair for
|
* creates a keyPair
|
||||||
*/
|
*/
|
||||||
getKeyPair() {
|
createKeyPair() {
|
||||||
return this.acmeClient.getKeyPair();
|
let done = q.defer();
|
||||||
|
RSA.generateKeypair(bitlen, exp, options, (err, keypair) => {
|
||||||
|
if (err) {
|
||||||
|
console.log(err);
|
||||||
|
done.reject(err);
|
||||||
|
}
|
||||||
|
console.log(keypair);
|
||||||
|
this.keyPair = keypair;
|
||||||
|
});
|
||||||
|
done.resolve();
|
||||||
|
return done.promise;
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* gets the Acme Urls
|
||||||
|
*/
|
||||||
|
getAcmeUrls() {
|
||||||
|
let done = q.defer();
|
||||||
|
ACME.getAcmeUrls(ACME.stagingServerUrl, (err, urls) => {
|
||||||
|
if (err) {
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
|
this.acmeUrls = urls;
|
||||||
|
console.log(this.acmeUrls);
|
||||||
|
done.resolve();
|
||||||
|
});
|
||||||
|
return done.promise;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
exports.SmartAcme = SmartAcme;
|
exports.SmartAcme = SmartAcme;
|
||||||
class AcmeAccount {
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSwwQkFBdUI7QUFDdkIsdUJBQXNCO0FBTXRCLElBQUksSUFBSSxHQUFHLE9BQU8sQ0FBQyxjQUFjLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUE7QUFDaEQsSUFBSSxHQUFHLEdBQUcsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFDLEdBQUcsQ0FBQTtBQUVuQyxJQUFJLE1BQU0sR0FBRyxJQUFJLENBQUE7QUFDakIsSUFBSSxHQUFHLEdBQUcsS0FBSyxDQUFBO0FBQ2YsSUFBSSxPQUFPLEdBQUc7SUFDVixNQUFNLEVBQUUsSUFBSTtJQUNaLEdBQUcsRUFBRSxJQUFJO0lBQ1QsUUFBUSxFQUFFLElBQUk7Q0FDakIsQ0FBQTtBQUNEOztHQUVHO0FBQ0g7SUFLSSxZQUFZLGdCQUF5QixLQUFLO1FBSjFDLGlCQUFZLEdBQVksS0FBSyxDQUFBO1FBS3pCLElBQUksQ0FBQyxjQUFjLEdBQUcsYUFBYSxDQUFBO0lBQ3ZDLENBQUM7SUFFRDs7T0FFRztJQUNILFdBQVc7UUFDUCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLFlBQVksS0FBSyxLQUFLLENBQUMsQ0FBQyxDQUFDO1lBQzlCLElBQUksQ0FBQyxXQUFXLEVBQUU7aUJBQ2IsSUFBSSxDQUFDO2dCQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUE7WUFDL0IsQ0FBQyxDQUFDO2lCQUNELElBQUksQ0FBQyxDQUFDLENBQUM7Z0JBQ0osT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFBO2dCQUMxQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7WUFDbEIsQ0FBQyxDQUFDLENBQUE7UUFDVixDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDSixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDbEIsQ0FBQztRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILGFBQWE7UUFDVCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxDQUFDLFdBQVcsRUFBRTthQUNiLElBQUksQ0FBQztZQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUE7UUFDL0IsQ0FBQyxDQUFDO2FBQ0QsSUFBSSxDQUFDO1lBQ0YsSUFBSSxPQUFPLEdBQUc7Z0JBQ1YsU0FBUyxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTTtnQkFDL0IsS0FBSyxFQUFFLHNCQUFzQjtnQkFDN0IsY0FBYyxFQUFFO29CQUNaLGFBQWEsRUFBRSxJQUFJLENBQUMsT0FBTztpQkFDOUI7Z0JBQ0QsWUFBWSxFQUFFLFVBQVUsTUFBTSxFQUFFLElBQUk7b0JBQ2hDLElBQUksQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUE7Z0JBQ3RCLENBQUM7YUFDSixDQUFBO1lBQ0QsSUFBSSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sRUFBRSxDQUFDLEdBQUcsRUFBRSxJQUFJO2dCQUN2QyxFQUFFLENBQUEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO29CQUNMLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7b0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ3BCLENBQUM7Z0JBQ0QsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQTtZQUN0QixDQUFDLENBQUMsQ0FBQSxDQUFDLG1DQUFtQztRQUMxQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUV6QyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUN2QixDQUFDO0lBRUQ7O09BRUc7SUFDSCxhQUFhO1FBQ1QsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLEdBQUcsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRSxPQUFPLEVBQUUsQ0FBQyxHQUFHLEVBQUUsT0FBTztZQUNuRCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNOLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDcEIsQ0FBQztZQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDcEIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUE7UUFDMUIsQ0FBQyxDQUFDLENBQUE7UUFDRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDZCxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUN2QixDQUFDO0lBRUQ7O09BRUc7SUFDSCxXQUFXO1FBQ1AsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUMsR0FBRyxFQUFFLElBQUk7WUFDOUMsRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDTixNQUFNLEdBQUcsQ0FBQTtZQUNiLENBQUM7WUFDRCxJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQTtZQUNwQixPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQTtZQUMxQixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDbEIsQ0FBQyxDQUFDLENBQUE7UUFDRixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUN2QixDQUFDO0NBQ0o7QUE3RkQsOEJBNkZDIn0=
|
||||||
}
|
|
||||||
exports.AcmeAccount = AcmeAccount;
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFDQSw2REFBNEQ7QUFFNUQ7SUFHSSxZQUFZLGtCQUEwQixvREFBb0Q7UUFDdEYsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLFVBQVUsQ0FBQyxVQUFVLENBQUMsZUFBZSxDQUFDLENBQUE7SUFDaEUsQ0FBQztJQUVEOztPQUVHO0lBQ0gsYUFBYTtRQUNULElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLGNBQWMsRUFBQyxDQUFDLE1BQU07WUFDaEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQTtRQUN2QixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUM7SUFFRDs7T0FFRztJQUNILFVBQVU7UUFDTixNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxVQUFVLEVBQUUsQ0FBQTtJQUN2QyxDQUFDO0NBQ0o7QUF0QkQsOEJBc0JDO0FBRUQ7Q0FFQztBQUZELGtDQUVDIn0=
|
|
10
dist/smartacme.paths.js
vendored
10
dist/smartacme.paths.js
vendored
@ -1,5 +1,7 @@
|
|||||||
"use strict";
|
"use strict";
|
||||||
const plugins = require("./smartacme.plugins");
|
const path = require("path");
|
||||||
exports.packageDir = plugins.path.join(__dirname, '../');
|
const smartfile = require("smartfile");
|
||||||
exports.assetDir = plugins.path.join(exports.packageDir, 'assets/');
|
exports.packageDir = path.join(__dirname, '../');
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSwrQ0FBOEM7QUFFbkMsUUFBQSxVQUFVLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQy9DLFFBQUEsUUFBUSxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFVLEVBQUMsU0FBUyxDQUFDLENBQUEifQ==
|
exports.assetDir = path.join(exports.packageDir, 'assets/');
|
||||||
|
smartfile.fs.ensureDirSync(exports.assetDir);
|
||||||
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw2QkFBNEI7QUFDNUIsdUNBQXNDO0FBRTNCLFFBQUEsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3ZDLFFBQUEsUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQVUsRUFBQyxTQUFTLENBQUMsQ0FBQTtBQUNyRCxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxnQkFBUSxDQUFDLENBQUEifQ==
|
6
dist/smartacme.plugins.d.ts
vendored
6
dist/smartacme.plugins.d.ts
vendored
@ -1,6 +0,0 @@
|
|||||||
import 'typings-global';
|
|
||||||
import * as path from 'path';
|
|
||||||
import * as smartfile from 'smartfile';
|
|
||||||
import * as smartstring from 'smartstring';
|
|
||||||
import * as shelljs from 'shelljs';
|
|
||||||
export { path, smartfile, smartstring, shelljs };
|
|
11
dist/smartacme.plugins.js
vendored
11
dist/smartacme.plugins.js
vendored
@ -1,11 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
require("typings-global");
|
|
||||||
const path = require("path");
|
|
||||||
exports.path = path;
|
|
||||||
const smartfile = require("smartfile");
|
|
||||||
exports.smartfile = smartfile;
|
|
||||||
const smartstring = require("smartstring");
|
|
||||||
exports.smartstring = smartstring;
|
|
||||||
const shelljs = require("shelljs");
|
|
||||||
exports.shelljs = shelljs;
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBsdWdpbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUucGx1Z2lucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMEJBQXVCO0FBQ3ZCLDZCQUE0QjtBQU14QixvQkFBSTtBQUxSLHVDQUFzQztBQU1sQyw4QkFBUztBQUxiLDJDQUEwQztBQU10QyxrQ0FBVztBQUxmLG1DQUFrQztBQU05QiwwQkFBTyJ9
|
|
@ -23,11 +23,10 @@
|
|||||||
},
|
},
|
||||||
"homepage": "https://gitlab.com/pushrocks/smartacme#README",
|
"homepage": "https://gitlab.com/pushrocks/smartacme#README",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@types/base64url": "^2.0.3",
|
"@types/q": "0.x.x",
|
||||||
"jwa": "^1.1.3",
|
"le-acme-core": "^2.0.7",
|
||||||
"q": "^1.4.1",
|
"q": "^1.4.1",
|
||||||
"rsa-pem-to-jwk": "^1.1.3",
|
"rsa-compat": "^1.2.7",
|
||||||
"shelljs": "^0.7.5",
|
|
||||||
"smartfile": "^4.1.0",
|
"smartfile": "^4.1.0",
|
||||||
"smartstring": "^2.0.20",
|
"smartstring": "^2.0.20",
|
||||||
"typings-global": "^1.0.14"
|
"typings-global": "^1.0.14"
|
||||||
|
19
test/test.js
19
test/test.js
@ -6,13 +6,26 @@ const smartacme = require("../dist/index");
|
|||||||
describe('smartacme', function () {
|
describe('smartacme', function () {
|
||||||
let testAcme;
|
let testAcme;
|
||||||
it('should create a valid instance', function () {
|
it('should create a valid instance', function () {
|
||||||
|
this.timeout(10000);
|
||||||
testAcme = new smartacme.SmartAcme();
|
testAcme = new smartacme.SmartAcme();
|
||||||
should(testAcme).be.instanceOf(smartacme.SmartAcme);
|
should(testAcme).be.instanceOf(smartacme.SmartAcme);
|
||||||
});
|
});
|
||||||
|
it('should get the ACME urls', function (done) {
|
||||||
|
testAcme.getAcmeUrls().then(() => { done(); });
|
||||||
|
});
|
||||||
|
it('should prepare the Instance', function (done) {
|
||||||
|
testAcme.prepareAcme().then(done);
|
||||||
|
});
|
||||||
it('should have created keyPair', function () {
|
it('should have created keyPair', function () {
|
||||||
});
|
});
|
||||||
it('should register a new account', function () {
|
it('should register a new account', function (done) {
|
||||||
testAcme.createAccount();
|
testAcme.createAccount().then(x => {
|
||||||
|
console.log(x);
|
||||||
|
done();
|
||||||
|
}).catch(err => {
|
||||||
|
console.log(err);
|
||||||
|
done(err);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFFaEMsNEJBQTRCO0FBQzVCLDJDQUEwQztBQUUxQyxRQUFRLENBQUMsV0FBVyxFQUFFO0lBQ2xCLElBQUksUUFBNkIsQ0FBQTtJQUNqQyxFQUFFLENBQUMsZ0NBQWdDLEVBQUU7UUFDakMsUUFBUSxHQUFHLElBQUksU0FBUyxDQUFDLFNBQVMsRUFBRSxDQUFBO1FBQ3BDLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsQ0FBQTtJQUN2RCxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRTtJQUVsQyxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQywrQkFBK0IsRUFBRTtRQUNoQyxRQUFRLENBQUMsYUFBYSxFQUFFLENBQUE7SUFDNUIsQ0FBQyxDQUFDLENBQUE7QUFDTixDQUFDLENBQUMsQ0FBQSJ9
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFFaEMsNEJBQTRCO0FBQzVCLDJDQUEwQztBQUUxQyxRQUFRLENBQUMsV0FBVyxFQUFFO0lBQ2xCLElBQUksUUFBNkIsQ0FBQTtJQUNqQyxFQUFFLENBQUMsZ0NBQWdDLEVBQUU7UUFDakMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUNuQixRQUFRLEdBQUcsSUFBSSxTQUFTLENBQUMsU0FBUyxFQUFFLENBQUE7UUFDcEMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBQ3ZELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDBCQUEwQixFQUFFLFVBQVUsSUFBSTtRQUN6QyxRQUFRLENBQUMsV0FBVyxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsSUFBSSxFQUFFLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNqRCxDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRSxVQUFVLElBQUk7UUFDNUMsUUFBUSxDQUFDLFdBQVcsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQTtJQUNyQyxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRTtJQUVsQyxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQywrQkFBK0IsRUFBRSxVQUFVLElBQUk7UUFDOUMsUUFBUSxDQUFDLGFBQWEsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzNCLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUE7WUFDZCxJQUFJLEVBQUUsQ0FBQTtRQUNWLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHO1lBQ1IsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixJQUFJLENBQUMsR0FBRyxDQUFDLENBQUE7UUFDYixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0FBQ04sQ0FBQyxDQUFDLENBQUEifQ==
|
25
test/test.ts
25
test/test.ts
@ -4,16 +4,31 @@ import * as should from 'should'
|
|||||||
// import the module to test
|
// import the module to test
|
||||||
import * as smartacme from '../dist/index'
|
import * as smartacme from '../dist/index'
|
||||||
|
|
||||||
describe('smartacme', function(){
|
describe('smartacme', function () {
|
||||||
let testAcme: smartacme.SmartAcme
|
let testAcme: smartacme.SmartAcme
|
||||||
it('should create a valid instance', function(){
|
it('should create a valid instance', function () {
|
||||||
|
this.timeout(10000)
|
||||||
testAcme = new smartacme.SmartAcme()
|
testAcme = new smartacme.SmartAcme()
|
||||||
should(testAcme).be.instanceOf(smartacme.SmartAcme)
|
should(testAcme).be.instanceOf(smartacme.SmartAcme)
|
||||||
})
|
})
|
||||||
it('should have created keyPair', function() {
|
|
||||||
|
it('should get the ACME urls', function (done) {
|
||||||
|
testAcme.getAcmeUrls().then(() => { done() })
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should prepare the Instance', function (done) {
|
||||||
|
testAcme.prepareAcme().then(done)
|
||||||
|
})
|
||||||
|
it('should have created keyPair', function () {
|
||||||
|
|
||||||
})
|
})
|
||||||
it('should register a new account', function() {
|
it('should register a new account', function (done) {
|
||||||
testAcme.createAccount().catch()
|
testAcme.createAccount().then(x => {
|
||||||
|
console.log(x)
|
||||||
|
done()
|
||||||
|
}).catch(err => {
|
||||||
|
console.log(err)
|
||||||
|
done(err)
|
||||||
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
@ -1,743 +0,0 @@
|
|||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
import * as q from 'q'
|
|
||||||
import * as crypto from 'crypto'
|
|
||||||
import * as fs from 'fs'
|
|
||||||
import * as readline from 'readline'
|
|
||||||
import { JWebClient } from './smartacme.classes.jwebclient'
|
|
||||||
import { IReqResArg } from './smartacme.classes.jwebclient'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* json_to_utf8buffer
|
|
||||||
* @private
|
|
||||||
* @description convert JSON to Buffer using UTF-8 encoding
|
|
||||||
* @param {Object} obj
|
|
||||||
* @return {Buffer}
|
|
||||||
* @throws Exception if object cannot be stringified or contains cycle
|
|
||||||
*/
|
|
||||||
let json_to_utf8buffer = (obj) => {
|
|
||||||
return new Buffer(JSON.stringify(obj), 'utf8')
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @class AcmeClient
|
|
||||||
* @constructor
|
|
||||||
* @description ACME protocol implementation from client perspective
|
|
||||||
* @param {string} directory_url - Address of directory
|
|
||||||
* @param {module:JWebClient~JWebClient} jWebClient - Reference to JSON-Web-Client
|
|
||||||
*/
|
|
||||||
export class AcmeClient {
|
|
||||||
clientProfilePubKey: any
|
|
||||||
daysValid: number
|
|
||||||
directory: any
|
|
||||||
directoryUrl: string
|
|
||||||
emailDefaultPrefix: string
|
|
||||||
emailOverride: string
|
|
||||||
jWebClient = new JWebClient()
|
|
||||||
regLink: string
|
|
||||||
tosLink: string
|
|
||||||
webroot: string
|
|
||||||
wellKnownPath: string
|
|
||||||
withInteraction: boolean
|
|
||||||
constructor(directoryUrlArg) {
|
|
||||||
/**
|
|
||||||
* @member {Object} module:AcmeClient~AcmeClient#clientProfilePubKey
|
|
||||||
* @desc Cached public key obtained from profile
|
|
||||||
*/
|
|
||||||
this.clientProfilePubKey = {}
|
|
||||||
/**
|
|
||||||
* @member {number} module:AcmeClient~AcmeClient#days_valid
|
|
||||||
* @desc Validity period in days
|
|
||||||
* @default 1
|
|
||||||
*/
|
|
||||||
this.daysValid = 1
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @member {Object} module:AcmeClient~AcmeClient#directory
|
|
||||||
* @desc Hash map of REST URIs
|
|
||||||
*/
|
|
||||||
this.directory = {}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#directory_url
|
|
||||||
* @desc Address of directory
|
|
||||||
*/
|
|
||||||
this.directoryUrl = directoryUrlArg
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#emailDefaultPrefix
|
|
||||||
* @desc Prefix of email address if constructed from domain name
|
|
||||||
* @default "hostmaster"
|
|
||||||
*/
|
|
||||||
this.emailDefaultPrefix = 'hostmaster' // {string}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#emailOverride
|
|
||||||
* @desc Email address to use
|
|
||||||
*/
|
|
||||||
this.emailOverride = null // {string}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#regLink
|
|
||||||
* @desc Cached registration URI
|
|
||||||
*/
|
|
||||||
this.regLink = null // {string}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#tosLink
|
|
||||||
* @desc Cached terms of service URI
|
|
||||||
*/
|
|
||||||
this.tosLink = null // {string}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#webroot
|
|
||||||
* @desc Path to server web root (or path to store challenge data)
|
|
||||||
* @default "."
|
|
||||||
*/
|
|
||||||
this.webroot = '.' // {string}
|
|
||||||
/**
|
|
||||||
* @member {string} module:AcmeClient~AcmeClient#well_known_path
|
|
||||||
* @desc Directory structure for challenge data
|
|
||||||
* @default "/.well-known/acme-challenge/"
|
|
||||||
*/
|
|
||||||
this.wellKnownPath = '/.well-known/acme-challenge/' // {string}
|
|
||||||
/**
|
|
||||||
* @member {boolean} module:AcmeClient~AcmeClient#withInteraction
|
|
||||||
* @desc Determines if interaction of user is required
|
|
||||||
* @default true
|
|
||||||
*/
|
|
||||||
this.withInteraction = true // {boolean}
|
|
||||||
}
|
|
||||||
|
|
||||||
// *****************************************************************************
|
|
||||||
// REQUEST-Section
|
|
||||||
// *****************************************************************************
|
|
||||||
|
|
||||||
/**
|
|
||||||
* getDirectory
|
|
||||||
* @description retrieve directory entries (directory url must be set prior to execution)
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getDirectory() {
|
|
||||||
let done = q.defer<IReqResArg>()
|
|
||||||
this.jWebClient.get(this.directoryUrl)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
done.resolve(reqResArg)
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* newRegistration
|
|
||||||
* @description try to register (directory lookup must have occured prior to execution)
|
|
||||||
* @param {Object} payload
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
newRegistration(payload) {
|
|
||||||
let done = q.defer()
|
|
||||||
if (!(payload instanceof Object)) {
|
|
||||||
payload = {} // ensure payload is object
|
|
||||||
}
|
|
||||||
payload.resource = 'new-reg'
|
|
||||||
this.jWebClient.post(this.directory['new-reg'], payload)
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* getRegistration
|
|
||||||
* @description get information about registration
|
|
||||||
* @param {string} uri - will be exposed when trying to register
|
|
||||||
* @param {Object} payload - update information
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getRegistration(uri, payload) {
|
|
||||||
let done = q.defer<IReqResArg>()
|
|
||||||
payload['resource'] = 'reg'
|
|
||||||
this.jWebClient.post(uri, payload)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
if (reqResArg.ans instanceof Object) {
|
|
||||||
this.clientProfilePubKey = reqResArg.ans.key // cache or reset returned public key
|
|
||||||
if ((reqResArg.res instanceof Object) && (reqResArg.res['headers'] instanceof Object)) {
|
|
||||||
let linkStr = reqResArg.res.headers['link']
|
|
||||||
if (typeof linkStr === 'string') {
|
|
||||||
let tosLink = this.getTosLink(linkStr)
|
|
||||||
if (typeof tosLink === 'string') {
|
|
||||||
this.tosLink = tosLink // cache TOS link
|
|
||||||
} else {
|
|
||||||
this.tosLink = null // reset TOS link
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
this.tosLink = null // reset TOS link
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
this.tosLink = null // reset TOS link
|
|
||||||
}
|
|
||||||
done.resolve({ ans: reqResArg.ans, res: reqResArg.res })
|
|
||||||
} else {
|
|
||||||
done.reject(new Error('some error'))
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* authorizeDomain
|
|
||||||
* @description authorize domain using challenge-response-method
|
|
||||||
* @param {string} domain
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
authorizeDomain(domain) {
|
|
||||||
let done = q.defer()
|
|
||||||
this.getProfile()
|
|
||||||
.then(profile => {
|
|
||||||
if (!(profile instanceof Object)) {
|
|
||||||
done.reject(new Error('no profile returned'))
