2.1.2

.gitignore

@@ -1,5 +1,22 @@
-node_modules/
+.nogit/
+
+# artifacts
 coverage/
 public/
 pages/
-.nogit/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_web/
+dist_serve/
+dist_ts_web/
+
+# custom

.gitlab-ci.yml

@@ -1,59 +1,126 @@
-image: hosttoday/ht-docker-node:npmts
+# gitzone ci_default
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+
+cache:
+  paths:
+    - .npmci_cache/
+  key: '$CI_BUILD_STAGE'
 
 stages:
-- test
+  - security
-- release
+  - test
-- trigger
+  - release
-- pages
+  - metadata
 
-testLEGACY:
+# ====================
+# security stage
+# ====================
+mirror:
+  stage: security
+  script:
+    - npmci git mirror
+  tags:
+    - lossless
+    - docker
+    - notpriv
+
+snyk:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:snyk
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+    - lossless
+    - docker
+    - notpriv
+
+# ====================
+# test stage
+# ====================
+
+testStable:
   stage: test
   script:
-    - npmci test legacy
+    - npmci npm prepare
+    - npmci node install stable
+    - npmci npm install
+    - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
+    - lossless
     - docker
-  allow_failure: true
+    - priv
 
-testLTS:
+testBuild:
   stage: test
   script:
-    - npmci test lts
+    - npmci npm prepare
-  tags:
+    - npmci node install stable
-    - docker
+    - npmci npm install
-    
+    - npmci command npm run build
-testSTABLE:
+  coverage: /\d+.?\d+?\%\s*coverage/
-  stage: test
-  script:
-    - npmci test stable
   tags:
+    - lossless
     - docker
+    - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+    - npmci node install stable
+    - npmci npm publish
   only:
     - tags
   tags:
+    - lossless
     - docker
+    - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  allow_failure: true
+  script:
+    - npmci command npm install -g tslint typescript
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
+  tags:
+    - lossless
+    - docker
+    - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
     - npmci trigger
   only:
     - tags
   tags:
+    - lossless
     - docker
+    - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmpage
+  stage: metadata
-  stage: pages
   script:
-    - npmci command npmpage --host gitlab
+    - npmci node install lts
+    - npmci command npm install -g @gitzone/tsdoc
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command tsdoc
+  tags:
+    - lossless
+    - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
       - public
+  allow_failure: true

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "current file",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "${relativeFile}"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    },
+    {
+      "name": "test.ts",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "test/test.ts"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,26 @@
+{
+  "json.schemas": [
+    {
+      "fileMatch": ["/npmextra.json"],
+      "schema": {
+        "type": "object",
+        "properties": {
+          "npmci": {
+            "type": "object",
+            "description": "settings for npmci"
+          },
+          "gitzone": {
+            "type": "object",
+            "description": "settings for gitzone",
+            "properties": {
+              "projectType": {
+                "type": "string",
+                "enum": ["website", "element", "service", "npm"]
+              }
+            }
+          }
+        }
+      }
+    }
+  ]
+}

README.md

@@ -1,57 +1,36 @@
-# smartacme
+# @pushrocks/smartuniverse
-acme implementation in TypeScript
+acme with an easy yet powerful interface in TypeScript
 
-## Availabililty
+## Availabililty and Links
-[![npm](https://push.rocks/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
-[![git](https://push.rocks/assets/repo-button-git.svg)](https://GitLab.com/pushrocks/smartacme)
+* [gitlab.com (source)](https://gitlab.com/pushrocks/smartuniverse)
-[![git](https://push.rocks/assets/repo-button-mirror.svg)](https://github.com/pushrocks/smartacme)
+* [github.com (source mirror)](https://github.com/pushrocks/smartuniverse)
-[![docs](https://push.rocks/assets/repo-button-docs.svg)](https://pushrocks.gitlab.io/smartacme/)
+* [docs (typedoc)](https://pushrocks.gitlab.io/smartuniverse/)
 
 ## Status for master
-[![build status](https://GitLab.com/pushrocks/smartacme/badges/master/build.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
+[![build status](https://gitlab.com/pushrocks/smartuniverse/badges/master/build.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
-[![coverage report](https://GitLab.com/pushrocks/smartacme/badges/master/coverage.svg)](https://GitLab.com/pushrocks/smartacme/commits/master)
+[![coverage report](https://gitlab.com/pushrocks/smartuniverse/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
+[![npm downloads per month](https://img.shields.io/npm/dm/@pushrocks/smartuniverse.svg)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
-[![Dependency Status](https://david-dm.org/pushrocks/smartacme.svg)](https://david-dm.org/pushrocks/smartacme)
+[![Known Vulnerabilities](https://snyk.io/test/npm/@pushrocks/smartuniverse/badge.svg)](https://snyk.io/test/npm/@pushrocks/smartuniverse)
-[![bitHound Dependencies](https://www.bithound.io/github/pushrocks/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/pushrocks/smartacme/master/dependencies/npm)
+[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
-[![bitHound Code](https://www.bithound.io/github/pushrocks/smartacme/badges/code.svg)](https://www.bithound.io/github/pushrocks/smartacme)
+[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
+
 Use TypeScript for best in class instellisense.
 
 ```javascript
-import { SmartAcme } from 'smartacme'
+import { SmartAcme } from 'smartacme';
 
 let smac = new SmartAcme()
 
-(async () => { // learn async/await, it'll make your life easier
+// TODO
-
-    // optionally accepts a filePath Arg with a stored acmeaccount.json
-    // will create an account and 
-    let myAccount = await smac.createAcmeAccount()
-    
-    // will return a dnsHash to set in your DNS record
-    let myCert = await myAccount.createAcmeCert('example.com')
-
-    // gets and accepts the specified challenge
-    // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-    let myChallenge = await myCert.getChallenge('dns-01')
-
-    /* ----------
-    Now you need to set the challenge in your DNS
-    myChallenge.domainNamePrefixed is the address for the record
-    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
-    -------------*/
-})()
 ```
 
-## Other relevant npm modules
+For further information read the linked docs at the top of this readme.
-module name | description
---- | ---
-cert | a higlevel production module that uses smartacme to manage certs
-smartnginx | a highlevel production tool for docker environments to manage nginx 
 
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 
-[![npm](https://push.rocks/assets/repo-header.svg)](https://push.rocks)
+[![repo-footer](https://pushrocks.gitlab.io/assets/repo-footer.svg)](https://maintainedby.lossless.com)

dist/index.d.ts

@@ -1 +0,0 @@
-export * from './smartacme.classes.smartacme';

dist/index.js

@@ -1,6 +0,0 @@
-"use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
-__export(require("./smartacme.classes.smartacme"));
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsbURBQTZDIn0=

dist/smartacme.classes.acmeaccount.d.ts

@@ -1,23 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { SmartAcme } from './smartacme.classes.smartacme';
-import { AcmeCert } from './smartacme.classes.acmecert';
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-export declare class AcmeAccount {
-    parentSmartAcme: SmartAcme;
-    location: string;
-    link: string;
-    JWK: any;
-    constructor(smartAcmeParentArg: SmartAcme);
-    /**
-     * register the account with letsencrypt
-     */
-    register(): q.Promise<{}>;
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos(): q.Promise<{}>;
-    createAcmeCert(domainNameArg: string, countryArg?: string, countryShortArg?: string, city?: string, companyArg?: string, companyShortArg?: string): q.Promise<AcmeCert>;
-}

dist/smartacme.classes.acmeaccount.js

@@ -1,71 +0,0 @@
-"use strict";
-const q = require("q");
-const smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-class AcmeAccount {
-    constructor(smartAcmeParentArg) {
-        this.parentSmartAcme = smartAcmeParentArg;
-    }
-    /**
-     * register the account with letsencrypt
-     */
-    register() {
-        let done = q.defer();
-        this.parentSmartAcme.rawacmeClient.newReg({
-            contact: ['mailto:domains@lossless.org']
-        }, (err, res) => {
-            if (err) {
-                console.error('smartacme: something went wrong:');
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            this.JWK = res.body.key;
-            this.link = res.headers.link;
-            console.log(this.link);
-            this.location = res.headers.location;
-            done.resolve();
-        });
-        return done.promise;
-    }
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos() {
-        let done = q.defer();
-        let tosPart = this.link.split(',')[1];
-        let tosLinkPortion = tosPart.split(';')[0];
-        let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '');
-        this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
-            if (err) {
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            done.resolve();
-        });
-        return done.promise;
-    }
-    createAcmeCert(domainNameArg, countryArg = 'Germany', countryShortArg = 'DE', city = 'Bremen', companyArg = 'Some Company', companyShortArg = 'SC') {
-        let done = q.defer();
-        let acmeCert = new smartacme_classes_acmecert_1.AcmeCert({
-            bit: 2064,
-            key: null,
-            domain: domainNameArg,
-            country: countryArg,
-            country_short: countryShortArg,
-            locality: city,
-            organization: companyArg,
-            organization_short: companyShortArg,
-            password: null,
-            unstructured: null,
-            subject_alt_names: null
-        }, this);
-        done.resolve(acmeCert);
-        return done.promise;
-    }
-}
-exports.AcmeAccount = AcmeAccount;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuYWNtZWFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuY2xhc3Nlcy5hY21lYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsdUJBQXNCO0FBTXRCLDZFQUF1RDtBQUV2RDs7R0FFRztBQUNIO0lBS0ksWUFBWSxrQkFBNkI7UUFDckMsSUFBSSxDQUFDLGVBQWUsR0FBRyxrQkFBa0IsQ0FBQTtJQUM3QyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxRQUFRO1FBQ0osSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksQ0FBQyxlQUFlLENBQUMsYUFBYSxDQUFDLE1BQU0sQ0FDckM7WUFDSSxPQUFPLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQztTQUMzQyxFQUNELENBQUMsR0FBRyxFQUFFLEdBQUc7WUFDTCxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNOLE9BQU8sQ0FBQyxLQUFLLENBQUMsa0NBQWtDLENBQUMsQ0FBQTtnQkFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1YsQ0FBQztZQUNELElBQUksQ0FBQyxHQUFHLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUE7WUFDdkIsSUFBSSxDQUFDLElBQUksR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQTtZQUM1QixPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQTtZQUN0QixJQUFJLENBQUMsUUFBUSxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFBO1lBQ3BDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQUMsQ0FBQTtRQUNOLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILFFBQVE7UUFDSixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxPQUFPLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFDckMsSUFBSSxjQUFjLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUMxQyxJQUFJLEdBQUcsR0FBRyxjQUFjLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFDbEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsRUFBRSxDQUFDLEdBQUcsRUFBRSxHQUFHO1lBQ2pHLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ04sT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQTtnQkFDaEIsTUFBTSxDQUFBO1lBQ1YsQ0FBQztZQUNELElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQUMsQ0FBQTtRQUNGLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRCxjQUFjLENBQ1YsYUFBcUIsRUFDckIsVUFBVSxHQUFHLFNBQVMsRUFDdEIsZUFBZSxHQUFHLElBQUksRUFDdEIsSUFBSSxHQUFHLFFBQVEsRUFDZixVQUFVLEdBQUcsY0FBYyxFQUMzQixlQUFlLEdBQUcsSUFBSTtRQUd0QixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFZLENBQUE7UUFDOUIsSUFBSSxRQUFRLEdBQUcsSUFBSSxxQ0FBUSxDQUN2QjtZQUNJLEdBQUcsRUFBRSxJQUFJO1lBQ1QsR0FBRyxFQUFFLElBQUk7WUFDVCxNQUFNLEVBQUUsYUFBYTtZQUNyQixPQUFPLEVBQUUsVUFBVTtZQUNuQixhQUFhLEVBQUUsZUFBZTtZQUM5QixRQUFRLEVBQUUsSUFBSTtZQUNkLFlBQVksRUFBRSxVQUFVO1lBQ3hCLGtCQUFrQixFQUFFLGVBQWU7WUFDbkMsUUFBUSxFQUFFLElBQUk7WUFDZCxZQUFZLEVBQUUsSUFBSTtZQUNsQixpQkFBaUIsRUFBRSxJQUFJO1NBQzFCLEVBQ0QsSUFBSSxDQUNQLENBQUE7UUFDRCxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFBO1FBQ3RCLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7Q0FDSjtBQWxGRCxrQ0FrRkMifQ==

dist/smartacme.classes.acmecert.d.ts

@@ -1,80 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { IRsaKeypair } from './smartacme.classes.smartacme';
-import { AcmeAccount } from './smartacme.classes.acmeaccount';
-/**
- * types of challenges supported by letsencrypt and this module
- */
-export declare type TChallengeType = 'dns-01' | 'http-01';
-/**
- * values that a challenge's status can have
- */
-export declare type TChallengeStatus = 'pending';
-export interface ISmartAcmeChallenge {
-    uri: string;
-    status: TChallengeStatus;
-    type: TChallengeType;
-    token: string;
-    keyAuthorization: string;
-}
-export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
-    dnsKeyHash: string;
-    domainName: string;
-    domainNamePrefixed: string;
-}
-export interface IAcmeCsrConstructorOptions {
-    bit: number;
-    key: string;
-    domain: string;
-    country: string;
-    country_short: string;
-    locality: string;
-    organization: string;
-    organization_short: string;
-    password: string;
-    unstructured: string;
-    subject_alt_names: string[];
-}
-/**
- * class AcmeCert represents a cert for domain
- */
-export declare class AcmeCert {
-    domainName: string;
-    attributes: any;
-    fullchain: string;
-    parentAcmeAccount: AcmeAccount;
-    csr: any;
-    validFrom: Date;
-    validTo: Date;
-    keypair: IRsaKeypair;
-    keyPairFinal: IRsaKeypair;
-    chosenChallenge: ISmartAcmeChallengeChosen;
-    dnsKeyHash: string;
-    constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount);
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(challengeTypeArg?: TChallengeType): q.Promise<ISmartAcmeChallengeChosen>;
-    /**
-     * checks if DNS records are set, will go through a max of 30 cycles
-     */
-    checkDns(cycleArg?: number): any;
-    /**
-     * validates a challenge, only call after you have set the challenge at the expected location
-     */
-    requestValidation(): Promise<void>;
-    /**
-     * requests a certificate
-     */
-    requestCert(): q.Promise<{}>;
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate(): void;
-    /**
-     * accept a challenge - for private use only
-     */
-    acceptChallenge(): q.Promise<{}>;
-}

dist/smartacme.classes.smartacme.d.ts

@@ -1,34 +0,0 @@
-/// <reference types="q" />
-import * as q from 'q';
-import { AcmeAccount } from './smartacme.classes.acmeaccount';
-/**
- * a rsa keypair needed for account creation and subsequent requests
- */
-export interface IRsaKeypair {
-    publicKey: string;
-    privateKey: string;
-}
-export { AcmeAccount } from './smartacme.classes.acmeaccount';
-export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert';
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-export declare class SmartAcme {
-    acmeUrl: string;
-    productionBool: boolean;
-    keyPair: IRsaKeypair;
-    rawacmeClient: any;
-    /**
-     * the constructor for class SmartAcme
-     */
-    constructor(productionArg?: boolean);
-    /**
-     * init the smartacme instance
-     */
-    init(): q.Promise<{}>;
-    /**
-     * creates an account if not currently present in module
-     * @executes ASYNC
-     */
-    createAcmeAccount(): q.Promise<AcmeAccount>;
-}

dist/smartacme.classes.smartacme.js

@@ -1,66 +0,0 @@
-"use strict";
-// third party modules
-const q = require("q"); // promises
-const plugins = require("./smartacme.plugins");
-const helpers = require("./smartacme.helpers");
-const smartacme_classes_acmeaccount_1 = require("./smartacme.classes.acmeaccount");
-var smartacme_classes_acmeaccount_2 = require("./smartacme.classes.acmeaccount");
-exports.AcmeAccount = smartacme_classes_acmeaccount_2.AcmeAccount;
-var smartacme_classes_acmecert_1 = require("./smartacme.classes.acmecert");
-exports.AcmeCert = smartacme_classes_acmecert_1.AcmeCert;
-/**
- * class SmartAcme exports methods for maintaining SSL Certificates
- */
-class SmartAcme {
-    /**
-     * the constructor for class SmartAcme
-     */
-    constructor(productionArg = false) {
-        this.productionBool = productionArg;
-        this.keyPair = helpers.createKeypair();
-        if (this.productionBool) {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL;
-        }
-        else {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL;
-        }
-    }
-    /**
-     * init the smartacme instance
-     */
-    init() {
-        let done = q.defer();
-        plugins.rawacme.createClient({
-            url: this.acmeUrl,
-            publicKey: this.keyPair.publicKey,
-            privateKey: this.keyPair.privateKey
-        }, (err, client) => {
-            if (err) {
-                console.error('smartacme: something went wrong:');
-                console.log(err);
-                done.reject(err);
-                return;
-            }
-            // make client available in class 
-            this.rawacmeClient = client;
-            done.resolve();
-        });
-        return done.promise;
-    }
-    /**
-     * creates an account if not currently present in module
-     * @executes ASYNC
-     */
-    createAcmeAccount() {
-        let done = q.defer();
-        let acmeAccount = new smartacme_classes_acmeaccount_1.AcmeAccount(this);
-        acmeAccount.register().then(() => {
-            return acmeAccount.agreeTos();
-        }).then(() => {
-            done.resolve(acmeAccount);
-        });
-        return done.promise;
-    }
-}
-exports.SmartAcme = SmartAcme;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLmNsYXNzZXMuc21hcnRhY21lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxzQkFBc0I7QUFDdEIsdUJBQXNCLENBQUMsV0FBVztBQUNsQywrQ0FBOEM7QUFDOUMsK0NBQThDO0FBRTlDLG1GQUE2RDtBQVU3RCxpRkFBNkQ7QUFBcEQsc0RBQUEsV0FBVyxDQUFBO0FBQ3BCLDJFQUF1RztBQUE5RixnREFBQSxRQUFRLENBQUE7QUFFakI7O0dBRUc7QUFDSDtJQU1JOztPQUVHO0lBQ0gsWUFBWSxnQkFBeUIsS0FBSztRQUN0QyxJQUFJLENBQUMsY0FBYyxHQUFHLGFBQWEsQ0FBQTtRQUNuQyxJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQTtRQUN0QyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQztZQUN0QixJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFBO1FBQ2xELENBQUM7UUFBQyxJQUFJLENBQUMsQ0FBQztZQUNKLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQTtRQUMxRCxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0gsSUFBSTtRQUNBLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixPQUFPLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FDeEI7WUFDSSxHQUFHLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDakIsU0FBUyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsU0FBUztZQUNqQyxVQUFVLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxVQUFVO1NBQ3RDLEVBQ0QsQ0FBQyxHQUFHLEVBQUUsTUFBTTtZQUNSLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ04sT0FBTyxDQUFDLEtBQUssQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFBO2dCQUNqRCxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFBO2dCQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFBO2dCQUNoQixNQUFNLENBQUE7WUFDVixDQUFDO1lBRUQsa0NBQWtDO1lBQ2xDLElBQUksQ0FBQyxhQUFhLEdBQUcsTUFBTSxDQUFBO1lBQzNCLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtRQUNsQixDQUFDLENBQ0osQ0FBQTtRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7O09BR0c7SUFDSCxpQkFBaUI7UUFDYixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFlLENBQUE7UUFDakMsSUFBSSxXQUFXLEdBQUcsSUFBSSwyQ0FBVyxDQUFDLElBQUksQ0FBQyxDQUFBO1FBQ3ZDLFdBQVcsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLENBQUM7WUFDeEIsTUFBTSxDQUFDLFdBQVcsQ0FBQyxRQUFRLEVBQUUsQ0FBQTtRQUNqQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDSixJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFBO1FBQzdCLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQUNKO0FBNURELDhCQTREQyJ9

dist/smartacme.helpers.d.ts

@@ -1,10 +0,0 @@
-import 'typings-global';
-import { IRsaKeypair } from './smartacme.classes.smartacme';
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-export declare let createKeypair: (bit?: number) => IRsaKeypair;
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-export declare let prefixName: (domainNameArg: string) => string;

dist/smartacme.helpers.js

@@ -1,40 +0,0 @@
-"use strict";
-require("typings-global");
-const q = require("q");
-const plugins = require("./smartacme.plugins");
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-exports.createKeypair = (bit = 2048) => {
-    let result = plugins.rsaKeygen.generate(bit);
-    return {
-        publicKey: result.public_key,
-        privateKey: result.private_key
-    };
-};
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-exports.prefixName = (domainNameArg) => {
-    return '_acme-challenge.' + domainNameArg;
-};
-/**
- * gets an existing registration
- * @executes ASYNC
- */
-let getReg = (SmartAcmeArg, location) => {
-    let done = q.defer();
-    let body = { resource: 'reg' };
-    SmartAcmeArg.rawacmeClient.post(location, body, SmartAcmeArg.keyPair, (err, res) => {
-        if (err) {
-            console.error('smartacme: something went wrong:');
-            console.log(err);
-            done.reject(err);
-            return;
-        }
-        console.log(JSON.stringify(res.body));
-        done.resolve();
-    });
-    return done.promise;
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLmhlbHBlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUuaGVscGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMEJBQXVCO0FBQ3ZCLHVCQUFzQjtBQUV0QiwrQ0FBOEM7QUFLOUM7O0dBRUc7QUFDUSxRQUFBLGFBQWEsR0FBRyxDQUFDLEdBQUcsR0FBRyxJQUFJO0lBQ2xDLElBQUksTUFBTSxHQUFHLE9BQU8sQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFBO0lBQzVDLE1BQU0sQ0FBQztRQUNILFNBQVMsRUFBRSxNQUFNLENBQUMsVUFBVTtRQUM1QixVQUFVLEVBQUUsTUFBTSxDQUFDLFdBQVc7S0FDakMsQ0FBQTtBQUNMLENBQUMsQ0FBQTtBQUVEOztHQUVHO0FBQ1EsUUFBQSxVQUFVLEdBQUcsQ0FBQyxhQUFxQjtJQUMxQyxNQUFNLENBQUMsa0JBQWtCLEdBQUcsYUFBYSxDQUFBO0FBQzdDLENBQUMsQ0FBQTtBQUVEOzs7R0FHRztBQUNILElBQUksTUFBTSxHQUFHLENBQUMsWUFBdUIsRUFBRSxRQUFnQjtJQUNuRCxJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7SUFDcEIsSUFBSSxJQUFJLEdBQUcsRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLENBQUE7SUFDOUIsWUFBWSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQzNCLFFBQVEsRUFDUixJQUFJLEVBQ0osWUFBWSxDQUFDLE9BQU8sRUFDcEIsQ0FBQyxHQUFHLEVBQUUsR0FBRztRQUNMLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7WUFDTixPQUFPLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUE7WUFDakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1lBQ2hCLE1BQU0sQ0FBQTtRQUNWLENBQUM7UUFDRCxPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUE7UUFDckMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO0lBQ2xCLENBQUMsQ0FDSixDQUFBO0lBQ0QsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7QUFDdkIsQ0FBQyxDQUFBIn0=

dist/smartacme.paths.d.ts

@@ -1,2 +0,0 @@
-export declare let packageDir: string;
-export declare let assetDir: string;

dist/smartacme.paths.js

@@ -1,7 +0,0 @@
-"use strict";
-const path = require("path");
-const smartfile = require("smartfile");
-exports.packageDir = path.join(__dirname, '../');
-exports.assetDir = path.join(exports.packageDir, 'assets/');
-smartfile.fs.ensureDirSync(exports.assetDir);
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBhdGhzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvc21hcnRhY21lLnBhdGhzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw2QkFBNEI7QUFDNUIsdUNBQXNDO0FBRTNCLFFBQUEsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQ3ZDLFFBQUEsUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQVUsRUFBQyxTQUFTLENBQUMsQ0FBQTtBQUNyRCxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxnQkFBUSxDQUFDLENBQUEifQ==

dist/smartacme.plugins.d.ts

@@ -1,9 +0,0 @@
-import 'typings-global';
-declare let rsaKeygen: any;
-declare let rawacme: any;
-declare let nodeForge: any;
-import * as dnsly from 'dnsly';
-import * as smartdelay from 'smartdelay';
-import * as smartfile from 'smartfile';
-import * as smartstring from 'smartstring';
-export { dnsly, rsaKeygen, rawacme, nodeForge, smartdelay, smartfile, smartstring };

dist/smartacme.plugins.js

@@ -1,18 +0,0 @@
-"use strict";
-require("typings-global"); // typings for node
-let rsaKeygen = require('rsa-keygen'); // rsa keygen
-exports.rsaKeygen = rsaKeygen;
-let rawacme = require('rawacme'); // acme helper functions
-exports.rawacme = rawacme;
-let nodeForge = require('node-forge');
-exports.nodeForge = nodeForge;
-// push.rocks modules here
-const dnsly = require("dnsly");
-exports.dnsly = dnsly;
-const smartdelay = require("smartdelay");
-exports.smartdelay = smartdelay;
-const smartfile = require("smartfile");
-exports.smartfile = smartfile;
-const smartstring = require("smartstring");
-exports.smartstring = smartstring;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRhY21lLnBsdWdpbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9zbWFydGFjbWUucGx1Z2lucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMEJBQXVCLENBQUMsbUJBQW1CO0FBRzNDLElBQUksU0FBUyxHQUFHLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBQSxDQUFDLGFBQWE7QUFZL0MsOEJBQVM7QUFYYixJQUFJLE9BQU8sR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUEsQ0FBQyx3QkFBd0I7QUFZckQsMEJBQU87QUFYWCxJQUFJLFNBQVMsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUE7QUFZakMsOEJBQVM7QUFWYiwwQkFBMEI7QUFDMUIsK0JBQThCO0FBTTFCLHNCQUFLO0FBTFQseUNBQXdDO0FBU3BDLGdDQUFVO0FBUmQsdUNBQXNDO0FBU2xDLDhCQUFTO0FBUmIsMkNBQTBDO0FBU3RDLGtDQUFXIn0=

npmextra.json

@@ -1,7 +1,18 @@
 {
+  "gitzone": {
+    "projectType": "npm",
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "pushrocks",
+      "gitrepo": "smartuniverse",
+      "shortDescription": "acme with an easy yet powerful interface in TypeScript",
+      "npmPackagename": "@pushrocks/smartuniverse",
+      "license": "MIT",
+      "projectDomain": "push.rocks"
+    }
+  },
   "npmci": {
-        "globalNpmTools": [
+    "npmGlobalTools": [],
-            "npmts"
+    "npmAccessLevel": "public"
-        ]
   }
 }

package.json

@@ -1,15 +1,17 @@
 {
-  "name": "smartacme",
+  "name": "@pushrocks/smartacme",
-  "version": "1.0.8",
+  "version": "2.1.2",
-  "description": "acme implementation in TypeScript",
+  "private": false,
+  "description": "acme with an easy yet powerful interface in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
-    "test": "(npmts --nodocs)"
+    "test": "(tstest test/)",
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
-    "url": "git+ssh://git@gitlab.com/pushrocks/smartacme.git"
+    "url": "git+ssh://git@gitlab.com/umbrellazone/smartacme.git"
   },
   "keywords": [
     "TypeScript",
@@ -19,27 +21,43 @@
   "author": "Lossless GmbH",
   "license": "MIT",
   "bugs": {
-    "url": "https://gitlab.com/pushrocks/smartacme/issues"
+    "url": "https://gitlab.com/umbrellazone/smartacme/issues"
   },
-  "homepage": "https://gitlab.com/pushrocks/smartacme#README",
+  "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@types/node-forge": "^0.6.5",
+    "@pushrocks/lik": "^3.0.17",
-    "@types/q": "0.x.x",
+    "@pushrocks/smartdata": "^3.1.25",
-    "dnsly": "^1.0.7",
+    "@pushrocks/smartdelay": "^2.0.6",
-    "node-forge": "^0.6.47",
+    "@pushrocks/smartdns": "^3.0.8",
-    "q": "^1.4.1",
+    "@pushrocks/smartexpress": "^3.0.57",
-    "rawacme": "^0.2.1",
+    "@pushrocks/smartlog": "^2.0.21",
-    "rsa-keygen": "^1.0.6",
+    "@pushrocks/smartpromise": "^3.0.6",
-    "smartdelay": "^1.0.1",
+    "@pushrocks/smartrequest": "^1.1.47",
-    "smartfile": "^4.1.4",
+    "@pushrocks/smartstring": "^3.0.18",
-    "smartstring": "^2.0.22",
+    "@pushrocks/smarttime": "^3.0.12",
-    "typings-global": "^1.0.14"
+    "@pushrocks/smartunique": "^3.0.1",
+    "acme-client": "^3.3.1"
   },
   "devDependencies": {
-    "@types/should": "^8.1.30",
+    "@gitzone/tsbuild": "^2.1.17",
-    "cflare": "0.0.11",
+    "@gitzone/tsrun": "^1.2.8",
-    "qenv": "^1.1.3",
+    "@gitzone/tstest": "^1.0.28",
-    "should": "^11.1.2",
+    "@mojoio/cloudflare": "^3.0.5",
-    "typings-test": "^1.0.3"
+    "@pushrocks/qenv": "^4.0.6",
-  }
+    "@pushrocks/tapbundle": "^3.2.0",
+    "@types/node": "^13.7.0",
+    "tslint": "^6.0.0",
+    "tslint-config-prettier": "^1.18.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_web/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ]
 }

qenv.yml

@@ -1,3 +1,6 @@
-vars:
+required:
   - CF_EMAIL
   - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

test/test.d.ts

@@ -1 +0,0 @@
-import 'typings-test';

test/test.js

@@ -1,79 +0,0 @@
-"use strict";
-require("typings-test");
-const should = require("should");
-const cflare = require("cflare");
-const qenv = require("qenv");
-let testQenv = new qenv.Qenv(process.cwd(), process.cwd() + '/.nogit');
-// import the module to test
-const smartacme = require("../dist/index");
-let myCflareAccount = new cflare.CflareAccount();
-myCflareAccount.auth({
-    email: process.env.CF_EMAIL,
-    key: process.env.CF_KEY
-});
-describe('smartacme', function () {
-    let testSmartAcme;
-    let testAcmeAccount;
-    let testAcmeCert;
-    let testChallenge;
-    it('should create a valid instance', function (done) {
-        this.timeout(10000);
-        testSmartAcme = new smartacme.SmartAcme(false);
-        testSmartAcme.init().then(() => {
-            should(testSmartAcme).be.instanceOf(smartacme.SmartAcme);
-            done();
-        }).catch(err => { done(err); });
-    });
-    it('should have created keyPair', function () {
-        should(testSmartAcme.acmeUrl).be.of.type('string');
-    });
-    it('should register a new account', function (done) {
-        this.timeout(10000);
-        testSmartAcme.createAcmeAccount().then(x => {
-            testAcmeAccount = x;
-            done();
-        }).catch(err => {
-            console.log(err);
-            done(err);
-        });
-    });
-    it('should create a AcmeCert', function () {
-        testAcmeAccount.createAcmeCert('carglide.com').then(x => {
-            testAcmeCert = x;
-            should(testAcmeAccount).be.instanceOf(smartacme.AcmeCert);
-        });
-    });
-    it('should get a challenge for a AcmeCert', function (done) {
-        this.timeout(10000);
-        testAcmeCert.requestChallenge().then((challengeChosen) => {
-            console.log(challengeChosen);
-            testChallenge = challengeChosen;
-            done();
-        });
-    });
-    it('should set the challenge', function (done) {
-        this.timeout(10000);
-        myCflareAccount.createRecord(testChallenge.domainNamePrefixed, 'TXT', testChallenge.dnsKeyHash).then(() => {
-            done();
-        });
-    });
-    it('should check for a DNS record', function (done) {
-        this.timeout(20000);
-        testAcmeCert.checkDns().then(x => {
-            console.log(x);
-            done();
-        });
-    });
-    it('should accept the challenge', function (done) {
-        this.timeout(10000);
-        testAcmeCert.acceptChallenge().then(() => { done(); });
-    });
-    it('should poll for validation of a challenge', function (done) {
-        this.timeout(700000);
-        testAcmeCert.requestValidation().then(x => {
-            console.log(x);
-            done();
-        });
-    });
-});
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFDaEMsaUNBQWdDO0FBQ2hDLDZCQUE0QjtBQUU1QixJQUFJLFFBQVEsR0FBRyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsRUFBRSxFQUFFLE9BQU8sQ0FBQyxHQUFHLEVBQUUsR0FBRyxTQUFTLENBQUMsQ0FBQTtBQUV0RSw0QkFBNEI7QUFDNUIsMkNBQTBDO0FBRTFDLElBQUksZUFBZSxHQUFHLElBQUksTUFBTSxDQUFDLGFBQWEsRUFBRSxDQUFBO0FBQ2hELGVBQWUsQ0FBQyxJQUFJLENBQUM7SUFDakIsS0FBSyxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsUUFBUTtJQUMzQixHQUFHLEVBQUUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNO0NBQzFCLENBQUMsQ0FBQTtBQUVGLFFBQVEsQ0FBQyxXQUFXLEVBQUU7SUFDbEIsSUFBSSxhQUFrQyxDQUFBO0lBQ3RDLElBQUksZUFBc0MsQ0FBQTtJQUMxQyxJQUFJLFlBQWdDLENBQUE7SUFDcEMsSUFBSSxhQUFrRCxDQUFBO0lBRXRELEVBQUUsQ0FBQyxnQ0FBZ0MsRUFBRSxVQUFVLElBQUk7UUFDL0MsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUNuQixhQUFhLEdBQUcsSUFBSSxTQUFTLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQzlDLGFBQWEsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxJQUFJLENBQUM7WUFDdEIsTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFBO1lBQ3hELElBQUksRUFBRSxDQUFBO1FBQ1YsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNsQyxDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyw2QkFBNkIsRUFBRTtRQUM5QixNQUFNLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFBO0lBQ3RELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLCtCQUErQixFQUFFLFVBQVUsSUFBSTtRQUM5QyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ25CLGFBQWEsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3BDLGVBQWUsR0FBRyxDQUFDLENBQUE7WUFDbkIsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRztZQUNSLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDaEIsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFBO1FBQ2IsQ0FBQyxDQUFDLENBQUE7SUFDTixDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQywwQkFBMEIsRUFBRTtRQUMzQixlQUFlLENBQUMsY0FBYyxDQUFDLGNBQWMsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ2pELFlBQVksR0FBRyxDQUFDLENBQUE7WUFDaEIsTUFBTSxDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxDQUFBO1FBQzdELENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7SUFFRixFQUFFLENBQUMsdUNBQXVDLEVBQUUsVUFBVSxJQUFJO1FBQ3RELElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7UUFDbkIsWUFBWSxDQUFDLGdCQUFnQixFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsZUFBZTtZQUNqRCxPQUFPLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxDQUFBO1lBQzVCLGFBQWEsR0FBRyxlQUFlLENBQUE7WUFDL0IsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDBCQUEwQixFQUFFLFVBQVMsSUFBSTtRQUN4QyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ25CLGVBQWUsQ0FBQyxZQUFZLENBQ3hCLGFBQWEsQ0FBQyxrQkFBa0IsRUFDaEMsS0FBSyxFQUFFLGFBQWEsQ0FBQyxVQUFVLENBQ2xDLENBQUMsSUFBSSxDQUFDO1lBQ0gsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLCtCQUErQixFQUFFLFVBQVMsSUFBSTtRQUM3QyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ25CLFlBQVksQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUMxQixPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFBO1lBQ2QsSUFBSSxFQUFFLENBQUE7UUFDVixDQUFDLENBQUMsQ0FBQTtJQUNOLENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDZCQUE2QixFQUFFLFVBQVMsSUFBSTtRQUMzQyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ25CLFlBQVksQ0FBQyxlQUFlLEVBQUUsQ0FBQyxJQUFJLENBQUMsUUFBUSxJQUFJLEVBQUUsQ0FBQSxDQUFDLENBQUMsQ0FBQyxDQUFBO0lBQ3pELENBQUMsQ0FBQyxDQUFBO0lBRUYsRUFBRSxDQUFDLDJDQUEyQyxFQUFFLFVBQVUsSUFBSTtRQUMxRCxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFBO1FBQ3BCLFlBQVksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ25DLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUE7WUFDZCxJQUFJLEVBQUUsQ0FBQTtRQUNWLENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7QUFDTixDQUFDLENBQUMsQ0FBQSJ9

test/test.ts

@@ -1,93 +1,45 @@
-import 'typings-test'
+import { tap, expect } from '@pushrocks/tapbundle';
-import * as should from 'should'
+import { Qenv } from '@pushrocks/qenv';
-import * as cflare from 'cflare'
-import * as qenv from 'qenv'
 
-let testQenv = new qenv.Qenv(process.cwd(), process.cwd() + '/.nogit')
+const testQenv = new Qenv('./', './.nogit/');
 
-// import the module to test
+import * as smartacme from '../ts/index';
-import * as smartacme from '../dist/index'
 
-let myCflareAccount = new cflare.CflareAccount()
+let smartAcmeInstance: smartacme.SmartAcme;
-myCflareAccount.auth({
-    email: process.env.CF_EMAIL,
-    key: process.env.CF_KEY
-})
 
-describe('smartacme', function () {
+tap.test('should create a valid instance of SmartAcme', async () => {
-    let testSmartAcme: smartacme.SmartAcme
+  smartAcmeInstance = new smartacme.SmartAcme({
-    let testAcmeAccount: smartacme.AcmeAccount
+    accountEmail: 'domains@lossless.org',
-    let testAcmeCert: smartacme.AcmeCert
+    accountPrivateKey: null,
-    let testChallenge: smartacme.ISmartAcmeChallengeChosen
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
+    },
+    removeChallenge: async (...args) => {
+      console.log(args);
+    },
+    setChallenge: async (...args) => {
+      console.log(args);
+    },
+    environment: 'integration'
+  });
+  await smartAcmeInstance.init();
+});
 
-    it('should create a valid instance', function (done) {
+tap.test('should get a domain certificate', async () => {
-        this.timeout(10000)
+  await smartAcmeInstance.getCertificateForDomain('bleu.de');
-        testSmartAcme = new smartacme.SmartAcme(false)
+});
-        testSmartAcme.init().then(() => {
-            should(testSmartAcme).be.instanceOf(smartacme.SmartAcme)
-            done()
-        }).catch(err => { done(err) })
-    })
 
-    it('should have created keyPair', function () {
+tap.test('certmatcher should correctly match domains', async () => {
-        should(testSmartAcme.acmeUrl).be.of.type('string')
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher');
-    })
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
 
-    it('should register a new account', function (done) {
+tap.test('should stop correctly', async () => {
-        this.timeout(10000)
+  await smartAcmeInstance.stop();
-        testSmartAcme.createAcmeAccount().then(x => {
+});
-            testAcmeAccount = x
-            done()
-        }).catch(err => {
-            console.log(err)
-            done(err)
-        })
-    })
 
-    it('should create a AcmeCert', function() {
+tap.start();
-        testAcmeAccount.createAcmeCert('carglide.com').then(x => {
-            testAcmeCert = x
-            should(testAcmeAccount).be.instanceOf(smartacme.AcmeCert)
-        })
-    })
-
-    it('should get a challenge for a AcmeCert', function (done) {
-        this.timeout(10000)
-        testAcmeCert.requestChallenge().then((challengeChosen) => {
-            console.log(challengeChosen)
-            testChallenge = challengeChosen
-            done()
-        })
-    })
-
-    it('should set the challenge', function(done) {
-        this.timeout(10000)
-        myCflareAccount.createRecord(
-            testChallenge.domainNamePrefixed,
-            'TXT', testChallenge.dnsKeyHash
-        ).then(() => {
-            done()
-        })
-    })
-
-    it('should check for a DNS record', function(done) {
-        this.timeout(20000)
-        testAcmeCert.checkDns().then(x => {
-            console.log(x)
-            done()
-        })
-    })
-
-    it('should accept the challenge', function(done){
-        this.timeout(10000)
-        testAcmeCert.acceptChallenge().then(() => { done() })
-    })
-
-    it('should poll for validation of a challenge', function (done) {
-        this.timeout(700000)
-        testAcmeCert.requestValidation().then(x => {
-            console.log(x)
-            done()
-        })
-    })
-})

ts/index.ts

@@ -1 +1,3 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';
+
+export * from './smartacme.classes.certremoteclient';

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/cert.ts

@@ -0,0 +1,10 @@
+export type TCertStatus = 'existing' | 'nonexisting' | 'pending' | 'failed';
+
+export interface ICert {
+  id: string;
+  domainName: string;
+  created: number;
+  privateKey: string;
+  publicKey: string;
+  csr: string;
+}

ts/interfaces/certremote.ts

@@ -0,0 +1,11 @@
+import { ICert, TCertStatus } from './cert';
+
+export interface ICertRemoteRequest {
+  secret: string;
+  domainName: string;
+}
+
+export interface ICertRemoteResponse {
+  status: TCertStatus;
+  certificate?: ICert;
+}

ts/interfaces/index.ts

@@ -0,0 +1,3 @@
+export * from './accountdata';
+export * from './cert';
+export * from './certremote';

ts/smartacme.classes.acmeaccount.ts

@@ -1,94 +0,0 @@
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-import * as helpers from './smartacme.helpers'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeCert } from './smartacme.classes.acmecert'
-
-/**
- * class AcmeAccount represents an AcmeAccount
- */
-export class AcmeAccount {
-    parentSmartAcme: SmartAcme
-    location: string
-    link: string
-    JWK
-    constructor(smartAcmeParentArg: SmartAcme) {
-        this.parentSmartAcme = smartAcmeParentArg
-    }
-
-    /**
-     * register the account with letsencrypt
-     */
-    register() {
-        let done = q.defer()
-        this.parentSmartAcme.rawacmeClient.newReg(
-            {
-                contact: ['mailto:domains@lossless.org']
-            },
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                    return
-                }
-                this.JWK = res.body.key
-                this.link = res.headers.link
-                console.log(this.link)
-                this.location = res.headers.location
-                done.resolve()
-            })
-        return done.promise
-    }
-
-    /**
-     * agree to letsencrypr terms of service
-     */
-    agreeTos() {
-        let done = q.defer()
-        let tosPart = this.link.split(',')[1]
-        let tosLinkPortion = tosPart.split(';')[0]
-        let url = tosLinkPortion.split(';')[0].trim().replace(/[<>]/g, '')
-        this.parentSmartAcme.rawacmeClient.post(this.location, { Agreement: url, resource: 'reg' }, (err, res) => {
-            if (err) {
-                console.log(err)
-                done.reject(err)
-                return
-            }
-            done.resolve()
-        })
-        return done.promise
-    }
-
-    createAcmeCert(
-        domainNameArg: string,
-        countryArg = 'Germany',
-        countryShortArg = 'DE',
-        city = 'Bremen',
-        companyArg = 'Some Company',
-        companyShortArg = 'SC'
-
-    ) {
-        let done = q.defer<AcmeCert>()
-        let acmeCert = new AcmeCert(
-            {
-                bit: 2064,
-                key: null, // not needed right now
-                domain: domainNameArg,
-                country: countryArg,
-                country_short: countryShortArg,
-                locality: city,
-                organization: companyArg,
-                organization_short: companyShortArg,
-                password: null,
-                unstructured: null,
-                subject_alt_names: null
-            },
-            this
-        )
-        done.resolve(acmeCert)
-        return done.promise
-    }
-}

ts/smartacme.classes.acmecert.ts

@@ -1,275 +0,0 @@
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-import * as helpers from './smartacme.helpers'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
-
-/**
- * types of challenges supported by letsencrypt and this module
- */
-export type TChallengeType = 'dns-01' | 'http-01'
-
-/**
- * values that a challenge's status can have
- */
-export type TChallengeStatus = 'pending'
-
-export interface ISmartAcmeChallenge {
-    uri: string
-    status: TChallengeStatus
-    type: TChallengeType
-    token: string
-    keyAuthorization: string
-}
-
-export interface ISmartAcmeChallengeChosen extends ISmartAcmeChallenge {
-    dnsKeyHash: string
-    domainName: string
-    domainNamePrefixed: string
-}
-
-export interface IAcmeCsrConstructorOptions {
-    bit: number,
-    key: string,
-    domain: string,
-    country: string,
-    country_short: string,
-    locality: string,
-    organization: string,
-    organization_short: string,
-    password: string,
-    unstructured: string,
-    subject_alt_names: string[]
-}
-
-// Dnsly instance (we really just need one)
-let myDnsly = new plugins.dnsly.Dnsly('google')
-
-/**
- * class AcmeCert represents a cert for domain
- */
-export class AcmeCert {
-    domainName: string
-    attributes
-    fullchain: string
-    parentAcmeAccount: AcmeAccount
-    csr
-    validFrom: Date
-    validTo: Date
-    keypair: IRsaKeypair
-    keyPairFinal: IRsaKeypair
-    chosenChallenge: ISmartAcmeChallengeChosen
-    dnsKeyHash: string
-    constructor(optionsArg: IAcmeCsrConstructorOptions, parentAcmeAccount: AcmeAccount) {
-        this.domainName = optionsArg.domain
-        this.parentAcmeAccount = parentAcmeAccount
-        this.keypair = helpers.createKeypair(optionsArg.bit)
-        let privateKeyForged = plugins.nodeForge.pki.privateKeyFromPem(this.keypair.privateKey)
-        let publicKeyForged = plugins.nodeForge.pki.publicKeyToPem(
-            plugins.nodeForge.pki.setRsaPublicKey(privateKeyForged.n, privateKeyForged.e)
-        )
-        this.keyPairFinal = {
-            privateKey: privateKeyForged,
-            publicKey: publicKeyForged
-        }
-
-        // set dates
-        this.validFrom = new Date()
-        this.validTo = new Date()
-        this.validTo.setDate(this.validFrom.getDate() + 90)
-
-        // set attributes
-        this.attributes = [
-            { name: 'commonName', value: optionsArg.domain },
-            { name: 'countryName', value: optionsArg.country },
-            { shortName: 'ST', value: optionsArg.country_short },
-            { name: 'localityName', value: optionsArg.locality },
-            { name: 'organizationName', value: optionsArg.organization },
-            { shortName: 'OU', value: optionsArg.organization_short },
-            { name: 'challengePassword', value: optionsArg.password },
-            { name: 'unstructuredName', value: optionsArg.unstructured }
-        ]
-
-        // set up csr
-        this.csr = plugins.nodeForge.pki.createCertificationRequest()
-        this.csr.setSubject(this.attributes)
-        this.csr.setAttributes(this.attributes)
-    }
-
-    /**
-     * requests a challenge for a domain
-     * @param domainNameArg - the domain name to request a challenge for
-     * @param challengeType - the challenge type to request
-     */
-    requestChallenge(challengeTypeArg: TChallengeType = 'dns-01') {
-        let done = q.defer<ISmartAcmeChallengeChosen>()
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newAuthz(
-            {
-                identifier: {
-                    type: 'dns',
-                    value: this.domainName
-                }
-            },
-            this.parentAcmeAccount.parentSmartAcme.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                }
-                let preChosenChallenge = res.body.challenges.filter(x => {
-                    return x.type === challengeTypeArg
-                })[0]
-
-                /**
-                 * the key is needed to accept the challenge
-                 */
-                let authKey: string = plugins.rawacme.keyAuthz(
-                    preChosenChallenge.token,
-                    this.parentAcmeAccount.parentSmartAcme.keyPair.publicKey
-                )
-
-                /**
-                 * needed in case selected challenge is of type dns-01
-                 */
-                this.dnsKeyHash = plugins.rawacme.dnsKeyAuthzHash(authKey) // needed if dns challenge is chosen
-                /**
-                 * the return challenge
-                 */
-                this.chosenChallenge = {
-                    uri: preChosenChallenge.uri,
-                    type: preChosenChallenge.type,
-                    token: preChosenChallenge.token,
-                    keyAuthorization: authKey,
-                    status: preChosenChallenge.status,
-                    dnsKeyHash: this.dnsKeyHash,
-                    domainName: this.domainName,
-                    domainNamePrefixed: helpers.prefixName(this.domainName)
-                }
-                done.resolve(this.chosenChallenge)
-            }
-        )
-        return done.promise
-    }
-
-    /**
-     * checks if DNS records are set, will go through a max of 30 cycles
-     */
-    async checkDns(cycleArg = 1) {
-        let redoCheck = async (err?) => {
-            if (cycleArg < 30) {
-                cycleArg++
-                await plugins.smartdelay.delayFor(2000)
-                return await this.checkDns(cycleArg)
-            } else {
-                console.log('failed permanently...')
-                throw err
-            }
-        }
-        console.log(`checkDns failed ${cycleArg} times and has ${30 - cycleArg} cycles to go before it fails permanently!`)
-        let myRecord
-        try {
-            myRecord = await myDnsly.getRecord(helpers.prefixName(this.domainName), 'TXT')
-            myRecord = myRecord[0][0]
-            if (myRecord === this.dnsKeyHash) {
-                console.log('and matches the required dnsKeyHash')
-            } else {
-                console.log('but does not match required dns keyHash!')
-                return redoCheck()
-            }
-            console.log('DNS is set!')
-            return myRecord
-        } catch (err) {
-            return redoCheck()
-        }
-    }
-
-    /**
-     * validates a challenge, only call after you have set the challenge at the expected location
-     */
-    async requestValidation() {
-        await plugins.smartdelay.delayFor(20000)
-        let makeRequest = () => {
-            let done = q.defer()
-            this.parentAcmeAccount.parentSmartAcme.rawacmeClient.poll(this.chosenChallenge.uri, async (err, res) => {
-                if (err) {
-                    console.log(err)
-                    return
-                }
-                console.log(`Validation response:`)
-                console.log(JSON.stringify(res.body))
-                if (res.body.status === 'pending' || 'invalid') {
-                    console.log('retry in 6 minutes!')
-                    await plugins.smartdelay.delayFor(3000)
-                    makeRequest().then((x: any) => { done.resolve(x) })
-                } else {
-                    done.resolve(res.body)
-                }
-            })
-            return done.promise
-        }
-        await makeRequest()
-    }
-
-    /**
-     * requests a certificate
-     */
-    requestCert() {
-        let done = q.defer()
-        let payload = {
-            csr: plugins.rawacme.base64.encode(
-                plugins.rawacme.toDer(
-                    plugins.nodeForge.pki.certificationRequestToPem(
-                        this.csr
-                    )
-                )
-            ),
-            notBefore: this.validFrom.toISOString(),
-            notAfter: this.validTo.toISOString()
-        }
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.newCert(
-            payload,
-            helpers.createKeypair(),
-            (err, res) => {
-                if (err) {
-                    console.log(err)
-                    done.reject(err)
-                }
-                console.log(res.body)
-                done.resolve(res.body)
-            })
-        return done.promise
-    }
-
-    /**
-     * getCertificate - takes care of cooldown, validation polling and certificate retrieval
-     */
-    getCertificate() {
-
-    }
-
-    /**
-     * accept a challenge - for private use only
-     */
-    acceptChallenge() {
-        let done = q.defer()
-        this.parentAcmeAccount.parentSmartAcme.rawacmeClient.post(
-            this.chosenChallenge.uri,
-            {
-                resource: 'challenge',
-                keyAuthorization: this.chosenChallenge.keyAuthorization
-            },
-            this.parentAcmeAccount.parentSmartAcme.keyPair,
-            (err, res) => {
-                if (err) {
-                    console.log(err)
-                    done.reject(err)
-                }
-                done.resolve(res.body)
-            }
-        )
-        return done.promise
-    }
-}

ts/smartacme.classes.cert.ts

@@ -0,0 +1,60 @@
+import * as plugins from './smartacme.plugins';
+
+import * as interfaces from './interfaces';
+
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements interfaces.ICert {
+  @unI()
+  public id: string;
+
+  @svDb()
+  public domainName: string;
+
+  @svDb()
+  public created: number;
+
+  @svDb()
+  public privateKey: string;
+
+  @svDb()
+  public publicKey: string;
+
+  @svDb()
+  public csr: string;
+
+  /**
+   * computed value for when the certificate is still valid
+   */
+  get validUntil(): number {
+    return (
+      this.created +
+      plugins.smarttime.getMilliSecondsFromUnits({
+        days: 90
+      })
+    );
+  }
+
+  get isStillValid(): boolean {
+    const shouldBeValitAtLeastUntil =
+      Date.now() +
+      plugins.smarttime.getMilliSecondsFromUnits({
+        days: 10
+      });
+    return this.validUntil >= shouldBeValitAtLeastUntil;
+  }
+
+  constructor(optionsArg: interfaces.ICert) {
+    super();
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,102 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { SmartAcme } from './smartacme.classes.smartacme';
+
+import * as interfaces from './interfaces';
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  public pendingMap: plugins.lik.Stringmap;
+
+  constructor(
+    smartAcmeArg: SmartAcme,
+    optionsArg: {
+      mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+    }
+  ) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init() {
+    // Smartdata DB
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+
+    // Pending Map
+    this.pendingMap = new plugins.lik.Stringmap();
+  }
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param domainName the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(domainName: string): Promise<Cert> {
+    await this.checkCerts();
+    const existingCertificate: Cert = await Cert.getInstance({
+      domainName
+    });
+
+    if (existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * stores the certificate
+   * @param optionsArg
+   */
+  public async storeCertificate(optionsArg: interfaces.ICert) {
+    const cert = new Cert(optionsArg);
+    await cert.save();
+    this.pendingMap.removeString(optionsArg.domainName);
+  }
+
+  public async deleteCertificate(domainNameArg: string) {}
+
+  /**
+   * announce a certificate as being in the process of being retrieved
+   */
+  public async announceCertificate(domainNameArg: string) {
+    this.pendingMap.addString(domainNameArg);
+  }
+
+  /**
+   * gets the status of a certificate by certDomain name
+   * @param certDomainArg
+   */
+  public async getCertificateStatus(certDomainArg: string): Promise<interfaces.TCertStatus> {
+    const isPending = this.pendingMap.checkString(certDomainArg);
+    if (isPending) {
+      return 'pending';
+    }
+
+    // otherwise lets continue
+    const existingCertificate = await this.retrieveCertificate(certDomainArg);
+    if (existingCertificate) {
+      return 'existing';
+    }
+
+    return 'nonexisting';
+  }
+
+  /**
+   * checks all certs for expiration
+   */
+  private async checkCerts() {
+    // TODO
+  }
+}

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,19 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+
+/**
+ * certmatcher is responsible for matching certificates
+ */
+export class CertMatcher {
+  /**
+   * creates a domainName for the certificate that will include the broadest scope
+   * for wild card certificates
+   * @param domainNameArg the domainNameArg to create the scope from
+   */
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.certremoteclient.ts

@@ -0,0 +1,55 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+
+// tslint:disable-next-line: max-classes-per-file
+export class CertRemoteClient {
+  private remoteUrl: string;
+  private secret: string;
+  private logger: plugins.smartlog.Smartlog;
+
+  constructor(optionsArg: {
+    remoteUrl: string;
+    secret: string;
+    logger?: plugins.smartlog.Smartlog;
+  }) {
+    this.remoteUrl = optionsArg.remoteUrl;
+    this.secret = optionsArg.secret;
+    optionsArg.logger
+      ? (this.logger = optionsArg.logger)
+      : (this.logger = plugins.smartlog.defaultLogger);
+  }
+
+  /**
+   *
+   * @param domainNameArg
+   */
+  public async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
+    let certificate: interfaces.ICert;
+    const doRequestCycle = async (): Promise<interfaces.ICert> => {
+      const responseBody: interfaces.ICertRemoteResponse = (
+        await plugins.smartrequest.postJson(this.remoteUrl, {
+          requestBody: <interfaces.ICertRemoteRequest>{
+            domainName: domainNameArg,
+            secret: this.secret
+          }
+        })
+      ).body;
+      switch (responseBody.status as interfaces.TCertStatus) {
+        case 'pending':
+          this.logger.log('info', `request for ${domainNameArg} still pending!`);
+          await plugins.smartdelay.delayFor(5000);
+          const finalResponse = await doRequestCycle();
+          return finalResponse;
+        case 'existing':
+          this.logger.log('ok', `got certificate for ${domainNameArg}`);
+          return responseBody.certificate;
+        case 'failed':
+        default:
+          console.log(`could not retrieve certificate for ${domainNameArg}`);
+          return null;
+      }
+    };
+    certificate = await doRequestCycle();
+    return certificate;
+  }
+}

ts/smartacme.classes.smartacme.ts

@@ -1,82 +1,234 @@
-// third party modules
+import * as plugins from './smartacme.plugins';
-import * as q from 'q' // promises
+import { Cert } from './smartacme.classes.cert';
-import * as plugins from './smartacme.plugins'
+import { CertManager } from './smartacme.classes.certmanager';
-import * as helpers from './smartacme.helpers'
+import { CertMatcher } from './smartacme.classes.certmatcher';
 
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
+import * as interfaces from './interfaces';
+import { request } from 'http';
 
 /**
- * a rsa keypair needed for account creation and subsequent requests
+ * the options for the class @see SmartAcme
  */
-export interface IRsaKeypair {
+export interface ISmartAcmeOptions {
-    publicKey: string
+  accountPrivateKey?: string;
-    privateKey: string
+  accountEmail: string;
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
+  removeChallenge: (domainName: string) => Promise<any>;
+  environment: 'production' | 'integration';
+  logger?: plugins.smartlog.Smartlog;
 }
 
-export { AcmeAccount } from './smartacme.classes.acmeaccount'
-export { AcmeCert, ISmartAcmeChallenge, ISmartAcmeChallengeChosen } from './smartacme.classes.acmecert'
-
 /**
- * class SmartAcme exports methods for maintaining SSL Certificates
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ *
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
  */
 export class SmartAcme {
-    acmeUrl: string // the acme url to use for this instance
+  private options: ISmartAcmeOptions;
-    productionBool: boolean // a boolean to quickly know wether we are in production or not
+
-    keyPair: IRsaKeypair // the keyPair needed for account creation
+  // the acme client
-    rawacmeClient
+  private client: any;
+  private smartdns = new plugins.smartdns.Smartdns();
+  public logger: plugins.smartlog.Smartlog;
+
+  // the account private key
+  private privateKey: string;
+
+  // challenge fullfillment
+  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
+  private removeChallenge: (domainName: string) => Promise<any>;
+
+  // certmanager
+  private certmanager: CertManager;
+  private certmatcher: CertMatcher;
 
   /**
-     * the constructor for class SmartAcme
+   * the remote handler to hand the request and response to.
    */
-    constructor(productionArg: boolean = false) {
+  public certremoteHandler = async (
-        this.productionBool = productionArg
+    req: plugins.smartexpress.Request,
-        this.keyPair = helpers.createKeypair()
+    res: plugins.smartexpress.Response
-        if (this.productionBool) {
+  ) => {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_URL
+    const requestBody: interfaces.ICertRemoteRequest = req.body;
+    this.logger.log('ok', `got certificate request for ${requestBody.domainName}`);
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(
+      requestBody.domainName
+    );
+    this.logger.log('ok', `mapping ${requestBody.domainName} to ${certDomain}`);
+    let status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(certDomain);
+    let response: interfaces.ICertRemoteResponse;
+    switch (status) {
+      case 'existing':
+        this.logger.log('ok', `certificate exists for ${certDomain}. Sending certificate!`);
+        response = {
+          status,
+          certificate: await (
+            await this.certmanager.retrieveCertificate(certDomain)
+          ).createSavableObject()
+        };
+        break;
+      default:
+        if (status === 'nonexisting') {
+          this.getCertificateForDomain(certDomain);
+          status = 'pending';
+        }
+        response = {
+          status
+        };
+        break;
+    }
+    res.status(200);
+    res.send(response);
+    res.end();
+  };
+
+  constructor(optionsArg: ISmartAcmeOptions) {
+    this.options = optionsArg;
+    this.options.logger
+      ? (this.logger = optionsArg.logger)
+      : (this.logger = plugins.smartlog.defaultLogger);
+  }
+
+  /**
+   * inits the instance
+   * ```ts
+   * await myCloudlyInstance.init() // does not support options
+   * ```
+   */
+  public async init() {
+    this.privateKey =
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
+    this.setChallenge = this.options.setChallenge;
+    this.removeChallenge = this.options.removeChallenge;
+
+    // CertMangaer
+    this.certmanager = new CertManager(this, {
+      mongoDescriptor: this.options.mongoDescriptor
+    });
+    await this.certmanager.init();
+
+    // CertMatcher
+    this.certmatcher = new CertMatcher();
+
+    // ACME Client
+    this.client = new plugins.acme.Client({
+      directoryUrl: (() => {
+        if (this.options.environment === 'production') {
+          return plugins.acme.directory.letsencrypt.production;
         } else {
-            this.acmeUrl = plugins.rawacme.LETSENCRYPT_STAGING_URL
+          return plugins.acme.directory.letsencrypt.staging;
         }
+      })(),
+      accountKey: this.privateKey
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`]
+    });
+  }
+
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
   }
 
   /**
-     * init the smartacme instance
+   * gets a certificate
+   * it runs through the following steps
+   *
+   * * look in the database
+   * * if in the database return it
+   * * of not in the database announce it
+   * * then get it from letsencrypt
+   * * store it
+   * * remove it from the pending map (which it go onto by announcing it)
+   * * retrieve it from the databse and return it
+   *
+   * @param domainArg
    */
-    init() {
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
-        let done = q.defer()
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
-        plugins.rawacme.createClient(
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomain);
-            {
+
-                url: this.acmeUrl,
+    if (retrievedCertificate) {
-                publicKey: this.keyPair.publicKey,
+      return retrievedCertificate;
-                privateKey: this.keyPair.privateKey
+    } else {
-            },
+      await this.certmanager.announceCertificate(certDomain);
-            (err, client) => {
-                if (err) {
-                    console.error('smartacme: something went wrong:')
-                    console.log(err)
-                    done.reject(err)
-                    return
     }
 
-                // make client available in class 
+    /* Place new order */
-                this.rawacmeClient = client
+    const order = await this.client.createOrder({
-                done.resolve()
+      identifiers: [
+        { type: 'dns', value: certDomain },
+        { type: 'dns', value: `*.${certDomain}` }
+      ]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge(domainDnsName, keyAuthorization);
+        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge(domainDnsName);
+        } catch (e) {
+          console.log(e);
+        }
       }
-        )
-        return done.promise
     }
 
-    /**
+    /* Finalize order */
-     * creates an account if not currently present in module
+    const [key, csr] = await plugins.acme.forge.createCsr({
-     * @executes ASYNC
+      commonName: `*.${certDomain}`,
-     */
+      altNames: [certDomain]
-    createAcmeAccount() {
+    });
-        let done = q.defer<AcmeAccount>()
+
-        let acmeAccount = new AcmeAccount(this)
+    await this.client.finalizeOrder(order, csr);
-        acmeAccount.register().then(() => {
+    const cert = await this.client.getCertificate(order);
-            return acmeAccount.agreeTos()
+
-        }).then(() => {
+    /* Done */
-            done.resolve(acmeAccount)
+
-        })
+    await this.certmanager.storeCertificate({
-        return done.promise
+      id: plugins.smartunique.shortId(),
+      domainName: certDomain,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now()
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomain);
+    return newCertificate;
   }
 }

ts/smartacme.helpers.ts

@@ -1,50 +0,0 @@
-import 'typings-global'
-import * as q from 'q'
-
-import * as plugins from './smartacme.plugins'
-
-import { SmartAcme, IRsaKeypair } from './smartacme.classes.smartacme'
-import { AcmeAccount } from './smartacme.classes.acmeaccount'
-
-/**
- * creates a keypair to use with requests and to generate JWK from
- */
-export let createKeypair = (bit = 2048): IRsaKeypair => {
-    let result = plugins.rsaKeygen.generate(bit)
-    return {
-        publicKey: result.public_key,
-        privateKey: result.private_key
-    }
-}
-
-/**
- * prefix a domain name to make sure it complies with letsencrypt
- */
-export let prefixName = (domainNameArg: string): string => {
-    return '_acme-challenge.' + domainNameArg
-}
-
-/**
- * gets an existing registration
- * @executes ASYNC
- */
-let getReg = (SmartAcmeArg: SmartAcme, location: string) => {
-    let done = q.defer()
-    let body = { resource: 'reg' }
-    SmartAcmeArg.rawacmeClient.post(
-        location,
-        body,
-        SmartAcmeArg.keyPair,
-        (err, res) => {
-            if (err) {
-                console.error('smartacme: something went wrong:')
-                console.log(err)
-                done.reject(err)
-                return
-            }
-            console.log(JSON.stringify(res.body))
-            done.resolve()
-        }
-    )
-    return done.promise
-}

ts/smartacme.paths.ts

@@ -1,6 +0,0 @@
-import * as path from 'path'
-import * as smartfile from 'smartfile'
-
-export let packageDir = path.join(__dirname,'../')
-export let assetDir = path.join(packageDir,'assets/')
-smartfile.fs.ensureDirSync(assetDir)

ts/smartacme.plugins.ts

@@ -1,22 +1,31 @@
-import 'typings-global' // typings for node
+// @pushrocks scope
-
+import * as lik from '@pushrocks/lik';
-import * as path from 'path' // native node path module
+import * as smartdata from '@pushrocks/smartdata';
-let rsaKeygen = require('rsa-keygen') // rsa keygen
+import * as smartdelay from '@pushrocks/smartdelay';
-let rawacme = require('rawacme') // acme helper functions
+import * as smartdns from '@pushrocks/smartdns';
-let nodeForge = require('node-forge')
+import * as smartexpress from '@pushrocks/smartexpress';
-
+import * as smartlog from '@pushrocks/smartlog';
-// push.rocks modules here
+import * as smartpromise from '@pushrocks/smartpromise';
-import * as dnsly from 'dnsly'
+import * as smartrequest from '@pushrocks/smartrequest';
-import * as smartdelay from 'smartdelay'
+import * as smartunique from '@pushrocks/smartunique';
-import * as smartfile from 'smartfile'
+import * as smartstring from '@pushrocks/smartstring';
-import * as smartstring from 'smartstring'
+import * as smarttime from '@pushrocks/smarttime';
 
 export {
-    dnsly,
+  lik,
-    rsaKeygen,
+  smartdata,
-    rawacme,
-    nodeForge,
   smartdelay,
-    smartfile,
+  smartdns,
-    smartstring
+  smartexpress,
-}
+  smartlog,
+  smartpromise,
+  smartrequest,
+  smartunique,
+  smartstring,
+  smarttime
+};
+
+// thirs party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }