3.0.6

.gitignore

@@ -1,4 +1,20 @@
-node_modules/
+.nogit/
+
+# artifacts
 coverage/
 public/
 pages/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_*/
+
+# custom

.gitlab-ci.yml

@@ -1,59 +1,127 @@
-image: hosttoday/ht-docker-node:npmts
+# gitzone ci_default
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+
+cache:
+  paths:
+    - .npmci_cache/
+  key: '$CI_BUILD_STAGE'
 
 stages:
+  - security
   - test
   - release
-- trigger
+  - metadata
-- pages
 
-testLEGACY:
+# ====================
+# security stage
+# ====================
+mirror:
+  stage: security
+  script:
+    - npmci git mirror
+  tags:
+    - lossless
+    - docker
+    - notpriv
+
+audit:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install --ignore-scripts
+    - npmci command npm config set registry https://registry.npmjs.org
+    - npmci command npm audit --audit-level=high
+  tags:
+    - lossless
+    - docker
+    - notpriv
+
+# ====================
+# test stage
+# ====================
+
+testStable:
   stage: test
   script:
-    - npmci test legacy
+    - npmci npm prepare
+    - npmci node install stable
+    - npmci npm install
+    - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
+    - lossless
     - docker
-  allow_failure: true
+    - priv
 
-testLTS:
+testBuild:
   stage: test
   script:
-    - npmci test lts
+    - npmci npm prepare
-  tags:
+    - npmci node install stable
-    - docker
+    - npmci npm install
-    
+    - npmci command npm run build
-testSTABLE:
+  coverage: /\d+.?\d+?\%\s*coverage/
-  stage: test
-  script:
-    - npmci test stable
   tags:
+    - lossless
     - docker
+    - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+    - npmci node install stable
+    - npmci npm publish
   only:
     - tags
   tags:
+    - lossless
     - docker
+    - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  allow_failure: true
+  script:
+    - npmci command npm install -g tslint typescript
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
+  tags:
+    - lossless
+    - docker
+    - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
     - npmci trigger
   only:
     - tags
   tags:
+    - lossless
     - docker
+    - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmpage
+  stage: metadata
-  stage: pages
   script:
-    - npmci command npmpage --host gitlab
+    - npmci node install lts
+    - npmci command npm install -g @gitzone/tsdoc
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command tsdoc
+  tags:
+    - lossless
+    - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
       - public
+  allow_failure: true

.npmignore

@@ -0,0 +1,4 @@
+node_modules/
+coverage/
+public/
+pages/

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "current file",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "${relativeFile}"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    },
+    {
+      "name": "test.ts",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "test/test.ts"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,26 @@
+{
+  "json.schemas": [
+    {
+      "fileMatch": ["/npmextra.json"],
+      "schema": {
+        "type": "object",
+        "properties": {
+          "npmci": {
+            "type": "object",
+            "description": "settings for npmci"
+          },
+          "gitzone": {
+            "type": "object",
+            "description": "settings for gitzone",
+            "properties": {
+              "projectType": {
+                "type": "string",
+                "enum": ["website", "element", "service", "npm"]
+              }
+            }
+          }
+        }
+      }
+    }
+  ]
+}

README.md

@@ -1,50 +0,0 @@
-# smartacme
-acme implementation in TypeScript
-
-## Availabililty
-[![npm](https://push.rocks/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://push.rocks/assets/repo-button-git.svg)](https://GitLab.com/pushrocks/smartacme)
-[![git](https://push.rocks/assets/repo-button-mirror.svg)](https://github.com/pushrocks/smartacme)
-[![docs](https://push.rocks/assets/repo-button-docs.svg)](https://pushrocks.gitlab.io/smartacme/)
-
-## Status for master
-[![build status](https://GitLab.com/pushrocks/smartacme/badges/master/build.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
-[![coverage report](https://GitLab.com/pushrocks/smartacme/badges/master/coverage.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/pushrocks/smartacme.svg)](https://david-dm.org/pushrocks/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/pushrocks/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/pushrocks/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/pushrocks/smartacme/badges/code.svg)](https://www.bithound.io/github/pushrocks/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
-
-## Usage
-Use TypeScript for best in class instellisense.
-
-```javascript
-import { SmartAcme } from 'smartacme'
-
-let smac = new SmartAcme()
-
-(async () => { // learn async/await, it'll make your life easier
-
-    // optionally accepts a filePath Arg with a stored acmeaccount.json
-    // will create an account and 
-    let myAccount = await smac.createAcmeAccount()
-    
-    // will return a dnsHash to set in your DNS record
-    let myCert = await myAccount.createAcmeCert('example.com')
-
-    // gets and accepts the specified challenge
-    // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-    let myChallenge = await myCert.getChallenge('dns-01')
-
-    /* ----------
-    Now you need to set the challenge in your DNS
-    myChallenge.domainNamePrefixed is the address for the record
-    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
-    -------------*/
-})()
-```
-
-[![npm](https://push.rocks/assets/repo-header.svg)](https://push.rocks)

dist/index.d.ts

@@ -1 +0,0 @@
-export * from './smartacme.classes.smartacme';

dist/index.js

@@ -1,6 +0,0 @@
-"use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
-__export(require("./smartacme.classes.smartacme"));
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsbURBQTZDIn0=

dist/smartacme.classes.acmeaccount.d.ts

@@ -1,23 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { SmartAcme } from './smartacme.classes.smartacme';
-import { AcmeCert } from './smartacme.classes.acmecert';
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-export declare class AcmeAccount {
-    parentSmartAcme: SmartAcme;
-    location: string;
-    link: string;
-    JWK: any;
-    constructor(smartAcmeParentArg: SmartAcme);
-    /**
-     * register the account with letsencrypt
-     */
-    register(): q.Promise<{}>;
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos(): q.Promise<{}>;
-    createAcmeCert(domainNameArg: string, countryArg?: string, countryShortArg?: string, city?: string, companyArg?: string, companyShortArg?: string): q.Promise<AcmeCert>;
-}

dist/smartacme.classes.acmeaccount.js

@@ -1,71 +0,0 @@
-"use strict";
-const q = require("q");
-const smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-class AcmeAccount {
-    constructor(smartAcmeParentArg) {
-        this.parentSmartAcme = smartAcmeParentArg;
-    }
-    /**
-     * register the account with letsencrypt
-     */
-    register() {
-        let done = q.defer();
-        this.parentSmartAcme.rawacmeClient.newReg({
-            contact: ['mailto:domains@lossless.org']
-        }, (err, res) => {
-            if (err) {
-                console.error('smartacme: something went wrong:');
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            this.JWK = res.body.key;
-            this.link = res.headers.link;
-            console.log(this.link);
-            this.location = res.headers.location;
-            done.resolve();
-        });
-        return done.promise;
-    }
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos() {
-        let done = q.defer();
-        let tosPart = this.link.split(',')[1];
-        let tosLinkPortion = tosPart.split(';')[0];
-        let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '');
-        this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
-            if (err) {
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            done.resolve();
-        });
-        return done.promise;
-    }
-    createAcmeCert(domainNameArg, countryArg = 'Germany', countryShortArg = 'DE', city = 'Bremen', companyArg = 'Some Company', companyShortArg = 'SC') {
-        let done = q.defer();
-        let acmeCert = new smartacme_classes_acmecert_1.AcmeCert({
-            bit: 2064,
-            key: null,
-            domain: domainNameArg,
-            country: countryArg,
-            country_short: countryShortArg,
-            locality: city,
-            organization: companyArg,
-            organization_short: companyShortArg,
-            password: null,
-            unstructured: null,
-            subject_alt_names: null
-        }, this);
-        done.resolve(acmeCert);
-        return done.promise;
-    }
-}
-exports.AcmeAccount = AcmeAccount;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsdUJBQXNCO0FBTXRCLDZFQUF1RDtBQUV2RDs7R0FFRztBQUNIO0lBS0ksWUFBWSxrQkFBNkI7UUFDckMsSUFBSSxDQUFDLGVBQWUsR0FBRyxrQkFBa0IsQ0FBQTtJQUM3QyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxRQUFRO1FBQ0osSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksQ0FBQyxlQUFlLENBQUMsYUFBYSxDQUFDLE1BQU0sQ0FDckM7WUFDSSxPQUFPLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQztTQUMzQyxFQUNELENBQUMsR0FBRyxFQUFFLEdBQUc7WUFDTCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNOLE9BQU8sQ0FBQyxLQUFLLENBQUMsa0NBQWtDLENBQUMsQ0FBQTtnQkFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1YsQ0FBQztZQUNELElBQUksQ0FBQyxHQUFHLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUE7WUFDdkIsSUFBSSxDQUFDLElBQUksR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQTtZQUM1QixPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQTtZQUN0QixJQUFJLENBQUMsUUFBUSxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFBO1lBQ3BDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQUMsQ0FBQTtRQUNOLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILFFBQVE7UUFDSixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxPQUFPLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFDckMsSUFBSSxjQUFjLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUMxQyxJQUFJLEdBQUcsR0FBRyxjQUFjLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFDbEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsRUFBRSxDQUFDLEdBQUcsRUFBRSxHQUFHO1lBQ2pHLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ04sT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1YsQ0FBQztZQUNELElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQUMsQ0FBQTtRQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRCxjQUFjLENBQ1YsYUFBcUIsRUFDckIsVUFBVSxHQUFHLFNBQVMsRUFDdEIsZUFBZSxHQUFHLElBQUksRUFDdEIsSUFBSSxHQUFHLFFBQVEsRUFDZixVQUFVLEdBQUcsY0FBYyxFQUMzQixlQUFlLEdBQUcsSUFBSTtRQUd0QixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFZLENBQUE7UUFDOUIsSUFBSSxRQUFRLEdBQUcsSUFBSSxxQ0FBUSxDQUN2QjtZQUNJLEdBQUcsRUFBRSxJQUFJO1lBQ1QsR0FBRyxFQUFFLElBQUk7WUFDVCxNQUFNLEVBQUUsYUFBYTtZQUNyQixPQUFPLEVBQUUsVUFBVTtZQUNuQixhQUFhLEVBQUUsZUFBZTtZQUM5QixRQUFRLEVBQUUsSUFBSTtZQUNkLFlBQVksRUFBRSxVQUFVO1lBQ3hCLGtCQUFrQixFQUFFLGVBQWU7WUFDbkMsUUFBUSxFQUFFLElBQUk7WUFDZCxZQUFZLEVBQUUsSUFBSTtZQUNsQixpQkFBaUIsRUFBRSxJQUFJO1NBQzFCLEVBQ0QsSUFBSSxDQUNQLENBQUE7UUFDRCxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFBO1FBQ3RCLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7Q0FDSjtBQWxGRCxrQ0FrRkMifQ==

dist/smartacme.classes.acmecert.d.ts

@@ -1,79 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { IRsaKeypair } from './smartacme.classes.smartacme';
-import { AcmeAccount } from './smartacme.classes.acmeaccount';
-/**
- * types of challenges supported by letsencrypt and this module
- */
-export declare type TChallengeType = 'dns-01' | 'http-01';
-/**
- * values that a challenge's status can have
- */
-export declare type TChallengeStatus = 'pending';
-export interface ISmartAcmeChallenge {
-    uri: string;
-    status: TChallengeStatus;
-    type: TChallengeType;
-    token: string;
-    keyAuthorization: string;
-}
-export interface ISmartAcmeChallengeAccepted extends ISmartAcmeChallenge {
-    dnsKeyHash: string;
-    domainName: string;
-    domainNamePrefixed: string;
-}
-export interface IAcmeCsrConstructorOptions {
-    bit: number;
-    key: string;
-    domain: string;
-    country: string;
-    country_short: string;
-    locality: string;
-    organization: string;
-    organization_short: string;
-    password: string;
-    unstructured: string;
-    subject_alt_names: string[];
-}
-/**
- * class AcmeCert represents a cert for domain
- */
-export declare class AcmeCert {
-    domainName: string;
-    attributes: any;
-    acceptedChallenge: ISmartAcmeChallengeAccepted;
-    fullchain: string;
-    parentAcmeAccount: AcmeAccount;
-    csr: any;
-    validFrom: Date;
-    validTo: Date;
-    keypair: IRsaKeypair;
-    keyPairFinal: IRsaKeypair;
-    constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount);
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(challengeTypeArg?: TChallengeType): q.Promise<ISmartAcmeChallengeAccepted>;
-    /**
-     * checks if DNS records are set, will go through a max of 30 cycles
-     */
-    checkDns(cycleArg?: number): Promise<any>;
-    /**
-     * validates a challenge, only call after you have set the challenge at the expected location
-     */
-    requestValidation(): q.Promise<{}>;
-    /**
-     * requests a certificate
-     */
-    requestCert(): q.Promise<{}>;
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate(): void;
-    /**
-     * accept a challenge - for private use only
-     */
-    private acceptChallenge(challengeArg);
-}

dist/smartacme.classes.smartacme.d.ts

@@ -1,34 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { AcmeAccount } from './smartacme.classes.acmeaccount';
-/**
- * a rsa keypair needed for account creation and subsequent requests
- */
-export interface IRsaKeypair {
-    publicKey: string;
-    privateKey: string;
-}
-export { AcmeAccount } from './smartacme.classes.acmeaccount';
-export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeAccepted } from './smartacme.classes.acmecert';
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-export declare class SmartAcme {
-    acmeUrl: string;
-    productionBool: boolean;
-    keyPair: IRsaKeypair;
-    rawacmeClient: any;
-    /**
-     * the constructor for class SmartAcme
-     */
-    constructor(productionArg?: boolean);
-    /**
-     * init the smartacme instance
-     */
-    init(): q.Promise<{}>;
-    /**
-     * creates an account if not currently present in module
-     * @executes ASYNC
-     */
-    createAcmeAccount(): q.Promise<AcmeAccount>;
-}

dist/smartacme.classes.smartacme.js

@@ -1,66 +0,0 @@
-"use strict";
-// third party modules
-const q = require("q"); // promises
-const plugins = require("./smartacme.plugins");
-const helpers = require("./smartacme.helpers");
-const smartacme_classes_acmeaccount_1 = require("./smartacme.classes.acmeaccount");
-var smartacme_classes_acmeaccount_2 = require("./smartacme.classes.acmeaccount");
-exports.AcmeAccount = smartacme_classes_acmeaccount_2.AcmeAccount;
-var smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
-exports.AcmeCert = smartacme_classes_acmecert_1.AcmeCert;
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-class SmartAcme {
-    /**
-     * the constructor for class SmartAcme
-     */
-    constructor(productionArg = false) {
-        this.productionBool = productionArg;
-        this.keyPair = helpers.createKeypair();
-        if (this.productionBool) {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL;
-        }
-        else {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL;
-        }
-    }
-    /**
-     * init the smartacme instance
-     */
-    init() {
-        let done = q.defer();
-        plugins.rawacme.createClient({
-            url: this.acmeUrl,
-            publicKey: this.keyPair.publicKey,
-            privateKey: this.keyPair.privateKey
-        }, (err, client) => {
-            if (err) {
-                console.error('smartacme: something went wrong:');
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            // make client available in class 
-            this.rawacmeClient = client;
-            done.resolve();
-        });
-        return done.promise;
-    }
-    /**
-     * creates an account if not currently present in module
-     * @executes ASYNC
-     */
-    createAcmeAccount() {
-        let done = q.defer();
-        let acmeAccount = new smartacme_classes_acmeaccount_1.AcmeAccount(this);
-        acmeAccount.register().then(() => {
-            return acmeAccount.agreeTos();
-        }).then(() => {
-            done.resolve(acmeAccount);
-        });
-        return done.promise;
-    }
-}
-exports.SmartAcme = SmartAcme;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxzQkFBc0I7QUFDdEIsdUJBQXNCLENBQUMsV0FBVztBQUNsQywrQ0FBOEM7QUFDOUMsK0NBQThDO0FBRTlDLG1GQUE2RDtBQVU3RCxpRkFBNkQ7QUFBcEQsc0RBQUEsV0FBVyxDQUFBO0FBQ3BCLDJFQUF5RztBQUFoRyxnREFBQSxRQUFRLENBQUE7QUFFakI7O0dBRUc7QUFDSDtJQU1JOztPQUVHO0lBQ0gsWUFBWSxnQkFBeUIsS0FBSztRQUN0QyxJQUFJLENBQUMsY0FBYyxHQUFHLGFBQWEsQ0FBQTtRQUNuQyxJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQTtRQUN0QyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQztZQUN0QixJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFBO1FBQ2xELENBQUM7UUFBQyxJQUFJLENBQUMsQ0FBQztZQUNKLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQTtRQUMxRCxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0gsSUFBSTtRQUNBLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixPQUFPLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FDeEI7WUFDSSxHQUFHLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDakIsU0FBUyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsU0FBUztZQUNqQyxVQUFVLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxVQUFVO1NBQ3RDLEVBQ0QsQ0FBQyxHQUFHLEVBQUUsTUFBTTtZQUNSLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ04sT0FBTyxDQUFDLEtBQUssQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFBO2dCQUNqRCxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFBO2dCQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFBO2dCQUNoQixNQUFNLENBQUE7WUFDVixDQUFDO1lBRUQsa0NBQWtDO1lBQ2xDLElBQUksQ0FBQyxhQUFhLEdBQUcsTUFBTSxDQUFBO1lBQzNCLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQ0osQ0FBQTtRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7O09BR0c7SUFDSCxpQkFBaUI7UUFDYixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFlLENBQUE7UUFDakMsSUFBSSxXQUFXLEdBQUcsSUFBSSwyQ0FBVyxDQUFDLElBQUksQ0FBQyxDQUFBO1FBQ3ZDLFdBQVcsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLENBQUM7WUFDeEIsTUFBTSxDQUFDLFdBQVcsQ0FBQyxRQUFRLEVBQUUsQ0FBQTtRQUNqQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDSixJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFBO1FBQzdCLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQUNKO0FBNURELDhCQTREQyJ9

dist/smartacme.helpers.d.ts

@@ -1,10 +0,0 @@
-import 'typings-global';
-import { IRsaKeypair } from './smartacme.classes.smartacme';
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-export declare let createKeypair: (bit?: number) => IRsaKeypair;
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-export declare let prefixName: (domainNameArg: string) => string;

dist/smartacme.helpers.js

@@ -1,40 +0,0 @@
-"use strict";
-require("typings-global");
-const q = require("q");
-const plugins = require("./smartacme.plugins");
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-exports.createKeypair = (bit = 2048) => {
-    let result = plugins.rsaKeygen.generate(bit);
-    return {
-        publicKey: result.public_key,
-        privateKey: result.private_key
-    };
-};
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-exports.prefixName = (domainNameArg) => {
-    return '_acme-challenge.' + domainNameArg;
-};
-/**
- * gets an existing registration
- * @executes ASYNC
- */
-let getReg = (SmartAcmeArg, location) => {
-    let done = q.defer();
-    let body = { resource: 'reg' };
-    SmartAcmeArg.rawacmeClient.post(location, body, SmartAcmeArg.keyPair, (err, res) => {
-        if (err) {
-            console.error('smartacme: something went wrong:');
-            console.log(err);
-            done.reject(err);
-            return;
-        }
-        console.log(JSON.stringify(res.body));
-        done.resolve();
-    });
-    return done.promise;
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmhlbHBlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuaGVscGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMEJBQXVCO0FBQ3ZCLHVCQUFzQjtBQUV0QiwrQ0FBOEM7QUFLOUM7O0dBRUc7QUFDUSxRQUFBLGFBQWEsR0FBRyxDQUFDLEdBQUcsR0FBRyxJQUFJO0lBQ2xDLElBQUksTUFBTSxHQUFHLE9BQU8sQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFBO0lBQzVDLE1BQU0sQ0FBQztRQUNILFNBQVMsRUFBRSxNQUFNLENBQUMsVUFBVTtRQUM1QixVQUFVLEVBQUUsTUFBTSxDQUFDLFdBQVc7S0FDakMsQ0FBQTtBQUNMLENBQUMsQ0FBQTtBQUVEOztHQUVHO0FBQ1EsUUFBQSxVQUFVLEdBQUcsQ0FBQyxhQUFxQjtJQUMxQyxNQUFNLENBQUMsa0JBQWtCLEdBQUcsYUFBYSxDQUFBO0FBQzdDLENBQUMsQ0FBQTtBQUVEOzs7R0FHRztBQUNILElBQUksTUFBTSxHQUFHLENBQUMsWUFBdUIsRUFBRSxRQUFnQjtJQUNuRCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7SUFDcEIsSUFBSSxJQUFJLEdBQUcsRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLENBQUE7SUFDOUIsWUFBWSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQzNCLFFBQVEsRUFDUixJQUFJLEVBQ0osWUFBWSxDQUFDLE9BQU8sRUFDcEIsQ0FBQyxHQUFHLEVBQUUsR0FBRztRQUNMLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7WUFDTixPQUFPLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUE7WUFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1lBQ2hCLE1BQU0sQ0FBQTtRQUNWLENBQUM7UUFDRCxPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUE7UUFDckMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO0lBQ2xCLENBQUMsQ0FDSixDQUFBO0lBQ0QsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7QUFDdkIsQ0FBQyxDQUFBIn0=

dist/smartacme.paths.d.ts

@@ -1,2 +0,0 @@
-export declare let packageDir: string;
-export declare let assetDir: string;

dist/smartacme.paths.js

@@ -1,7 +0,0 @@
-"use strict";
-const path = require("path");
-const smartfile = require("smartfile");
-exports.packageDir = path.join(__dirname, '../');
-exports.assetDir = path.join(exports.packageDir, 'assets/');
-smartfile.fs.ensureDirSync(exports.assetDir);
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw2QkFBNEI7QUFDNUIsdUNBQXNDO0FBRTNCLFFBQUEsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3ZDLFFBQUEsUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQVUsRUFBQyxTQUFTLENBQUMsQ0FBQTtBQUNyRCxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxnQkFBUSxDQUFDLENBQUEifQ==

dist/smartacme.plugins.d.ts

@@ -1,8 +0,0 @@
-import 'typings-global';
-declare let rsaKeygen: any;
-declare let rawacme: any;
-declare let nodeForge: any;
-import * as dnsly from 'dnsly';
-import * as smartfile from 'smartfile';
-import * as smartstring from 'smartstring';
-export { dnsly, rsaKeygen, rawacme, nodeForge, smartfile, smartstring };

dist/smartacme.plugins.js

@@ -1,16 +0,0 @@
-"use strict";
-require("typings-global"); // typings for node
-let rsaKeygen = require('rsa-keygen'); // rsa keygen
-exports.rsaKeygen = rsaKeygen;
-let rawacme = require('rawacme'); // acme helper functions
-exports.rawacme = rawacme;
-let nodeForge = require('node-forge');
-exports.nodeForge = nodeForge;
-// push.rocks modules here
-const dnsly = require("dnsly");
-exports.dnsly = dnsly;
-const smartfile = require("smartfile");
-exports.smartfile = smartfile;
-const smartstring = require("smartstring");
-exports.smartstring = smartstring;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBsdWdpbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUucGx1Z2lucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMEJBQXVCLENBQUMsbUJBQW1CO0FBRzNDLElBQUksU0FBUyxHQUFHLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBQSxDQUFDLGFBQWE7QUFXL0MsOEJBQVM7QUFWYixJQUFJLE9BQU8sR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUEsQ0FBQyx3QkFBd0I7QUFXckQsMEJBQU87QUFWWCxJQUFJLFNBQVMsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUE7QUFXakMsOEJBQVM7QUFUYiwwQkFBMEI7QUFDMUIsK0JBQThCO0FBSzFCLHNCQUFLO0FBSlQsdUNBQXNDO0FBUWxDLDhCQUFTO0FBUGIsMkNBQTBDO0FBUXRDLGtDQUFXIn0=

npmextra.json

@@ -1,7 +1,18 @@
 {
+  "gitzone": {
+    "projectType": "npm",
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "pushrocks",
+      "gitrepo": "smartuniverse",
+      "shortDescription": "acme with an easy yet powerful interface in TypeScript",
+      "npmPackagename": "@pushrocks/smartuniverse",
+      "license": "MIT",
+      "projectDomain": "push.rocks"
+    }
+  },
   "npmci": {
-        "globalNpmTools": [
+    "npmGlobalTools": [],
-            "npmts"
+    "npmAccessLevel": "public"
-        ]
   }
 }

package.json

@@ -1,15 +1,17 @@
 {
-  "name": "smartacme",
+  "name": "@pushrocks/smartacme",
-  "version": "1.0.7",
+  "version": "3.0.6",
-  "description": "acme implementation in TypeScript",
+  "private": false,
-  "main": "dist/index.js",
+  "description": "acme with an easy yet powerful interface in TypeScript",
-  "typings": "dist/index.d.ts",
+  "main": "dist_ts/index.js",
+  "typings": "dist_ts/index.d.ts",
   "scripts": {
-    "test": "(npmts --nodocs)"
+    "test": "(tstest test/)",
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
-    "url": "git+ssh://git@gitlab.com/pushrocks/smartacme.git"
+    "url": "git+ssh://git@gitlab.com/umbrellazone/smartacme.git"
   },
   "keywords": [
     "TypeScript",
@@ -19,26 +21,45 @@
   "author": "Lossless GmbH",
   "license": "MIT",
   "bugs": {
-    "url": "https://gitlab.com/pushrocks/smartacme/issues"
+    "url": "https://gitlab.com/umbrellazone/smartacme/issues"
   },
-  "homepage": "https://gitlab.com/pushrocks/smartacme#README",
+  "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@types/node-forge": "^0.6.5",
+    "@pushrocks/lik": "^3.0.19",
-    "@types/q": "0.x.x",
+    "@pushrocks/smartdata": "^3.1.26",
-    "dnsly": "^1.0.7",
+    "@pushrocks/smartdelay": "^2.0.6",
-    "node-forge": "^0.6.47",
+    "@pushrocks/smartdns": "^4.0.2",
-    "q": "^1.4.1",
+    "@pushrocks/smartexpress": "^3.0.57",
-    "rawacme": "^0.2.1",
+    "@pushrocks/smartlog": "^2.0.21",
-    "rsa-keygen": "^1.0.6",
+    "@pushrocks/smartpromise": "^3.0.6",
-    "smartfile": "^4.1.2",
+    "@pushrocks/smartrequest": "^1.1.47",
-    "smartstring": "^2.0.22",
+    "@pushrocks/smartstring": "^3.0.18",
-    "typings-global": "^1.0.14"
+    "@pushrocks/smarttime": "^3.0.12",
+    "@pushrocks/smartunique": "^3.0.1",
+    "@tsclass/tsclass": "^3.0.7",
+    "acme-client": "^3.3.1"
   },
   "devDependencies": {
-    "@types/should": "^8.1.30",
+    "@gitzone/tsbuild": "^2.1.17",
-    "cflare": "0.0.10",
+    "@gitzone/tsrun": "^1.2.8",
-    "qenv": "^1.1.1",
+    "@gitzone/tstest": "^1.0.28",
-    "should": "^11.1.2",
+    "@mojoio/cloudflare": "^4.0.3",
-    "typings-test": "^1.0.3"
+    "@pushrocks/qenv": "^4.0.6",
-  }
+    "@pushrocks/tapbundle": "^3.2.0",
+    "@types/node": "^13.7.4",
+    "tslint": "^6.0.0",
+    "tslint-config-prettier": "^1.18.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_*/**/*",
+    "dist_ts/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ]
 }

qenv.yml

@@ -0,0 +1,6 @@
+required:
+  - CF_EMAIL
+  - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

readme.md

@@ -0,0 +1,59 @@
+# @pushrocks/smartuniverse
+acme with an easy yet powerful interface in TypeScript
+
+## Availabililty and Links
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
+* [gitlab.com (source)](https://gitlab.com/pushrocks/smartuniverse)
+* [github.com (source mirror)](https://github.com/pushrocks/smartuniverse)
+* [docs (typedoc)](https://pushrocks.gitlab.io/smartuniverse/)
+
+## Status for master
+[![pipeline status](https://gitlab.com/pushrocks/smartuniverse/badges/master/pipeline.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
+[![coverage report](https://gitlab.com/pushrocks/smartuniverse/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
+[![npm downloads per month](https://img.shields.io/npm/dm/@pushrocks/smartuniverse.svg)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
+[![Known Vulnerabilities](https://snyk.io/test/npm/@pushrocks/smartuniverse/badge.svg)](https://snyk.io/test/npm/@pushrocks/smartuniverse)
+[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-prettier-ff69b4.svg)](https://prettier.io/)
+
+## Usage
+
+Use TypeScript for best in class instellisense.
+
+```javascript
+import { SmartAcme } from 'smartacme';
+
+const run = async () => {
+  smartAcmeInstance = new smartacme.SmartAcme({
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
+    },
+    removeChallenge: async dnsChallenge => {
+      // somehow provide a function that is able to remove the dns challenge
+    },
+    setChallenge: async dnsChallenge => {
+      // somehow provide a function that is able to the dns challenge
+    },
+    environment: 'integration'
+  });
+  await smartAcmeInstance.init();
+
+  // myCert has properties for public/private keys and csr ;)
+  const myCert = await smartAcmeInstance.getCertificateForDomain('bleu.de');
+};
+```
+
+## Contribution
+
+We are always happy for code contributions. If you are not the code contributing type that is ok. Still, maintaining Open Source repositories takes considerable time and thought. If you like the quality of what we do and our modules are useful to you we would appreciate a little monthly contribution: You can [contribute one time](https://lossless.link/contribute-onetime) or [contribute monthly](https://lossless.link/contribute). :)
+
+For further information read the linked docs at the top of this readme.
+
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
+
+[![repo-footer](https://lossless.gitlab.io/publicrelations/repofooter.svg)](https://maintainedby.lossless.com)

test/test.d.ts

@@ -1 +0,0 @@
-import 'typings-test';

test/test.js

@@ -1,59 +0,0 @@
-"use strict";
-require("typings-test");
-const should = require("should");
-// import the module to test
-const smartacme = require("../dist/index");
-describe('smartacme', function () {
-    let testSmartAcme;
-    let testAcmeAccount;
-    let testAcmeCert;
-    let testChallenge;
-    it('should create a valid instance', function (done) {
-        this.timeout(10000);
-        testSmartAcme = new smartacme.SmartAcme();
-        testSmartAcme.init().then(() => {
-            should(testSmartAcme).be.instanceOf(smartacme.SmartAcme);
-            done();
-        }).catch(err => { done(err); });
-    });
-    it('should have created keyPair', function () {
-        should(testSmartAcme.acmeUrl).be.of.type('string');
-    });
-    it('should register a new account', function (done) {
-        this.timeout(10000);
-        testSmartAcme.createAcmeAccount().then(x => {
-            testAcmeAccount = x;
-            done();
-        }).catch(err => {
-            console.log(err);
-            done(err);
-        });
-    });
-    it('should create a AcmeCert', function () {
-        testAcmeAccount.createAcmeCert('test1.bleu.de').then(x => {
-            testAcmeCert = x;
-            should(testAcmeAccount).be.instanceOf(smartacme.AcmeCert);
-        });
-    });
-    it('should get a challenge for a AcmeCert', function (done) {
-        this.timeout(10000);
-        testAcmeCert.requestChallenge().then((challengeAccepted) => {
-            console.log(challengeAccepted);
-            testChallenge = challengeAccepted;
-            done();
-        });
-    });
-    it('should check for a DNS record', function (done) {
-        testAcmeCert.checkDns().then(x => {
-            console.log(x);
-            done();
-        });
-    });
-    it.skip('should poll for validation of a challenge', function (done) {
-        this.timeout(10000);
-        testAcmeCert.requestValidation().then(x => {
-            done();
-        });
-    });
-});
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFJaEMsNEJBQTRCO0FBQzVCLDJDQUEwQztBQUUxQyxRQUFRLENBQUMsV0FBVyxFQUFFO0lBQ2xCLElBQUksYUFBa0MsQ0FBQTtJQUN0QyxJQUFJLGVBQXNDLENBQUE7SUFDMUMsSUFBSSxZQUFnQyxDQUFBO0lBQ3BDLElBQUksYUFBb0QsQ0FBQTtJQUV4RCxFQUFFLENBQUMsZ0NBQWdDLEVBQUUsVUFBVSxJQUFJO1FBQy9DLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsYUFBYSxHQUFHLElBQUksU0FBUyxDQUFDLFNBQVMsRUFBRSxDQUFBO1FBQ3pDLGFBQWEsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxJQUFJLENBQUM7WUFDdEIsTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFBO1lBQ3hELElBQUksRUFBRSxDQUFBO1FBQ1YsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNsQyxDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRTtRQUM5QixNQUFNLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFBO0lBQ3RELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLCtCQUErQixFQUFFLFVBQVUsSUFBSTtRQUM5QyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ25CLGFBQWEsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3BDLGVBQWUsR0FBRyxDQUFDLENBQUE7WUFDbkIsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRztZQUNSLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDaEIsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1FBQ2IsQ0FBQyxDQUFDLENBQUE7SUFDTixDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQywwQkFBMEIsRUFBRTtRQUMzQixlQUFlLENBQUMsY0FBYyxDQUFDLGVBQWUsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ2xELFlBQVksR0FBRyxDQUFDLENBQUE7WUFDaEIsTUFBTSxDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxDQUFBO1FBQzdELENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7SUFFRixFQUFFLENBQUMsdUNBQXVDLEVBQUUsVUFBVSxJQUFJO1FBQ3RELElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsWUFBWSxDQUFDLGdCQUFnQixFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsaUJBQWlCO1lBQ25ELE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQTtZQUM5QixhQUFhLEdBQUcsaUJBQWlCLENBQUE7WUFDakMsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLCtCQUErQixFQUFFLFVBQVMsSUFBSTtRQUM3QyxZQUFZLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDMUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQTtZQUNkLElBQUksRUFBRSxDQUFBO1FBQ1YsQ0FBQyxDQUFDLENBQUE7SUFDTixDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyxJQUFJLENBQUMsMkNBQTJDLEVBQUUsVUFBVSxJQUFJO1FBQy9ELElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsWUFBWSxDQUFDLGlCQUFpQixFQUFFLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDbkMsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0FBQ04sQ0FBQyxDQUFDLENBQUEifQ==

test/test.ts

@@ -1,68 +1,50 @@
-import 'typings-test'
+import { tap, expect } from '@pushrocks/tapbundle';
-import * as should from 'should'
+import { Qenv } from '@pushrocks/qenv';
-import * as cflare from 'cflare'
+import * as cloudflare from '@mojoio/cloudflare';
-import * as qenv from 'qenv'
 
-// import the module to test
+const testQenv = new Qenv('./', './.nogit/');
-import * as smartacme from '../dist/index'
+const testCloudflare = new cloudflare.CloudflareAccount({
+  email: testQenv.getEnvVarOnDemand('CF_EMAIL'),
+  key: testQenv.getEnvVarOnDemand('CF_KEY')
+});
 
-describe('smartacme', function () {
+import * as smartacme from '../ts/index';
-    let testSmartAcme: smartacme.SmartAcme
-    let testAcmeAccount: smartacme.AcmeAccount
-    let testAcmeCert: smartacme.AcmeCert
-    let testChallenge: smartacme.ISmartAcmeChallengeAccepted
 
-    it('should create a valid instance', function (done) {
+let smartAcmeInstance: smartacme.SmartAcme;
-        this.timeout(10000)
-        testSmartAcme = new smartacme.SmartAcme()
-        testSmartAcme.init().then(() => {
-            should(testSmartAcme).be.instanceOf(smartacme.SmartAcme)
-            done()
-        }).catch(err => { done(err) })
-    })
 
-    it('should have created keyPair', function () {
+tap.test('should create a valid instance of SmartAcme', async () => {
-        should(testSmartAcme.acmeUrl).be.of.type('string')
+  smartAcmeInstance = new smartacme.SmartAcme({
-    })
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
+    },
+    removeChallenge: async dnsChallenge => {
+      testCloudflare.convenience.acmeRemoveDnsChallenge(dnsChallenge);
+    },
+    setChallenge: async dnsChallenge => {
+      testCloudflare.convenience.acmeSetDnsChallenge(dnsChallenge);
+    },
+    environment: 'integration'
+  });
+  await smartAcmeInstance.init();
+});
 
-    it('should register a new account', function (done) {
+tap.test('should get a domain certificate', async () => {
-        this.timeout(10000)
+  await smartAcmeInstance.getCertificateForDomain('bleu.de');
-        testSmartAcme.createAcmeAccount().then(x => {
+});
-            testAcmeAccount = x
-            done()
-        }).catch(err => {
-            console.log(err)
-            done(err)
-        })
-    })
 
-    it('should create a AcmeCert', function() {
+tap.test('certmatcher should correctly match domains', async () => {
-        testAcmeAccount.createAcmeCert('test1.bleu.de').then(x => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher');
-            testAcmeCert = x
+  const certMatcher = new certMatcherMod.CertMatcher();
-            should(testAcmeAccount).be.instanceOf(smartacme.AcmeCert)
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
-        })
+  expect(matchedCert).to.equal('level2.level1');
-    })
+});
 
-    it('should get a challenge for a AcmeCert', function (done) {
+tap.test('should stop correctly', async () => {
-        this.timeout(10000)
+  await smartAcmeInstance.stop();
-        testAcmeCert.requestChallenge().then((challengeAccepted) => {
+});
-            console.log(challengeAccepted)
-            testChallenge = challengeAccepted
-            done()
-        })
-    })
 
-    it.skip('should check for a DNS record', function(done) {
+tap.start();
-        testAcmeCert.checkDns().then(x => {
-            console.log(x)
-            done()
-        })
-    })
-
-    it.skip('should poll for validation of a challenge', function (done) {
-        this.timeout(10000)
-        testAcmeCert.requestValidation().then(x => {
-            done()
-        })
-    })
-})

ts/index.ts

@@ -1 +1 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './accountdata';

ts/smartacme.classes.acmeaccount.ts

@@ -1,94 +0,0 @@
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-import * as helpers from './smartacme.helpers'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeCert } from './smartacme.classes.acmecert'
-
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-export class AcmeAccount {
-    parentSmartAcme: SmartAcme
-    location: string
-    link: string
-    JWK
-    constructor(smartAcmeParentArg: SmartAcme) {
-        this.parentSmartAcme = smartAcmeParentArg
-    }
-
-    /**
-     * register the account with letsencrypt
-     */
-    register() {
-        let done = q.defer()
-        this.parentSmartAcme.rawacmeClient.newReg(
-            {
-                contact: ['mailto:domains@lossless.org']
-            },
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                    return
-                }
-                this.JWK = res.body.key
-                this.link = res.headers.link
-                console.log(this.link)
-                this.location = res.headers.location
-                done.resolve()
-            })
-        return done.promise
-    }
-
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos() {
-        let done = q.defer()
-        let tosPart = this.link.split(',')[1]
-        let tosLinkPortion = tosPart.split(';')[0]
-        let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '')
-        this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
-            if (err) {
-                console.log(err)
-                done.reject(err)
-                return
-            }
-            done.resolve()
-        })
-        return done.promise
-    }
-
-    createAcmeCert(
-        domainNameArg: string,
-        countryArg = 'Germany',
-        countryShortArg = 'DE',
-        city = 'Bremen',
-        companyArg = 'Some Company',
-        companyShortArg = 'SC'
-
-    ) {
-        let done = q.defer<AcmeCert>()
-        let acmeCert = new AcmeCert(
-            {
-                bit: 2064,
-                key: null, // not needed right now
-                domain: domainNameArg,
-                country: countryArg,
-                country_short: countryShortArg,
-                locality: city,
-                organization: companyArg,
-                organization_short: companyShortArg,
-                password: null,
-                unstructured: null,
-                subject_alt_names: null
-            },
-            this
-        )
-        done.resolve(acmeCert)
-        return done.promise
-    }
-}

ts/smartacme.classes.acmecert.ts

@@ -1,267 +0,0 @@
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-import * as helpers from './smartacme.helpers'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
-
-/**
- * types of challenges supported by letsencrypt and this module
- */
-export type TChallengeType = 'dns-01' | 'http-01'
-
-/**
- * values that a challenge's status can have
- */
-export type TChallengeStatus = 'pending'
-
-export interface ISmartAcmeChallenge {
-    uri: string
-    status: TChallengeStatus
-    type: TChallengeType
-    token: string
-    keyAuthorization: string
-}
-
-export interface ISmartAcmeChallengeAccepted extends ISmartAcmeChallenge {
-    dnsKeyHash: string
-    domainName: string
-    domainNamePrefixed: string
-}
-
-export interface IAcmeCsrConstructorOptions {
-    bit: number,
-    key: string,
-    domain: string,
-    country: string,
-    country_short: string,
-    locality: string,
-    organization: string,
-    organization_short: string,
-    password: string,
-    unstructured: string,
-    subject_alt_names: string[]
-}
-
-// Dnsly instance (we really just need one)
-let myDnsly = new plugins.dnsly.Dnsly('google')
-
-/**
- * class AcmeCert represents a cert for domain
- */
-export class AcmeCert {
-    domainName: string
-    attributes
-    acceptedChallenge: ISmartAcmeChallengeAccepted
-    fullchain: string
-    parentAcmeAccount: AcmeAccount
-    csr
-    validFrom: Date
-    validTo: Date
-    keypair: IRsaKeypair
-    keyPairFinal: IRsaKeypair
-    constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount) {
-        this.domainName = optionsArg.domain
-        this.parentAcmeAccount = parentAcmeAccount
-        this.keypair = helpers.createKeypair(optionsArg.bit)
-        let privateKeyForged = plugins.nodeForge.pki.privateKeyFromPem(this.keypair.privateKey)
-        let publicKeyForged = plugins.nodeForge.pki.publicKeyToPem(
-            plugins.nodeForge.pki.setRsaPublicKey(privateKeyForged.n, privateKeyForged.e)
-        )
-        this.keyPairFinal = {
-            privateKey: privateKeyForged,
-            publicKey: publicKeyForged
-        }
-
-        // set dates
-        this.validFrom = new Date()
-        this.validTo = new Date()
-        this.validTo.setDate(this.validFrom.getDate() + 90)
-
-        // set attributes
-        this.attributes = [
-            { name: 'commonName', value: optionsArg.domain },
-            { name: 'countryName', value: optionsArg.country },
-            { shortName: 'ST', value: optionsArg.country_short },
-            { name: 'localityName', value: optionsArg.locality },
-            { name: 'organizationName', value: optionsArg.organization },
-            { shortName: 'OU', value: optionsArg.organization_short },
-            { name: 'challengePassword', value: optionsArg.password },
-            { name: 'unstructuredName', value: optionsArg.unstructured }
-        ]
-
-        // set up csr
-        this.csr = plugins.nodeForge.pki.createCertificationRequest()
-        this.csr.setSubject(this.attributes)
-        this.csr.setAttributes(this.attributes)
-    }
-
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(challengeTypeArg: TChallengeType = 'dns-01') {
-        let done = q.defer<ISmartAcmeChallengeAccepted>()
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newAuthz(
-            {
-                identifier: {
-                    type: 'dns',
-                    value: this.domainName
-                }
-            },
-            this.parentAcmeAccount.parentSmartAcme.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                }
-                let dnsChallenge = res.body.challenges.filter(x => {
-                    return x.type === challengeTypeArg
-                })[0]
-                this.acceptChallenge(dnsChallenge)
-                    .then((x: ISmartAcmeChallengeAccepted) => {
-                        done.resolve(x)
-                    })
-            }
-        )
-        return done.promise
-    }
-
-    /**
-     * checks if DNS records are set, will go through a max of 30 cycles
-     */
-    async checkDns(cycleArg = 1) {
-        console.log(`checkDns failed ${cycleArg} times and has ${30 - cycleArg} cycles to go before it fails permanently!`)
-        let myRecord
-        try {
-            myRecord = await myDnsly.getRecord(helpers.prefixName(this.domainName), 'TXT')
-            console.log('DNS is set!')
-        } catch (err) {
-            if (cycleArg < 30) {
-                cycleArg++
-                await this.checkDns(cycleArg)
-            } else {
-                console.log('failed permanently...')
-                throw err
-            }
-        }
-        return myRecord[0][0]
-    }
-
-    /**
-     * validates a challenge, only call after you have set the challenge at the expected location
-     */
-    requestValidation() {
-        let done = q.defer()
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.poll(this.acceptedChallenge.uri, (err, res) => {
-            if (err) {
-                console.log(err)
-                done.reject(err)
-            }
-            console.log(`Validation response:`)
-            console.log(JSON.stringify(res.body))
-            if (res.body.status === 'pending' || 'invalid') {
-                setTimeout(
-                    () => {
-                        this.requestValidation().then(x => { done.resolve(x) })
-                    },
-                    2000
-                )
-            } else {
-                done.resolve(res.body)
-            }
-        })
-        return done.promise
-    }
-
-    /**
-     * requests a certificate
-     */
-    requestCert() {
-        let done = q.defer()
-        let payload = {
-            csr: plugins.rawacme.base64.encode(
-                plugins.rawacme.toDer(
-                    plugins.nodeForge.pki.certificationRequestToPem(
-                        this.csr
-                    )
-                )
-            ),
-            notBefore: this.validFrom.toISOString(),
-            notAfter: this.validTo.toISOString()
-        }
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newCert(
-            payload,
-            helpers.createKeypair(),
-            (err, res) => {
-                if (err) {
-                    console.log(err)
-                    done.reject(err)
-                }
-                console.log(res.body)
-                done.resolve(res.body)
-            })
-        return done.promise
-    }
-
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate() {
-
-    }
-
-    /**
-     * accept a challenge - for private use only
-     */
-    private acceptChallenge(challengeArg: ISmartAcmeChallenge) {
-        let done = q.defer()
-
-        /**
-         * the key is needed to accept the challenge
-         */
-        let authKey: string = plugins.rawacme.keyAuthz(
-            challengeArg.token,
-            this.parentAcmeAccount.parentSmartAcme.keyPair.publicKey
-        )
-
-        /**
-         * needed in case selected challenge is of type dns-01
-         */
-        let keyHash: string = plugins.rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
-
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.post(
-            challengeArg.uri,
-            {
-                resource: 'challenge',
-                keyAuthorization: authKey
-            },
-            this.parentAcmeAccount.parentSmartAcme.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.log(err)
-                    done.reject(err)
-                }
-                /**
-                 * the return challenge
-                 */
-                let returnDNSChallenge: ISmartAcmeChallengeAccepted = {
-                    uri: res.body.uri,
-                    type: res.body.type,
-                    token: res.body.token,
-                    keyAuthorization: res.body.keyAuthorization,
-                    status: res.body.status,
-                    dnsKeyHash: keyHash,
-                    domainName: this.domainName,
-                    domainNamePrefixed: helpers.prefixName(this.domainName)
-                }
-                this.acceptedChallenge = returnDNSChallenge
-                done.resolve(returnDNSChallenge)
-            }
-        )
-        return done.promise
-    }
-}

ts/smartacme.classes.cert.ts

@@ -0,0 +1,62 @@
+import * as plugins from './smartacme.plugins';
+
+import * as interfaces from './interfaces';
+
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert, plugins.tsclass.network.ICert>
+  implements plugins.tsclass.network.ICert {
+  @unI()
+  public id: string;
+
+  @svDb()
+  public domainName: string;
+
+  @svDb()
+  public created: number;
+
+  @svDb()
+  public privateKey: string;
+
+  @svDb()
+  public publicKey: string;
+
+  @svDb()
+  public csr: string;
+
+  @svDb()
+  public validUntil: number;
+
+  public isStillValid(): boolean {
+    return this.validUntil >= Date.now();
+  }
+
+  public shouldBeRenewed(): boolean {
+    const shouldBeValidAtLeastUntil =
+      Date.now() +
+      plugins.smarttime.getMilliSecondsFromUnits({
+        days: 10
+      });
+    return !(this.validUntil >= shouldBeValidAtLeastUntil);
+  }
+
+  public update(certDataArg: plugins.tsclass.network.ICert) {
+    Object.keys(certDataArg).forEach(key => {
+      this[key] = certDataArg[key];
+    });
+  }
+
+  constructor(optionsArg: plugins.tsclass.network.ICert) {
+    super();
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,77 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { SmartAcme } from './smartacme.classes.smartacme';
+
+import * as interfaces from './interfaces';
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  public interestMap: plugins.lik.InterestMap<string, Cert>;
+
+  constructor(
+    smartAcmeArg: SmartAcme,
+    optionsArg: {
+      mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+    }
+  ) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init() {
+    // Smartdata DB
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+
+    // Pending Map
+    this.interestMap = new plugins.lik.InterestMap(certName => certName);
+  }
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param certDomainNameArg the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(certDomainNameArg: string): Promise<Cert> {
+    const existingCertificate: Cert = await Cert.getInstance({
+      domainName: certDomainNameArg
+    });
+
+    if (existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * stores the certificate
+   * @param optionsArg
+   */
+  public async storeCertificate(optionsArg: plugins.tsclass.network.ICert) {
+    const cert = new Cert(optionsArg);
+    await cert.save();
+    const interest = this.interestMap.findInterest(cert.domainName);
+    if (interest) {
+      interest.fullfillInterest(cert);
+      interest.markLost();
+    }
+  }
+
+  public async deleteCertificate(certDomainNameArg: string) {
+    const cert: Cert = await Cert.getInstance({
+      domainName: certDomainNameArg
+    });
+    await cert.delete();
+  }
+}

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,19 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+
+/**
+ * certmatcher is responsible for matching certificates
+ */
+export class CertMatcher {
+  /**
+   * creates a domainName for the certificate that will include the broadest scope
+   * for wild card certificates
+   * @param domainNameArg the domainNameArg to create the scope from
+   */
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.smartacme.ts

@@ -1,82 +1,214 @@
-// third party modules
+import * as plugins from './smartacme.plugins';
-import * as q from 'q' // promises
+import { Cert } from './smartacme.classes.cert';
-import * as plugins from './smartacme.plugins'
+import { CertManager } from './smartacme.classes.certmanager';
-import * as helpers from './smartacme.helpers'
+import { CertMatcher } from './smartacme.classes.certmatcher';
-
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
 
 /**
- * a rsa keypair needed for account creation and subsequent requests
+ * the options for the class @see SmartAcme
  */
-export interface IRsaKeypair {
+export interface ISmartAcmeOptions {
-    publicKey: string
+  accountPrivateKey?: string;
-    privateKey: string
+  accountEmail: string;
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  environment: 'production' | 'integration';
+  logger?: plugins.smartlog.Smartlog;
 }
 
-export { AcmeAccount } from './smartacme.classes.acmeaccount'
-export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeAccepted } from './smartacme.classes.acmecert'
-
 /**
- * class SmartAcme exports methods for maintaining SSL Certificates
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ *
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
  */
 export class SmartAcme {
-    acmeUrl: string // the acme url to use for this instance
+  private options: ISmartAcmeOptions;
-    productionBool: boolean // a boolean to quickly know wether we are in production or not
+
-    keyPair: IRsaKeypair // the keyPair needed for account creation
+  // the acme client
-    rawacmeClient
+  private client: any;
+  private smartdns = new plugins.smartdns.Smartdns({});
+  public logger: plugins.smartlog.Smartlog;
+
+  // the account private key
+  private privateKey: string;
+
+  // challenge fullfillment
+  private setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  private removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+
+  // certmanager
+  private certmanager: CertManager;
+  private certmatcher: CertMatcher;
+
+  constructor(optionsArg: ISmartAcmeOptions) {
+    this.options = optionsArg;
+    this.options.logger
+      ? (this.logger = optionsArg.logger)
+      : (this.logger = plugins.smartlog.defaultLogger);
+  }
 
   /**
-     * the constructor for class SmartAcme
+   * inits the instance
+   * ```ts
+   * await myCloudlyInstance.init() // does not support options
+   * ```
    */
-    constructor(productionArg: boolean = false) {
+  public async init() {
-        this.productionBool = productionArg
+    this.privateKey =
-        this.keyPair = helpers.createKeypair()
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
-        if (this.productionBool) {
+    this.setChallenge = this.options.setChallenge;
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL
+    this.removeChallenge = this.options.removeChallenge;
+
+    // CertMangaer
+    this.certmanager = new CertManager(this, {
+      mongoDescriptor: this.options.mongoDescriptor
+    });
+    await this.certmanager.init();
+
+    // CertMatcher
+    this.certmatcher = new CertMatcher();
+
+    // ACME Client
+    this.client = new plugins.acme.Client({
+      directoryUrl: (() => {
+        if (this.options.environment === 'production') {
+          return plugins.acme.directory.letsencrypt.production;
         } else {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL
+          return plugins.acme.directory.letsencrypt.staging;
         }
+      })(),
+      accountKey: this.privateKey
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`]
+    });
+  }
+
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
   }
 
   /**
-     * init the smartacme instance
+   * gets a certificate
+   * it runs through the following steps
+   *
+   * * look in the database
+   * * if in the database and still valid return it
+   * * if not in the database announce it
+   * * then get it from letsencrypt
+   * * store it
+   * * remove it from the pending map (which it go onto by announcing it)
+   * * retrieve it from the databse and return it
+   *
+   * @param domainArg
    */
-    init() {
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
-        let done = q.defer()
+    const certDomainName = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
-        plugins.rawacme.createClient(
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomainName);
-            {
+
-                url: this.acmeUrl,
+    if (
-                publicKey: this.keyPair.publicKey,
+      !retrievedCertificate &&
-                privateKey: this.keyPair.privateKey
+      (await this.certmanager.interestMap.checkInterest(certDomainName))
-            },
+    ) {
-            (err, client) => {
+      const existingCertificateInterest = this.certmanager.interestMap.findInterest(certDomainName);
-                if (err) {
+      const certificate = existingCertificateInterest.interestFullfilled;
-                    console.error('smartacme: something went wrong:')
+      return certificate;
-                    console.log(err)
+    } else if (retrievedCertificate && !retrievedCertificate.shouldBeRenewed()) {
-                    done.reject(err)
+      return retrievedCertificate;
-                    return
+    } else if (retrievedCertificate && retrievedCertificate.shouldBeRenewed()) {
+      await retrievedCertificate.delete();
     }
 
-                // make client available in class 
+    // lets make sure others get the same interest
-                this.rawacmeClient = client
+    const currentDomainInterst = await this.certmanager.interestMap.addInterest(certDomainName);
-                done.resolve()
+
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [
+        { type: 'dns', value: certDomainName },
+        { type: 'dns', value: `*.${certDomainName}` }
+      ]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const fullHostName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge({
+          hostName: fullHostName,
+          challenge: keyAuthorization
+        });
+        await this.smartdns.checkUntilAvailable(fullHostName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge({
+            hostName: fullHostName,
+            challenge: keyAuthorization
+          });
+        } catch (e) {
+          console.log(e);
+        }
       }
-        )
-        return done.promise
     }
 
-    /**
+    /* Finalize order */
-     * creates an account if not currently present in module
+    const [key, csr] = await plugins.acme.forge.createCsr({
-     * @executes ASYNC
+      commonName: `*.${certDomainName}`,
-     */
+      altNames: [certDomainName]
-    createAcmeAccount() {
+    });
-        let done = q.defer<AcmeAccount>()
+
-        let acmeAccount = new AcmeAccount(this)
+    await this.client.finalizeOrder(order, csr);
-        acmeAccount.register().then(() => {
+    const cert = await this.client.getCertificate(order);
-            return acmeAccount.agreeTos()
+
-        }).then(() => {
+    /* Done */
-            done.resolve(acmeAccount)
+
+    await this.certmanager.storeCertificate({
+      id: plugins.smartunique.shortId(),
+      domainName: certDomainName,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now(),
+      validUntil:
+        Date.now() +
+        plugins.smarttime.getMilliSecondsFromUnits({
+          days: 90
         })
-        return done.promise
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomainName);
+    currentDomainInterst.fullfillInterest(newCertificate);
+    currentDomainInterst.destroy();
+    return newCertificate;
   }
 }

ts/smartacme.helpers.ts

@@ -1,50 +0,0 @@
-import 'typings-global'
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
-
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-export let createKeypair = (bit = 2048): IRsaKeypair => {
-    let result = plugins.rsaKeygen.generate(bit)
-    return {
-        publicKey: result.public_key,
-        privateKey: result.private_key
-    }
-}
-
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-export let prefixName = (domainNameArg: string): string => {
-    return '_acme-challenge.' + domainNameArg
-}
-
-/**
- * gets an existing registration
- * @executes ASYNC
- */
-let getReg = (SmartAcmeArg: SmartAcme, location: string) => {
-    let done = q.defer()
-    let body = { resource: 'reg' }
-    SmartAcmeArg.rawacmeClient.post(
-        location,
-        body,
-        SmartAcmeArg.keyPair,
-        (err, res) => {
-            if (err) {
-                console.error('smartacme: something went wrong:')
-                console.log(err)
-                done.reject(err)
-                return
-            }
-            console.log(JSON.stringify(res.body))
-            done.resolve()
-        }
-    )
-    return done.promise
-}

ts/smartacme.paths.ts

@@ -1,6 +0,0 @@
-import * as path from 'path'
-import * as smartfile from 'smartfile'
-
-export let packageDir = path.join(__dirname,'../')
-export let assetDir = path.join(packageDir,'assets/')
-smartfile.fs.ensureDirSync(assetDir)

ts/smartacme.plugins.ts

@@ -1,20 +1,36 @@
-import 'typings-global' // typings for node
+// @pushrocks scope
-
+import * as lik from '@pushrocks/lik';
-import * as path from 'path' // native node path module
+import * as smartdata from '@pushrocks/smartdata';
-let rsaKeygen = require('rsa-keygen') // rsa keygen
+import * as smartdelay from '@pushrocks/smartdelay';
-let rawacme = require('rawacme') // acme helper functions
+import * as smartdns from '@pushrocks/smartdns';
-let nodeForge = require('node-forge')
+import * as smartexpress from '@pushrocks/smartexpress';
-
+import * as smartlog from '@pushrocks/smartlog';
-// push.rocks modules here
+import * as smartpromise from '@pushrocks/smartpromise';
-import * as dnsly from 'dnsly'
+import * as smartrequest from '@pushrocks/smartrequest';
-import * as smartfile from 'smartfile'
+import * as smartunique from '@pushrocks/smartunique';
-import * as smartstring from 'smartstring'
+import * as smartstring from '@pushrocks/smartstring';
+import * as smarttime from '@pushrocks/smarttime';
 
 export {
-    dnsly,
+  lik,
-    rsaKeygen,
+  smartdata,
-    rawacme,
+  smartdelay,
-    nodeForge,
+  smartdns,
-    smartfile,
+  smartexpress,
-    smartstring
+  smartlog,
-}
+  smartpromise,
+  smartrequest,
+  smartunique,
+  smartstring,
+  smarttime
+};
+
+// @tsclass scope
+import * as tsclass from '@tsclass/tsclass';
+
+export { tsclass };
+
+// third party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }