feat(swaitch to acme-v2): switch to letsencrypt v2
This commit is contained in:
parent
3e350dfed5
commit
9eda0da9a7
1
dist/index.d.ts
vendored
1
dist/index.d.ts
vendored
@ -1 +0,0 @@
|
|||||||
export * from './smartacme.classes.smartacme';
|
|
7
dist/index.js
vendored
7
dist/index.js
vendored
@ -1,7 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
function __export(m) {
|
|
||||||
for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
|
|
||||||
}
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
__export(require("./smartacme.classes.smartacme"));
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLG1EQUE2QyJ9
|
|
21
dist/smartacme.classes.acmeaccount.d.ts
vendored
21
dist/smartacme.classes.acmeaccount.d.ts
vendored
@ -1,21 +0,0 @@
|
|||||||
import { SmartAcme } from './smartacme.classes.smartacme';
|
|
||||||
import { AcmeCert } from './smartacme.classes.acmecert';
|
|
||||||
/**
|
|
||||||
* class AcmeAccount represents an AcmeAccount
|
|
||||||
*/
|
|
||||||
export declare class AcmeAccount {
|
|
||||||
parentSmartAcme: SmartAcme;
|
|
||||||
location: string;
|
|
||||||
link: string;
|
|
||||||
JWK: any;
|
|
||||||
constructor(smartAcmeParentArg: SmartAcme);
|
|
||||||
/**
|
|
||||||
* register the account with letsencrypt
|
|
||||||
*/
|
|
||||||
register(): Promise<{}>;
|
|
||||||
/**
|
|
||||||
* agree to letsencrypr terms of service
|
|
||||||
*/
|
|
||||||
agreeTos(): Promise<{}>;
|
|
||||||
createAcmeCert(domainNameArg: string, countryArg?: string, countryShortArg?: string, city?: string, companyArg?: string, companyShortArg?: string): Promise<AcmeCert>;
|
|
||||||
}
|
|
72
dist/smartacme.classes.acmeaccount.js
vendored
72
dist/smartacme.classes.acmeaccount.js
vendored
@ -1,72 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
const q = require("smartq");
|
|
||||||
const smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
|
|
||||||
/**
|
|
||||||
* class AcmeAccount represents an AcmeAccount
|
|
||||||
*/
|
|
||||||
class AcmeAccount {
|
|
||||||
constructor(smartAcmeParentArg) {
|
|
||||||
this.parentSmartAcme = smartAcmeParentArg;
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* register the account with letsencrypt
|
|
||||||
*/
|
|
||||||
register() {
|
|
||||||
let done = q.defer();
|
|
||||||
this.parentSmartAcme.rawacmeClient.newReg({
|
|
||||||
contact: ['mailto:domains@lossless.org']
|
|
||||||
}, (err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:');
|
|
||||||
console.log(err);
|
|
||||||
done.reject(err);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
this.JWK = res.body.key;
|
|
||||||
this.link = res.headers.link;
|
|
||||||
console.log(this.link);
|
|
||||||
this.location = res.headers.location;
|
|
||||||
done.resolve();
|
|
||||||
});
|
|
||||||
return done.promise;
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* agree to letsencrypr terms of service
|
|
||||||
*/
|
|
||||||
agreeTos() {
|
|
||||||
let done = q.defer();
|
|
||||||
let tosPart = this.link.split(',')[1];
|
|
||||||
let tosLinkPortion = tosPart.split(';')[0];
|
|
||||||
let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '');
|
|
||||||
this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.log(err);
|
|
||||||
done.reject(err);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
done.resolve();
|
|
||||||
});
|
|
||||||
return done.promise;
|
|
||||||
}
|
|
||||||
createAcmeCert(domainNameArg, countryArg = 'Germany', countryShortArg = 'DE', city = 'Bremen', companyArg = 'Some Company', companyShortArg = 'SC') {
|
|
||||||
let done = q.defer();
|
|
||||||
let acmeCert = new smartacme_classes_acmecert_1.AcmeCert({
|
|
||||||
bit: 2064,
|
|
||||||
key: null,
|
|
||||||
domain: domainNameArg,
|
|
||||||
country: countryArg,
|
|
||||||
country_short: countryShortArg,
|
|
||||||
locality: city,
|
|
||||||
organization: companyArg,
|
|
||||||
organization_short: companyShortArg,
|
|
||||||
password: null,
|
|
||||||
unstructured: null,
|
|
||||||
subject_alt_names: null
|
|
||||||
}, this);
|
|
||||||
done.resolve(acmeCert);
|
|
||||||
return done.promise;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
exports.AcmeAccount = AcmeAccount;
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDRCQUEyQjtBQU0zQiw2RUFBdUQ7QUFFdkQ7O0dBRUc7QUFDSDtJQUtFLFlBQVksa0JBQTZCO1FBQ3ZDLElBQUksQ0FBQyxlQUFlLEdBQUcsa0JBQWtCLENBQUE7SUFDM0MsQ0FBQztJQUVEOztPQUVHO0lBQ0gsUUFBUTtRQUNOLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixJQUFJLENBQUMsZUFBZSxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQ3ZDO1lBQ0UsT0FBTyxFQUFFLENBQUUsNkJBQTZCLENBQUU7U0FDM0MsRUFDRCxDQUFDLEdBQUcsRUFBRSxHQUFHO1lBQ1AsRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDUixPQUFPLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUE7Z0JBQ2pELE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLE1BQU0sQ0FBQTtZQUNSLENBQUM7WUFDRCxJQUFJLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFBO1lBQ3ZCLElBQUksQ0FBQyxJQUFJLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUE7WUFDNUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUE7WUFDdEIsSUFBSSxDQUFDLFFBQVEsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQTtZQUNwQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUFDLENBQUE7UUFDSixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxRQUFRO1FBQ04sSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksT0FBTyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFFLENBQUMsQ0FBRSxDQUFBO1FBQ3ZDLElBQUksY0FBYyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUUsQ0FBQyxDQUFFLENBQUE7UUFDNUMsSUFBSSxHQUFHLEdBQUcsY0FBYyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBRSxDQUFDLENBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBQ3BFLElBQUksQ0FBQyxlQUFlLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQyxHQUFHLEVBQUUsR0FBRztZQUNuRyxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNSLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLE1BQU0sQ0FBQTtZQUNSLENBQUM7WUFDRCxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUFDLENBQUE7UUFDRixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQsY0FBYyxDQUNaLGFBQXFCLEVBQ3JCLFVBQVUsR0FBRyxTQUFTLEVBQ3RCLGVBQWUsR0FBRyxJQUFJLEVBQ3RCLElBQUksR0FBRyxRQUFRLEVBQ2YsVUFBVSxHQUFHLGNBQWMsRUFDM0IsZUFBZSxHQUFHLElBQUk7UUFHdEIsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBWSxDQUFBO1FBQzlCLElBQUksUUFBUSxHQUFHLElBQUkscUNBQVEsQ0FDekI7WUFDRSxHQUFHLEVBQUUsSUFBSTtZQUNULEdBQUcsRUFBRSxJQUFJO1lBQ1QsTUFBTSxFQUFFLGFBQWE7WUFDckIsT0FBTyxFQUFFLFVBQVU7WUFDbkIsYUFBYSxFQUFFLGVBQWU7WUFDOUIsUUFBUSxFQUFFLElBQUk7WUFDZCxZQUFZLEVBQUUsVUFBVTtZQUN4QixrQkFBa0IsRUFBRSxlQUFlO1lBQ25DLFFBQVEsRUFBRSxJQUFJO1lBQ2QsWUFBWSxFQUFFLElBQUk7WUFDbEIsaUJBQWlCLEVBQUUsSUFBSTtTQUN4QixFQUNELElBQUksQ0FDTCxDQUFBO1FBQ0QsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQTtRQUN0QixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0NBQ0Y7QUFsRkQsa0NBa0ZDIn0=
|
|
78
dist/smartacme.classes.acmecert.d.ts
vendored
78
dist/smartacme.classes.acmecert.d.ts
vendored
@ -1,78 +0,0 @@
|
|||||||
import { IRsaKeypair } from './smartacme.classes.smartacme';
|
|
||||||
import { AcmeAccount } from './smartacme.classes.acmeaccount';
|
|
||||||
/**
|
|
||||||
* types of challenges supported by letsencrypt and this module
|
|
||||||
*/
|
|
||||||
export declare type TChallengeType = 'dns-01' | 'http-01';
|
|
||||||
/**
|
|
||||||
* values that a challenge's status can have
|
|
||||||
*/
|
|
||||||
export declare type TChallengeStatus = 'pending';
|
|
||||||
export interface ISmartAcmeChallenge {
|
|
||||||
uri: string;
|
|
||||||
status: TChallengeStatus;
|
|
||||||
type: TChallengeType;
|
|
||||||
token: string;
|
|
||||||
keyAuthorization: string;
|
|
||||||
}
|
|
||||||
export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
|
|
||||||
dnsKeyHash: string;
|
|
||||||
domainName: string;
|
|
||||||
domainNamePrefixed: string;
|
|
||||||
}
|
|
||||||
export interface IAcmeCsrConstructorOptions {
|
|
||||||
bit: number;
|
|
||||||
key: string;
|
|
||||||
domain: string;
|
|
||||||
country: string;
|
|
||||||
country_short: string;
|
|
||||||
locality: string;
|
|
||||||
organization: string;
|
|
||||||
organization_short: string;
|
|
||||||
password: string;
|
|
||||||
unstructured: string;
|
|
||||||
subject_alt_names: string[];
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* class AcmeCert represents a cert for domain
|
|
||||||
*/
|
|
||||||
export declare class AcmeCert {
|
|
||||||
domainName: string;
|
|
||||||
attributes: any;
|
|
||||||
fullchain: string;
|
|
||||||
parentAcmeAccount: AcmeAccount;
|
|
||||||
csr: any;
|
|
||||||
validFrom: Date;
|
|
||||||
validTo: Date;
|
|
||||||
keypair: IRsaKeypair;
|
|
||||||
keyPairFinal: IRsaKeypair;
|
|
||||||
chosenChallenge: ISmartAcmeChallengeChosen;
|
|
||||||
dnsKeyHash: string;
|
|
||||||
constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount);
|
|
||||||
/**
|
|
||||||
* requests a challenge for a domain
|
|
||||||
* @param domainNameArg - the domain name to request a challenge for
|
|
||||||
* @param challengeType - the challenge type to request
|
|
||||||
*/
|
|
||||||
requestChallenge(challengeTypeArg?: TChallengeType): Promise<ISmartAcmeChallengeChosen>;
|
|
||||||
/**
|
|
||||||
* checks if DNS records are set, will go through a max of 30 cycles
|
|
||||||
*/
|
|
||||||
checkDns(cycleArg?: number): Promise<void>;
|
|
||||||
/**
|
|
||||||
* validates a challenge, only call after you have set the challenge at the expected location
|
|
||||||
*/
|
|
||||||
requestValidation(): Promise<void>;
|
|
||||||
/**
|
|
||||||
* requests a certificate
|
|
||||||
*/
|
|
||||||
requestCert(): Promise<{}>;
|
|
||||||
/**
|
|
||||||
* getCertificate - takes care of cooldown, validation polling and certificate retrieval
|
|
||||||
*/
|
|
||||||
getCertificate(): void;
|
|
||||||
/**
|
|
||||||
* accept a challenge - for private use only
|
|
||||||
*/
|
|
||||||
acceptChallenge(): Promise<{}>;
|
|
||||||
}
|
|
183
dist/smartacme.classes.acmecert.js
vendored
183
dist/smartacme.classes.acmecert.js
vendored
File diff suppressed because one or more lines are too long
32
dist/smartacme.classes.smartacme.d.ts
vendored
32
dist/smartacme.classes.smartacme.d.ts
vendored
@ -1,32 +0,0 @@
|
|||||||
import { AcmeAccount } from './smartacme.classes.acmeaccount';
|
|
||||||
/**
|
|
||||||
* a rsa keypair needed for account creation and subsequent requests
|
|
||||||
*/
|
|
||||||
export interface IRsaKeypair {
|
|
||||||
publicKey: string;
|
|
||||||
privateKey: string;
|
|
||||||
}
|
|
||||||
export { AcmeAccount } from './smartacme.classes.acmeaccount';
|
|
||||||
export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert';
|
|
||||||
/**
|
|
||||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
|
||||||
*/
|
|
||||||
export declare class SmartAcme {
|
|
||||||
acmeUrl: string;
|
|
||||||
productionBool: boolean;
|
|
||||||
keyPair: IRsaKeypair;
|
|
||||||
rawacmeClient: any;
|
|
||||||
/**
|
|
||||||
* the constructor for class SmartAcme
|
|
||||||
*/
|
|
||||||
constructor(productionArg?: boolean);
|
|
||||||
/**
|
|
||||||
* init the smartacme instance
|
|
||||||
*/
|
|
||||||
init(): Promise<{}>;
|
|
||||||
/**
|
|
||||||
* creates an account if not currently present in module
|
|
||||||
* @executes ASYNC
|
|
||||||
*/
|
|
||||||
createAcmeAccount(): Promise<AcmeAccount>;
|
|
||||||
}
|
|
67
dist/smartacme.classes.smartacme.js
vendored
67
dist/smartacme.classes.smartacme.js
vendored
@ -1,67 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
// third party modules
|
|
||||||
const q = require("smartq"); // promises
|
|
||||||
const plugins = require("./smartacme.plugins");