|
|
||||||
} else {
|
|
||||||
this.jWebClient.post(this.directory['new-authz'], this.makeDomainAuthorizationRequest(domain))
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
if ((reqResArg.res instanceof Object) && (reqResArg.res['statusCode'] === 403)) { // if unauthorized
|
|
||||||
this.agreeTos(this.tosLink)
|
|
||||||
.then((reqResArg2: IReqResArg) => { // agree to TOS
|
|
||||||
if ( // if TOS were agreed successfully
|
|
||||||
(reqResArg.res instanceof Object)
|
|
||||||
&& (reqResArg2.res['statusCode'] >= 200)
|
|
||||||
&& (reqResArg2.res['statusCode'] <= 400)
|
|
||||||
) {
|
|
||||||
this.authorizeDomain(domain).then(() => {
|
|
||||||
done.resolve()
|
|
||||||
}) // try authorization again
|
|
||||||
} else {
|
|
||||||
done.reject(false) // agreement failed
|
|
||||||
}
|
|
||||||
})
|
|
||||||
} else {
|
|
||||||
if (
|
|
||||||
(reqResArg.res instanceof Object)
|
|
||||||
&& (reqResArg.res['headers'] instanceof Object)
|
|
||||||
&& (typeof reqResArg.res.headers['location'] === 'string')
|
|
||||||
&& (reqResArg.ans instanceof Object)
|
|
||||||
) {
|
|
||||||
let poll_uri = reqResArg.res.headers['location'] // status URI for polling
|
|
||||||
let challenge = this.selectChallenge(reqResArg.ans, 'http-01') // select simple http challenge
|
|
||||||
if (challenge instanceof Object) { // desired challenge is in list
|
|
||||||
this.prepareChallenge(domain, challenge, () => { // prepare all objects and files for challenge
|
|
||||||
// reset
|
|
||||||
reqResArg.ans = null
|
|
||||||
reqResArg.res = null
|
|
||||||
// accept challenge
|
|
||||||
this.acceptChallenge(challenge)
|
|
||||||
.then((reqResArg2: IReqResArg) => {
|
|
||||||
if (
|
|
||||||
(reqResArg2.res instanceof Object)
|
|
||||||
&& (reqResArg2.res['statusCode'] < 400) // server confirms challenge acceptance
|
|
||||||
) {
|
|
||||||
this.pollUntilValid(poll_uri)
|
|
||||||
.then(() => {
|
|
||||||
done.resolve()
|
|
||||||
}) // poll status until server states success
|
|
||||||
} else {
|
|
||||||
done.reject(false) // server did not confirm challenge acceptance
|
|
||||||
}
|
|
||||||
})
|
|
||||||
})
|
|
||||||
} else {
|
|
||||||
done.reject(false) // desired challenge is not in list
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
done.reject(false) // server did not respond with status URI
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* acceptChallenge
|
|
||||||
* @description tell server which challenge will be accepted
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
acceptChallenge(challenge = {}) {
|
|
||||||
let done = q.defer()
|
|
||||||
this.jWebClient.post(challenge['uri'], this.makeChallengeResponse(challenge))
|
|
||||||
.then(() => {
|
|
||||||
done.resolve()
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* pollUntilValid
|
|
||||||
* @description periodically (with exponential back-off) check status of challenge
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
* @param {number} retry - factor of delay
|
|
||||||
*/
|
|
||||||
pollUntilValid(uri, retry = 1) {
|
|
||||||
let done = q.defer()
|
|
||||||
if (retry > 128) {
|
|
||||||
done.reject(false) // stop if retry value exceeds maximum
|
|
||||||
} else {
|
|
||||||
this.jWebClient.get(uri)
|
|
||||||
.then((reqResArg) => {
|
|
||||||
if (!(reqResArg.ans instanceof Object)) {
|
|
||||||
done.reject(false) // invalid answer
|
|
||||||
} else {
|
|
||||||
if (reqResArg.ans['status'] === 'pending') { // still pending
|
|
||||||
setTimeout(() => {
|
|
||||||
this.pollUntilValid(uri, retry * 2) // retry
|
|
||||||
}, retry * 500)
|
|
||||||
} else {
|
|
||||||
done.resolve() // challenge complete
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* pollUntilIssued
|
|
||||||
* @description periodically (with exponential back-off) check status of CSR
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
* @param {number} retry - factor of delay
|
|
||||||
*/
|
|
||||||
pollUntilIssued(uri, retry = 1) {
|
|
||||||
let done = q.defer()
|
|
||||||
if (retry > 128) {
|
|
||||||
done.reject(false) // stop if retry value exceeds maximum
|
|
||||||
} else {
|
|
||||||
this.jWebClient.get(uri)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
if ((reqResArg.ans instanceof Buffer) && (reqResArg.ans.length > 0)) {
|
|
||||||
done.resolve(reqResArg.ans) // certificate was returned with answer
|
|
||||||
} else {
|
|
||||||
if ((reqResArg.res instanceof Object) && (reqResArg.res['statusCode'] < 400)) { // still pending
|
|
||||||
setTimeout(() => {
|
|
||||||
this.pollUntilIssued(uri, retry * 2) // retry
|
|
||||||
}, retry * 500)
|
|
||||||
} else {
|
|
||||||
done.reject(false) // CSR complete
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* requestSigning
|
|
||||||
* @description send CSR
|
|
||||||
* @param {string} domain - expected to be already sanitized
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
requestSigning(commonName) {
|
|
||||||
let done = q.defer()
|
|
||||||
fs.readFile(commonName + '.csr', (err, csrBuffer: Buffer) => {
|
|
||||||
if (err instanceof Object) { // file system error
|
|
||||||
if (this.jWebClient.verbose) {
|
|
||||||
console.error('Error : File system error', err['code'], 'while reading key from file')
|
|
||||||
}
|
|
||||||
done.reject(false)
|
|
||||||
} else {
|
|
||||||
let csr = csrBuffer.toString()
|
|
||||||
this.jWebClient.post(this.directory['new-cert'], this.makeCertRequest(csr, this.daysValid))
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
if ((reqResArg.ans instanceof Buffer) && (reqResArg.ans.length > 0)) { // answer is buffer
|
|
||||||
done.resolve(reqResArg.ans) // certificate was returned with answer
|
|
||||||
} else {
|
|
||||||
if (reqResArg.res instanceof Object) {
|
|
||||||
if ((reqResArg.res['statusCode'] < 400) && !reqResArg.ans) { // success response, but no answer was provided
|
|
||||||
let headers = reqResArg['headers']
|
|
||||||
if (!(headers instanceof Object)) {
|
|
||||||
headers = {} // ensure headers is object
|
|
||||||
}
|
|
||||||
this.pollUntilIssued(headers['location'])
|
|
||||||
.then(x => { done.resolve(x) })
|
|
||||||
} else {
|
|
||||||
done.resolve((reqResArg.res['statusCode'] < 400) ? reqResArg.ans : false) // answer may be provided as string or object
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
done.reject(false) // invalid response
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* retrieves profile of user (will make directory lookup and registration check)
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
getProfile() {
|
|
||||||
let done = q.defer()
|
|
||||||
this.getDirectory()
|
|
||||||
.then((dir) => {
|
|
||||||
if (!(dir instanceof Object)) {
|
|
||||||
done.reject(new Error('server did not respond with directory'))
|
|
||||||
} else {
|
|
||||||
this.directory = dir // cache directory
|
|
||||||
this.newRegistration(null)
|
|
||||||
.then((reqResArg: IReqResArg) => { // try new registration to get registration link
|
|
||||||
if (
|
|
||||||
(reqResArg.res instanceof Object)
|
|
||||||
&& (reqResArg.res['headers'] instanceof Object)
|
|
||||||
&& (typeof reqResArg.res.headers['location'] === 'string')
|
|
||||||
) {
|
|
||||||
this.regLink = reqResArg.res.headers['location']
|
|
||||||
this.getRegistration(this.regLink, null)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
done.resolve()
|
|
||||||
}) // get registration info from link
|
|
||||||
} else {
|
|
||||||
done.reject(new Error('registration failed'))
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* createAccount
|
|
||||||
* @description create new account (assumes directory lookup has already occured)
|
|
||||||
* @param {string} email
|
|
||||||
* @param {function} callback - first argument will be the registration URI
|
|
||||||
*/
|
|
||||||
createAccount(email: string) {
|
|
||||||
let done = q.defer()
|
|
||||||
if (typeof email === 'string') {
|
|
||||||
this.newRegistration({
|
|
||||||
contact: [
|
|
||||||
'mailto:' + email
|
|
||||||
]
|
|
||||||
})
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
if (
|
|
||||||
(reqResArg.res instanceof Object)
|
|
||||||
&& (reqResArg.res['statusCode'] === 201)
|
|
||||||
&& (reqResArg.res['headers'] instanceof Object)
|
|
||||||
&& (typeof reqResArg.res.headers['location'] === 'string')
|
|
||||||
) {
|
|
||||||
this.regLink = reqResArg.res.headers['location']
|
|
||||||
done.resolve(this.regLink) // registration URI
|
|
||||||
} else {
|
|
||||||
done.reject(new Error('could not register new account')) // registration failed
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
} else {
|
|
||||||
done.reject(new Error('no email address provided'))
|
|
||||||
}
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* agreeTos
|
|
||||||
* @description agree with terms of service (update agreement status in profile)
|
|
||||||
* @param {string} tosLink
|
|
||||||
* @param {function} callback - first argument will be the answer object
|
|
||||||
*/
|
|
||||||
agreeTos(tosLink) {
|
|
||||||
let done = q.defer()
|
|
||||||
this.getRegistration(this.regLink, {
|
|
||||||
'Agreement': tosLink // terms of service URI
|
|
||||||
}).then(() => {
|
|
||||||
done.resolve()
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Entry-Point: Request certificate
|
|
||||||
*/
|
|
||||||
requestCertificate(domainArg: string, organizationArg: string, countryCodeArg: string) {
|
|
||||||
let done = q.defer()
|
|
||||||
this.getProfile()
|
|
||||||
.then((profile) => {
|
|
||||||
let email = this.extractEmail(profile) // try to determine email address from profile
|
|
||||||
countryCodeArg = this.makeSafeFileName(countryCodeArg)
|
|
||||||
domainArg = this.makeSafeFileName(domainArg)
|
|
||||||
email = this.makeSafeFileName(email)
|
|
||||||
organizationArg = this.makeSafeFileName(organizationArg)
|
|
||||||
// create key pair
|
|
||||||
this.createKeyPair({
|
|
||||||
keyBitSize: 4096,
|
|
||||||
countryCode: countryCodeArg,
|
|
||||||
organization: organizationArg,
|
|
||||||
commonName: domainArg,
|
|
||||||
emailAddress: email
|
|
||||||
})
|
|
||||||
.then(() => {
|
|
||||||
this.requestSigning(domainArg)
|
|
||||||
.then((cert) => { // send CSR
|
|
||||||
if ((cert instanceof Buffer) || (typeof cert === 'string')) { // valid certificate data
|
|
||||||
fs.writeFile(domainArg + '.der', cert, (err) => { // sanitize domain name for file path
|
|
||||||
if (err instanceof Object) { // file system error
|
|
||||||
if (this.jWebClient.verbose) {
|
|
||||||
console.error('Error : File system error', err['code'], 'while writing certificate to file')
|
|
||||||
}
|
|
||||||
done.reject(err)
|
|
||||||
} else {
|
|
||||||
done.resolve() // CSR complete and certificate written to file system
|
|
||||||
}
|
|
||||||
})
|
|
||||||
} else {
|
|
||||||
done.reject('invalid certificate data')
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
})
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* External: Create key pair
|
|
||||||
* @param {number} bit - key strength, expected to be already sanitized
|
|
||||||
* @param {string} c - country code, expected to be already sanitized
|
|
||||||
* @param {string} o - organization, expected to be already sanitized
|
|
||||||
* @param {string} cn - common name (domain name), expected to be already sanitized
|
|
||||||
* @param {string} e - email address, expected to be already sanitized
|
|
||||||
* @param {function} callback
|
|
||||||
*/
|
|
||||||
createKeyPair(optionsArg: {
|
|
||||||
keyBitSize: number,
|
|
||||||
countryCode: string,
|
|
||||||
organization: string,
|
|
||||||
commonName: string,
|
|
||||||
emailAddress: string
|
|
||||||
}) {
|
|
||||||
let done = q.defer()
|
|
||||||
let openssl = `openssl req -new -nodes -newkey rsa:${optionsArg.keyBitSize} `
|
|
||||||
+ `-sha256 `
|
|
||||||
+ `-subj "/C=${optionsArg.countryCode}/O=${optionsArg.organization}/CN=${optionsArg.commonName}/emailAddress=${optionsArg.emailAddress}" `
|
|
||||||
+ `-keyout \"${optionsArg.commonName}.key\" -outform der -out \"${optionsArg.commonName}.csr\"`
|
|
||||||
console.error('Action : Creating key pair')
|
|
||||||
if (this.jWebClient.verbose) {
|
|
||||||
console.error('Running:', openssl)
|
|
||||||
}
|
|
||||||
plugins.shelljs.exec(openssl, (codeArg, stdOutArg, stdErrorArg) => {
|
|
||||||
if (!stdErrorArg) {
|
|
||||||
done.resolve()
|
|
||||||
} else {
|
|
||||||
done.reject(stdErrorArg)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Empty callback
|
|
||||||
*/
|
|
||||||
emptyCallback() {
|
|
||||||
// nop
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Make safe file name or path from string
|
|
||||||
* @param {string} name
|
|
||||||
* @param {boolean} withPath - optional, default false
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
makeSafeFileName(name, withPath = false) {
|
|
||||||
if (typeof name !== 'string') {
|
|
||||||
name = ''
|
|
||||||
}
|
|
||||||
// respects file name restrictions for ntfs and ext2
|
|
||||||
let regexFile = '[<>:\"/\\\\\\|\\?\\*\\u0000-\\u001f\\u007f\\u0080-\\u009f]'
|
|
||||||
let regexPath = '[<>:\"\\\\\\|\\?\\*\\u0000-\\u001f\\u007f\\u0080-\\u009f]'
|
|
||||||
return name.replace(new RegExp(withPath ? regexPath : regexFile, 'g'), (charToReplace) => {
|
|
||||||
if (typeof charToReplace === 'string') {
|
|
||||||
return '%' + charToReplace.charCodeAt(0).toString(16).toLocaleUpperCase()
|
|
||||||
}
|
|
||||||
return '%00'
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Prepare challenge
|
|
||||||
* @param {string} domain
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @param {function} callback
|
|
||||||
*/
|
|
||||||
prepareChallenge(domain, challenge, callback) {
|
|
||||||
/*jshint -W069, unused:false*/
|
|
||||||
if (typeof callback !== 'function') {
|
|
||||||
callback = this.emptyCallback // ensure callback is function
|
|
||||||
}
|
|
||||||
if (challenge instanceof Object) {
|
|
||||||
if (challenge['type'] === 'http-01') { // simple http challenge
|
|
||||||
let path = this.webroot + this.wellKnownPath + challenge['token'] // webroot and well_known_path are expected to be already sanitized
|
|
||||||
fs.writeFile(path, this.makeKeyAuthorization(challenge), (err) => { // create challenge file
|
|
||||||
if (err instanceof Object) { // file system error
|
|
||||||
if (this.jWebClient.verbose) {
|
|
||||||
console.error(
|
|
||||||
'Error : File system error',
|
|
||||||
err['code'], 'while writing challenge data to file'
|
|
||||||
)
|
|
||||||
}
|
|
||||||
callback()
|
|
||||||
} else {
|
|
||||||
// let uri = "http://" + domain + this.well_known_path + challenge["token"]
|
|
||||||
let rl = readline.createInterface(process.stdin, process.stdout)
|
|
||||||
if (this.withInteraction) {
|
|
||||||
rl.question('Press enter to proceed', (answer) => { // wait for user to proceed
|
|
||||||
rl.close()
|
|
||||||
callback()
|
|
||||||
})
|
|
||||||
} else {
|
|
||||||
rl.close()
|
|
||||||
callback() // skip interaction prompt if desired
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
} else { // no supported challenge
|
|
||||||
console.error('Error : Challenge not supported')
|
|
||||||
callback()
|
|
||||||
}
|
|
||||||
} else { // invalid challenge response
|
|
||||||
console.error('Error : Invalid challenge response')
|
|
||||||
callback()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Extract TOS Link, e.g. from "<http://...>;rel="terms-of-service"
|
|
||||||
* @param {string} linkStr
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
getTosLink(linkStr) {
|
|
||||||
let match = /(<)([^>]+)(>;rel="terms-of-service")/g.exec(linkStr)
|
|
||||||
if ((match instanceof Array) && (match.length > 2)) {
|
|
||||||
let result = match[2]
|
|
||||||
// dereference
|
|
||||||
match = null
|
|
||||||
return result
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Select challenge by type
|
|
||||||
* @param {Object} ans
|
|
||||||
* @param {string} challenge_type
|
|
||||||
* @return {Object}
|
|
||||||
*/
|
|
||||||
selectChallenge(ans, challengeType: string) {
|
|
||||||
/*jshint -W069 */
|
|
||||||
if ((ans instanceof Object) && (ans['challenges'] instanceof Array)) {
|
|
||||||
return ans.challenges.filter((entry) => {
|
|
||||||
let type = entry['type']
|
|
||||||
// dereference
|
|
||||||
entry = null
|
|
||||||
if (type === challengeType) { // check for type match
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}).pop()
|
|
||||||
} // return first match or undefined
|
|
||||||
// dereference
|
|
||||||
ans = null
|
|
||||||
return void 0 // challenges not available or in expected format
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper: Extract first found email from profile (without mailto prefix)
|
|
||||||
* @param {Object} profile
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
extractEmail(profile) {
|
|
||||||
let prefix = 'mailto:'
|
|
||||||
let email = profile.contact.filter((entry) => {
|
|
||||||
if (typeof entry !== 'string') {
|
|
||||||
return false
|
|
||||||
} else {
|
|
||||||
return !entry.indexOf(prefix) // check for mail prefix
|
|
||||||
}
|
|
||||||
}
|
|
||||||
).pop()
|
|
||||||
// dereference
|
|
||||||
profile = null
|
|
||||||
if (typeof email !== 'string') {
|
|
||||||
return void 0
|
|
||||||
} // return default
|
|
||||||
return email.substr(prefix.length) // only return email address without protocol prefix
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: Domain-Authorization Request - Object: resource, identifier
|
|
||||||
* @param {string} domain
|
|
||||||
* @return {{resource: string, identifier: Object}}
|
|
||||||
*/
|
|
||||||
makeDomainAuthorizationRequest(domain) {
|
|
||||||
return {
|
|
||||||
'resource': 'new-authz',
|
|
||||||
'identifier': {
|
|
||||||
'type': 'dns',
|
|
||||||
'value': domain
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make ACME-Object: Key-Authorization (encoded) - String: Challenge-Token . Encoded-Account-Key-Hash
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
makeKeyAuthorization(challenge) {
|
|
||||||
/*jshint -W069 */
|
|
||||||
if (challenge instanceof Object) {
|
|
||||||
if (this.clientProfilePubKey instanceof Object) {
|
|
||||||
let jwk = json_to_utf8buffer({
|
|
||||||
e: this.clientProfilePubKey['e'],
|
|
||||||
kty: this.clientProfilePubKey['kty'],
|
|
||||||
n: this.clientProfilePubKey['n']
|
|
||||||
}
|
|
||||||
)
|
|
||||||
let hash = crypto.createHash('sha256').update(jwk.toString('utf8'), 'utf8').digest()
|
|
||||||
// create base64 encoded hash of account key
|
|
||||||
let ACCOUNT_KEY = plugins.smartstring.base64.encodeUri(hash.toString())
|
|
||||||
let token = challenge['token']
|
|
||||||
return token + '.' + ACCOUNT_KEY
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
return '' // return default (for writing to file)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: Challenge-Response - Object: resource, keyAuthorization
|
|
||||||
* @param {Object} challenge
|
|
||||||
* @return {{resource: string, keyAuthorization: string}}
|
|
||||||
*/
|
|
||||||
makeChallengeResponse(challenge) {
|
|
||||||
return {
|
|
||||||
'resource': 'challenge',
|
|
||||||
'keyAuthorization': this.makeKeyAuthorization(challenge)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make ACME-Request: CSR - Object: resource, csr, notBefore, notAfter
|
|
||||||
* @param {string} csr
|
|
||||||
* @param {number} days_valid
|
|
||||||
* @return {{resource: string, csr: string, notBefore: string, notAfter: string}}
|
|
||||||
*/
|
|
||||||
makeCertRequest(csr: string, DAYS_VALID: number) {
|
|
||||||
if (typeof csr !== 'string' && !(csr instanceof Buffer)) {
|
|
||||||
csr = '' // default string for CSR
|
|
||||||
}
|
|
||||||
if ((typeof DAYS_VALID !== 'number') || (isNaN(DAYS_VALID)) || (DAYS_VALID === 0)) {
|
|
||||||
DAYS_VALID = 1 // default validity duration (1 day)
|
|
||||||
}
|
|
||||||
let DOMAIN_CSR_DER = plugins.smartstring.base64.encodeUri(csr) // create base64 encoded CSR
|
|
||||||
let CURRENT_DATE = (new Date()).toISOString() // set start date to current date
|
|
||||||
|
|
||||||
// set end date to current date + days_valid
|
|
||||||
let NOTAFTER_DATE = (new Date((+new Date()) + 1000 * 60 * 60 * 24 * Math.abs(DAYS_VALID))).toISOString()
|
|
||||||
return {
|
|
||||||
'resource': 'new-cert',
|
|
||||||
'csr': DOMAIN_CSR_DER,
|
|
||||||
'notBefore': CURRENT_DATE,
|
|
||||||
'notAfter': NOTAFTER_DATE
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,246 +0,0 @@
|
|||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
import * as https from 'https'
|
|
||||||
let jwa = require('jwa')
|
|
||||||
import * as url from 'url'
|
|
||||||
import * as q from 'q'
|
|
||||||
|
|
||||||
export interface IReqResArg {
|
|
||||||
ans: any
|
|
||||||
res: any
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* json_to_utf8base64url
|
|
||||||
* @private
|
|
||||||
* @description convert JSON to base64-url encoded string using UTF-8 encoding
|
|
||||||
* @param {Object} obj
|
|
||||||
* @return {string}
|
|
||||||
* @throws Exception if object cannot be stringified or contains cycle
|
|
||||||
*/
|
|
||||||
let json_to_utf8base64url = (obj) => {
|
|
||||||
return plugins.smartstring.base64.encodeUri(JSON.stringify(obj))
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @class JWebClient
|
|
||||||
* @constructor
|
|
||||||
* @description Implementation of HTTPS-based JSON-Web-Client
|
|
||||||
*/
|
|
||||||
export class JWebClient {
|
|
||||||
/**
|
|
||||||
* User account key pair
|
|
||||||
*/
|
|
||||||
keyPair: any = {}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Cached nonce returned with last request
|
|
||||||
*/
|
|
||||||
lastNonce: string = null
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @member {boolean} module:JWebClient~JWebClient#verbose
|
|
||||||
* @desc Determines verbose mode
|
|
||||||
*/
|
|
||||||
verbose: boolean
|
|
||||||
constructor() {
|
|
||||||
this.verbose = false
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* createJWT
|
|
||||||
* @description create JSON-Web-Token signed object
|
|
||||||
* @param {string|undefined} nonce
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {string} alg
|
|
||||||
* @param {Object|string} key
|
|
||||||
* @param {Object} jwk
|
|
||||||
* @return {string}
|
|
||||||
*/
|
|
||||||
createJWT(nonce, payload, alg, key, jwk) {
|
|
||||||
/*jshint -W069 */
|
|
||||||
// prepare key
|
|
||||||
if (key instanceof Object) {
|
|
||||||
key = new Buffer(plugins.smartstring.base64.decode(key['k']))
|
|
||||||
}
|
|
||||||
// prepare header
|
|
||||||
let header = {
|
|
||||||
typ: 'JWT',
|
|
||||||
alg: alg,
|
|
||||||
jwk: jwk,
|
|
||||||
nonce: null
|
|
||||||
}
|
|
||||||
|
|
||||||
if (nonce !== void 0) {
|
|
||||||
header.nonce = nonce
|
|
||||||
}
|
|
||||||
// concatenate header and payload
|
|
||||||
let input = [
|
|
||||||
json_to_utf8base64url(header),
|
|
||||||
json_to_utf8base64url(payload)
|
|
||||||
].join('.')
|
|
||||||
// sign input
|
|
||||||
let hmac = jwa(alg)
|
|
||||||
let sig = hmac.sign(input, key)
|
|
||||||
// concatenate input and signature
|
|
||||||
let output = [
|
|
||||||
input,
|
|
||||||
sig
|
|
||||||
].join('.')
|
|
||||||
// output
|
|
||||||
return output
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* request
|
|
||||||
* @description make GET or POST request over HTTPS and use JOSE as payload type
|
|
||||||
* @param {string} query
|
|
||||||
* @param {string} payload
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
request(query: string, payload: string = null) {
|
|
||||||
let done = q.defer()
|
|
||||||
// prepare options
|
|
||||||
let uri = url.parse(query)
|
|
||||||
let options = {
|
|
||||||
hostname: uri.hostname,
|
|
||||||
port: parseInt(uri.port, 10),
|
|
||||||
path: uri.path,
|
|
||||||
method: null,
|
|
||||||
headers: {}
|
|
||||||
}
|
|
||||||
if (!payload === null) {
|
|
||||||
options.method = 'POST'
|
|
||||||
options.headers = {
|
|
||||||
'Content-Type': 'application/jose',
|
|
||||||
'Content-Length': payload.length
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
options.method = 'GET'
|
|
||||||
}
|
|
||||||
// prepare request
|
|
||||||
let req = https.request(options, (res) => {
|
|
||||||
// receive data
|
|
||||||
let data = []
|
|
||||||
res.on('data', (block) => {
|
|
||||||
if (block instanceof Buffer) {
|
|
||||||
data.push(block)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
res.on('end', () => {
|
|
||||||
let buf = Buffer.concat(data)
|
|
||||||
let isJSON = (
|
|
||||||
(res instanceof Object)
|
|
||||||
&& (res['headers'] instanceof Object)
|
|
||||||
&& (typeof res.headers['content-type'] === 'string')
|
|
||||||
&& (res.headers['content-type'].indexOf('json') > -1)
|
|
||||||
)
|
|
||||||
if (isJSON && buf.length > 0) {
|
|
||||||
try {
|
|
||||||
// convert to JSON
|
|
||||||
let json = JSON.parse(buf.toString('utf8'))
|
|
||||||
done.resolve({ json: json, res: res })
|
|
||||||
} catch (e) {
|
|
||||||
// error (if empty or invalid JSON)
|
|
||||||
done.reject(e)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}).on('error', (e) => {
|
|
||||||
console.error('Error occured', e)
|
|
||||||
// error
|
|
||||||
done.reject(e)
|
|
||||||
})
|
|
||||||
// write POST body if payload was specified
|
|
||||||
if (!payload === null) {
|
|
||||||
req.write(payload)
|
|
||||||
}
|
|
||||||
// make request
|
|
||||||
req.end()
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* get
|
|
||||||
* @description make GET request
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
get(uri: string) {
|
|
||||||
let done = q.defer<IReqResArg>()
|
|
||||||
this.request(uri)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
this.evaluateStatus(uri, null, reqResArg.ans, reqResArg.res)
|
|
||||||
// save replay nonce for later requests
|
|
||||||
if ((reqResArg.res instanceof Object) && (reqResArg.res['headers'] instanceof Object)) {
|
|
||||||
this.lastNonce = reqResArg.res.headers['replay-nonce']
|
|
||||||
}
|
|
||||||
done.resolve(reqResArg)
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* make POST request
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {function} callback
|
|
||||||
* @param {function} errorCallback
|
|
||||||
*/
|
|
||||||
post(uri: string, payload) {
|
|
||||||
let done = q.defer<IReqResArg>()
|
|
||||||
let jwt = this.createJWT(
|
|
||||||
this.lastNonce,
|
|
||||||
payload,
|
|
||||||
'RS256',
|
|
||||||
this.keyPair['private_pem'],
|
|
||||||
this.keyPair['public_jwk'])
|
|
||||||
this.request(uri, jwt)
|
|
||||||
.then((reqResArg: IReqResArg) => {
|
|
||||||
this.evaluateStatus(uri, payload, reqResArg.ans, reqResArg.res)
|
|
||||||
// save replay nonce for later requests
|
|
