fix(core): update

2019-01-06 20:41:21 +01:00 · 2019-01-06 20:41:21 +01:00 · 6c33111074
commit 6c33111074
parent 280335f6f6
11 changed files with 1124 additions and 731 deletions
--- a/README.md
+++ b/README.md
@ -25,9 +25,39 @@ acme implementation in TypeScript
 Use TypeScript for best in class instellisense.
-For further information read the linked docs at the top of this README.
+```javascript
 import { SmartAcme } from 'smartacme';
 let smac = new SmartAcme()(async () => {
  // learn async/await, it'll make your life easier
  // optionally accepts a filePath Arg with a stored acmeaccount.json
  // will create an account and
  let myAccount = await smac.createAcmeAccount();
  // will return a dnsHash to set in your DNS record
  let myCert = await myAccount.createAcmeCert('example.com');
  // gets and accepts the specified challenge
  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
  let myChallenge = await myCert.getChallenge('dns-01');
  /* ----------
    Now you need to set the challenge in your DNS
    myChallenge.domainNamePrefixed is the address for the record
    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
    -------------*/
 })();
 ```
 ## Other relevant npm modules
 | module name | description                                                         |
 | ----------- | ------------------------------------------------------------------- |
 | cert        | a higlevel production module that uses smartacme to manage certs    |
 | smartnginx  | a highlevel production tool for docker environments to manage nginx |
 > MIT licensed | **&copy;** [Lossless GmbH](https://lossless.gmbh)
 > | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone)
+[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone
--- a/docs/index.md
+++ b/docs/index.md
@ -1,63 +0,0 @@
 # smartacme
 acme implementation in TypeScript
 ## Availabililty
 [![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
 [![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 ## Status for master
 [![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
 [![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
 [![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
 [![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
 [![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 ## Usage
 Use TypeScript for best in class instellisense.
 ```javascript
 import { SmartAcme } from 'smartacme';
 let smac = new SmartAcme()(async () => {
  // learn async/await, it'll make your life easier
  // optionally accepts a filePath Arg with a stored acmeaccount.json
  // will create an account and
  let myAccount = await smac.createAcmeAccount();
  // will return a dnsHash to set in your DNS record
  let myCert = await myAccount.createAcmeCert('example.com');
  // gets and accepts the specified challenge
  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
  let myChallenge = await myCert.getChallenge('dns-01');
  /* ----------
    Now you need to set the challenge in your DNS
    myChallenge.domainNamePrefixed is the address for the record
    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
    -------------*/
 })();
 ```
 ## Other relevant npm modules
 | module name | description                                                         |
 | ----------- | ------------------------------------------------------------------- |
 | cert        | a higlevel production module that uses smartacme to manage certs    |
 | smartnginx  | a highlevel production tool for docker environments to manage nginx |
 > MIT licensed | **&copy;** [Lossless GmbH](https://lossless.gmbh)
 > | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 [![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -27,16 +27,17 @@
  "dependencies": {
    "@pushrocks/smartdelay": "^2.0.2",
    "@pushrocks/smartpromise": "^2.0.5",
-    "acme-v2": "^1.2.1",
+    "acme-client": "^2.2.1"
    "rsa-compat": "^1.6.0"
  },
  "devDependencies": {
-    "@gitzone/tsbuild": "^2.0.22",
+    "@gitzone/tsbuild": "^2.1.4",
-    "@gitzone/tsrun": "^1.1.12",
+    "@gitzone/tsrun": "^1.1.17",
-    "@gitzone/tstest": "^1.0.15",
+    "@gitzone/tstest": "^1.0.18",
-    "@types/node": "^10.11.4",
+    "@mojoio/cloudflare": "^2.0.0",
-    "cflare": "^1.0.5",
+    "@pushrocks/qenv": "^3.0.2",
-    "qenv": "^1.1.7",
+    "@pushrocks/tapbundle": "^3.0.7",
-    "tapbundle": "^2.0.2"
+    "@types/node": "^10.12.18",
    "tslint": "^5.12.0",
    "tslint-config-prettier": "^1.17.0"
  }
 }
--- a/qenv.yml
+++ b/qenv.yml
@ -1,3 +1,3 @@
-vars:
+required:
  - CF_EMAIL
  - CF_KEY
--- a/test/test.ts
+++ b/test/test.ts
@ -1,4 +1,4 @@
-import { tap, expect } from 'tapbundle';
+import { tap, expect } from '@pushrocks/tapbundle';
 import * as smartacme from '../ts/index';
@ -6,8 +6,16 @@ let smartAcmeInstance: smartacme.SmartAcme;
 tap.test('should create a valid instance of SmartAcme', async () => {
  smartAcmeInstance = new smartacme.SmartAcme();
-  await smartAcmeInstance.init();
+  await smartAcmeInstance.init({
-  console.log(smartAcmeInstance.directoryUrls);
+    accountEmail: 'domains@lossless.org',
    accountPrivateKey: null,
    removeChallenge: async (...args) => {
      console.log(args);
    },
    setChallenge: async (...args) => {
      console.log(args);
    } 
  });
  await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });
--- a/ts/interfaces/accountdata.ts
+++ b/ts/interfaces/accountdata.ts
@ -0,0 +1,8 @@
 export interface IAccountData {
  id: number;
  key: { kty: 'RSA'; n: string; e: string; kid: string };
  contact: string[];
  initialIp: string;
  createdAt: string;
  status: string;
 }
--- a/ts/interfaces/index.ts
+++ b/ts/interfaces/index.ts
@ -0,0 +1 @@
 export * from './accountdata';
--- a/ts/smartacme.classes.keypair.ts
+++ b/ts/smartacme.classes.keypair.ts
@ -1,27 +0,0 @@
 import * as plugins from './smartacme.plugins';
 const rsa = require('rsa-compat').RSA;
 export class KeyPair {
  rsaKeyPair: any;
  /**
   * generates a fresh rsa keyPair
   */
  static async generateFresh(): Promise<KeyPair> {
    const done = plugins.smartpromise.defer();
    var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
    rsa.generateKeypair(options, function(err, keypair) {
      if (err) {
        console.log(err);
      }
      done.resolve(keypair);
    });
    const result: any = await done.promise;
    const keyPair = new KeyPair(result);
    return keyPair;
  }
  constructor(rsaKeyPairArg) {
    this.rsaKeyPair = rsaKeyPairArg;
  }
 }
--- a/ts/smartacme.classes.smartacme.ts
+++ b/ts/smartacme.classes.smartacme.ts
@ -1,86 +1,96 @@
 const acme = require('acme-v2').ACME.create({
  RSA: require('rsa-compat').RSA,
  // used for constructing user-agent
  os: require('os'),
  process: require('process'),
  // used for overriding the default user-agent
  userAgent: 'My custom UA String',
  getUserAgentString: function(deps) {
    return 'My custom UA String';
  },
  // don't try to validate challenges locally
  skipChallengeTest: true
 });
 import { KeyPair } from './smartacme.classes.keypair';
 import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
+
 /**
 *
 */
 export interface ISmartAcmeStorage {}
 export class SmartAcme {
-  domainKeyPair: KeyPair;
+  // the acme client
-  accountKeyPair: KeyPair;
+  private client: any;
  accountData: any;
  directoryUrls: any;
-  async init() {
+  // the account private key
-    // get directory url
+  private privateKey: string;
    this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
-    // create keyPairs
+  // challenge fullfillment
-    this.domainKeyPair = await KeyPair.generateFresh();
+  private setChallenge: (authz, challenge, keyAuthorization) => Promise<any>;
-    this.accountKeyPair = await KeyPair.generateFresh();
+  private removeChallenge: (authz, challenge, keyAuthorization) => Promise<any>;
-    // get account
+  public async init(optionsArg: {
-    const registrationData = await acme.accounts
+    accountPrivateKey?: string;
-      .create({
+    accountEmail: string;
-        email: 'domains@lossless.org', // valid email (server checks MX records)
+    setChallenge: (authz, challenge, keyAuthorization) => Promise<any>;
-        accountKeypair: this.accountKeyPair.rsaKeyPair,
+    removeChallenge: (authz, challenge, keyAuthorization) => Promise<any>;
-        agreeToTerms: async tosUrl => {
+  }) {
-          return tosUrl;
+    this.privateKey = optionsArg.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
-        }
+    this.setChallenge = optionsArg.setChallenge;
-      })
+    this.removeChallenge = optionsArg.removeChallenge;
-      .catch(e => {
+    this.client = new plugins.acme.Client({
-        console.log(e);
+      directoryUrl: plugins.acme.directory.letsencrypt.staging,
      accountKey: this.privateKey
    });
    /* Register account */
    await this.client.createAccount({
      termsOfServiceAgreed: true,
      contact: [`mailto:${optionsArg.accountEmail}`]
    });
    this.accountData = registrationData;
  }
-  async getCertificateForDomain(domain) {
+  public async getCertificateForDomain(domainArg: string) {
-    const result = await acme.certificates
+    const domain = domainArg;
      .create({
        domainKeypair: this.domainKeyPair.rsaKeyPair,
        accountKeypair: this.accountKeyPair.rsaKeyPair,
        domains: ['bleu.de'],
        challengeType: 'dns-01',
-        setChallenge: async (hostname, key, val, cb) => {
+    /* Place new order */
-          console.log('set challenge');
+    const order = await this.client.createOrder({
-          console.log(hostname);
+      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
-          //console.log(key);
+    });
          //console.log(val);
          const dnsKey = rsa.utils.toWebsafeBase64(
            require('crypto')
              .createHash('sha256')
              .update(val)
              .digest('base64')
          );
-          console.log(dnsKey);
+    /* Get authorizations and select challenges */
-          await plugins.smartdelay.delayFor(20000);
+    const authorizations = await this.client.getAuthorizations(order);
-          console.log('ready!');
+
-          cb();
+    const promises = authorizations.map(async authz => {
-        }, // return Promise
+      const challenge = authz.challenges.pop();
-        removeChallenge: async (hostname, key) => {
+      const keyAuthorization = await this.client.getChallengeKeyAuthorization(challenge);
-          console.log('removing challenge');
+
-          return;
+      try {
-        } // return Promise
+        /* Satisfy challenge */
-      })
+        await this.setChallenge(authz, challenge, keyAuthorization);
-      .catch(e => {
+
        /* Verify that challenge is satisfied */
        await this.client.verifyChallenge(authz, challenge);
        /* Notify ACME provider that challenge is satisfied */
        await this.client.completeChallenge(challenge);
        /* Wait for ACME provider to respond with valid status */
        await this.client.waitForValidStatus(challenge);
      } finally {
        /* Clean up challenge response */
        try {
          await this.removeChallenge(authz, challenge, keyAuthorization);
        } catch (e) {
          console.log(e);
      }); // returns Promise<pems={ privkey (key), cert, chain (ca) }>
    console.log(result);
        }
      }
    });
    /* Wait for challenges to complete */
    await Promise.all(promises);
    /* Finalize order */
    const [key, csr] = await plugins.acme.forge.createCsr({
      commonName: `*.${domain}`,
      altNames: [domain]
    });
    await this.client.finalizeOrder(order, csr);
    const cert = await this.client.getCertificate(order);
    /* Done */
    console.log(`CSR:\n${csr.toString()}`);
    console.log(`Private key:\n${key.toString()}`);
    console.log(`Certificate:\n${cert.toString()}`);
  }
  toStorageObject () {};
 }
--- a/ts/smartacme.plugins.ts
+++ b/ts/smartacme.plugins.ts
@ -1,4 +1,10 @@
 // @pushrocks scope
 import * as smartpromise from '@pushrocks/smartpromise';
 import * as smartdelay from '@pushrocks/smartdelay';
 export { smartpromise, smartdelay };
 // thirs party scope
 import * as acme from 'acme-client';
 export { acme };