2.0.6

.gitignore

@@ -2,3 +2,4 @@ node_modules/
 coverage/
 public/
 pages/
+.nogit/

.gitlab-ci.yml

@@ -1,59 +1,150 @@
-image: hosttoday/ht-docker-node:npmts
+# gitzone standard
+image: hosttoday/ht-docker-node:npmci
+
+cache:
+  paths:
+  - .npmci_cache/
+  key: "$CI_BUILD_STAGE"
 
 stages:
+- security
 - test
 - release
-- trigger
+- metadata
-- pages
 
-testLEGACY:
+# ====================
-  stage: test
+# security stage
+# ====================
+mirror:
+  stage: security
   script:
-    - npmci test legacy
+  - npmci git mirror
   tags:
-    - docker
+  - docker
+  - notpriv
+
+snyk:
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install -g snyk
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+  - docker
+  - notpriv
+
+sast:
+  stage: security
+  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
+  variables:
+    DOCKER_DRIVER: overlay2
   allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command npm run build
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+  tags:
+  - docker
+  - priv
+
+# ====================
+# test stage
+# ====================
 
 testLTS:
   stage: test
   script:
-    - npmci test lts
+  - npmci npm prepare
+  - npmci node install lts
+  - npmci npm install
+  - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
     
 testSTABLE:
   stage: test
   script:
-    - npmci test stable
+  - npmci npm prepare
+  - npmci node install stable
+  - npmci npm install
+  - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+  - npmci node install stable
+  - npmci npm publish
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  image: docker:stable
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
+  artifacts:
+    paths: [codeclimate.json]
+  tags:
+  - docker
+  - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
-    - npmci trigger
+  - npmci trigger
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmpage
+  image: hosttoday/ht-docker-node:npmci
-  stage: pages
+  stage: metadata
   script:
-    - npmci command npmpage --host gitlab
+    - npmci command npm install -g typedoc typescript
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
+  tags:
+    - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
     - public
+  allow_failure: true

.npmignore

@@ -0,0 +1,4 @@
+node_modules/
+coverage/
+public/
+pages/

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

README.md

@@ -1,36 +1,63 @@
 # smartacme
+
 acme implementation in TypeScript
 
 ## Availabililty
-[![npm](https://push.rocks/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
+
-[![git](https://push.rocks/assets/repo-button-git.svg)](https://GitLab.com/pushrocks/smartacme)
+[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://push.rocks/assets/repo-button-mirror.svg)](https://github.com/pushrocks/smartacme)
+[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![docs](https://push.rocks/assets/repo-button-docs.svg)](https://pushrocks.gitlab.io/smartacme/)
+[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
+[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
-[![build status](https://GitLab.com/pushrocks/smartacme/badges/master/build.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
+
-[![coverage report](https://GitLab.com/pushrocks/smartacme/badges/master/coverage.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
+[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
+[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/pushrocks/smartacme.svg)](https://david-dm.org/pushrocks/smartacme)
+[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/pushrocks/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/pushrocks/smartacme/master/dependencies/npm)
+[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/pushrocks/smartacme/badges/code.svg)](https://www.bithound.io/github/pushrocks/smartacme)
+[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
 [![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
+
 Use TypeScript for best in class instellisense.
 
 ```javascript
-import { SmartAcme } from 'smartacme'
+import { SmartAcme } from 'smartacme';
 
-let smac = new SmartAcme()
+let smac = new SmartAcme()(async () => {
+  // learn async/await, it'll make your life easier
 
-let myAccount = smac.getAccount() // optionally accepts a filePath Arg with a stored acmeaccount.json
+  // optionally accepts a filePath Arg with a stored acmeaccount.json
-let myCert = myAccount.getChallenge('example.com','dns-01') // will return a dnsHash to set in your DNS record
+  // will create an account and
-myCert.get().then(() => {
+  let myAccount = await smac.createAcmeAccount();
-    console.log(myCert.certificate) // your certificate, ready to use in whatever way you prefer
+
-})
+  // will return a dnsHash to set in your DNS record
+  let myCert = await myAccount.createAcmeCert('example.com');
+
+  // gets and accepts the specified challenge
+  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
+  let myChallenge = await myCert.getChallenge('dns-01');
+
+  /* ----------
+    Now you need to set the challenge in your DNS
+    myChallenge.domainNamePrefixed is the address for the record
+    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
+    -------------*/
+})();
 ```
 
-[![npm](https://push.rocks/assets/repo-header.svg)](https://push.rocks)
+## Other relevant npm modules
+
+| module name | description                                                         |
+| ----------- | ------------------------------------------------------------------- |
+| cert        | a higlevel production module that uses smartacme to manage certs    |
+| smartnginx  | a highlevel production tool for docker environments to manage nginx |
+
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+
+[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

dist/index.d.ts

@@ -1 +0,0 @@
-export * from './smartacme.classes.smartacme';

dist/index.js

@@ -1,6 +0,0 @@
-"use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
-__export(require("./smartacme.classes.smartacme"));
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsbURBQTZDIn0=

dist/smartacme.classes.acmeaccount.js

@@ -1 +0,0 @@
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiIn0=

dist/smartacme.classes.acmecert.js

@@ -1 +0,0 @@
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWNlcnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lY2VydC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiIn0=

dist/smartacme.classes.helper.d.ts

@@ -1,21 +0,0 @@
-/// <reference types="q" />
-import 'typings-global';
-import * as q from 'q';
-import { SmartAcme } from './smartacme.classes.smartacme';
-export interface IRsaKeypair {
-    publicKey: string;
-    privateKey: string;
-}
-export declare class SmartacmeHelper {
-    parentSmartAcme: SmartAcme;
-    constructor(smartAcmeArg: SmartAcme);
-    /**
-     * creates a keypair to use with requests and to generate JWK from
-     */
-    createKeypair(bit?: number): IRsaKeypair;
-    /**
-     * getReg
-     * @executes ASYNC
-     */
-    getReg(): q.Promise<{}>;
-}

dist/smartacme.classes.helper.js

@@ -1,40 +0,0 @@
-"use strict";
-require("typings-global");
-const q = require("q");
-let rsaKeygen = require('rsa-keygen');
-class SmartacmeHelper {
-    constructor(smartAcmeArg) {
-        this.parentSmartAcme = smartAcmeArg;
-    }
-    /**
-     * creates a keypair to use with requests and to generate JWK from
-     */
-    createKeypair(bit = 2048) {
-        let result = rsaKeygen.generate(bit);
-        return {
-            publicKey: result.public_key,
-            privateKey: result.private_key
-        };
-    }
-    /**
-     * getReg
-     * @executes ASYNC
-     */
-    getReg() {
-        let done = q.defer();
-        let body = { resource: 'reg' };
-        this.parentSmartAcme.rawacmeClient.post(this.parentSmartAcme.location, body, this.parentSmartAcme.keyPair, (err, res) => {
-            if (err) {
-                console.error('smartacme: something went wrong:');
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            console.log(JSON.stringify(res.body));
-            done.resolve();
-        });
-        return done.promise;
-    }
-}
-exports.SmartacmeHelper = SmartacmeHelper;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuaGVscGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSwwQkFBdUI7QUFDdkIsdUJBQXNCO0FBQ3RCLElBQUksU0FBUyxHQUFHLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBQTtBQVNyQztJQUdJLFlBQVksWUFBdUI7UUFDL0IsSUFBSSxDQUFDLGVBQWUsR0FBRyxZQUFZLENBQUE7SUFDdkMsQ0FBQztJQUVEOztPQUVHO0lBQ0gsYUFBYSxDQUFDLEdBQUcsR0FBRyxJQUFJO1FBQ3BCLElBQUksTUFBTSxHQUFHLFNBQVMsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUE7UUFDcEMsTUFBTSxDQUFDO1lBQ0gsU0FBUyxFQUFFLE1BQU0sQ0FBQyxVQUFVO1lBQzVCLFVBQVUsRUFBRSxNQUFNLENBQUMsV0FBVztTQUNqQyxDQUFBO0lBQ0wsQ0FBQztJQUVEOzs7T0FHRztJQUNILE1BQU07UUFDRixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxJQUFJLEdBQUcsRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLENBQUE7UUFDOUIsSUFBSSxDQUFDLGVBQWUsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUNuQyxJQUFJLENBQUMsZUFBZSxDQUFDLFFBQVEsRUFDN0IsSUFBSSxFQUFFLElBQUksQ0FBQyxlQUFlLENBQUMsT0FBTyxFQUNsQyxDQUFDLEdBQUcsRUFBRSxHQUFHO1lBQ0wsRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDTixPQUFPLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUE7Z0JBQ2pELE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUE7Z0JBQ2hCLE1BQU0sQ0FBQTtZQUNWLENBQUM7WUFDRCxPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUE7WUFDckMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1FBQ2xCLENBQUMsQ0FDSixDQUFBO1FBQ0QsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQUNKO0FBekNELDBDQXlDQyJ9

dist/smartacme.classes.smartacme.d.ts

@@ -1,42 +0,0 @@
-/// <reference types="q" />
-import 'typings-global';
-import * as q from 'q';
-import { SmartacmeHelper, IRsaKeypair } from './smartacme.classes.helper';
-export declare type TChallenge = 'dns-01' | 'http-01';
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-export declare class SmartAcme {
-    helper: SmartacmeHelper;
-    acmeUrl: string;
-    productionBool: boolean;
-    keyPair: IRsaKeypair;
-    location: string;
-    link: string;
-    rawacmeClient: any;
-    JWK: any;
-    /**
-     * the constructor for class SmartAcme
-     */
-    constructor(productionArg?: boolean);
-    /**
-     * creates an account if not currently present in module
-     * @executes ASYNC
-     */
-    createAccount(): q.Promise<{}>;
-    agreeTos(): q.Promise<{}>;
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(domainNameArg: string, challengeTypeArg?: TChallenge): q.Promise<{}>;
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate(): void;
-    /**
-     * accept a challenge - for private use only
-     */
-    private acceptChallenge(challenge);
-}

dist/smartacme.paths.d.ts

@@ -1,2 +0,0 @@
-export declare let packageDir: string;
-export declare let assetDir: string;

dist/smartacme.paths.js

@@ -1,7 +0,0 @@
-"use strict";
-const path = require("path");
-const smartfile = require("smartfile");
-exports.packageDir = path.join(__dirname, '../');
-exports.assetDir = path.join(exports.packageDir, 'assets/');
-smartfile.fs.ensureDirSync(exports.assetDir);
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw2QkFBNEI7QUFDNUIsdUNBQXNDO0FBRTNCLFFBQUEsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3ZDLFFBQUEsUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQVUsRUFBQyxTQUFTLENBQUMsQ0FBQTtBQUNyRCxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxnQkFBUSxDQUFDLENBQUEifQ==

npmextra.json

@@ -1,7 +1,6 @@
 {
-    "npmci": {
+  "npmci": {
-        "globalNpmTools": [
+    "npmGlobalTools": [],
-            "npmts"
+    "npmAccessLevel": "public"
-        ]
+  }
-    }
 }

package.json

@@ -1,15 +1,17 @@
 {
-  "name": "smartacme",
+  "name": "@pushrocks/smartacme",
-  "version": "1.0.5",
+  "version": "2.0.6",
+  "private": false,
   "description": "acme implementation in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
-    "test": "(npmts --nodocs)"
+    "test": "(tstest test/)",
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
-    "url": "git+ssh://git@gitlab.com/pushrocks/smartacme.git"
+    "url": "git+ssh://git@gitlab.com/umbrellazone/smartacme.git"
   },
   "keywords": [
     "TypeScript",
@@ -19,21 +21,23 @@
   "author": "Lossless GmbH",
   "license": "MIT",
   "bugs": {
-    "url": "https://gitlab.com/pushrocks/smartacme/issues"
+    "url": "https://gitlab.com/umbrellazone/smartacme/issues"
   },
-  "homepage": "https://gitlab.com/pushrocks/smartacme#README",
+  "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@types/q": "0.x.x",
+    "@pushrocks/smartdelay": "^2.0.2",
-    "q": "^1.4.1",
+    "@pushrocks/smartpromise": "^2.0.5",
-    "rawacme": "^0.2.1",
+    "acme-client": "^2.2.1"
-    "rsa-keygen": "^1.0.6",
-    "smartfile": "^4.1.0",
-    "smartstring": "^2.0.20",
-    "typings-global": "^1.0.14"
   },
   "devDependencies": {
-    "@types/should": "^8.1.30",
+    "@gitzone/tsbuild": "^2.1.4",
-    "should": "^11.1.1",
+    "@gitzone/tsrun": "^1.1.17",
-    "typings-test": "^1.0.3"
+    "@gitzone/tstest": "^1.0.18",
+    "@mojoio/cloudflare": "^2.0.0",
+    "@pushrocks/qenv": "^3.0.2",
+    "@pushrocks/tapbundle": "^3.0.7",
+    "@types/node": "^10.12.18",
+    "tslint": "^5.12.0",
+    "tslint-config-prettier": "^1.17.0"
   }
 }

qenv.yml

@@ -0,0 +1,3 @@
+required:
+  - CF_EMAIL
+  - CF_KEY

test/test.d.ts

@@ -1 +0,0 @@
-import 'typings-test';

test/test.js

@@ -1,38 +0,0 @@
-"use strict";
-require("typings-test");
-const should = require("should");
-// import the module to test
-const smartacme = require("../dist/index");
-describe('smartacme', function () {
-    let testAcme;
-    it('should create a valid instance', function () {
-        this.timeout(10000);
-        testAcme = new smartacme.SmartAcme();
-        should(testAcme).be.instanceOf(smartacme.SmartAcme);
-    });
-    it('should have created keyPair', function () {
-        should(testAcme.acmeUrl).be.of.type('string');
-    });
-    it('should register a new account', function (done) {
-        this.timeout(10000);
-        testAcme.createAccount().then(x => {
-            done();
-        }).catch(err => {
-            console.log(err);
-            done(err);
-        });
-    });
-    it('should agree to ToS', function (done) {
-        this.timeout(10000);
-        testAcme.agreeTos().then(() => {
-            done();
-        });
-    });
-    it('should request a challenge for a domain', function (done) {
-        this.timeout(10000);
-        testAcme.requestChallenge('bleu.de').then(() => {
-            done();
-        });
-    });
-});
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFFaEMsNEJBQTRCO0FBQzVCLDJDQUEwQztBQUUxQyxRQUFRLENBQUMsV0FBVyxFQUFFO0lBQ2xCLElBQUksUUFBNkIsQ0FBQTtJQUVqQyxFQUFFLENBQUMsZ0NBQWdDLEVBQUU7UUFDakMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUNuQixRQUFRLEdBQUcsSUFBSSxTQUFTLENBQUMsU0FBUyxFQUFFLENBQUE7UUFDcEMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBQ3ZELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDZCQUE2QixFQUFFO1FBQzlCLE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUE7SUFDakQsQ0FBQyxDQUFDLENBQUE7SUFFRixFQUFFLENBQUMsK0JBQStCLEVBQUUsVUFBVSxJQUFJO1FBQzlDLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsUUFBUSxDQUFDLGFBQWEsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzNCLElBQUksRUFBRSxDQUFBO1FBQ1YsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUc7WUFDUixPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFBO1lBQ2hCLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQTtRQUNiLENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7SUFFRixFQUFFLENBQUMscUJBQXFCLEVBQUUsVUFBUyxJQUFJO1FBQ25DLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsUUFBUSxDQUFDLFFBQVEsRUFBRSxDQUFDLElBQUksQ0FBQztZQUNyQixJQUFJLEVBQUUsQ0FBQTtRQUNWLENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7SUFFRixFQUFFLENBQUMseUNBQXlDLEVBQUUsVUFBUyxJQUFJO1FBQ3ZELElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsUUFBUSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUN0QyxJQUFJLEVBQUUsQ0FBQTtRQUNWLENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7QUFDTixDQUFDLENBQUMsQ0FBQSJ9

test/test.ts

@@ -1,43 +1,22 @@
-import 'typings-test'
+import { tap, expect } from '@pushrocks/tapbundle';
-import * as should from 'should'
 
-// import the module to test
+import * as smartacme from '../ts/index';
-import * as smartacme from '../dist/index'
 
-describe('smartacme', function () {
+let smartAcmeInstance: smartacme.SmartAcme;
-    let testAcme: smartacme.SmartAcme
 
-    it('should create a valid instance', function () {
+tap.test('should create a valid instance of SmartAcme', async () => {
-        this.timeout(10000)
+  smartAcmeInstance = new smartacme.SmartAcme();
-        testAcme = new smartacme.SmartAcme()
+  await smartAcmeInstance.init({
-        should(testAcme).be.instanceOf(smartacme.SmartAcme)
+    accountEmail: 'domains@lossless.org',
-    })
+    accountPrivateKey: null,
+    removeChallenge: async (...args) => {
+      console.log(args);
+    },
+    setChallenge: async (...args) => {
+      console.log(args);
+    } 
+  });
+  // await smartAcmeInstance.getCertificateForDomain('bleu.de');
+});
 
-    it('should have created keyPair', function () {
+tap.start();
-        should(testAcme.acmeUrl).be.of.type('string')
-    })
-
-    it('should register a new account', function (done) {
-        this.timeout(10000)
-        testAcme.createAccount().then(x => {
-            done()
-        }).catch(err => {
-            console.log(err)
-            done(err)
-        })
-    })
-
-    it('should agree to ToS', function(done) {
-        this.timeout(10000)
-        testAcme.agreeTos().then(() => {
-            done()
-        })
-    })
-
-    it('should request a challenge for a domain', function(done) {
-        this.timeout(10000)
-        testAcme.requestChallenge('bleu.de').then(() => {
-            done()
-        })
-    })
-})

ts/index.ts

@@ -1 +1 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './accountdata';

ts/smartacme.classes.acmeaccount.ts

@@ -1,5 +0,0 @@
-import 'typings-global'
-
-export class AcmeAccount {
-    
-}

ts/smartacme.classes.acmecert.ts

@@ -1,5 +0,0 @@
-import 'typings-global'
-
-export class AcmeCert {
-    
-}

ts/smartacme.classes.helper.ts

@@ -1,53 +0,0 @@
-import 'typings-global'
-import * as q from 'q'
-let rsaKeygen = require('rsa-keygen')
-
-import { SmartAcme } from './smartacme.classes.smartacme'
-
-export interface IRsaKeypair {
-    publicKey: string
-    privateKey: string
-}
-
-export class SmartacmeHelper {
-    parentSmartAcme: SmartAcme
-
-    constructor(smartAcmeArg: SmartAcme) {
-        this.parentSmartAcme = smartAcmeArg
-    }
-
-    /**
-     * creates a keypair to use with requests and to generate JWK from
-     */
-    createKeypair(bit = 2048): IRsaKeypair {
-        let result = rsaKeygen.generate(bit)
-        return {
-            publicKey: result.public_key,
-            privateKey: result.private_key
-        }
-    }
-
-    /**
-     * getReg
-     * @executes ASYNC
-     */
-    getReg() {
-        let done = q.defer()
-        let body = { resource: 'reg' }
-        this.parentSmartAcme.rawacmeClient.post(
-            this.parentSmartAcme.location,
-            body, this.parentSmartAcme.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                    return
-                }
-                console.log(JSON.stringify(res.body))
-                done.resolve()
-            }
-        )
-        return done.promise
-    }
-}

ts/smartacme.classes.smartacme.ts

@@ -1,178 +1,101 @@
-import 'typings-global'
+import * as plugins from './smartacme.plugins';
-import * as q from 'q'
-import * as path from 'path'
-let rsaKeygen = require('rsa-keygen')
-import * as smartfile from 'smartfile'
-import * as smartstring from 'smartstring'
-let rawacme = require('rawacme')
-import * as paths from './smartacme.paths'
-
-import { SmartacmeHelper, IRsaKeypair } from './smartacme.classes.helper'
-
-export type TChallenge = 'dns-01' | 'http-01'
-
 
 /**
- * class SmartAcme exports methods for maintaining SSL Certificates
+ *
  */
+export interface ISmartAcmeStorage {}
+
 export class SmartAcme {
-    helper: SmartacmeHelper // bundles helper methods that would clutter the main SmartAcme class
+  // the acme client
-    acmeUrl: string // the acme url to use
+  private client: any;
-    productionBool: boolean // a boolean to quickly know wether we are in production or not
-    keyPair: IRsaKeypair // the keyPair needed for account creation
-    location: string
-    link: string
-    rawacmeClient
-    JWK
 
-    /**
+  // the account private key
-     * the constructor for class SmartAcme
+  private privateKey: string;
-     */
+
-    constructor(productionArg: boolean = false) {
+  // challenge fullfillment
-        this.productionBool = productionArg
+  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
-        this.helper = new SmartacmeHelper(this)
+  private removeChallenge: (domainName: string) => Promise<any>;
-        this.keyPair = this.helper.createKeypair()
+
-        if (this.productionBool) {
+  public async init(optionsArg: {
-            this.acmeUrl = rawacme.LETSENCRYPT_URL
+    accountPrivateKey?: string;
-        } else {
+    accountEmail: string;
-            this.acmeUrl = rawacme.LETSENCRYPT_STAGING_URL
+    setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>
+    removeChallenge: (domainName: string) => Promise<any>;
+  }) {
+    this.privateKey = optionsArg.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
+    this.setChallenge = optionsArg.setChallenge;
+    this.removeChallenge = optionsArg.removeChallenge;
+    this.client = new plugins.acme.Client({
+      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      accountKey: this.privateKey
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${optionsArg.accountEmail}`]
+    });
+  }
+
+  public async getCertificateForDomain(domainArg: string) {
+    const domain = domainArg;
+
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    const promises = authorizations.map(async authz => {
+      console.log(authz);
+      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge(domainDnsName, keyAuthorization);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge(domainDnsName);
+        } catch (e) {
+          console.log(e);
         }
-    }
+      }
+    });
 
-    /**
+    /* Wait for challenges to complete */
-     * creates an account if not currently present in module
+    await Promise.all(promises);
-     * @executes ASYNC
-     */
-    createAccount() {
-        let done = q.defer()
-        rawacme.createClient(
-            {
-                url: this.acmeUrl,
-                publicKey: this.keyPair.publicKey,
-                privateKey: this.keyPair.privateKey
-            },
-            (err, client) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                    return
-                }
 
-                // make client available in class 
+    /* Finalize order */
-                this.rawacmeClient = client
+    const [key, csr] = await plugins.acme.forge.createCsr({
+      commonName: `*.${domain}`,
+      altNames: [domain]
+    });
 
-                // create the registration
+    await this.client.finalizeOrder(order, csr);
-                client.newReg(
+    const cert = await this.client.getCertificate(order);
-                    {
-                        contact: ['mailto:domains@lossless.org']
-                    },
-                    (err, res) => {
-                        if (err) {
-                            console.error('smartacme: something went wrong:')
-                            console.log(err)
-                            done.reject(err)
-                            return
-                        }
-                        this.JWK = res.body.key
-                        this.link = res.headers.link
-                        console.log(this.link)
-                        this.location = res.headers.location
-                        done.resolve()
-                    })
-
-            }
-        )
-        return done.promise
-    }
-
-    agreeTos() {
-        let done = q.defer()
-        let tosPart = this.link.split(',')[1]
-        let tosLinkPortion = tosPart.split(';')[0]
-        let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '')
-        this.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
-            if (err) {
-                console.log(err)
-                done.reject(err)
-                return
-            }
-            done.resolve()
-        })
-        return done.promise
-    }
-
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(domainNameArg: string, challengeTypeArg: TChallenge = 'dns-01') {
-        let done = q.defer()
-        this.rawacmeClient.newAuthz(
-            {
-                identifier: {
-                    type: 'dns',
-                    value: domainNameArg
-                }
-            },
-            this.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                }
-                console.log(JSON.stringify(res.body))
-                let dnsChallenge = res.body.challenges.filter(x => {
-                    return x.type === challengeTypeArg
-                })[0]
-                this.acceptChallenge(dnsChallenge)
-                    .then(x => {
-                        done.resolve(x)
-                    })
-            }
-        )
-        return done.promise
-    }
-
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate() {
-
-    }
-
-    /**
-     * accept a challenge - for private use only
-     */
-    private acceptChallenge(challenge) {
-        let done = q.defer()
-
-        let authKey: string = rawacme.keyAuthz(challenge.token, this.keyPair.publicKey)
-        let dnsKeyHash: string = rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
-
-        console.log(authKey)
-
-        this.rawacmeClient.post(
-            challenge.uri,
-            {
-                resource: 'challenge',
-                keyAuthorization: authKey
-            },
-            this.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.log(err)
-                    done.reject(err)
-                }
-                console.log('acceptChallenge:')
-                console.log(JSON.stringify(res.body))
-                done.resolve(dnsKeyHash)
-            }
-        )
-        return done.promise
-    }
 
+    /* Done */
+    console.log(`CSR:\n${csr.toString()}`);
+    console.log(`Private key:\n${key.toString()}`);
+    console.log(`Certificate:\n${cert.toString()}`);
+  }
 
+  toStorageObject() {}
 }

ts/smartacme.paths.ts

@@ -1,6 +0,0 @@
-import * as path from 'path'
-import * as smartfile from 'smartfile'
-
-export let packageDir = path.join(__dirname,'../')
-export let assetDir = path.join(packageDir,'assets/')
-smartfile.fs.ensureDirSync(assetDir)

ts/smartacme.plugins.ts

@@ -0,0 +1,10 @@
+// @pushrocks scope
+import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartdelay from '@pushrocks/smartdelay';
+
+export { smartpromise, smartdelay };
+
+// thirs party scope
+import * as acme from 'acme-client';
+
+export { acme };

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }