push.rocks/smartacme
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start better segregation of concerns

Browse Source
This commit is contained in:
Philipp Kunz
2017-01-14 18:36:33 +01:00
parent 98cc70dbfb
commit fce25c60ed
21 changed files with 723 additions and 487 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
ts/smartacme.classes.smartacme.ts
View File

@ -3,37 +3,27 @@ import * as q from 'q' // promises
import * as plugins from './smartacme.plugins'
import * as helpers from './smartacme.helpers'
import { AcmeAccount } from './smartacme.classes.acmeaccount'
/**
* a rsa keypair needed for account creation and subsequent requests
*/
export interface IRsaKeypair {
publicKey: string
privateKey: string
}
export type TChallengeType = 'dns-01' | 'http-01'
export type TChallengeStatus = 'pending'
export interface ISmartAcmeChallenge {
uri: string
status: TChallengeStatus
type: TChallengeType
token: string
keyAuthorization: string
}
export interface ISmartAcmeChallengeAccepted extends ISmartAcmeChallenge {
keyHash: string
}
export { AcmeAccount } from './smartacme.classes.acmeaccount'
export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeAccepted } from './smartacme.classes.acmecert'
/**
* class SmartAcme exports methods for maintaining SSL Certificates
*/
export class SmartAcme {
acmeUrl: string // the acme url to use
acmeUrl: string // the acme url to use for this instance
productionBool: boolean // a boolean to quickly know wether we are in production or not
keyPair: IRsaKeypair // the keyPair needed for account creation
location: string
link: string
rawacmeClient
JWK
/**
* the constructor for class SmartAcme
@ -49,10 +39,9 @@ export class SmartAcme {
}
/**
* creates an account if not currently present in module
* @executes ASYNC
* init the smartacme instance
*/
createAccount() {
init() {
let done = q.defer()
plugins.rawacme.createClient(
{
@ -70,151 +59,24 @@ export class SmartAcme {
// make client available in class
this.rawacmeClient = client
// create the registration
client.newReg(
{
contact: ['mailto:domains@lossless.org']
},
(err, res) => {
if (err) {
console.error('smartacme: something went wrong:')
console.log(err)
done.reject(err)
return
}
this.JWK = res.body.key
this.link = res.headers.link
console.log(this.link)
this.location = res.headers.location
done.resolve()
})
done.resolve()
}
)
return done.promise
}
agreeTos() {
let done = q.defer()
let tosPart = this.link.split(',')[1]
let tosLinkPortion = tosPart.split(';')[0]
let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '')
this.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
if (err) {
console.log(err)
done.reject(err)
return
}
done.resolve()
/**
* creates an account if not currently present in module
* @executes ASYNC
*/
createAccount() {
let done = q.defer<AcmeAccount>()
let acmeAccount = new AcmeAccount(this)
acmeAccount.register().then(() => {
return acmeAccount.agreeTos()
}).then(() => {
done.resolve(acmeAccount)
})
return done.promise
}
/**
* requests a challenge for a domain
* @param domainNameArg - the domain name to request a challenge for
* @param challengeType - the challenge type to request
*/
requestChallenge(domainNameArg: string, challengeTypeArg: TChallengeType = 'dns-01') {
let done = q.defer<ISmartAcmeChallengeAccepted>()
this.rawacmeClient.newAuthz(
{
identifier: {
type: 'dns',
value: domainNameArg
}
},
this.keyPair,
(err, res) => {
if (err) {
console.error('smartacme: something went wrong:')
console.log(err)
done.reject(err)
}
console.log(JSON.stringify(res.body))
let dnsChallenge = res.body.challenges.filter(x => {
return x.type === challengeTypeArg
})[0]
this.acceptChallenge(dnsChallenge)
.then((x: ISmartAcmeChallengeAccepted) => {
done.resolve(x)
})
}
)
return done.promise
}
/**
* getCertificate - takes care of cooldown, validation polling and certificate retrieval
*/
getCertificate() {
}
/**
* validates a challenge
*/
validate(challenge: ISmartAcmeChallengeAccepted) {
let done = q.defer()
this.rawacmeClient.poll(challenge.uri, function(err, res) {
if (err) {
console.log(err)
done.reject(err)
}
console.log(res.status)
console.log(JSON.stringify(res.body))
done.resolve()
})
return done.promise
}
/**
* accept a challenge - for private use only
*/
private acceptChallenge(challenge: ISmartAcmeChallenge) {
let done = q.defer()
/**
* the key is needed to accept the challenge
*/
let authKey: string = plugins.rawacme.keyAuthz(challenge.token, this.keyPair.publicKey)
/**
* needed in case selected challenge is of type dns-01
*/
let keyHash: string = plugins.rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
/**
* the return challenge
*/
let returnDNSChallenge: ISmartAcmeChallengeAccepted = {
uri: challenge.uri,
type: challenge.type,
token: challenge.token,
keyAuthorization: challenge.keyAuthorization,
keyHash: keyHash,
status: challenge.status
}
this.rawacmeClient.post(
challenge.uri,
{
resource: 'challenge',
keyAuthorization: authKey
},
this.keyPair,
(err, res) => {
if (err) {
console.log(err)
done.reject(err)
}
done.resolve(returnDNSChallenge)
}
)
return done.promise
}
}