||||||
if ((reqResArg.res instanceof Object) && (reqResArg.res['headers'] instanceof Object)) {
|
|
||||||
this.lastNonce = reqResArg.res.headers['replay-nonce']
|
|
||||||
}
|
|
||||||
done.resolve(reqResArg)
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* checks if status is expected and log errors
|
|
||||||
* @param {string} uri
|
|
||||||
* @param {Object|string|number|boolean} payload
|
|
||||||
* @param {Object|string} ans
|
|
||||||
* @param {Object} res
|
|
||||||
*/
|
|
||||||
evaluateStatus(uri, payload, ans, res) {
|
|
||||||
if (this.verbose) {
|
|
||||||
if (
|
|
||||||
(payload instanceof Object)
|
|
||||||
|| (typeof payload === 'string')
|
|
||||||
|| (typeof payload === 'number')
|
|
||||||
|| (typeof payload === 'boolean')
|
|
||||||
) {
|
|
||||||
console.error('Send :', payload) // what has been sent
|
|
||||||
}
|
|
||||||
}
|
|
||||||
let uri_parsed = url.parse(uri)
|
|
||||||
if (res['statusCode'] >= 100 && res['statusCode'] < 400) {
|
|
||||||
console.error('HTTP :', res['statusCode'], uri_parsed.path) // response code if successful
|
|
||||||
}
|
|
||||||
if (res['statusCode'] >= 400 && res['statusCode'] < 500) {
|
|
||||||
console.error('HTTP :', res['statusCode'], uri_parsed.path) // response code if error
|
|
||||||
if (ans instanceof Object) {
|
|
||||||
if (typeof ans['detail'] === 'string') {
|
|
||||||
console.error('Message:', ans.detail.split(' :: ').pop()) // error message if any
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (this.verbose) {
|
|
||||||
console.error('Receive:', res['headers']) // received headers
|
|
||||||
console.error('Receive:', ans) // received data
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,30 +1,114 @@
|
|||||||
import * as plugins from './smartacme.plugins'
|
import 'typings-global'
|
||||||
import * as acmeclient from './smartacme.classes.acmeclient'
|
import * as q from 'q'
|
||||||
|
import * as path from 'path'
|
||||||
|
import * as smartfile from 'smartfile'
|
||||||
|
import * as smartstring from 'smartstring'
|
||||||
|
import * as paths from './smartacme.paths'
|
||||||
|
|
||||||
|
let ACME = require('le-acme-core').ACME.create()
|
||||||
|
let RSA = require('rsa-compat').RSA
|
||||||
|
|
||||||
|
let bitlen = 1024
|
||||||
|
let exp = 65537
|
||||||
|
let options = {
|
||||||
|
public: true,
|
||||||
|
pem: true,
|
||||||
|
internal: true
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||||
|
*/
|
||||||
export class SmartAcme {
|
export class SmartAcme {
|
||||||
acmeAccount: AcmeAccount
|
preparedBool: boolean = false
|
||||||
acmeClient: acmeclient.AcmeClient
|
acmeUrls: any
|
||||||
constructor(directoryUrlArg: string = 'https://acme-staging.api.letsencrypt.org/directory') {
|
productionBool: boolean
|
||||||
this.acmeClient = new acmeclient.AcmeClient(directoryUrlArg)
|
keyPair: any
|
||||||
|
constructor(productionArg: boolean = false) {
|
||||||
|
this.productionBool = productionArg
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* creates an account
|
* prepares the SmartAcme class
|
||||||
|
*/
|
||||||
|
prepareAcme() {
|
||||||
|
let done = q.defer()
|
||||||
|
if (this.preparedBool === false) {
|
||||||
|
this.getAcmeUrls()
|
||||||
|
.then(() => {
|
||||||
|
return this.createKeyPair()
|
||||||
|
})
|
||||||
|
.then((x) => {
|
||||||
|
console.log('prepared smartacme instance')
|
||||||
|
done.resolve()
|
||||||
|
})
|
||||||
|
} else {
|
||||||
|
done.resolve()
|
||||||
|
}
|
||||||
|
return done.promise
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* creates an account if not currently present in module
|
||||||
*/
|
*/
|
||||||
createAccount() {
|
createAccount() {
|
||||||
this.acmeClient.createAccount('test@bleu.de').then((answer) => {
|
let done = q.defer()
|
||||||
console.log(answer)
|
this.prepareAcme()
|
||||||
}).catch(err => { console.log(err) })
|
.then(() => {
|
||||||
|
return this.createKeyPair()
|
||||||
|
})
|
||||||
|
.then(() => {
|
||||||
|
let options = {
|
||||||
|
newRegUrl: this.acmeUrls.newReg,
|
||||||
|
email: 'domains@lossless.org', // valid email (server checks MX records)
|
||||||
|
accountKeypair: { // privateKeyPem or privateKeyJwt
|
||||||
|
privateKeyPem: this.keyPair
|
||||||
|
},
|
||||||
|
agreeToTerms: function (tosUrl, done) {
|
||||||
|
done(null, tosUrl)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ACME.registerNewAccount(options, (err, regr) => {
|
||||||
|
if(err) {
|
||||||
|
console.log(err)
|
||||||
|
done.reject(err)
|
||||||
|
}
|
||||||
|
done.resolve(regr)
|
||||||
|
}) // returns "regr" registration data
|
||||||
|
}).catch(err => { console.log(err) })
|
||||||
|
|
||||||
|
return done.promise
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* returns the openssl key pair for
|
* creates a keyPair
|
||||||
*/
|
*/
|
||||||
getKeyPair() {
|
createKeyPair() {
|
||||||
return this.acmeClient.getKeyPair()
|
let done = q.defer()
|
||||||
|
RSA.generateKeypair(bitlen, exp, options, (err, keypair) => {
|
||||||
|
if (err) {
|
||||||
|
console.log(err)
|
||||||
|
done.reject(err)
|
||||||
|
}
|
||||||
|
console.log(keypair)
|
||||||
|
this.keyPair = keypair
|
||||||
|
})
|
||||||
|
done.resolve()
|
||||||
|
return done.promise
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gets the Acme Urls
|
||||||
|
*/
|
||||||
|
getAcmeUrls() {
|
||||||
|
let done = q.defer()
|
||||||
|
ACME.getAcmeUrls(ACME.stagingServerUrl, (err, urls) => {
|
||||||
|
if (err) {
|
||||||
|
throw err
|
||||||
|
}
|
||||||
|
this.acmeUrls = urls
|
||||||
|
console.log(this.acmeUrls)
|
||||||
|
done.resolve()
|
||||||
|
})
|
||||||
|
return done.promise
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
export class AcmeAccount {
|
|
||||||
|
|
||||||
}
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
import * as plugins from './smartacme.plugins'
|
import * as path from 'path'
|
||||||
|
import * as smartfile from 'smartfile'
|
||||||
export let packageDir = plugins.path.join(__dirname,'../')
|
|
||||||
export let assetDir = plugins.path.join(packageDir,'assets/')
|
|
||||||
|
|
||||||
|
export let packageDir = path.join(__dirname,'../')
|
||||||
|
export let assetDir = path.join(packageDir,'assets/')
|
||||||
|
smartfile.fs.ensureDirSync(assetDir)
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
import 'typings-global'
|
|
||||||
import * as path from 'path'
|
|
||||||
import * as smartfile from 'smartfile'
|
|
||||||
import * as smartstring from 'smartstring'
|
|
||||||
import * as shelljs from 'shelljs'
|
|
||||||
|
|
||||||
export {
|
|
||||||
path,
|
|
||||||
smartfile,
|
|
||||||
smartstring,
|
|
||||||
shelljs
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user