2.0.22

.gitignore

@@ -2,3 +2,4 @@ node_modules/
 coverage/
 public/
 pages/
+.nogit/

.gitlab-ci.yml

@@ -1,59 +1,150 @@
-image: hosttoday/ht-docker-node:npmts
+# gitzone standard
+image: hosttoday/ht-docker-node:npmci
+
+cache:
+  paths:
+  - .npmci_cache/
+  key: "$CI_BUILD_STAGE"
 
 stages:
+- security
 - test
 - release
-- trigger
-- pages
+- metadata
 
-testLEGACY:
-  stage: test
+# ====================
+# security stage
+# ====================
+mirror:
+  stage: security
   script:
-    - npmci test legacy
+  - npmci git mirror
   tags:
-    - docker
+  - docker
+  - notpriv
+
+snyk:
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install -g snyk
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+  - docker
+  - notpriv
+
+sast:
+  stage: security
+  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
+  variables:
+    DOCKER_DRIVER: overlay2
   allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command npm run build
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+  tags:
+  - docker
+  - priv
+
+# ====================
+# test stage
+# ====================
 
 testLTS:
   stage: test
   script:
-    - npmci test lts
+  - npmci npm prepare
+  - npmci node install lts
+  - npmci npm install
+  - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
     
 testSTABLE:
   stage: test
   script:
-    - npmci test stable
+  - npmci npm prepare
+  - npmci node install stable
+  - npmci npm install
+  - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+  - npmci node install stable
+  - npmci npm publish
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  image: docker:stable
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
+  artifacts:
+    paths: [codeclimate.json]
+  tags:
+  - docker
+  - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
-    - npmci trigger
+  - npmci trigger
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmpage
-  stage: pages
+  image: hosttoday/ht-docker-node:npmci
+  stage: metadata
   script:
-    - npmci command npmpage --host gitlab
+    - npmci command npm install -g typedoc typescript
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
+  tags:
+    - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
-    - public
+    - public
+  allow_failure: true

.npmignore

@@ -0,0 +1,4 @@
+node_modules/
+coverage/
+public/
+pages/

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

README.md

@@ -1,19 +1,63 @@
 # smartacme
 
+acme implementation in TypeScript
+
 ## Availabililty
-[![npm](https://push.rocks/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://push.rocks/assets/repo-button-git.svg)](https://gitlab.com/pushrocks/smartacme)
-[![git](https://push.rocks/assets/repo-button-mirror.svg)](https://github.com/pushrocks/smartacme)
-[![docs](https://push.rocks/assets/repo-button-docs.svg)](https://pushrocks.gitlab.io/smartacme/)
+
+[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
+[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
+[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
+[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
-[![build status](https://gitlab.com/pushrocks/smartacme/badges/master/build.svg)](https://gitlab.com/pushrocks/smartacme/commits/master)
-[![coverage report](https://gitlab.com/pushrocks/smartacme/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartacme/commits/master)
-[![Dependency Status](https://david-dm.org/pushrocks/smartacme.svg)](https://david-dm.org/pushrocks/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/pushrocks/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/pushrocks/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/pushrocks/smartacme/badges/code.svg)](https://www.bithound.io/github/pushrocks/smartacme)
+
+[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
+[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
+[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
+[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
+[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
+[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
 [![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
-[![npm](https://push.rocks/assets/repo-header.svg)](https://push.rocks)
+## Usage
+
+Use TypeScript for best in class instellisense.
+
+```javascript
+import { SmartAcme } from 'smartacme';
+
+let smac = new SmartAcme()(async () => {
+  // learn async/await, it'll make your life easier
+
+  // optionally accepts a filePath Arg with a stored acmeaccount.json
+  // will create an account and
+  let myAccount = await smac.createAcmeAccount();
+
+  // will return a dnsHash to set in your DNS record
+  let myCert = await myAccount.createAcmeCert('example.com');
+
+  // gets and accepts the specified challenge
+  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
+  let myChallenge = await myCert.getChallenge('dns-01');
+
+  /* ----------
+    Now you need to set the challenge in your DNS
+    myChallenge.domainNamePrefixed is the address for the record
+    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
+    -------------*/
+})();
+```
+
+## Other relevant npm modules
+
+| module name | description                                                         |
+| ----------- | ------------------------------------------------------------------- |
+| cert        | a higlevel production module that uses smartacme to manage certs    |
+| smartnginx  | a highlevel production tool for docker environments to manage nginx |
+
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+
+[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

assets/private.pem

@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEAyocFq3vvbiRNCsEcXtsqimIi6UM1OmxiYVQ0NoLvBtpaWk+E
-TvNIjmUgh5QQaQfRyRGoWvhskp+E8p6go4GsbRtzx0TvL8uINTcC3SHHo6Qvl599
-4QUUPUrioHdh+lX1oj+zIPVUOaL4dl0US1Ebs5vrZVbCfNXSm86vBaPIj6IkWEkj
-4S5xGsYlVaQUI8Tvv2fbPziIivbkxS1v/EEMnfk6i5PWgCsnMupYxz58WaVp9xyu
-+v/DMPB09mqo4DzchtUNF/b5eOWh3pDJoewYyRVMDDPJoQiTKkJn3kt64EaQuZK2
-nUXcihlmaKIx5ayxirsgfvIvxidHnkQcluvciQIDAQABAoIBAQCTPUKz/3B8pMuW
-C/syQyhUXzB+YawrA20q0Wr8Toi0dL7HdZP9SgXv8DmMF+suUM8F3V6GdKGKn4qq
-UQT8mmPfFtw/fTBfkRs/hPUCC3L214D6PKvpkiW6wdytSN3kf+YKxUDXr0RCeuck
-NltwvlDjbXHfxQm0dEefms3HzeEb+jwCyyLVLv+cDly7w7Qqq+67A6mduV/hb53p
-92VFm36r7njr+1CYHq+ixV+oyUrEue7yW7w1SjZRkii3AY8Tbvk1f0lVw+XkyYf7
-bQvmGSGJh1FmBi7Lytc2hKnqBLTn+iWx3S5pdPhcKTMwC/OD8p+r/DfyqThW/KVa
-aaXdoY/5AoGBAO4uAcmHOhR+M/Jnue4srZJ82EkNOQy+zaFlg9KCU9R4qZ59/klH
-fp0PkOw3bDFT4/1i12nm4XXqhI9Z7nsKdAoajOYpnifJVEAwQh9MlRBM7Lw+ZS0q
-IcH7dvvP1XQ7E2U4C0cWUMcpWNpnmwV67gtqy0KZwk5i+WlFuugQzmhbAoGBANmu
-JX6bPKUx0kBJLWhJeAxsk0OoHJ4uGihs1zxT6gl6s+AKQG4db9vU2w99lJ0nR3Aw
-MLA4evSMFa5Od96W4KnoiMNHS4c5QiiVKsRSU1losWfwq0jyg406oyTh8rd0eOQn
-LDOKP7nDTij8A6l0/t5a2MCu4bLQQXTedPrX+wPrAoGBAM/XO94Fb+xUGLaOR1SM
-jkaHRSGyNTdnBP+zGy5GZirBxJo2rgB6MAWUgM1wq6v73bbOWtXiEJqaNGT3gEDE
-ZXAvrQZoCMgFSszcj8bKSEW6Ktc1x4p6+oxRCIpC2aycpJcuKcE1uvWgohWsVT2a
-AUHbRlXu4P0QJz7zB1/c0pGDAoGAbIvSVpfCXf3CAhx7cA1yt39Mz+f8nUQP9yiP
-C54sjh2JpKZ4CnDTXqN9uPO+L79ueBsPrE/9wAQ6q3ilfXFvBkrWJ8pdd0iuHN6F
-PPBwb50tGc+BGhcUUlBzGekxxxllTx/ZgrnlnRQu3XENwmp8zRQwEaUjFq+SdFyZ
-qJwap5ECgYEA7UGxxRXAjfStTLnsrnr9svvr3QhwnZBg5JAjeR6FKC0cGFzdBrJ5
-rV/Zy4mGbTBBVh5oU3MplB3AUHejuFv+8eCik2mJug8k3G8KQAk9mB8oV97k0cp+
-bdlu9vlutIoCG9RXxCHdgRVLiLK+OkLv6p7hQOIY7fsIRaAuI+vPKSk=
------END RSA PRIVATE KEY-----

assets/public.pem

@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyocFq3vvbiRNCsEcXtsq
-imIi6UM1OmxiYVQ0NoLvBtpaWk+ETvNIjmUgh5QQaQfRyRGoWvhskp+E8p6go4Gs
-bRtzx0TvL8uINTcC3SHHo6Qvl5994QUUPUrioHdh+lX1oj+zIPVUOaL4dl0US1Eb
-s5vrZVbCfNXSm86vBaPIj6IkWEkj4S5xGsYlVaQUI8Tvv2fbPziIivbkxS1v/EEM
-nfk6i5PWgCsnMupYxz58WaVp9xyu+v/DMPB09mqo4DzchtUNF/b5eOWh3pDJoewY
-yRVMDDPJoQiTKkJn3kt64EaQuZK2nUXcihlmaKIx5ayxirsgfvIvxidHnkQcluvc
-iQIDAQAB
------END PUBLIC KEY-----

dist/index.d.ts

@@ -1 +0,0 @@
-export * from './smartacme.classes.smartacme';

dist/index.js

@@ -1,6 +0,0 @@
-"use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
-__export(require("./smartacme.classes.smartacme"));
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsbURBQTZDIn0=

dist/smartacme.classes.smartacme.d.ts

@@ -1,29 +0,0 @@
-/// <reference types="q" />
-import 'typings-global';
-import * as q from 'q';
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-export declare class SmartAcme {
-    preparedBool: boolean;
-    acmeUrls: any;
-    productionBool: boolean;
-    keyPair: any;
-    constructor(productionArg?: boolean);
-    /**
-     * prepares the SmartAcme class
-     */
-    prepareAcme(): q.Promise<{}>;
-    /**
-     * creates an account if not currently present in module
-     */
-    createAccount(): q.Promise<{}>;
-    /**
-     * creates a keyPair
-     */
-    createKeyPair(): q.Promise<{}>;
-    /**
-     * gets the Acme Urls
-     */
-    getAcmeUrls(): q.Promise<{}>;
-}

dist/smartacme.classes.smartacme.js

@@ -1,101 +0,0 @@
-"use strict";
-require("typings-global");
-const q = require("q");
-let ACME = require('le-acme-core').ACME.create();
-let RSA = require('rsa-compat').RSA;
-let bitlen = 1024;
-let exp = 65537;
-let options = {
-    public: true,
-    pem: true,
-    internal: true
-};
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-class SmartAcme {
-    constructor(productionArg = false) {
-        this.preparedBool = false;
-        this.productionBool = productionArg;
-    }
-    /**
-     * prepares the SmartAcme class
-     */
-    prepareAcme() {
-        let done = q.defer();
-        if (this.preparedBool === false) {
-            this.getAcmeUrls()
-                .then(() => {
-                return this.createKeyPair();
-            })
-                .then((x) => {
-                console.log('prepared smartacme instance');
-                done.resolve();
-            });
-        }
-        else {
-            done.resolve();
-        }
-        return done.promise;
-    }
-    /**
-     * creates an account if not currently present in module
-     */
-    createAccount() {
-        let done = q.defer();
-        this.prepareAcme()
-            .then(() => {
-            let options = {
-                newRegUrl: this.acmeUrls.newReg,
-                email: 'domains@lossless.org',
-                accountKeypair: {
-                    privateKeyPem: this.keyPair
-                },
-                agreeToTerms: function (tosUrl, done) {
-                    done(null, tosUrl);
-                }
-            };
-            ACME.registerNewAccount(options, (err, regr) => {
-                if (err) {
-                    console.log(err);
-                    done.reject(err);
-                }
-                done.resolve(regr);
-            });
-        }).catch(err => { console.log(err); });
-        return done.promise;
-    }
-    /**
-     * creates a keyPair
-     */
-    createKeyPair() {
-        let done = q.defer();
-        RSA.generateKeypair(bitlen, exp, options, (err, keypair) => {
-            if (err) {
-                console.log(err);
-                done.reject(err);
-            }
-            console.log(keypair);
-            this.keyPair = keypair;
-            done.resolve();
-        });
-        return done.promise;
-    }
-    /**
-     * gets the Acme Urls
-     */
-    getAcmeUrls() {
-        let done = q.defer();
-        ACME.getAcmeUrls(ACME.stagingServerUrl, (err, urls) => {
-            if (err) {
-                throw err;
-            }
-            this.acmeUrls = urls;
-            console.log(this.acmeUrls);
-            done.resolve();
-        });
-        return done.promise;
-    }
-}
-exports.SmartAcme = SmartAcme;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSwwQkFBdUI7QUFDdkIsdUJBQXNCO0FBTXRCLElBQUksSUFBSSxHQUFHLE9BQU8sQ0FBQyxjQUFjLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUE7QUFDaEQsSUFBSSxHQUFHLEdBQUcsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFDLEdBQUcsQ0FBQTtBQUVuQyxJQUFJLE1BQU0sR0FBRyxJQUFJLENBQUE7QUFDakIsSUFBSSxHQUFHLEdBQUcsS0FBSyxDQUFBO0FBQ2YsSUFBSSxPQUFPLEdBQUc7SUFDVixNQUFNLEVBQUUsSUFBSTtJQUNaLEdBQUcsRUFBRSxJQUFJO0lBQ1QsUUFBUSxFQUFFLElBQUk7Q0FDakIsQ0FBQTtBQUNEOztHQUVHO0FBQ0g7SUFLSSxZQUFZLGdCQUF5QixLQUFLO1FBSjFDLGlCQUFZLEdBQVksS0FBSyxDQUFBO1FBS3pCLElBQUksQ0FBQyxjQUFjLEdBQUcsYUFBYSxDQUFBO0lBQ3ZDLENBQUM7SUFFRDs7T0FFRztJQUNILFdBQVc7UUFDUCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLFlBQVksS0FBSyxLQUFLLENBQUMsQ0FBQyxDQUFDO1lBQzlCLElBQUksQ0FBQyxXQUFXLEVBQUU7aUJBQ2IsSUFBSSxDQUFDO2dCQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUE7WUFDL0IsQ0FBQyxDQUFDO2lCQUNELElBQUksQ0FBQyxDQUFDLENBQUM7Z0JBQ0osT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFBO2dCQUMxQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7WUFDbEIsQ0FBQyxDQUFDLENBQUE7UUFDVixDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDSixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDbEIsQ0FBQztRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILGFBQWE7UUFDVCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxDQUFDLFdBQVcsRUFBRTthQUNiLElBQUksQ0FBQztZQUNGLElBQUksT0FBTyxHQUFHO2dCQUNWLFNBQVMsRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU07Z0JBQy9CLEtBQUssRUFBRSxzQkFBc0I7Z0JBQzdCLGNBQWMsRUFBRTtvQkFDWixhQUFhLEVBQUUsSUFBSSxDQUFDLE9BQU87aUJBQzlCO2dCQUNELFlBQVksRUFBRSxVQUFVLE1BQU0sRUFBRSxJQUFJO29CQUNoQyxJQUFJLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFBO2dCQUN0QixDQUFDO2FBQ0osQ0FBQTtZQUNELElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxHQUFHLEVBQUUsSUFBSTtnQkFDdkMsRUFBRSxDQUFBLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztvQkFDTCxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFBO29CQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFBO2dCQUNwQixDQUFDO2dCQUNELElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUE7WUFDdEIsQ0FBQyxDQUFDLENBQUE7UUFDTixDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUV6QyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUN2QixDQUFDO0lBRUQ7O09BRUc7SUFDSCxhQUFhO1FBQ1QsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLEdBQUcsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRSxPQUFPLEVBQUUsQ0FBQyxHQUFHLEVBQUUsT0FBTztZQUNuRCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNOLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDcEIsQ0FBQztZQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDcEIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUE7WUFDdEIsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1FBQ2xCLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztJQUVEOztPQUVHO0lBQ0gsV0FBVztRQUNQLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDLEdBQUcsRUFBRSxJQUFJO1lBQzlDLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ04sTUFBTSxHQUFHLENBQUE7WUFDYixDQUFDO1lBQ0QsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLENBQUE7WUFDcEIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUE7WUFDMUIsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1FBQ2xCLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQUNKO0FBMUZELDhCQTBGQyJ9

dist/smartacme.paths.d.ts

@@ -1,2 +0,0 @@
-export declare let packageDir: string;
-export declare let assetDir: string;

dist/smartacme.paths.js

@@ -1,7 +0,0 @@
-"use strict";
-const path = require("path");
-const smartfile = require("smartfile");
-exports.packageDir = path.join(__dirname, '../');
-exports.assetDir = path.join(exports.packageDir, 'assets/');
-smartfile.fs.ensureDirSync(exports.assetDir);
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw2QkFBNEI7QUFDNUIsdUNBQXNDO0FBRTNCLFFBQUEsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3ZDLFFBQUEsUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQVUsRUFBQyxTQUFTLENBQUMsQ0FBQTtBQUNyRCxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxnQkFBUSxDQUFDLENBQUEifQ==

npmextra.json

@@ -0,0 +1,6 @@
+{
+  "npmci": {
+    "npmGlobalTools": [],
+    "npmAccessLevel": "public"
+  }
+}

package.json

@@ -1,15 +1,17 @@
 {
-  "name": "smartacme",
-  "version": "1.0.2",
+  "name": "@pushrocks/smartacme",
+  "version": "2.0.22",
+  "private": false,
   "description": "acme implementation in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
-    "test": "(npmts --nodocs)"
+    "test": "(tstest test/)",
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
-    "url": "git+ssh://git@gitlab.com/pushrocks/smartacme.git"
+    "url": "git+ssh://git@gitlab.com/umbrellazone/smartacme.git"
   },
   "keywords": [
     "TypeScript",
@@ -19,21 +21,31 @@
   "author": "Lossless GmbH",
   "license": "MIT",
   "bugs": {
-    "url": "https://gitlab.com/pushrocks/smartacme/issues"
+    "url": "https://gitlab.com/umbrellazone/smartacme/issues"
   },
-  "homepage": "https://gitlab.com/pushrocks/smartacme#README",
+  "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@types/q": "0.x.x",
-    "le-acme-core": "^2.0.7",
-    "q": "^1.4.1",
-    "rsa-compat": "^1.2.7",
-    "smartfile": "^4.1.0",
-    "smartstring": "^2.0.20",
-    "typings-global": "^1.0.14"
+    "@pushrocks/lik": "^3.0.4",
+    "@pushrocks/smartdata": "^3.1.13",
+    "@pushrocks/smartdelay": "^2.0.2",
+    "@pushrocks/smartdns": "^3.0.8",
+    "@pushrocks/smartexpress": "^3.0.0",
+    "@pushrocks/smartpromise": "^2.0.5",
+    "@pushrocks/smartrequest": "^1.1.14",
+    "@pushrocks/smartstring": "^3.0.8",
+    "@pushrocks/smarttime": "^3.0.5",
+    "@pushrocks/smartunique": "^3.0.1",
+    "acme-client": "^2.2.2"
   },
   "devDependencies": {
-    "@types/should": "^8.1.30",
-    "should": "^11.1.1",
-    "typings-test": "^1.0.3"
+    "@gitzone/tsbuild": "^2.1.4",
+    "@gitzone/tsrun": "^1.1.17",
+    "@gitzone/tstest": "^1.0.18",
+    "@mojoio/cloudflare": "^2.0.0",
+    "@pushrocks/qenv": "^3.0.2",
+    "@pushrocks/tapbundle": "^3.0.7",
+    "@types/node": "^10.12.18",
+    "tslint": "^5.12.0",
+    "tslint-config-prettier": "^1.17.0"
   }
 }

qenv.yml

@@ -0,0 +1,6 @@
+required:
+  - CF_EMAIL
+  - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

test/test.d.ts

@@ -1 +0,0 @@
-import 'typings-test';

test/test.js

@@ -1,31 +0,0 @@
-"use strict";
-require("typings-test");
-const should = require("should");
-// import the module to test
-const smartacme = require("../dist/index");
-describe('smartacme', function () {
-    let testAcme;
-    it('should create a valid instance', function () {
-        this.timeout(10000);
-        testAcme = new smartacme.SmartAcme();
-        should(testAcme).be.instanceOf(smartacme.SmartAcme);
-    });
-    it('should get the ACME urls', function (done) {
-        testAcme.getAcmeUrls().then(() => { done(); });
-    });
-    it('should prepare the Instance', function (done) {
-        testAcme.prepareAcme().then(done);
-    });
-    it('should have created keyPair', function () {
-    });
-    it('should register a new account', function (done) {
-        testAcme.createAccount().then(x => {
-            console.log(x);
-            done();
-        }).catch(err => {
-            console.log(err);
-            done(err);
-        });
-    });
-});
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFFaEMsNEJBQTRCO0FBQzVCLDJDQUEwQztBQUUxQyxRQUFRLENBQUMsV0FBVyxFQUFFO0lBQ2xCLElBQUksUUFBNkIsQ0FBQTtJQUNqQyxFQUFFLENBQUMsZ0NBQWdDLEVBQUU7UUFDakMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUNuQixRQUFRLEdBQUcsSUFBSSxTQUFTLENBQUMsU0FBUyxFQUFFLENBQUE7UUFDcEMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBQ3ZELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDBCQUEwQixFQUFFLFVBQVUsSUFBSTtRQUN6QyxRQUFRLENBQUMsV0FBVyxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsSUFBSSxFQUFFLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNqRCxDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRSxVQUFVLElBQUk7UUFDNUMsUUFBUSxDQUFDLFdBQVcsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQTtJQUNyQyxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRTtJQUVsQyxDQUFDLENBQUMsQ0FBQTtJQUNGLEVBQUUsQ0FBQywrQkFBK0IsRUFBRSxVQUFVLElBQUk7UUFDOUMsUUFBUSxDQUFDLGFBQWEsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzNCLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUE7WUFDZCxJQUFJLEVBQUUsQ0FBQTtRQUNWLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHO1lBQ1IsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixJQUFJLENBQUMsR0FBRyxDQUFDLENBQUE7UUFDYixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0FBQ04sQ0FBQyxDQUFDLENBQUEifQ==

test/test.ts

@@ -1,34 +1,44 @@
-import 'typings-test'
-import * as should from 'should'
+import { tap, expect } from '@pushrocks/tapbundle';
+import { Qenv } from '@pushrocks/qenv';
 
-// import the module to test
-import * as smartacme from '../dist/index'
+const testQenv = new Qenv('./', './.nogit/');
 
-describe('smartacme', function () {
-    let testAcme: smartacme.SmartAcme
-    it('should create a valid instance', function () {
-        this.timeout(10000)
-        testAcme = new smartacme.SmartAcme()
-        should(testAcme).be.instanceOf(smartacme.SmartAcme)
-    })
+import * as smartacme from '../ts/index';
 
-    it('should get the ACME urls', function (done) {
-        testAcme.getAcmeUrls().then(() => { done() })
-    })
+let smartAcmeInstance: smartacme.SmartAcme;
 
-    it('should prepare the Instance', function (done) {
-        testAcme.prepareAcme().then(done)
-    })
-    it('should have created keyPair', function () {
+tap.test('should create a valid instance of SmartAcme', async () => {
+  smartAcmeInstance = new smartacme.SmartAcme({
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL')
+    },
+    removeChallenge: async (...args) => {
+      console.log(args);
+    },
+    setChallenge: async (...args) => {
+      console.log(args);
+    },
+    validateRemoteRequest: async () => {
+      return true;
+    }
+  });
+  await smartAcmeInstance.init();
+  // await smartAcmeInstance.getCertificateForDomain('bleu.de');
+});
 
-    })
-    it('should register a new account', function (done) {
-        testAcme.createAccount().then(x => {
-            console.log(x)
-            done()
-        }).catch(err => {
-            console.log(err)
-            done(err)
-        })
-    })
-})
+tap.test('certmatcher should correctly match domains', async () => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher'); 
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
+
+tap.test('should stop correctly', async () => {
+  await smartAcmeInstance.stop();
+});
+
+tap.start();

ts/index.ts

@@ -1 +1,3 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';
+
+export * from './smartacme.classes.certremoteclient';

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/cert.ts

@@ -0,0 +1,9 @@
+export type TCertStatus = 'existing' | 'nonexisting' | 'pending' | 'failed';
+
+export interface ICert {
+  domainName: string;
+  created: number;
+  privateKey: string;
+  publicKey: string;
+  csr: string;
+}

ts/interfaces/certremote.ts

@@ -0,0 +1,11 @@
+import { ICert, TCertStatus } from './cert';
+
+export interface ICertRemoteRequest {
+  secret: string;
+  domainName: string;
+}
+
+export interface ICertRemoteResponse {
+  status: TCertStatus;
+  certificate?: ICert;
+}

ts/interfaces/index.ts

@@ -0,0 +1,3 @@
+export * from './accountdata';
+export * from './cert';
+export * from './certremote';

ts/smartacme.classes.cert.ts

@@ -0,0 +1,40 @@
+import * as plugins from './smartacme.plugins';
+
+import * as interfaces from './interfaces';
+
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+import { ICert } from './interfaces';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements interfaces.ICert {
+  @unI()
+  public index: string;
+
+  @svDb()
+  public domainName: string;
+
+  @svDb()
+  public created: number;
+
+  @svDb()
+  public privateKey: string;
+  
+  @svDb()
+  public publicKey: string;
+  
+  @svDb()
+  public csr: string;
+
+  constructor(optionsArg: ICert) {
+    super();
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,93 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { SmartAcme } from './smartacme.classes.smartacme';
+
+import * as interfaces from './interfaces';
+import { ICert } from './interfaces';
+
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+  
+  
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  public pendingMap: plugins.lik.Stringmap;
+
+  constructor(smartAcmeArg: SmartAcme,optionsArg: {
+    mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  }) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init () {
+    // Smartdata DB
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+
+    // Pending Map
+    this.pendingMap = new plugins.lik.Stringmap();
+  };
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param domainName the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(domainName: string): Promise<Cert> {
+    await this.checkCerts();
+    const existingCertificate: Cert = await Cert.getInstance({
+      domainName
+    });
+
+    if(existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+
+  }
+
+  /**
+   * stores the certificate with the 
+   * @param publicKeyArg 
+   * @param privateKeyArg 
+   * @param csrArg 
+   */
+  public async storeCertificate(optionsArg: ICert) {
+    const cert = new Cert(optionsArg);
+    cert.save();
+  };
+
+  public async deleteCertificate(domainNameArg: string) {
+
+  }
+
+  public async getCertificateStatus(domainNameArg: string): Promise<interfaces.TCertStatus> {
+    const isPending = this.pendingMap.checkString('domainNameArg');
+    if (isPending) {
+      return 'pending';
+    }
+
+    // otherwise lets continue
+    const existingCertificate = this.retrieveCertificate(domainNameArg);
+    if (existingCertificate) {
+      return 'existing';
+    }
+
+    return 'nonexisting';
+  }
+
+  /**
+   * checks all certs for expiration
+   */
+  private async checkCerts() {};
+}

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,10 @@
+import * as plugins from './smartacme.plugins';
+
+export class CertMatcher {
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.certremoteclient.ts

@@ -0,0 +1,47 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+import { ICertRemoteResponse } from './interfaces';
+
+// tslint:disable-next-line: max-classes-per-file
+export class CertRemoteClient {
+  private remoteUrl: string;
+  private secret: string;
+
+  constructor(optionsArg: {
+    remoteUrl: string;
+    secret: string;
+  }) {
+    this.remoteUrl = optionsArg.remoteUrl;
+    this.secret = optionsArg.secret;
+  }
+
+  /**
+   * 
+   * @param domainNameArg 
+   */
+  async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
+    let certificate: interfaces.ICert;
+    const doRequestCycle = async (): Promise<interfaces.ICert> => {
+      const response: ICertRemoteResponse = (await plugins.smartrequest.postJson(this.remoteUrl, {
+        requestBody: <interfaces.ICertRemoteRequest>{
+          domainName: domainNameArg,
+          secret: this.secret
+        }
+      })).body;
+      switch(response.status) {
+        case 'pending':
+          await plugins.smartdelay.delayFor(5000);
+          const finalResponse = await doRequestCycle();
+          return finalResponse;
+        case 'existing':
+          return response.certificate;
+        case 'failed':
+        default:
+          console.log(`could not retrieve certificate for ${domainNameArg}`);
+          return null;
+      }
+    };
+    certificate = await doRequestCycle();
+    return certificate;
+  }
+}

ts/smartacme.classes.smartacme.ts

@@ -1,111 +1,199 @@
-import 'typings-global'
-import * as q from 'q'
-import * as path from 'path'
-import * as smartfile from 'smartfile'
-import * as smartstring from 'smartstring'
-import * as paths from './smartacme.paths'
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { CertManager } from './smartacme.classes.certmanager';
+import { CertMatcher } from './smartacme.classes.certmatcher';
 
-let ACME = require('le-acme-core').ACME.create()
-let RSA = require('rsa-compat').RSA
+import * as interfaces from './interfaces';
+import { request } from 'http';
 
-let bitlen = 1024
-let exp = 65537
-let options = {
-    public: true,
-    pem: true,
-    internal: true
-}
 /**
- * class SmartAcme exports methods for maintaining SSL Certificates
+ * the options for the class @see SmartAcme
+ */
+export interface ISmartAcmeOptions {
+  accountPrivateKey?: string;
+  accountEmail: string;
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
+  removeChallenge: (domainName: string) => Promise<any>;
+  validateRemoteRequest: () => Promise<boolean>;
+}
+
+/**
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ * 
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
  */
 export class SmartAcme {
-    preparedBool: boolean = false
-    acmeUrls: any
-    productionBool: boolean
-    keyPair: any
-    constructor(productionArg: boolean = false) {
-        this.productionBool = productionArg
+  private options: ISmartAcmeOptions;
+
+  // the acme client
+  private client: any;
+  private smartdns = new plugins.smartdns.Smartdns();
+
+  // the account private key
+  private privateKey: string;
+
+  // challenge fullfillment
+  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
+  private removeChallenge: (domainName: string) => Promise<any>;
+  private validateRemoteRequest: () => Promise<boolean>;
+
+  // certmanager
+  private certmanager: CertManager;
+  private certmatcher: CertMatcher;
+  private certremoteHandler: plugins.smartexpress.Handler;
+
+  constructor(optionsArg: ISmartAcmeOptions) {
+    this.options = optionsArg;
+  }
+
+  /**
+   * inits the instance
+   * ```ts
+   * await myCloudlyInstance.init() // does not support options
+   * ```
+   */
+  public async init() {
+    this.privateKey =
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
+    this.setChallenge = this.options.setChallenge;
+    this.removeChallenge = this.options.removeChallenge;
+
+    // CertMangaer
+    this.certmanager = new CertManager(this, {
+      mongoDescriptor: this.options.mongoDescriptor
+    });
+    await this.certmanager.init();
+
+    // CertMatcher
+    this.certmatcher = new CertMatcher();
+
+    // CertRemoteHandler
+    this.certremoteHandler = new plugins.smartexpress.Handler('POST', async (req, res) => {
+      const requestBody: interfaces.ICertRemoteRequest = req.body;
+      const status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(requestBody.domainName);
+      const existingCertificate = await this.certmanager.retrieveCertificate(
+        requestBody.domainName
+      );
+      let response: interfaces.ICertRemoteResponse;
+      switch (status) {
+         case 'existing':
+          response = {
+            status,
+            certificate: {
+              created: existingCertificate.created,
+              csr: existingCertificate.csr,
+              domainName: existingCertificate.domainName,
+              privateKey: existingCertificate.privateKey,
+              publicKey: existingCertificate.publicKey
+            }
+          };
+          break;
+        default:
+          response = {
+            status
+          };
+          break;
+      }
+      res.status(200);
+      res.send(response);
+      res.end();
+    });
+
+    // ACME Client
+    this.client = new plugins.acme.Client({
+      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      accountKey: this.privateKey
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`]
+    });
+  }
+
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
+  }
+
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
+    const domain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
+
+    if (retrievedCertificate) {
+      return retrievedCertificate;
     }
 
-    /**
-     * prepares the SmartAcme class
-     */
-    prepareAcme() {
-        let done = q.defer()
-        if (this.preparedBool === false) {
-            this.getAcmeUrls()
-                .then(() => {
-                    return this.createKeyPair()
-                })
-                .then((x) => {
-                    console.log('prepared smartacme instance')
-                    done.resolve()
-                })
-        } else {
-            done.resolve()
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge(domainDnsName, keyAuthorization);
+        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge(domainDnsName);
+        } catch (e) {
+          console.log(e);
         }
-        return done.promise
+      }
     }
 
-    /**
-     * creates an account if not currently present in module
-     */
-    createAccount() {
-        let done = q.defer()
-        this.prepareAcme()
-            .then(() => {
-                let options = {
-                    newRegUrl: this.acmeUrls.newReg,
-                    email: 'domains@lossless.org', // valid email (server checks MX records)
-                    accountKeypair: { // privateKeyPem or privateKeyJwt 
-                        privateKeyPem: this.keyPair
-                    },
-                    agreeToTerms: function (tosUrl, done) {
-                        done(null, tosUrl)
-                    }
-                }
-                ACME.registerNewAccount(options, (err, regr) => {
-                    if(err) {
-                        console.log(err)
-                        done.reject(err)
-                    }
-                    done.resolve(regr)
-                })
-            }).catch(err => { console.log(err) })
+    /* Finalize order */
+    const [key, csr] = await plugins.acme.forge.createCsr({
+      commonName: `*.${domain}`,
+      altNames: [domain]
+    });
 
-        return done.promise
-    }
+    await this.client.finalizeOrder(order, csr);
+    const cert = await this.client.getCertificate(order);
 
-    /**
-     * creates a keyPair
-     */
-    createKeyPair() {
-        let done = q.defer()
-        RSA.generateKeypair(bitlen, exp, options, (err, keypair) => {
-            if (err) {
-                console.log(err)
-                done.reject(err)
-            }
-            console.log(keypair)
-            this.keyPair = keypair
-            done.resolve()
-        })
-        return done.promise
-    }
+    /* Done */
+    console.log(`CSR:\n${csr.toString()}`);
+    console.log(`Private key:\n${key.toString()}`);
+    console.log(`Certificate:\n${cert.toString()}`);
 
-    /**
-     * gets the Acme Urls
-     */
-    getAcmeUrls() {
-        let done = q.defer()
-        ACME.getAcmeUrls(ACME.stagingServerUrl, (err, urls) => {
-            if (err) {
-                throw err
-            }
-            this.acmeUrls = urls
-            console.log(this.acmeUrls)
-            done.resolve()
-        })
-        return done.promise
-    }
+    await this.certmanager.storeCertificate({
+      domainName: domainArg,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now()
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(domainArg);
+    return newCertificate;
+  }
 }

ts/smartacme.paths.ts

@@ -1,6 +0,0 @@
-import * as path from 'path'
-import * as smartfile from 'smartfile'
-
-export let packageDir = path.join(__dirname,'../')
-export let assetDir = path.join(packageDir,'assets/')
-smartfile.fs.ensureDirSync(assetDir)

ts/smartacme.plugins.ts

@@ -0,0 +1,18 @@
+// @pushrocks scope
+import * as lik from '@pushrocks/lik';
+import * as smartdata from '@pushrocks/smartdata';
+import * as smartdelay from '@pushrocks/smartdelay';
+import * as smartdns from '@pushrocks/smartdns';
+import * as smartexpress from '@pushrocks/smartexpress';
+import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartrequest from '@pushrocks/smartrequest';
+import * as smartunique from '@pushrocks/smartunique';
+import * as smartstring from '@pushrocks/smartstring';
+import * as smarttime from '@pushrocks/smarttime';
+
+export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smartstring, smarttime };
+
+// thirs party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }