feat(swaitch to acme-v2): switch to letsencrypt v2
This commit is contained in:
parent
3e350dfed5
commit
9eda0da9a7
1
dist/index.d.ts
vendored
1
dist/index.d.ts
vendored
@ -1 +0,0 @@
|
||||
export * from './smartacme.classes.smartacme';
|
7
dist/index.js
vendored
7
dist/index.js
vendored
@ -1,7 +0,0 @@
|
||||
"use strict";
|
||||
function __export(m) {
|
||||
for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
|
||||
}
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
__export(require("./smartacme.classes.smartacme"));
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLG1EQUE2QyJ9
|
21
dist/smartacme.classes.acmeaccount.d.ts
vendored
21
dist/smartacme.classes.acmeaccount.d.ts
vendored
@ -1,21 +0,0 @@
|
||||
import { SmartAcme } from './smartacme.classes.smartacme';
|
||||
import { AcmeCert } from './smartacme.classes.acmecert';
|
||||
/**
|
||||
* class AcmeAccount represents an AcmeAccount
|
||||
*/
|
||||
export declare class AcmeAccount {
|
||||
parentSmartAcme: SmartAcme;
|
||||
location: string;
|
||||
link: string;
|
||||
JWK: any;
|
||||
constructor(smartAcmeParentArg: SmartAcme);
|
||||
/**
|
||||
* register the account with letsencrypt
|
||||
*/
|
||||
register(): Promise<{}>;
|
||||
/**
|
||||
* agree to letsencrypr terms of service
|
||||
*/
|
||||
agreeTos(): Promise<{}>;
|
||||
createAcmeCert(domainNameArg: string, countryArg?: string, countryShortArg?: string, city?: string, companyArg?: string, companyShortArg?: string): Promise<AcmeCert>;
|
||||
}
|
72
dist/smartacme.classes.acmeaccount.js
vendored
72
dist/smartacme.classes.acmeaccount.js
vendored
@ -1,72 +0,0 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
const q = require("smartq");
|
||||
const smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
|
||||
/**
|
||||
* class AcmeAccount represents an AcmeAccount
|
||||
*/
|
||||
class AcmeAccount {
|
||||
constructor(smartAcmeParentArg) {
|
||||
this.parentSmartAcme = smartAcmeParentArg;
|
||||
}
|
||||
/**
|
||||
* register the account with letsencrypt
|
||||
*/
|
||||
register() {
|
||||
let done = q.defer();
|
||||
this.parentSmartAcme.rawacmeClient.newReg({
|
||||
contact: ['mailto:domains@lossless.org']
|
||||
}, (err, res) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:');
|
||||
console.log(err);
|
||||
done.reject(err);
|
||||
return;
|
||||
}
|
||||
this.JWK = res.body.key;
|
||||
this.link = res.headers.link;
|
||||
console.log(this.link);
|
||||
this.location = res.headers.location;
|
||||
done.resolve();
|
||||
});
|
||||
return done.promise;
|
||||
}
|
||||
/**
|
||||
* agree to letsencrypr terms of service
|
||||
*/
|
||||
agreeTos() {
|
||||
let done = q.defer();
|
||||
let tosPart = this.link.split(',')[1];
|
||||
let tosLinkPortion = tosPart.split(';')[0];
|
||||
let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '');
|
||||
this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
|
||||
if (err) {
|
||||
console.log(err);
|
||||
done.reject(err);
|
||||
return;
|
||||
}
|
||||
done.resolve();
|
||||
});
|
||||
return done.promise;
|
||||
}
|
||||
createAcmeCert(domainNameArg, countryArg = 'Germany', countryShortArg = 'DE', city = 'Bremen', companyArg = 'Some Company', companyShortArg = 'SC') {
|
||||
let done = q.defer();
|
||||
let acmeCert = new smartacme_classes_acmecert_1.AcmeCert({
|
||||
bit: 2064,
|
||||
key: null,
|
||||
domain: domainNameArg,
|
||||
country: countryArg,
|
||||
country_short: countryShortArg,
|
||||
locality: city,
|
||||
organization: companyArg,
|
||||
organization_short: companyShortArg,
|
||||
password: null,
|
||||
unstructured: null,
|
||||
subject_alt_names: null
|
||||
}, this);
|
||||
done.resolve(acmeCert);
|
||||
return done.promise;
|
||||
}
|
||||
}
|
||||
exports.AcmeAccount = AcmeAccount;
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDRCQUEyQjtBQU0zQiw2RUFBdUQ7QUFFdkQ7O0dBRUc7QUFDSDtJQUtFLFlBQVksa0JBQTZCO1FBQ3ZDLElBQUksQ0FBQyxlQUFlLEdBQUcsa0JBQWtCLENBQUE7SUFDM0MsQ0FBQztJQUVEOztPQUVHO0lBQ0gsUUFBUTtRQUNOLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixJQUFJLENBQUMsZUFBZSxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQ3ZDO1lBQ0UsT0FBTyxFQUFFLENBQUUsNkJBQTZCLENBQUU7U0FDM0MsRUFDRCxDQUFDLEdBQUcsRUFBRSxHQUFHO1lBQ1AsRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDUixPQUFPLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUE7Z0JBQ2pELE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLE1BQU0sQ0FBQTtZQUNSLENBQUM7WUFDRCxJQUFJLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFBO1lBQ3ZCLElBQUksQ0FBQyxJQUFJLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUE7WUFDNUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUE7WUFDdEIsSUFBSSxDQUFDLFFBQVEsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQTtZQUNwQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUFDLENBQUE7UUFDSixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxRQUFRO1FBQ04sSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksT0FBTyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFFLENBQUMsQ0FBRSxDQUFBO1FBQ3ZDLElBQUksY0FBYyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUUsQ0FBQyxDQUFFLENBQUE7UUFDNUMsSUFBSSxHQUFHLEdBQUcsY0FBYyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBRSxDQUFDLENBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBQ3BFLElBQUksQ0FBQyxlQUFlLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQyxHQUFHLEVBQUUsR0FBRztZQUNuRyxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNSLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLE1BQU0sQ0FBQTtZQUNSLENBQUM7WUFDRCxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUFDLENBQUE7UUFDRixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQsY0FBYyxDQUNaLGFBQXFCLEVBQ3JCLFVBQVUsR0FBRyxTQUFTLEVBQ3RCLGVBQWUsR0FBRyxJQUFJLEVBQ3RCLElBQUksR0FBRyxRQUFRLEVBQ2YsVUFBVSxHQUFHLGNBQWMsRUFDM0IsZUFBZSxHQUFHLElBQUk7UUFHdEIsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBWSxDQUFBO1FBQzlCLElBQUksUUFBUSxHQUFHLElBQUkscUNBQVEsQ0FDekI7WUFDRSxHQUFHLEVBQUUsSUFBSTtZQUNULEdBQUcsRUFBRSxJQUFJO1lBQ1QsTUFBTSxFQUFFLGFBQWE7WUFDckIsT0FBTyxFQUFFLFVBQVU7WUFDbkIsYUFBYSxFQUFFLGVBQWU7WUFDOUIsUUFBUSxFQUFFLElBQUk7WUFDZCxZQUFZLEVBQUUsVUFBVTtZQUN4QixrQkFBa0IsRUFBRSxlQUFlO1lBQ25DLFFBQVEsRUFBRSxJQUFJO1lBQ2QsWUFBWSxFQUFFLElBQUk7WUFDbEIsaUJBQWlCLEVBQUUsSUFBSTtTQUN4QixFQUNELElBQUksQ0FDTCxDQUFBO1FBQ0QsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQTtRQUN0QixNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0NBQ0Y7QUFsRkQsa0NBa0ZDIn0=
|
78
dist/smartacme.classes.acmecert.d.ts
vendored
78
dist/smartacme.classes.acmecert.d.ts
vendored
@ -1,78 +0,0 @@
|
||||
import { IRsaKeypair } from './smartacme.classes.smartacme';
|
||||
import { AcmeAccount } from './smartacme.classes.acmeaccount';
|
||||
/**
|
||||
* types of challenges supported by letsencrypt and this module
|
||||
*/
|
||||
export declare type TChallengeType = 'dns-01' | 'http-01';
|
||||
/**
|
||||
* values that a challenge's status can have
|
||||
*/
|
||||
export declare type TChallengeStatus = 'pending';
|
||||
export interface ISmartAcmeChallenge {
|
||||
uri: string;
|
||||
status: TChallengeStatus;
|
||||
type: TChallengeType;
|
||||
token: string;
|
||||
keyAuthorization: string;
|
||||
}
|
||||
export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
|
||||
dnsKeyHash: string;
|
||||
domainName: string;
|
||||
domainNamePrefixed: string;
|
||||
}
|
||||
export interface IAcmeCsrConstructorOptions {
|
||||
bit: number;
|
||||
key: string;
|
||||
domain: string;
|
||||
country: string;
|
||||
country_short: string;
|
||||
locality: string;
|
||||
organization: string;
|
||||
organization_short: string;
|
||||
password: string;
|
||||
unstructured: string;
|
||||
subject_alt_names: string[];
|
||||
}
|
||||
/**
|
||||
* class AcmeCert represents a cert for domain
|
||||
*/
|
||||
export declare class AcmeCert {
|
||||
domainName: string;
|
||||
attributes: any;
|
||||
fullchain: string;
|
||||
parentAcmeAccount: AcmeAccount;
|
||||
csr: any;
|
||||
validFrom: Date;
|
||||
validTo: Date;
|
||||
keypair: IRsaKeypair;
|
||||
keyPairFinal: IRsaKeypair;
|
||||
chosenChallenge: ISmartAcmeChallengeChosen;
|
||||
dnsKeyHash: string;
|
||||
constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount);
|
||||
/**
|
||||
* requests a challenge for a domain
|
||||
* @param domainNameArg - the domain name to request a challenge for
|
||||
* @param challengeType - the challenge type to request
|
||||
*/
|
||||
requestChallenge(challengeTypeArg?: TChallengeType): Promise<ISmartAcmeChallengeChosen>;
|
||||
/**
|
||||
* checks if DNS records are set, will go through a max of 30 cycles
|
||||
*/
|
||||
checkDns(cycleArg?: number): Promise<void>;
|
||||
/**
|
||||
* validates a challenge, only call after you have set the challenge at the expected location
|
||||
*/
|
||||
requestValidation(): Promise<void>;
|
||||
/**
|
||||
* requests a certificate
|
||||
*/
|
||||
requestCert(): Promise<{}>;
|
||||
/**
|
||||
* getCertificate - takes care of cooldown, validation polling and certificate retrieval
|
||||
*/
|
||||
getCertificate(): void;
|
||||
/**
|
||||
* accept a challenge - for private use only
|
||||
*/
|
||||
acceptChallenge(): Promise<{}>;
|
||||
}
|
183
dist/smartacme.classes.acmecert.js
vendored
183
dist/smartacme.classes.acmecert.js
vendored
File diff suppressed because one or more lines are too long
32
dist/smartacme.classes.smartacme.d.ts
vendored
32
dist/smartacme.classes.smartacme.d.ts
vendored
@ -1,32 +0,0 @@
|
||||
import { AcmeAccount } from './smartacme.classes.acmeaccount';
|
||||
/**
|
||||
* a rsa keypair needed for account creation and subsequent requests
|
||||
*/
|
||||
export interface IRsaKeypair {
|
||||
publicKey: string;
|
||||
privateKey: string;
|
||||
}
|
||||
export { AcmeAccount } from './smartacme.classes.acmeaccount';
|
||||
export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert';
|
||||
/**
|
||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||
*/
|
||||
export declare class SmartAcme {
|
||||
acmeUrl: string;
|
||||
productionBool: boolean;
|
||||
keyPair: IRsaKeypair;
|
||||
rawacmeClient: any;
|
||||
/**
|
||||
* the constructor for class SmartAcme
|
||||
*/
|
||||
constructor(productionArg?: boolean);
|
||||
/**
|
||||
* init the smartacme instance
|
||||
*/
|
||||
init(): Promise<{}>;
|
||||
/**
|
||||
* creates an account if not currently present in module
|
||||
* @executes ASYNC
|
||||
*/
|
||||
createAcmeAccount(): Promise<AcmeAccount>;
|
||||
}
|
67
dist/smartacme.classes.smartacme.js
vendored
67
dist/smartacme.classes.smartacme.js
vendored
@ -1,67 +0,0 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
// third party modules
|
||||
const q = require("smartq"); // promises
|
||||
const plugins = require("./smartacme.plugins");
|
||||
const helpers = require("./smartacme.helpers");
|
||||
const smartacme_classes_acmeaccount_1 = require("./smartacme.classes.acmeaccount");
|
||||
var smartacme_classes_acmeaccount_2 = require("./smartacme.classes.acmeaccount");
|
||||
exports.AcmeAccount = smartacme_classes_acmeaccount_2.AcmeAccount;
|
||||
var smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
|
||||
exports.AcmeCert = smartacme_classes_acmecert_1.AcmeCert;
|
||||
/**
|
||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||
*/
|
||||
class SmartAcme {
|
||||
/**
|
||||
* the constructor for class SmartAcme
|
||||
*/
|
||||
constructor(productionArg = false) {
|
||||
this.productionBool = productionArg;
|
||||
this.keyPair = helpers.createKeypair();
|
||||
if (this.productionBool) {
|
||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL;
|
||||
}
|
||||
else {
|
||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* init the smartacme instance
|
||||
*/
|
||||
init() {
|
||||
let done = q.defer();
|
||||
plugins.rawacme.createClient({
|
||||
url: this.acmeUrl,
|
||||
publicKey: this.keyPair.publicKey,
|
||||
privateKey: this.keyPair.privateKey
|
||||
}, (err, client) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:');
|
||||
console.log(err);
|
||||
done.reject(err);
|
||||
return;
|
||||
}
|
||||
// make client available in class
|
||||
this.rawacmeClient = client;
|
||||
done.resolve();
|
||||
});
|
||||
return done.promise;
|
||||
}
|
||||
/**
|
||||
* creates an account if not currently present in module
|
||||
* @executes ASYNC
|
||||
*/
|
||||
createAcmeAccount() {
|
||||
let done = q.defer();
|
||||
let acmeAccount = new smartacme_classes_acmeaccount_1.AcmeAccount(this);
|
||||
acmeAccount.register().then(() => {
|
||||
return acmeAccount.agreeTos();
|
||||
}).then(() => {
|
||||
done.resolve(acmeAccount);
|
||||
});
|
||||
return done.promise;
|
||||
}
|
||||
}
|
||||
exports.SmartAcme = SmartAcme;
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsc0JBQXNCO0FBQ3RCLDRCQUEyQixDQUFDLFdBQVc7QUFDdkMsK0NBQThDO0FBQzlDLCtDQUE4QztBQUU5QyxtRkFBNkQ7QUFVN0QsaUZBQTZEO0FBQXBELHNEQUFBLFdBQVcsQ0FBQTtBQUNwQiwyRUFBdUc7QUFBOUYsZ0RBQUEsUUFBUSxDQUFBO0FBRWpCOztHQUVHO0FBQ0g7SUFNRTs7T0FFRztJQUNILFlBQVksZ0JBQXlCLEtBQUs7UUFDeEMsSUFBSSxDQUFDLGNBQWMsR0FBRyxhQUFhLENBQUE7UUFDbkMsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUMsYUFBYSxFQUFFLENBQUE7UUFDdEMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFDeEIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQTtRQUNoRCxDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDTixJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsdUJBQXVCLENBQUE7UUFDeEQsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNILElBQUk7UUFDRixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsT0FBTyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQzFCO1lBQ0UsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ2pCLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVM7WUFDakMsVUFBVSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVTtTQUNwQyxFQUNELENBQUMsR0FBRyxFQUFFLE1BQU07WUFDVixFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNSLE9BQU8sQ0FBQyxLQUFLLENBQUMsa0NBQWtDLENBQUMsQ0FBQTtnQkFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1IsQ0FBQztZQUVELGtDQUFrQztZQUNsQyxJQUFJLENBQUMsYUFBYSxHQUFHLE1BQU0sQ0FBQTtZQUMzQixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDaEIsQ0FBQyxDQUNGLENBQUE7UUFDRCxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUNyQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsaUJBQWlCO1FBQ2YsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBZSxDQUFBO1FBQ2pDLElBQUksV0FBVyxHQUFHLElBQUksMkNBQVcsQ0FBQyxJQUFJLENBQUMsQ0FBQTtRQUN2QyxXQUFXLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDO1lBQzFCLE1BQU0sQ0FBQyxXQUFXLENBQUMsUUFBUSxFQUFFLENBQUE7UUFDL0IsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ04sSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQTtRQUMzQixDQUFDLENBQUMsQ0FBQTtRQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3JCLENBQUM7Q0FDRjtBQTVERCw4QkE0REMifQ==
|
10
dist/smartacme.helpers.d.ts
vendored
10
dist/smartacme.helpers.d.ts
vendored
@ -1,10 +0,0 @@
|
||||
import 'typings-global';
|
||||
import { IRsaKeypair } from './smartacme.classes.smartacme';
|
||||
/**
|
||||
* creates a keypair to use with requests and to generate JWK from
|
||||
*/
|
||||
export declare let createKeypair: (bit?: number) => IRsaKeypair;
|
||||
/**
|
||||
* prefix a domain name to make sure it complies with letsencrypt
|
||||
*/
|
||||
export declare let prefixName: (domainNameArg: string) => string;
|
41
dist/smartacme.helpers.js
vendored
41
dist/smartacme.helpers.js
vendored
@ -1,41 +0,0 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
require("typings-global");
|
||||
const q = require("smartq");
|
||||
const plugins = require("./smartacme.plugins");
|
||||
/**
|
||||
* creates a keypair to use with requests and to generate JWK from
|
||||
*/
|
||||
exports.createKeypair = (bit = 2048) => {
|
||||
let result = plugins.rsaKeygen.generate(bit);
|
||||
return {
|
||||
publicKey: result.public_key,
|
||||
privateKey: result.private_key
|
||||
};
|
||||
};
|
||||
/**
|
||||
* prefix a domain name to make sure it complies with letsencrypt
|
||||
*/
|
||||
exports.prefixName = (domainNameArg) => {
|
||||
return '_acme-challenge.' + domainNameArg;
|
||||
};
|
||||
/**
|
||||
* gets an existing registration
|
||||
* @executes ASYNC
|
||||
*/
|
||||
let getReg = (SmartAcmeArg, location) => {
|
||||
let done = q.defer();
|
||||
let body = { resource: 'reg' };
|
||||
SmartAcmeArg.rawacmeClient.post(location, body, SmartAcmeArg.keyPair, (err, res) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:');
|
||||
console.log(err);
|
||||
done.reject(err);
|
||||
return;
|
||||
}
|
||||
console.log(JSON.stringify(res.body));
|
||||
done.resolve();
|
||||
});
|
||||
return done.promise;
|
||||
};
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmhlbHBlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuaGVscGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDBCQUF1QjtBQUN2Qiw0QkFBMkI7QUFFM0IsK0NBQThDO0FBSzlDOztHQUVHO0FBQ1EsUUFBQSxhQUFhLEdBQUcsQ0FBQyxHQUFHLEdBQUcsSUFBSTtJQUNwQyxJQUFJLE1BQU0sR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQTtJQUM1QyxNQUFNLENBQUM7UUFDTCxTQUFTLEVBQUUsTUFBTSxDQUFDLFVBQVU7UUFDNUIsVUFBVSxFQUFFLE1BQU0sQ0FBQyxXQUFXO0tBQy9CLENBQUE7QUFDSCxDQUFDLENBQUE7QUFFRDs7R0FFRztBQUNRLFFBQUEsVUFBVSxHQUFHLENBQUMsYUFBcUI7SUFDNUMsTUFBTSxDQUFDLGtCQUFrQixHQUFHLGFBQWEsQ0FBQTtBQUMzQyxDQUFDLENBQUE7QUFFRDs7O0dBR0c7QUFDSCxJQUFJLE1BQU0sR0FBRyxDQUFDLFlBQXVCLEVBQUUsUUFBZ0I7SUFDckQsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO0lBQ3BCLElBQUksSUFBSSxHQUFHLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxDQUFBO0lBQzlCLFlBQVksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUM3QixRQUFRLEVBQ1IsSUFBSSxFQUNKLFlBQVksQ0FBQyxPQUFPLEVBQ3BCLENBQUMsR0FBRyxFQUFFLEdBQUc7UUFDUCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBQ1IsT0FBTyxDQUFDLEtBQUssQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFBO1lBQ2pELE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixNQUFNLENBQUE7UUFDUixDQUFDO1FBQ0QsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFBO1FBQ3JDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtJQUNoQixDQUFDLENBQ0YsQ0FBQTtJQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0FBQ3JCLENBQUMsQ0FBQSJ9
|
2
dist/smartacme.paths.d.ts
vendored
2
dist/smartacme.paths.d.ts
vendored
@ -1,2 +0,0 @@
|
||||
export declare let packageDir: string;
|
||||
export declare let assetDir: string;
|
8
dist/smartacme.paths.js
vendored
8
dist/smartacme.paths.js
vendored
@ -1,8 +0,0 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
const path = require("path");
|
||||
const smartfile = require("smartfile");
|
||||
exports.packageDir = path.join(__dirname, '../');
|
||||
exports.assetDir = path.join(exports.packageDir, 'assets/');
|
||||
smartfile.fs.ensureDirSync(exports.assetDir);
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsNkJBQTRCO0FBQzVCLHVDQUFzQztBQUUzQixRQUFBLFVBQVUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBQyxLQUFLLENBQUMsQ0FBQTtBQUN2QyxRQUFBLFFBQVEsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFVLEVBQUMsU0FBUyxDQUFDLENBQUE7QUFDckQsU0FBUyxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsZ0JBQVEsQ0FBQyxDQUFBIn0=
|
9
dist/smartacme.plugins.d.ts
vendored
9
dist/smartacme.plugins.d.ts
vendored
@ -1,9 +0,0 @@
|
||||
import 'typings-global';
|
||||
declare let rsaKeygen: any;
|
||||
declare let rawacme: any;
|
||||
declare let nodeForge: any;
|
||||
import * as dnsly from 'dnsly';
|
||||
import * as smartdelay from 'smartdelay';
|
||||
import * as smartfile from 'smartfile';
|
||||
import * as smartstring from 'smartstring';
|
||||
export { dnsly, rsaKeygen, rawacme, nodeForge, smartdelay, smartfile, smartstring };
|
19
dist/smartacme.plugins.js
vendored
19
dist/smartacme.plugins.js
vendored
@ -1,19 +0,0 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
require("typings-global"); // typings for node
|
||||
let rsaKeygen = require('rsa-keygen'); // rsa keygen
|
||||
exports.rsaKeygen = rsaKeygen;
|
||||
let rawacme = require('rawacme'); // acme helper functions
|
||||
exports.rawacme = rawacme;
|
||||
let nodeForge = require('node-forge');
|
||||
exports.nodeForge = nodeForge;
|
||||
// push.rocks modules here
|
||||
const dnsly = require("dnsly");
|
||||
exports.dnsly = dnsly;
|
||||
const smartdelay = require("smartdelay");
|
||||
exports.smartdelay = smartdelay;
|
||||
const smartfile = require("smartfile");
|
||||
exports.smartfile = smartfile;
|
||||
const smartstring = require("smartstring");
|
||||
exports.smartstring = smartstring;
|
||||
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBsdWdpbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUucGx1Z2lucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDBCQUF1QixDQUFDLG1CQUFtQjtBQUczQyxJQUFJLFNBQVMsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUEsQ0FBQyxhQUFhO0FBWWpELDhCQUFTO0FBWFgsSUFBSSxPQUFPLEdBQUcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFBLENBQUMsd0JBQXdCO0FBWXZELDBCQUFPO0FBWFQsSUFBSSxTQUFTLEdBQUcsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFBO0FBWW5DLDhCQUFTO0FBVlgsMEJBQTBCO0FBQzFCLCtCQUE4QjtBQU01QixzQkFBSztBQUxQLHlDQUF3QztBQVN0QyxnQ0FBVTtBQVJaLHVDQUFzQztBQVNwQyw4QkFBUztBQVJYLDJDQUEwQztBQVN4QyxrQ0FBVyJ9
|
1376
package-lock.json
generated
Normal file
1376
package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load Diff
25
package.json
25
package.json
@ -5,7 +5,7 @@
|
||||
"main": "dist/index.js",
|
||||
"typings": "dist/index.d.ts",
|
||||
"scripts": {
|
||||
"test": "(npmts --nodocs)"
|
||||
"test": "(tstest test/)"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
@ -23,20 +23,17 @@
|
||||
},
|
||||
"homepage": "https://gitlab.com/umbrellazone/smartacme#README",
|
||||
"dependencies": {
|
||||
"@types/node-forge": "^0.6.8",
|
||||
"dnsly": "^2.0.4",
|
||||
"node-forge": "^0.7.1",
|
||||
"rawacme": "^0.2.1",
|
||||
"rsa-keygen": "^1.0.6",
|
||||
"smartdelay": "^1.0.1",
|
||||
"smartfile": "^4.1.10",
|
||||
"smartq": "^1.1.1",
|
||||
"smartstring": "^2.0.24",
|
||||
"typings-global": "^1.0.16"
|
||||
"@pushrocks/smartpromise": "^2.0.5",
|
||||
"acme-v2": "^1.2.0",
|
||||
"rsa-compat": "^1.5.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"cflare": "0.0.19",
|
||||
"qenv": "^1.1.3",
|
||||
"tapbundle": "^1.0.10"
|
||||
"@gitzone/tsbuild": "^2.0.22",
|
||||
"@gitzone/tsrun": "^1.1.12",
|
||||
"@gitzone/tstest": "^1.0.13",
|
||||
"@types/node": "^10.5.8",
|
||||
"cflare": "^1.0.5",
|
||||
"qenv": "^1.1.7",
|
||||
"tapbundle": "^2.0.2"
|
||||
}
|
||||
}
|
||||
|
93
test/test.ts
93
test/test.ts
@ -1,90 +1,13 @@
|
||||
import { expect, tap } from 'tapbundle'
|
||||
import * as cflare from 'cflare'
|
||||
import * as qenv from 'qenv'
|
||||
import { tap, expect } from 'tapbundle';
|
||||
|
||||
let testQenv = new qenv.Qenv(process.cwd(), process.cwd() + '/.nogit')
|
||||
import * as smartacme from '../ts/index';
|
||||
|
||||
// import the module to test
|
||||
import * as smartacme from '../dist/index'
|
||||
let smartAcmeInstance: smartacme.SmartAcme;
|
||||
|
||||
let myCflareAccount = new cflare.CflareAccount()
|
||||
myCflareAccount.auth({
|
||||
email: process.env.CF_EMAIL,
|
||||
key: process.env.CF_KEY
|
||||
tap.test('should create a valid instance of SmartAcme' , async () => {
|
||||
smartAcmeInstance = new smartacme.SmartAcme();
|
||||
await smartAcmeInstance.init()
|
||||
console.log(smartAcmeInstance.directoryUrls);
|
||||
})
|
||||
|
||||
let testSmartAcme: smartacme.SmartAcme
|
||||
let testAcmeAccount: smartacme.AcmeAccount
|
||||
let testAcmeCert: smartacme.AcmeCert
|
||||
let testChallenge: smartacme.ISmartAcmeChallengeChosen
|
||||
|
||||
tap.test('smartacme -> should create a valid instance', async (tools) => {
|
||||
tools.timeout(10000)
|
||||
testSmartAcme = new smartacme.SmartAcme(false)
|
||||
await testSmartAcme.init().then(async () => {
|
||||
expect(testSmartAcme).to.be.instanceOf(smartacme.SmartAcme)
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should have created keyPair', async () => {
|
||||
expect(testSmartAcme.acmeUrl).to.be.a('string')
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should register a new account', async (tools) => {
|
||||
tools.timeout(10000)
|
||||
await testSmartAcme.createAcmeAccount().then(async x => {
|
||||
testAcmeAccount = x
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should create a AcmeCert', async () => {
|
||||
await testAcmeAccount.createAcmeCert('test2.bleu.de').then(async x => {
|
||||
testAcmeCert = x
|
||||
expect(testAcmeAccount).to.be.instanceOf(smartacme.AcmeCert)
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should get a challenge for a AcmeCert', async (tools) => {
|
||||
tools.timeout(10000)
|
||||
await testAcmeCert.requestChallenge().then(async (challengeChosen) => {
|
||||
console.log(challengeChosen)
|
||||
testChallenge = challengeChosen
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should set the challenge', async (tools) => {
|
||||
tools.timeout(20000)
|
||||
await myCflareAccount.createRecord(
|
||||
testChallenge.domainNamePrefixed,
|
||||
'TXT', testChallenge.dnsKeyHash
|
||||
)
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should check for a DNS record', async (tools) => {
|
||||
tools.timeout(20000)
|
||||
await testAcmeCert.checkDns().then(x => {
|
||||
console.log(x)
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should accept the challenge', async (tools) => {
|
||||
tools.timeout(10000)
|
||||
await testAcmeCert.acceptChallenge()
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should poll for validation of a challenge', async (tools) => {
|
||||
tools.timeout(10000)
|
||||
await testAcmeCert.requestValidation().then(async x => {
|
||||
console.log(x)
|
||||
})
|
||||
})
|
||||
|
||||
tap.test('smartacme -> should remove the challenge', async (tools) => {
|
||||
tools.timeout(20000)
|
||||
await myCflareAccount.removeRecord(
|
||||
testChallenge.domainNamePrefixed,
|
||||
'TXT'
|
||||
)
|
||||
})
|
||||
|
||||
tap.start()
|
||||
tap.start();
|
@ -1,94 +0,0 @@
|
||||
import * as q from 'smartq'
|
||||
|
||||
import * as plugins from './smartacme.plugins'
|
||||
import * as helpers from './smartacme.helpers'
|
||||
|
||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
||||
import { AcmeCert } from './smartacme.classes.acmecert'
|
||||
|
||||
/**
|
||||
* class AcmeAccount represents an AcmeAccount
|
||||
*/
|
||||
export class AcmeAccount {
|
||||
parentSmartAcme: SmartAcme
|
||||
location: string
|
||||
link: string
|
||||
JWK
|
||||
constructor(smartAcmeParentArg: SmartAcme) {
|
||||
this.parentSmartAcme = smartAcmeParentArg
|
||||
}
|
||||
|
||||
/**
|
||||
* register the account with letsencrypt
|
||||
*/
|
||||
register() {
|
||||
let done = q.defer()
|
||||
this.parentSmartAcme.rawacmeClient.newReg(
|
||||
{
|
||||
contact: [ 'mailto:domains@lossless.org' ]
|
||||
},
|
||||
(err, res) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:')
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
return
|
||||
}
|
||||
this.JWK = res.body.key
|
||||
this.link = res.headers.link
|
||||
console.log(this.link)
|
||||
this.location = res.headers.location
|
||||
done.resolve()
|
||||
})
|
||||
return done.promise
|
||||
}
|
||||
|
||||
/**
|
||||
* agree to letsencrypr terms of service
|
||||
*/
|
||||
agreeTos() {
|
||||
let done = q.defer()
|
||||
let tosPart = this.link.split(',')[ 1 ]
|
||||
let tosLinkPortion = tosPart.split(';')[ 0 ]
|
||||
let url = tosLinkPortion.split(';')[ 0 ].trim().replace(/[<>]/g, '')
|
||||
this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
|
||||
if (err) {
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
return
|
||||
}
|
||||
done.resolve()
|
||||
})
|
||||
return done.promise
|
||||
}
|
||||
|
||||
createAcmeCert(
|
||||
domainNameArg: string,
|
||||
countryArg = 'Germany',
|
||||
countryShortArg = 'DE',
|
||||
city = 'Bremen',
|
||||
companyArg = 'Some Company',
|
||||
companyShortArg = 'SC'
|
||||
|
||||
) {
|
||||
let done = q.defer<AcmeCert>()
|
||||
let acmeCert = new AcmeCert(
|
||||
{
|
||||
bit: 2064,
|
||||
key: null, // not needed right now
|
||||
domain: domainNameArg,
|
||||
country: countryArg,
|
||||
country_short: countryShortArg,
|
||||
locality: city,
|
||||
organization: companyArg,
|
||||
organization_short: companyShortArg,
|
||||
password: null,
|
||||
unstructured: null,
|
||||
subject_alt_names: null
|
||||
},
|
||||
this
|
||||
)
|
||||
done.resolve(acmeCert)
|
||||
return done.promise
|
||||
}
|
||||
}
|
@ -1,255 +0,0 @@
|
||||
import * as q from 'smartq'
|
||||
|
||||
import * as plugins from './smartacme.plugins'
|
||||
import * as helpers from './smartacme.helpers'
|
||||
|
||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
||||
|
||||
/**
|
||||
* types of challenges supported by letsencrypt and this module
|
||||
*/
|
||||
export type TChallengeType = 'dns-01' | 'http-01'
|
||||
|
||||
/**
|
||||
* values that a challenge's status can have
|
||||
*/
|
||||
export type TChallengeStatus = 'pending'
|
||||
|
||||
export interface ISmartAcmeChallenge {
|
||||
uri: string
|
||||
status: TChallengeStatus
|
||||
type: TChallengeType
|
||||
token: string
|
||||
keyAuthorization: string
|
||||
}
|
||||
|
||||
export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
|
||||
dnsKeyHash: string
|
||||
domainName: string
|
||||
domainNamePrefixed: string
|
||||
}
|
||||
|
||||
export interface IAcmeCsrConstructorOptions {
|
||||
bit: number,
|
||||
key: string,
|
||||
domain: string,
|
||||
country: string,
|
||||
country_short: string,
|
||||
locality: string,
|
||||
organization: string,
|
||||
organization_short: string,
|
||||
password: string,
|
||||
unstructured: string,
|
||||
subject_alt_names: string[]
|
||||
}
|
||||
|
||||
// Dnsly instance (we really just need one)
|
||||
let myDnsly = new plugins.dnsly.Dnsly('google')
|
||||
|
||||
/**
|
||||
* class AcmeCert represents a cert for domain
|
||||
*/
|
||||
export class AcmeCert {
|
||||
domainName: string
|
||||
attributes
|
||||
fullchain: string
|
||||
parentAcmeAccount: AcmeAccount
|
||||
csr
|
||||
validFrom: Date
|
||||
validTo: Date
|
||||
keypair: IRsaKeypair
|
||||
keyPairFinal: IRsaKeypair
|
||||
chosenChallenge: ISmartAcmeChallengeChosen
|
||||
dnsKeyHash: string
|
||||
constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount) {
|
||||
this.domainName = optionsArg.domain
|
||||
this.parentAcmeAccount = parentAcmeAccount
|
||||
this.keypair = helpers.createKeypair(optionsArg.bit)
|
||||
let privateKeyForged = plugins.nodeForge.pki.privateKeyFromPem(this.keypair.privateKey)
|
||||
let publicKeyForged = plugins.nodeForge.pki.publicKeyToPem(
|
||||
plugins.nodeForge.pki.setRsaPublicKey(privateKeyForged.n, privateKeyForged.e)
|
||||
)
|
||||
this.keyPairFinal = {
|
||||
privateKey: privateKeyForged,
|
||||
publicKey: publicKeyForged
|
||||
}
|
||||
|
||||
// set dates
|
||||
this.validFrom = new Date()
|
||||
this.validTo = new Date()
|
||||
this.validTo.setDate(this.validFrom.getDate() + 90)
|
||||
|
||||
// set attributes
|
||||
this.attributes = [
|
||||
{ name: 'commonName', value: optionsArg.domain },
|
||||
{ name: 'countryName', value: optionsArg.country },
|
||||
{ shortName: 'ST', value: optionsArg.country_short },
|
||||
{ name: 'localityName', value: optionsArg.locality },
|
||||
{ name: 'organizationName', value: optionsArg.organization },
|
||||
{ shortName: 'OU', value: optionsArg.organization_short },
|
||||
{ name: 'challengePassword', value: optionsArg.password },
|
||||
{ name: 'unstructuredName', value: optionsArg.unstructured }
|
||||
]
|
||||
|
||||
// set up csr
|
||||
this.csr = plugins.nodeForge.pki.createCertificationRequest()
|
||||
this.csr.setSubject(this.attributes)
|
||||
this.csr.setAttributes(this.attributes)
|
||||
}
|
||||
|
||||
/**
|
||||
* requests a challenge for a domain
|
||||
* @param domainNameArg - the domain name to request a challenge for
|
||||
* @param challengeType - the challenge type to request
|
||||
*/
|
||||
requestChallenge(challengeTypeArg: TChallengeType = 'dns-01') {
|
||||
let done = q.defer<ISmartAcmeChallengeChosen>()
|
||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newAuthz(
|
||||
{
|
||||
identifier: {
|
||||
type: 'dns',
|
||||
value: this.domainName
|
||||
}
|
||||
},
|
||||
this.parentAcmeAccount.parentSmartAcme.keyPair,
|
||||
(err, res) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:')
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
}
|
||||
let preChosenChallenge = res.body.challenges.filter(x => {
|
||||
return x.type === challengeTypeArg
|
||||
})[ 0 ]
|
||||
|
||||
/**
|
||||
* the key is needed to accept the challenge
|
||||
*/
|
||||
let authKey: string = plugins.rawacme.keyAuthz(
|
||||
preChosenChallenge.token,
|
||||
this.parentAcmeAccount.parentSmartAcme.keyPair.publicKey
|
||||
)
|
||||
|
||||
/**
|
||||
* needed in case selected challenge is of type dns-01
|
||||
*/
|
||||
this.dnsKeyHash = plugins.rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
|
||||
/**
|
||||
* the return challenge
|
||||
*/
|
||||
this.chosenChallenge = {
|
||||
uri: preChosenChallenge.uri,
|
||||
type: preChosenChallenge.type,
|
||||
token: preChosenChallenge.token,
|
||||
keyAuthorization: authKey,
|
||||
status: preChosenChallenge.status,
|
||||
dnsKeyHash: this.dnsKeyHash,
|
||||
domainName: this.domainName,
|
||||
domainNamePrefixed: helpers.prefixName(this.domainName)
|
||||
}
|
||||
done.resolve(this.chosenChallenge)
|
||||
}
|
||||
)
|
||||
return done.promise
|
||||
}
|
||||
|
||||
/**
|
||||
* checks if DNS records are set, will go through a max of 30 cycles
|
||||
*/
|
||||
async checkDns(cycleArg = 1) {
|
||||
let result = await myDnsly.checkUntilAvailable(helpers.prefixName(this.domainName), 'TXT', this.dnsKeyHash)
|
||||
if (result) {
|
||||
console.log('DNS is set!')
|
||||
return
|
||||
} else {
|
||||
throw new Error('DNS not set!')
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* validates a challenge, only call after you have set the challenge at the expected location
|
||||
*/
|
||||
async requestValidation() {
|
||||
let makeRequest = () => {
|
||||
let done = q.defer()
|
||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.poll(this.chosenChallenge.uri, async (err, res) => {
|
||||
if (err) {
|
||||
console.log(err)
|
||||
return
|
||||
}
|
||||
console.log(`Validation response:`)
|
||||
console.log(JSON.stringify(res.body))
|
||||
if (res.body.status === 'pending' || res.body.status === 'invalid') {
|
||||
await plugins.smartdelay.delayFor(3000)
|
||||
makeRequest().then((x: any) => { done.resolve(x) })
|
||||
} else {
|
||||
console.log('perfect!')
|
||||
done.resolve(res.body)
|
||||
}
|
||||
})
|
||||
return done.promise
|
||||
}
|
||||
await makeRequest()
|
||||
}
|
||||
|
||||
/**
|
||||
* requests a certificate
|
||||
*/
|
||||
requestCert() {
|
||||
let done = q.defer()
|
||||
let payload = {
|
||||
csr: plugins.rawacme.base64.encode(
|
||||
plugins.rawacme.toDer(
|
||||
plugins.nodeForge.pki.certificationRequestToPem(
|
||||
this.csr
|
||||
)
|
||||
)
|
||||
),
|
||||
notBefore: this.validFrom.toISOString(),
|
||||
notAfter: this.validTo.toISOString()
|
||||
}
|
||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newCert(
|
||||
payload,
|
||||
helpers.createKeypair(),
|
||||
(err, res) => {
|
||||
if (err) {
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
}
|
||||
console.log(res.body)
|
||||
done.resolve(res.body)
|
||||
})
|
||||
return done.promise
|
||||
}
|
||||
|
||||
/**
|
||||
* getCertificate - takes care of cooldown, validation polling and certificate retrieval
|
||||
*/
|
||||
getCertificate() {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* accept a challenge - for private use only
|
||||
*/
|
||||
acceptChallenge() {
|
||||
let done = q.defer()
|
||||
this.parentAcmeAccount.parentSmartAcme.rawacmeClient.post(
|
||||
this.chosenChallenge.uri,
|
||||
{
|
||||
resource: 'challenge',
|
||||
keyAuthorization: this.chosenChallenge.keyAuthorization
|
||||
},
|
||||
this.parentAcmeAccount.parentSmartAcme.keyPair,
|
||||
(err, res) => {
|
||||
if (err) {
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
}
|
||||
done.resolve(res.body)
|
||||
}
|
||||
)
|
||||
return done.promise
|
||||
}
|
||||
}
|
27
ts/smartacme.classes.keypair.ts
Normal file
27
ts/smartacme.classes.keypair.ts
Normal file
@ -0,0 +1,27 @@
|
||||
import * as plugins from './smartacme.plugins';
|
||||
const rsa = require('rsa-compat').RSA;
|
||||
|
||||
export class KeyPair {
|
||||
rsaKeyPair: any
|
||||
|
||||
/**
|
||||
* generates a fresh rsa keyPair
|
||||
*/
|
||||
static async generateFresh(): Promise<KeyPair> {
|
||||
const done = plugins.smartpromise.defer();
|
||||
var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
|
||||
rsa.generateKeypair(options, function(err, keypair) {
|
||||
if(err) {
|
||||
console.log(err);
|
||||
}
|
||||
done.resolve(keypair);
|
||||
});
|
||||
const result: any = await done.promise;
|
||||
const keyPair = new KeyPair(result);
|
||||
return keyPair;
|
||||
}
|
||||
|
||||
constructor(rsaKeyPairArg) {
|
||||
this.rsaKeyPair = rsaKeyPairArg;
|
||||
}
|
||||
}
|
@ -1,82 +1,47 @@
|
||||
// third party modules
|
||||
import * as q from 'smartq' // promises
|
||||
import * as plugins from './smartacme.plugins'
|
||||
import * as helpers from './smartacme.helpers'
|
||||
const acme = require('acme-v2').ACME.create({
|
||||
RSA: require('rsa-compat').RSA,
|
||||
|
||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
||||
// other overrides
|
||||
promisify: require('util').promisify,
|
||||
|
||||
/**
|
||||
* a rsa keypair needed for account creation and subsequent requests
|
||||
*/
|
||||
export interface IRsaKeypair {
|
||||
publicKey: string
|
||||
privateKey: string
|
||||
}
|
||||
// used for constructing user-agent
|
||||
os: require('os'),
|
||||
process: require('process'),
|
||||
|
||||
export { AcmeAccount } from './smartacme.classes.acmeaccount'
|
||||
export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert'
|
||||
|
||||
/**
|
||||
* class SmartAcme exports methods for maintaining SSL Certificates
|
||||
*/
|
||||
export class SmartAcme {
|
||||
acmeUrl: string // the acme url to use for this instance
|
||||
productionBool: boolean // a boolean to quickly know wether we are in production or not
|
||||
keyPair: IRsaKeypair // the keyPair needed for account creation
|
||||
rawacmeClient
|
||||
|
||||
/**
|
||||
* the constructor for class SmartAcme
|
||||
*/
|
||||
constructor(productionArg: boolean = false) {
|
||||
this.productionBool = productionArg
|
||||
this.keyPair = helpers.createKeypair()
|
||||
if (this.productionBool) {
|
||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL
|
||||
} else {
|
||||
this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* init the smartacme instance
|
||||
*/
|
||||
init() {
|
||||
let done = q.defer()
|
||||
plugins.rawacme.createClient(
|
||||
{
|
||||
url: this.acmeUrl,
|
||||
publicKey: this.keyPair.publicKey,
|
||||
privateKey: this.keyPair.privateKey
|
||||
// used for overriding the default user-agent
|
||||
userAgent: 'My custom UA String',
|
||||
getUserAgentString: function(deps) {
|
||||
return 'My custom UA String';
|
||||
},
|
||||
(err, client) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:')
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
return
|
||||
}
|
||||
|
||||
// make client available in class
|
||||
this.rawacmeClient = client
|
||||
done.resolve()
|
||||
}
|
||||
)
|
||||
return done.promise
|
||||
}
|
||||
// don't try to validate challenges locally
|
||||
skipChallengeTest: false
|
||||
});
|
||||
|
||||
/**
|
||||
* creates an account if not currently present in module
|
||||
* @executes ASYNC
|
||||
*/
|
||||
createAcmeAccount() {
|
||||
let done = q.defer<AcmeAccount>()
|
||||
let acmeAccount = new AcmeAccount(this)
|
||||
acmeAccount.register().then(() => {
|
||||
return acmeAccount.agreeTos()
|
||||
}).then(() => {
|
||||
done.resolve(acmeAccount)
|
||||
})
|
||||
return done.promise
|
||||
import { KeyPair } from './smartacme.classes.keypair';
|
||||
|
||||
export class SmartAcme {
|
||||
keyPair: KeyPair;
|
||||
directoryUrls: any;
|
||||
|
||||
async init() {
|
||||
// get directory url
|
||||
this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
|
||||
|
||||
// create keyPair
|
||||
this.keyPair = await KeyPair.generateFresh();
|
||||
|
||||
// get account
|
||||
const registrationData = await acme.accounts.create({
|
||||
email: 'domains@lossless.org', // valid email (server checks MX records)
|
||||
accountKeypair: this.keyPair.rsaKeyPair,
|
||||
agreeToTerms: async tosUrl => {
|
||||
return tosUrl;
|
||||
}
|
||||
}).catch(e => {
|
||||
console.log(e);
|
||||
});
|
||||
|
||||
console.log(registrationData);
|
||||
}
|
||||
}
|
||||
|
@ -1,50 +0,0 @@
|
||||
import 'typings-global'
|
||||
import * as q from 'smartq'
|
||||
|
||||
import * as plugins from './smartacme.plugins'
|
||||
|
||||
import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
|
||||
import { AcmeAccount } from './smartacme.classes.acmeaccount'
|
||||
|
||||
/**
|
||||
* creates a keypair to use with requests and to generate JWK from
|
||||
*/
|
||||
export let createKeypair = (bit = 2048): IRsaKeypair => {
|
||||
let result = plugins.rsaKeygen.generate(bit)
|
||||
return {
|
||||
publicKey: result.public_key,
|
||||
privateKey: result.private_key
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* prefix a domain name to make sure it complies with letsencrypt
|
||||
*/
|
||||
export let prefixName = (domainNameArg: string): string => {
|
||||
return '_acme-challenge.' + domainNameArg
|
||||
}
|
||||
|
||||
/**
|
||||
* gets an existing registration
|
||||
* @executes ASYNC
|
||||
*/
|
||||
let getReg = (SmartAcmeArg: SmartAcme, location: string) => {
|
||||
let done = q.defer()
|
||||
let body = { resource: 'reg' }
|
||||
SmartAcmeArg.rawacmeClient.post(
|
||||
location,
|
||||
body,
|
||||
SmartAcmeArg.keyPair,
|
||||
(err, res) => {
|
||||
if (err) {
|
||||
console.error('smartacme: something went wrong:')
|
||||
console.log(err)
|
||||
done.reject(err)
|
||||
return
|
||||
}
|
||||
console.log(JSON.stringify(res.body))
|
||||
done.resolve()
|
||||
}
|
||||
)
|
||||
return done.promise
|
||||
}
|
@ -1,6 +0,0 @@
|
||||
import * as path from 'path'
|
||||
import * as smartfile from 'smartfile'
|
||||
|
||||
export let packageDir = path.join(__dirname,'../')
|
||||
export let assetDir = path.join(packageDir,'assets/')
|
||||
smartfile.fs.ensureDirSync(assetDir)
|
@ -1,22 +1,5 @@
|
||||
import 'typings-global' // typings for node
|
||||
|
||||
import * as path from 'path' // native node path module
|
||||
let rsaKeygen = require('rsa-keygen') // rsa keygen
|
||||
let rawacme = require('rawacme') // acme helper functions
|
||||
let nodeForge = require('node-forge')
|
||||
|
||||
// push.rocks modules here
|
||||
import * as dnsly from 'dnsly'
|
||||
import * as smartdelay from 'smartdelay'
|
||||
import * as smartfile from 'smartfile'
|
||||
import * as smartstring from 'smartstring'
|
||||
import * as smartpromise from '@pushrocks/smartpromise';
|
||||
|
||||
export {
|
||||
dnsly,
|
||||
rsaKeygen,
|
||||
rawacme,
|
||||
nodeForge,
|
||||
smartdelay,
|
||||
smartfile,
|
||||
smartstring
|
||||
smartpromise
|
||||
}
|
Loading…
Reference in New Issue
Block a user