|
|
||||||
const helpers = require("./smartacme.helpers");
|
|
||||||
const smartacme_classes_acmeaccount_1 = require("./smartacme.classes.acmeaccount");
|
|
||||||
var smartacme_classes_acmeaccount_2 = require("./smartacme.classes.acmeaccount");
|
|
||||||
exports.AcmeAccount = smartacme_classes_acmeaccount_2.AcmeAccount;
|
|
||||||
var smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
|
|
||||||
exports.AcmeCert = smartacme_classes_acmecert_1.AcmeCert;
|
|
||||||
/**
|
|
||||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
|
||||||
*/
|
|
||||||
class SmartAcme {
|
|
||||||
/**
|
|
||||||
* the constructor for class SmartAcme
|
|
||||||
*/
|
|
||||||
constructor(productionArg = false) {
|
|
||||||
this.productionBool = productionArg;
|
|
||||||
this.keyPair = helpers.createKeypair();
|
|
||||||
if (this.productionBool) {
|
|
||||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* init the smartacme instance
|
|
||||||
*/
|
|
||||||
init() {
|
|
||||||
let done = q.defer();
|
|
||||||
plugins.rawacme.createClient({
|
|
||||||
url: this.acmeUrl,
|
|
||||||
publicKey: this.keyPair.publicKey,
|
|
||||||
privateKey: this.keyPair.privateKey
|
|
||||||
}, (err, client) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:');
|
|
||||||
console.log(err);
|
|
||||||
done.reject(err);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// make client available in class
|
|
||||||
this.rawacmeClient = client;
|
|
||||||
done.resolve();
|
|
||||||
});
|
|
||||||
return done.promise;
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* creates an account if not currently present in module
|
|
||||||
* @executes ASYNC
|
|
||||||
*/
|
|
||||||
createAcmeAccount() {
|
|
||||||
let done = q.defer();
|
|
||||||
let acmeAccount = new smartacme_classes_acmeaccount_1.AcmeAccount(this);
|
|
||||||
acmeAccount.register().then(() => {
|
|
||||||
return acmeAccount.agreeTos();
|
|
||||||
}).then(() => {
|
|
||||||
done.resolve(acmeAccount);
|
|
||||||
});
|
|
||||||
return done.promise;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
exports.SmartAcme = SmartAcme;
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsc0JBQXNCO0FBQ3RCLDRCQUEyQixDQUFDLFdBQVc7QUFDdkMsK0NBQThDO0FBQzlDLCtDQUE4QztBQUU5QyxtRkFBNkQ7QUFVN0QsaUZBQTZEO0FBQXBELHNEQUFBLFdBQVcsQ0FBQTtBQUNwQiwyRUFBdUc7QUFBOUYsZ0RBQUEsUUFBUSxDQUFBO0FBRWpCOztHQUVHO0FBQ0g7SUFNRTs7T0FFRztJQUNILFlBQVksZ0JBQXlCLEtBQUs7UUFDeEMsSUFBSSxDQUFDLGNBQWMsR0FBRyxhQUFhLENBQUE7UUFDbkMsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUMsYUFBYSxFQUFFLENBQUE7UUFDdEMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFDeEIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQTtRQUNoRCxDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDTixJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsdUJBQXVCLENBQUE7UUFDeEQsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNILElBQUk7UUFDRixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsT0FBTyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQzFCO1lBQ0UsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ2pCLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVM7WUFDakMsVUFBVSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVTtTQUNwQyxFQUNELENBQUMsR0FBRyxFQUFFLE1BQU07WUFDVixFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNSLE9BQU8sQ0FBQyxLQUFLLENBQUMsa0NBQWtDLENBQUMsQ0FBQTtnQkFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1IsQ0FBQztZQUVELGtDQUFrQztZQUNsQyxJQUFJLENBQUMsYUFBYSxHQUFHLE1BQU0sQ0FBQTtZQUMzQixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUNGLENBQUE7UUFDRCxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsaUJBQWlCO1FBQ2YsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBZSxDQUFBO1FBQ2pDLElBQUksV0FBVyxHQUFHLElBQUksMkNBQVcsQ0FBQyxJQUFJLENBQUMsQ0FBQTtRQUN2QyxXQUFXLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDO1lBQzFCLE1BQU0sQ0FBQyxXQUFXLENBQUMsUUFBUSxFQUFFLENBQUE7UUFDL0IsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ04sSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQTtRQUMzQixDQUFDLENBQUMsQ0FBQTtRQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3JCLENBQUM7Q0FDRjtBQTVERCw4QkE0REMifQ==
|
|
10
dist/smartacme.helpers.d.ts
vendored
10
dist/smartacme.helpers.d.ts
vendored
@ -1,10 +0,0 @@
|
|||||||
import 'typings-global';
|
|
||||||
import { IRsaKeypair } from './smartacme.classes.smartacme';
|
|
||||||
/**
|
|
||||||
* creates a keypair to use with requests and to generate JWK from
|
|
||||||
*/
|
|
||||||
export declare let createKeypair: (bit?: number) => IRsaKeypair;
|
|
||||||
/**
|
|
||||||
* prefix a domain name to make sure it complies with letsencrypt
|
|
||||||
*/
|
|
||||||
export declare let prefixName: (domainNameArg: string) => string;
|
|
41
dist/smartacme.helpers.js
vendored
41
dist/smartacme.helpers.js
vendored
@ -1,41 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
require("typings-global");
|
|
||||||
const q = require("smartq");
|
|
||||||
const plugins = require("./smartacme.plugins");
|
|
||||||
/**
|
|
||||||
* creates a keypair to use with requests and to generate JWK from
|
|
||||||
*/
|
|
||||||
exports.createKeypair = (bit = 2048) => {
|
|
||||||
let result = plugins.rsaKeygen.generate(bit);
|
|
||||||
return {
|
|
||||||
publicKey: result.public_key,
|
|
||||||
privateKey: result.private_key
|
|
||||||
};
|
|
||||||
};
|
|
||||||
/**
|
|
||||||
* prefix a domain name to make sure it complies with letsencrypt
|
|
||||||
*/
|
|
||||||
exports.prefixName = (domainNameArg) => {
|
|
||||||
return '_acme-challenge.' + domainNameArg;
|
|
||||||
};
|
|
||||||
/**
|
|
||||||
* gets an existing registration
|
|
||||||
* @executes ASYNC
|
|
||||||
*/
|
|
||||||
let getReg = (SmartAcmeArg, location) => {
|
|
||||||
let done = q.defer();
|
|
||||||
let body = { resource: 'reg' };
|
|
||||||
SmartAcmeArg.rawacmeClient.post(location, body, SmartAcmeArg.keyPair, (err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:');
|
|
||||||
console.log(err);
|
|
||||||
done.reject(err);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
console.log(JSON.stringify(res.body));
|
|
||||||
done.resolve();
|
|
||||||
});
|
|
||||||
return done.promise;
|
|
||||||
};
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmhlbHBlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuaGVscGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDBCQUF1QjtBQUN2Qiw0QkFBMkI7QUFFM0IsK0NBQThDO0FBSzlDOztHQUVHO0FBQ1EsUUFBQSxhQUFhLEdBQUcsQ0FBQyxHQUFHLEdBQUcsSUFBSTtJQUNwQyxJQUFJLE1BQU0sR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQTtJQUM1QyxNQUFNLENBQUM7UUFDTCxTQUFTLEVBQUUsTUFBTSxDQUFDLFVBQVU7UUFDNUIsVUFBVSxFQUFFLE1BQU0sQ0FBQyxXQUFXO0tBQy9CLENBQUE7QUFDSCxDQUFDLENBQUE7QUFFRDs7R0FFRztBQUNRLFFBQUEsVUFBVSxHQUFHLENBQUMsYUFBcUI7SUFDNUMsTUFBTSxDQUFDLGtCQUFrQixHQUFHLGFBQWEsQ0FBQTtBQUMzQyxDQUFDLENBQUE7QUFFRDs7O0dBR0c7QUFDSCxJQUFJLE1BQU0sR0FBRyxDQUFDLFlBQXVCLEVBQUUsUUFBZ0I7SUFDckQsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO0lBQ3BCLElBQUksSUFBSSxHQUFHLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxDQUFBO0lBQzlCLFlBQVksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUM3QixRQUFRLEVBQ1IsSUFBSSxFQUNKLFlBQVksQ0FBQyxPQUFPLEVBQ3BCLENBQUMsR0FBRyxFQUFFLEdBQUc7UUFDUCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBQ1IsT0FBTyxDQUFDLEtBQUssQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFBO1lBQ2pELE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixNQUFNLENBQUE7UUFDUixDQUFDO1FBQ0QsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFBO1FBQ3JDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtJQUNoQixDQUFDLENBQ0YsQ0FBQTtJQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0FBQ3JCLENBQUMsQ0FBQSJ9
|
|
2
dist/smartacme.paths.d.ts
vendored
2
dist/smartacme.paths.d.ts
vendored
@ -1,2 +0,0 @@
|
|||||||
export declare let packageDir: string;
|
|
||||||
export declare let assetDir: string;
|
|
8
dist/smartacme.paths.js
vendored
8
dist/smartacme.paths.js
vendored
@ -1,8 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
const path = require("path");
|
|
||||||
const smartfile = require("smartfile");
|
|
||||||
exports.packageDir = path.join(__dirname, '../');
|
|
||||||
exports.assetDir = path.join(exports.packageDir, 'assets/');
|
|
||||||
smartfile.fs.ensureDirSync(exports.assetDir);
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsNkJBQTRCO0FBQzVCLHVDQUFzQztBQUUzQixRQUFBLFVBQVUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBQyxLQUFLLENBQUMsQ0FBQTtBQUN2QyxRQUFBLFFBQVEsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFVLEVBQUMsU0FBUyxDQUFDLENBQUE7QUFDckQsU0FBUyxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsZ0JBQVEsQ0FBQyxDQUFBIn0=
|
|
9
dist/smartacme.plugins.d.ts
vendored
9
dist/smartacme.plugins.d.ts
vendored
@ -1,9 +0,0 @@
|
|||||||
import 'typings-global';
|
|
||||||
declare let rsaKeygen: any;
|
|
||||||
declare let rawacme: any;
|
|
||||||
declare let nodeForge: any;
|
|
||||||
import * as dnsly from 'dnsly';
|
|
||||||
import * as smartdelay from 'smartdelay';
|
|
||||||
import * as smartfile from 'smartfile';
|
|
||||||
import * as smartstring from 'smartstring';
|
|
||||||
export { dnsly, rsaKeygen, rawacme, nodeForge, smartdelay, smartfile, smartstring };
|
|
19
dist/smartacme.plugins.js
vendored
19
dist/smartacme.plugins.js
vendored
@ -1,19 +0,0 @@
|
|||||||
"use strict";
|
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
|
||||||
require("typings-global"); // typings for node
|
|
||||||
let rsaKeygen = require('rsa-keygen'); // rsa keygen
|
|
||||||
exports.rsaKeygen = rsaKeygen;
|
|
||||||
let rawacme = require('rawacme'); // acme helper functions
|
|
||||||
exports.rawacme = rawacme;
|
|
||||||
let nodeForge = require('node-forge');
|
|
||||||
exports.nodeForge = nodeForge;
|
|
||||||
// push.rocks modules here
|
|
||||||
const dnsly = require("dnsly");
|
|
||||||
exports.dnsly = dnsly;
|
|
||||||
const smartdelay = require("smartdelay");
|
|
||||||
exports.smartdelay = smartdelay;
|
|
||||||
const smartfile = require("smartfile");
|
|
||||||
exports.smartfile = smartfile;
|
|
||||||
const smartstring = require("smartstring");
|
|
||||||
exports.smartstring = smartstring;
|
|
||||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBsdWdpbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUucGx1Z2lucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDBCQUF1QixDQUFDLG1CQUFtQjtBQUczQyxJQUFJLFNBQVMsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUEsQ0FBQyxhQUFhO0FBWWpELDhCQUFTO0FBWFgsSUFBSSxPQUFPLEdBQUcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFBLENBQUMsd0JBQXdCO0FBWXZELDBCQUFPO0FBWFQsSUFBSSxTQUFTLEdBQUcsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFBO0FBWW5DLDhCQUFTO0FBVlgsMEJBQTBCO0FBQzFCLCtCQUE4QjtBQU01QixzQkFBSztBQUxQLHlDQUF3QztBQVN0QyxnQ0FBVTtBQVJaLHVDQUFzQztBQVNwQyw4QkFBUztBQVJYLDJDQUEwQztBQVN4QyxrQ0FBVyJ9
|
|
1376
package-lock.json
generated
Normal file
1376
package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load Diff
25
package.json
25
package.json
@ -5,7 +5,7 @@
|
|||||||
"main": "dist/index.js",
|
"main": "dist/index.js",
|
||||||
"typings": "dist/index.d.ts",
|
"typings": "dist/index.d.ts",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"test": "(npmts --nodocs)"
|
"test": "(tstest test/)"
|
||||||
},
|
},
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
@ -23,20 +23,17 @@
|
|||||||
},
|
},
|
||||||
"homepage": "https://gitlab.com/umbrellazone/smartacme#README",
|
"homepage": "https://gitlab.com/umbrellazone/smartacme#README",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@types/node-forge": "^0.6.8",
|
"@pushrocks/smartpromise": "^2.0.5",
|
||||||
"dnsly": "^2.0.4",
|
"acme-v2": "^1.2.0",
|
||||||
"node-forge": "^0.7.1",
|
"rsa-compat": "^1.5.1"
|
||||||
"rawacme": "^0.2.1",
|
|
||||||
"rsa-keygen": "^1.0.6",
|
|
||||||
"smartdelay": "^1.0.1",
|
|
||||||
"smartfile": "^4.1.10",
|
|
||||||
"smartq": "^1.1.1",
|
|
||||||
"smartstring": "^2.0.24",
|
|
||||||
"typings-global": "^1.0.16"
|
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"cflare": "0.0.19",
|
"@gitzone/tsbuild": "^2.0.22",
|
||||||
"qenv": "^1.1.3",
|
"@gitzone/tsrun": "^1.1.12",
|
||||||
"tapbundle": "^1.0.10"
|
"@gitzone/tstest": "^1.0.13",
|
||||||
|
"@types/node": "^10.5.8",
|
||||||
|
"cflare": "^1.0.5",
|
||||||
|
"qenv": "^1.1.7",
|
||||||
|
"tapbundle": "^2.0.2"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
93
test/test.ts
93
test/test.ts
@ -1,90 +1,13 @@
|
|||||||
import { expect, tap } from 'tapbundle'
|
import { tap, expect } from 'tapbundle';
|
||||||
import * as cflare from 'cflare'
|
|
||||||
import * as qenv from 'qenv'
|
|
||||||
|
|
||||||
let testQenv = new qenv.Qenv(process.cwd(), process.cwd() + '/.nogit')
|
import * as smartacme from '../ts/index';
|
||||||
|
|
||||||
// import the module to test
|
let smartAcmeInstance: smartacme.SmartAcme;
|
||||||
import * as smartacme from '../dist/index'
|
|
||||||
|
|
||||||
let myCflareAccount = new cflare.CflareAccount()
|
tap.test('should create a valid instance of SmartAcme' , async () => {
|
||||||
myCflareAccount.auth({
|
smartAcmeInstance = new smartacme.SmartAcme();
|
||||||
email: process.env.CF_EMAIL,
|
await smartAcmeInstance.init()
|
||||||
key: process.env.CF_KEY
|
console.log(smartAcmeInstance.directoryUrls);
|
||||||
})
|
})
|
||||||
|
|
||||||
let testSmartAcme: smartacme.SmartAcme
|
tap.start();
|
||||||
let testAcmeAccount: smartacme.AcmeAccount
|
|
||||||
let testAcmeCert: smartacme.AcmeCert
|
|
||||||
let testChallenge: smartacme.ISmartAcmeChallengeChosen
|
|
||||||
|
|
||||||
tap.test('smartacme -> should create a valid instance', async (tools) => {
|
|
||||||
tools.timeout(10000)
|
|
||||||
testSmartAcme = new smartacme.SmartAcme(false)
|
|
||||||
await testSmartAcme.init().then(async () => {
|
|
||||||
expect(testSmartAcme).to.be.instanceOf(smartacme.SmartAcme)
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should have created keyPair', async () => {
|
|
||||||
expect(testSmartAcme.acmeUrl).to.be.a('string')
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should register a new account', async (tools) => {
|
|
||||||
tools.timeout(10000)
|
|
||||||
await testSmartAcme.createAcmeAccount().then(async x => {
|
|
||||||
testAcmeAccount = x
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should create a AcmeCert', async () => {
|
|
||||||
await testAcmeAccount.createAcmeCert('test2.bleu.de').then(async x => {
|
|
||||||
testAcmeCert = x
|
|
||||||
expect(testAcmeAccount).to.be.instanceOf(smartacme.AcmeCert)
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should get a challenge for a AcmeCert', async (tools) => {
|
|
||||||
tools.timeout(10000)
|
|
||||||
await testAcmeCert.requestChallenge().then(async (challengeChosen) => {
|
|
||||||
console.log(challengeChosen)
|
|
||||||
testChallenge = challengeChosen
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should set the challenge', async (tools) => {
|
|
||||||
tools.timeout(20000)
|
|
||||||
await myCflareAccount.createRecord(
|
|
||||||
testChallenge.domainNamePrefixed,
|
|
||||||
'TXT', testChallenge.dnsKeyHash
|
|
||||||
)
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should check for a DNS record', async (tools) => {
|
|
||||||
tools.timeout(20000)
|
|
||||||
await testAcmeCert.checkDns().then(x => {
|
|
||||||
console.log(x)
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should accept the challenge', async (tools) => {
|
|
||||||
tools.timeout(10000)
|
|
||||||
await testAcmeCert.acceptChallenge()
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should poll for validation of a challenge', async (tools) => {
|
|
||||||
tools.timeout(10000)
|
|
||||||
await testAcmeCert.requestValidation().then(async x => {
|
|
||||||
console.log(x)
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.test('smartacme -> should remove the challenge', async (tools) => {
|
|
||||||
tools.timeout(20000)
|
|
||||||
await myCflareAccount.removeRecord(
|
|
||||||
testChallenge.domainNamePrefixed,
|
|
||||||
'TXT'
|
|
||||||
)
|
|
||||||
})
|
|
||||||
|
|
||||||
tap.start()
|
|
@ -1,94 +0,0 @@
|
|||||||
import * as q from 'smartq'
|
|
||||||
|
|
||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
import * as helpers from './smartacme.helpers'
|
|
||||||
|
|
||||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
|
||||||
import { AcmeCert } from './smartacme.classes.acmecert'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* class AcmeAccount represents an AcmeAccount
|
|
||||||
*/
|
|
||||||
export class AcmeAccount {
|
|
||||||
parentSmartAcme: SmartAcme
|
|
||||||
location: string
|
|
||||||
link: string
|
|
||||||
JWK
|
|
||||||
constructor(smartAcmeParentArg: SmartAcme) {
|
|
||||||
this.parentSmartAcme = smartAcmeParentArg
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* register the account with letsencrypt
|
|
||||||
*/
|
|
||||||
register() {
|
|
||||||
let done = q.defer()
|
|
||||||
this.parentSmartAcme.rawacmeClient.newReg(
|
|
||||||
{
|
|
||||||
contact: [ 'mailto:domains@lossless.org' ]
|
|
||||||
},
|
|
||||||
(err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:')
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
this.JWK = res.body.key
|
|
||||||
this.link = res.headers.link
|
|
||||||
console.log(this.link)
|
|
||||||
this.location = res.headers.location
|
|
||||||
done.resolve()
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* agree to letsencrypr terms of service
|
|
||||||
*/
|
|
||||||
agreeTos() {
|
|
||||||
let done = q.defer()
|
|
||||||
let tosPart = this.link.split(',')[ 1 ]
|
|
||||||
let tosLinkPortion = tosPart.split(';')[ 0 ]
|
|
||||||
let url = tosLinkPortion.split(';')[ 0 ].trim().replace(/[<>]/g, '')
|
|
||||||
this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
done.resolve()
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
createAcmeCert(
|
|
||||||
domainNameArg: string,
|
|
||||||
countryArg = 'Germany',
|
|
||||||
countryShortArg = 'DE',
|
|
||||||
city = 'Bremen',
|
|
||||||
companyArg = 'Some Company',
|
|
||||||
companyShortArg = 'SC'
|
|
||||||
|
|
||||||
) {
|
|
||||||
let done = q.defer<AcmeCert>()
|
|
||||||
let acmeCert = new AcmeCert(
|
|
||||||
{
|
|
||||||
bit: 2064,
|
|
||||||
key: null, // not needed right now
|
|
||||||
domain: domainNameArg,
|
|
||||||
country: countryArg,
|
|
||||||
country_short: countryShortArg,
|
|
||||||
locality: city,
|
|
||||||
organization: companyArg,
|
|
||||||
organization_short: companyShortArg,
|
|
||||||
password: null,
|
|
||||||
unstructured: null,
|
|
||||||
subject_alt_names: null
|
|
||||||
},
|
|
||||||
this
|
|
||||||
)
|
|
||||||
done.resolve(acmeCert)
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,255 +0,0 @@
|
|||||||
import * as q from 'smartq'
|
|
||||||
|
|
||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
import * as helpers from './smartacme.helpers'
|
|
||||||
|
|
||||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
|
||||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* types of challenges supported by letsencrypt and this module
|
|
||||||
*/
|
|
||||||
export type TChallengeType = 'dns-01' | 'http-01'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* values that a challenge's status can have
|
|
||||||
*/
|
|
||||||
export type TChallengeStatus = 'pending'
|
|
||||||
|
|
||||||
export interface ISmartAcmeChallenge {
|
|
||||||
uri: string
|
|
||||||
status: TChallengeStatus
|
|
||||||
type: TChallengeType
|
|
||||||
token: string
|
|
||||||
keyAuthorization: string
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
|
|
||||||
dnsKeyHash: string
|
|
||||||
domainName: string
|
|
||||||
domainNamePrefixed: string
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface IAcmeCsrConstructorOptions {
|
|
||||||
bit: number,
|
|
||||||
key: string,
|
|
||||||
domain: string,
|
|
||||||
country: string,
|
|
||||||
country_short: string,
|
|
||||||
locality: string,
|
|
||||||
organization: string,
|
|
||||||
organization_short: string,
|
|
||||||
password: string,
|
|
||||||
unstructured: string,
|
|
||||||
subject_alt_names: string[]
|
|
||||||
}
|
|
||||||
|
|
||||||
// Dnsly instance (we really just need one)
|
|
||||||
let myDnsly = new plugins.dnsly.Dnsly('google')
|
|
||||||
|
|
||||||
/**
|
|
||||||
* class AcmeCert represents a cert for domain
|
|
||||||
*/
|
|
||||||
export class AcmeCert {
|
|
||||||
domainName: string
|
|
||||||
attributes
|
|
||||||
fullchain: string
|
|
||||||
parentAcmeAccount: AcmeAccount
|
|
||||||
csr
|
|
||||||
validFrom: Date
|
|
||||||
validTo: Date
|
|
||||||
keypair: IRsaKeypair
|
|
||||||
keyPairFinal: IRsaKeypair
|
|
||||||
chosenChallenge: ISmartAcmeChallengeChosen
|
|
||||||
dnsKeyHash: string
|
|
||||||
constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount) {
|
|
||||||
this.domainName = optionsArg.domain
|
|
||||||
this.parentAcmeAccount = parentAcmeAccount
|
|
||||||
this.keypair = helpers.createKeypair(optionsArg.bit)
|
|
||||||
let privateKeyForged = plugins.nodeForge.pki.privateKeyFromPem(this.keypair.privateKey)
|
|
||||||
let publicKeyForged = plugins.nodeForge.pki.publicKeyToPem(
|
|
||||||
plugins.nodeForge.pki.setRsaPublicKey(privateKeyForged.n, privateKeyForged.e)
|
|
||||||
)
|
|
||||||
this.keyPairFinal = {
|
|
||||||
privateKey: privateKeyForged,
|
|
||||||
publicKey: publicKeyForged
|
|
||||||
}
|
|
||||||
|
|
||||||
// set dates
|
|
||||||
this.validFrom = new Date()
|
|
||||||
this.validTo = new Date()
|
|
||||||
this.validTo.setDate(this.validFrom.getDate() + 90)
|
|
||||||
|
|
||||||
// set attributes
|
|
||||||
this.attributes = [
|
|
||||||
{ name: 'commonName', value: optionsArg.domain },
|
|
||||||
{ name: 'countryName', value: optionsArg.country },
|
|
||||||
{ shortName: 'ST', value: optionsArg.country_short },
|
|
||||||
{ name: 'localityName', value: optionsArg.locality },
|
|
||||||
{ name: 'organizationName', value: optionsArg.organization },
|
|
||||||
{ shortName: 'OU', value: optionsArg.organization_short },
|
|
||||||
{ name: 'challengePassword', value: optionsArg.password },
|
|
||||||
{ name: 'unstructuredName', value: optionsArg.unstructured }
|
|
||||||
]
|
|
||||||
|
|
||||||
// set up csr
|
|
||||||
this.csr = plugins.nodeForge.pki.createCertificationRequest()
|
|
||||||
this.csr.setSubject(this.attributes)
|
|
||||||
this.csr.setAttributes(this.attributes)
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* requests a challenge for a domain
|
|
||||||
* @param domainNameArg - the domain name to request a challenge for
|
|
||||||
* @param challengeType - the challenge type to request
|
|
||||||
*/
|
|
||||||
requestChallenge(challengeTypeArg: TChallengeType = 'dns-01') {
|
|
||||||
let done = q.defer<ISmartAcmeChallengeChosen>()
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newAuthz(
|
|
||||||
{
|
|
||||||
identifier: {
|
|
||||||
type: 'dns',
|
|
||||||
value: this.domainName
|
|
||||||
}
|
|
||||||
},
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.keyPair,
|
|
||||||
(err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:')
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
}
|
|
||||||
let preChosenChallenge = res.body.challenges.filter(x => {
|
|
||||||
return x.type === challengeTypeArg
|
|
||||||
})[ 0 ]
|
|
||||||
|
|
||||||
/**
|
|
||||||
* the key is needed to accept the challenge
|
|
||||||
*/
|
|
||||||
let authKey: string = plugins.rawacme.keyAuthz(
|
|
||||||
preChosenChallenge.token,
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.keyPair.publicKey
|
|
||||||
)
|
|
||||||
|
|
||||||
/**
|
|
||||||
* needed in case selected challenge is of type dns-01
|
|
||||||
*/
|
|
||||||
this.dnsKeyHash = plugins.rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
|
|
||||||
/**
|
|
||||||
* the return challenge
|
|
||||||
*/
|
|
||||||
this.chosenChallenge = {
|
|
||||||
uri: preChosenChallenge.uri,
|
|
||||||
type: preChosenChallenge.type,
|
|
||||||
token: preChosenChallenge.token,
|
|
||||||
keyAuthorization: authKey,
|
|
||||||
status: preChosenChallenge.status,
|
|
||||||
dnsKeyHash: this.dnsKeyHash,
|
|
||||||
domainName: this.domainName,
|
|
||||||
domainNamePrefixed: helpers.prefixName(this.domainName)
|
|
||||||
}
|
|
||||||
done.resolve(this.chosenChallenge)
|
|
||||||
}
|
|
||||||
)
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* checks if DNS records are set, will go through a max of 30 cycles
|
|
||||||
*/
|
|
||||||
async checkDns(cycleArg = 1) {
|
|
||||||
let result = await myDnsly.checkUntilAvailable(helpers.prefixName(this.domainName), 'TXT', this.dnsKeyHash)
|
|
||||||
if (result) {
|
|
||||||
console.log('DNS is set!')
|
|
||||||
return
|
|
||||||
} else {
|
|
||||||
throw new Error('DNS not set!')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* validates a challenge, only call after you have set the challenge at the expected location
|
|
||||||
*/
|
|
||||||
async requestValidation() {
|
|
||||||
let makeRequest = () => {
|
|
||||||
let done = q.defer()
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.poll(this.chosenChallenge.uri, async (err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.log(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
console.log(`Validation response:`)
|
|
||||||
console.log(JSON.stringify(res.body))
|
|
||||||
if (res.body.status === 'pending' || res.body.status === 'invalid') {
|
|
||||||
await plugins.smartdelay.delayFor(3000)
|
|
||||||
makeRequest().then((x: any) => { done.resolve(x) })
|
|
||||||
} else {
|
|
||||||
console.log('perfect!')
|
|
||||||
done.resolve(res.body)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
await makeRequest()
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* requests a certificate
|
|
||||||
*/
|
|
||||||
requestCert() {
|
|
||||||
let done = q.defer()
|
|
||||||
let payload = {
|
|
||||||
csr: plugins.rawacme.base64.encode(
|
|
||||||
plugins.rawacme.toDer(
|
|
||||||
plugins.nodeForge.pki.certificationRequestToPem(
|
|
||||||
this.csr
|
|
||||||
)
|
|
||||||
)
|
|
||||||
),
|
|
||||||
notBefore: this.validFrom.toISOString(),
|
|
||||||
notAfter: this.validTo.toISOString()
|
|
||||||
}
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newCert(
|
|
||||||
payload,
|
|
||||||
helpers.createKeypair(),
|
|
||||||
(err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
}
|
|
||||||
console.log(res.body)
|
|
||||||
done.resolve(res.body)
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* getCertificate - takes care of cooldown, validation polling and certificate retrieval
|
|
||||||
*/
|
|
||||||
getCertificate() {
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* accept a challenge - for private use only
|
|
||||||
*/
|
|
||||||
acceptChallenge() {
|
|
||||||
let done = q.defer()
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.post(
|
|
||||||
this.chosenChallenge.uri,
|
|
||||||
{
|
|
||||||
resource: 'challenge',
|
|
||||||
keyAuthorization: this.chosenChallenge.keyAuthorization
|
|
||||||
},
|
|
||||||
this.parentAcmeAccount.parentSmartAcme.keyPair,
|
|
||||||
(err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
}
|
|
||||||
done.resolve(res.body)
|
|
||||||
}
|
|
||||||
)
|
|
||||||
return done.promise
|
|
||||||
}
|
|
||||||
}
|
|
27
ts/smartacme.classes.keypair.ts
Normal file
27
ts/smartacme.classes.keypair.ts
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
import * as plugins from './smartacme.plugins';
|
||||||
|
const rsa = require('rsa-compat').RSA;
|
||||||
|
|
||||||
|
export class KeyPair {
|
||||||
|
rsaKeyPair: any
|
||||||
|
|
||||||
|
/**
|
||||||
|
* generates a fresh rsa keyPair
|
||||||
|
*/
|
||||||
|
static async generateFresh(): Promise<KeyPair> {
|
||||||
|
const done = plugins.smartpromise.defer();
|
||||||
|
var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
|
||||||
|
rsa.generateKeypair(options, function(err, keypair) {
|
||||||
|
if(err) {
|
||||||
|
console.log(err);
|
||||||
|
}
|
||||||
|
done.resolve(keypair);
|
||||||
|
});
|
||||||
|
const result: any = await done.promise;
|
||||||
|
const keyPair = new KeyPair(result);
|
||||||
|
return keyPair;
|
||||||
|
}
|
||||||
|
|
||||||
|
constructor(rsaKeyPairArg) {
|
||||||
|
this.rsaKeyPair = rsaKeyPairArg;
|
||||||
|
}
|
||||||
|
}
|
@ -1,82 +1,47 @@
|
|||||||
// third party modules
|
const acme = require('acme-v2').ACME.create({
|
||||||
import * as q from 'smartq' // promises
|
RSA: require('rsa-compat').RSA,
|
||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
import * as helpers from './smartacme.helpers'
|
|
||||||
|
|
||||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
// other overrides
|
||||||
|
promisify: require('util').promisify,
|
||||||
|
|
||||||
/**
|
// used for constructing user-agent
|
||||||
* a rsa keypair needed for account creation and subsequent requests
|
os: require('os'),
|
||||||
*/
|
process: require('process'),
|
||||||
export interface IRsaKeypair {
|
|
||||||
publicKey: string
|
|
||||||
privateKey: string
|
|
||||||
}
|
|
||||||
|
|
||||||
export { AcmeAccount } from './smartacme.classes.acmeaccount'
|
// used for overriding the default user-agent
|
||||||
export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert'
|
userAgent: 'My custom UA String',
|
||||||
|
getUserAgentString: function(deps) {
|
||||||
|
return 'My custom UA String';
|
||||||
|
},
|
||||||
|
|
||||||
|
// don't try to validate challenges locally
|
||||||
|
skipChallengeTest: false
|
||||||
|
});
|
||||||
|
|
||||||
|
import { KeyPair } from './smartacme.classes.keypair';
|
||||||
|
|
||||||
/**
|
|
||||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
|
||||||
*/
|
|
||||||
export class SmartAcme {
|
export class SmartAcme {
|
||||||
acmeUrl: string // the acme url to use for this instance
|
keyPair: KeyPair;
|
||||||
productionBool: boolean // a boolean to quickly know wether we are in production or not
|
directoryUrls: any;
|
||||||
keyPair: IRsaKeypair // the keyPair needed for account creation
|
|
||||||
rawacmeClient
|
|
||||||
|
|
||||||
/**
|
async init() {
|
||||||
* the constructor for class SmartAcme
|
// get directory url
|
||||||
*/
|
this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
|
||||||
constructor(productionArg: boolean = false) {
|
|
||||||
this.productionBool = productionArg
|
|
||||||
this.keyPair = helpers.createKeypair()
|
|
||||||
if (this.productionBool) {
|
|
||||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL
|
|
||||||
} else {
|
|
||||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
// create keyPair
|
||||||
* init the smartacme instance
|
this.keyPair = await KeyPair.generateFresh();
|
||||||
*/
|
|
||||||
init() {
|
|
||||||
let done = q.defer()
|
|
||||||
plugins.rawacme.createClient(
|
|
||||||
{
|
|
||||||
url: this.acmeUrl,
|
|
||||||
publicKey: this.keyPair.publicKey,
|
|
||||||
privateKey: this.keyPair.privateKey
|
|
||||||
},
|
|
||||||
(err, client) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:')
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// make client available in class
|
// get account
|
||||||
this.rawacmeClient = client
|
const registrationData = await acme.accounts.create({
|
||||||
done.resolve()
|
email: 'domains@lossless.org', // valid email (server checks MX records)
|
||||||
|
accountKeypair: this.keyPair.rsaKeyPair,
|
||||||
|
agreeToTerms: async tosUrl => {
|
||||||
|
return tosUrl;
|
||||||
}
|
}
|
||||||
)
|
}).catch(e => {
|
||||||
return done.promise
|
console.log(e);
|
||||||
}
|
});
|
||||||
|
|
||||||
/**
|
console.log(registrationData);
|
||||||
* creates an account if not currently present in module
|
|
||||||
* @executes ASYNC
|
|
||||||
*/
|
|
||||||
createAcmeAccount() {
|
|
||||||
let done = q.defer<AcmeAccount>()
|
|
||||||
let acmeAccount = new AcmeAccount(this)
|
|
||||||
acmeAccount.register().then(() => {
|
|
||||||
return acmeAccount.agreeTos()
|
|
||||||
}).then(() => {
|
|
||||||
done.resolve(acmeAccount)
|
|
||||||
})
|
|
||||||
return done.promise
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
import 'typings-global'
|
|
||||||
import * as q from 'smartq'
|
|
||||||
|
|
||||||
import * as plugins from './smartacme.plugins'
|
|
||||||
|
|
||||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
|
||||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* creates a keypair to use with requests and to generate JWK from
|
|
||||||
*/
|
|
||||||
export let createKeypair = (bit = 2048): IRsaKeypair => {
|
|
||||||
let result = plugins.rsaKeygen.generate(bit)
|
|
||||||
return {
|
|
||||||
publicKey: result.public_key,
|
|
||||||
privateKey: result.private_key
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* prefix a domain name to make sure it complies with letsencrypt
|
|
||||||
*/
|
|
||||||
export let prefixName = (domainNameArg: string): string => {
|
|
||||||
return '_acme-challenge.' + domainNameArg
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* gets an existing registration
|
|
||||||
* @executes ASYNC
|
|
||||||
*/
|
|
||||||
let getReg = (SmartAcmeArg: SmartAcme, location: string) => {
|
|
||||||
let done = q.defer()
|
|
||||||
let body = { resource: 'reg' }
|
|
||||||
SmartAcmeArg.rawacmeClient.post(
|
|
||||||
location,
|
|
||||||
body,
|
|
||||||
SmartAcmeArg.keyPair,
|
|
||||||
(err, res) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('smartacme: something went wrong:')
|
|
||||||
console.log(err)
|
|
||||||
done.reject(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
console.log(JSON.stringify(res.body))
|
|
||||||
done.resolve()
|
|
||||||
}
|
|
||||||
)
|
|
||||||
return done.promise
|
|
||||||
}
|
|
@ -1,6 +0,0 @@
|
|||||||
import * as path from 'path'
|
|
||||||
import * as smartfile from 'smartfile'
|
|
||||||
|
|
||||||
export let packageDir = path.join(__dirname,'../')
|
|
||||||
export let assetDir = path.join(packageDir,'assets/')
|
|
||||||
smartfile.fs.ensureDirSync(assetDir)
|
|
@ -1,22 +1,5 @@
|
|||||||
import 'typings-global' // typings for node
|
import * as smartpromise from '@pushrocks/smartpromise';
|
||||||
|
|
||||||
import * as path from 'path' // native node path module
|
|
||||||
let rsaKeygen = require('rsa-keygen') // rsa keygen
|
|
||||||
let rawacme = require('rawacme') // acme helper functions
|
|
||||||
let nodeForge = require('node-forge')
|
|
||||||
|
|
||||||
// push.rocks modules here
|
|
||||||
import * as dnsly from 'dnsly'
|
|
||||||
import * as smartdelay from 'smartdelay'
|
|
||||||
import * as smartfile from 'smartfile'
|
|
||||||
import * as smartstring from 'smartstring'
|
|
||||||
|
|
||||||
export {
|
export {
|
||||||
dnsly,
|
smartpromise
|
||||||
rsaKeygen,
|
}
|
||||||
rawacme,
|
|
||||||
nodeForge,
|
|
||||||
smartdelay,
|
|
||||||
smartfile,
|
|
||||||
smartstring
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user