2.0.12

.gitlab-ci.yml

@@ -3,69 +3,148 @@ image: hosttoday/ht-docker-node:npmci
 
 cache:
   paths:
-  - .yarn/
+  - .npmci_cache/
   key: "$CI_BUILD_STAGE"
 
 stages:
+- security
 - test
 - release
-- trigger
+- metadata
-- pages
 
-testLEGACY:
+# ====================
-  stage: test
+# security stage
+# ====================
+mirror:
+  stage: security
   script:
-    - npmci test legacy
+  - npmci git mirror
-  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
   - docker
+  - notpriv
+
+snyk:
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install -g snyk
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+  - docker
+  - notpriv
+
+sast:
+  stage: security
+  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
+  variables:
+    DOCKER_DRIVER: overlay2
   allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command npm run build
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+  tags:
+  - docker
+  - priv
+
+# ====================
+# test stage
+# ====================
 
 testLTS:
   stage: test
   script:
-    - npmci test lts
+  - npmci npm prepare
+  - npmci node install lts
+  - npmci npm install
+  - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
   - docker
+  - notpriv
     
 testSTABLE:
   stage: test
   script:
-    - npmci test stable
+  - npmci npm prepare
+  - npmci node install stable
+  - npmci npm install
+  - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
   - docker
+  - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+  - npmci node install stable
+  - npmci npm publish
   only:
   - tags
   tags:
   - docker
+  - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  image: docker:stable
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
+  artifacts:
+    paths: [codeclimate.json]
+  tags:
+  - docker
+  - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
   - npmci trigger
   only:
   - tags
   tags:
   - docker
+  - notpriv
 
 pages:
   image: hosttoday/ht-docker-node:npmci
-  stage: pages
+  stage: metadata
   script:
-    - npmci command yarn global add npmpage
+    - npmci command npm install -g typedoc typescript
-    - npmci command npmpage
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
   tags:
     - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
     - public
+  allow_failure: true

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

README.md

@@ -1,13 +1,16 @@
 # smartacme
+
 acme implementation in TypeScript
 
 ## Availabililty
+
 [![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
 [![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
+
 [![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
@@ -19,11 +22,42 @@ acme implementation in TypeScript
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
+
 Use TypeScript for best in class instellisense.
 
-For further information read the linked docs at the top of this README.
+```javascript
+import { SmartAcme } from 'smartacme';
+
+let smac = new SmartAcme()(async () => {
+  // learn async/await, it'll make your life easier
+
+  // optionally accepts a filePath Arg with a stored acmeaccount.json
+  // will create an account and
+  let myAccount = await smac.createAcmeAccount();
+
+  // will return a dnsHash to set in your DNS record
+  let myCert = await myAccount.createAcmeCert('example.com');
+
+  // gets and accepts the specified challenge
+  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
+  let myChallenge = await myCert.getChallenge('dns-01');
+
+  /* ----------
+    Now you need to set the challenge in your DNS
+    myChallenge.domainNamePrefixed is the address for the record
+    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
+    -------------*/
+})();
+```
+
+## Other relevant npm modules
+
+| module name | description                                                         |
+| ----------- | ------------------------------------------------------------------- |
+| cert        | a higlevel production module that uses smartacme to manage certs    |
+| smartnginx  | a highlevel production tool for docker environments to manage nginx |
 
 > MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone)
+[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

docs/index.md

@@ -1,59 +0,0 @@
-# smartacme
-acme implementation in TypeScript
-
-## Availabililty
-[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
-[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
-
-## Status for master
-[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
-
-## Usage
-Use TypeScript for best in class instellisense.
-
-```javascript
-import { SmartAcme } from 'smartacme'
-
-let smac = new SmartAcme()
-
-(async () => { // learn async/await, it'll make your life easier
-
-    // optionally accepts a filePath Arg with a stored acmeaccount.json
-    // will create an account and 
-    let myAccount = await smac.createAcmeAccount()
-    
-    // will return a dnsHash to set in your DNS record
-    let myCert = await myAccount.createAcmeCert('example.com')
-
-    // gets and accepts the specified challenge
-    // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-    let myChallenge = await myCert.getChallenge('dns-01')
-
-    /* ----------
-    Now you need to set the challenge in your DNS
-    myChallenge.domainNamePrefixed is the address for the record
-    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
-    -------------*/
-})()
-```
-
-## Other relevant npm modules
-module name | description
---- | ---
-cert | a higlevel production module that uses smartacme to manage certs
-smartnginx | a highlevel production tool for docker environments to manage nginx 
-
-> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
-
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

npmextra.json

@@ -1,7 +1,6 @@
 {
   "npmci": {
-        "globalNpmTools": [
+    "npmGlobalTools": [],
-            "npmts"
+    "npmAccessLevel": "public"
-        ]
   }
 }

package.json

@@ -1,11 +1,13 @@
 {
-  "name": "smartacme",
+  "name": "@pushrocks/smartacme",
-  "version": "1.1.0",
+  "version": "2.0.12",
+  "private": false,
   "description": "acme implementation in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
-    "test": "(tstest test/)"
+    "test": "(tstest test/)",
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
@@ -23,17 +25,26 @@
   },
   "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
+    "@pushrocks/lik": "^3.0.4",
+    "@pushrocks/smartdata": "^3.1.13",
+    "@pushrocks/smartdelay": "^2.0.2",
+    "@pushrocks/smartdns": "^3.0.8",
+    "@pushrocks/smartexpress": "^3.0.0",
     "@pushrocks/smartpromise": "^2.0.5",
-    "acme-v2": "^1.2.0",
+    "@pushrocks/smartrequest": "^1.1.14",
-    "rsa-compat": "^1.5.1"
+    "@pushrocks/smarttime": "^3.0.5",
+    "@pushrocks/smartunique": "^3.0.1",
+    "acme-client": "^2.2.2"
   },
   "devDependencies": {
-    "@gitzone/tsbuild": "^2.0.22",
+    "@gitzone/tsbuild": "^2.1.4",
-    "@gitzone/tsrun": "^1.1.12",
+    "@gitzone/tsrun": "^1.1.17",
-    "@gitzone/tstest": "^1.0.13",
+    "@gitzone/tstest": "^1.0.18",
-    "@types/node": "^10.5.8",
+    "@mojoio/cloudflare": "^2.0.0",
-    "cflare": "^1.0.5",
+    "@pushrocks/qenv": "^3.0.2",
-    "qenv": "^1.1.7",
+    "@pushrocks/tapbundle": "^3.0.7",
-    "tapbundle": "^2.0.2"
+    "@types/node": "^10.12.18",
+    "tslint": "^5.12.0",
+    "tslint-config-prettier": "^1.17.0"
   }
 }

qenv.yml

@@ -1,3 +1,6 @@
-vars:
+required:
   - CF_EMAIL
   - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

test/test.ts

@@ -1,13 +1,30 @@
-import { tap, expect } from 'tapbundle';
+import { tap, expect } from '@pushrocks/tapbundle';
+import { Qenv } from '@pushrocks/qenv';
+
+const testQenv = new Qenv('./', './.nogit/');
 
 import * as smartacme from '../ts/index';
 
 let smartAcmeInstance: smartacme.SmartAcme;
 
-tap.test('should create a valid instance of SmartAcme' , async () => {
+tap.test('should create a valid instance of SmartAcme', async () => {
-  smartAcmeInstance = new smartacme.SmartAcme();
+  smartAcmeInstance = new smartacme.SmartAcme({
-  await smartAcmeInstance.init()
+    accountEmail: 'domains@lossless.org',
-  console.log(smartAcmeInstance.directoryUrls);
+    accountPrivateKey: null,
-})
+    removeChallenge: async (...args) => {
+      console.log(args);
+    },
+    setChallenge: async (...args) => {
+      console.log(args);
+    },
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL')
+    }
+  });
+  await smartAcmeInstance.init();
+  await smartAcmeInstance.getCertificateForDomain('bleu.de');
+});
 
 tap.start();

ts/index.ts

@@ -1 +1,3 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';
+
+export * from './smartacme.classes.certremoteclient';

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './accountdata';

ts/smartacme.classes.cert.ts

@@ -0,0 +1,34 @@
+import * as plugins from './smartacme.plugins';
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> {
+  @unI()
+  public index: string;
+
+  @svDb()
+  domainName: string;
+
+  @svDb()
+  created: number;
+
+  @svDb()
+  privateKey: string;
+  
+  @svDb()
+  publicKey: string;
+  
+  @svDb()
+  csr: string;
+
+  constructor(privateKeyArg: string, publicKeyArg: string, csrArg: string) {
+    super();
+    this.privateKey = privateKeyArg;
+    this.publicKey = publicKeyArg;
+    this.csr = csrArg;
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,67 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+  
+  
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  constructor(optionsArg: {
+    mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  }) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init () {
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+  };
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param domainName the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(domainName: string): Promise<Cert> {
+    const existingCertificate: Cert = await Cert.getInstance({
+      name: domainName
+    });
+
+    if(existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+
+  }
+
+  /**
+   * stores the certificate with the 
+   * @param publicKeyArg 
+   * @param privateKeyArg 
+   * @param csrArg 
+   */
+  public async storeCertificate(privateKeyArg: string, publicKeyArg: string, csrArg: string) {
+    const cert = new Cert(privateKeyArg, publicKeyArg, csrArg);
+    cert.save();
+  };
+
+  public async deleteCertificate(domainName: string) {
+
+  };
+
+  /**
+   * checks all certs for expiration
+   */
+  checkCerts() {}
+}

ts/smartacme.classes.certremoteclient.ts

@@ -0,0 +1,10 @@
+import * as plugins from './smartacme.plugins';
+
+export class CertRemoteClient {
+  constructor(optionsArg: {
+    remoteUrl: string;
+    secret: string;
+  }) {
+    
+  }
+}

ts/smartacme.classes.certremotehandler.ts

@@ -0,0 +1,3 @@
+import * as plugins from './smartacme.plugins';
+
+export class CertRemoteHandler {}

ts/smartacme.classes.keypair.ts

@@ -1,27 +0,0 @@
-import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
-
-export class KeyPair {
-  rsaKeyPair: any
-
-  /**
-   * generates a fresh rsa keyPair
-   */
-  static async generateFresh(): Promise<KeyPair> {
-    const done = plugins.smartpromise.defer();
-    var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
-    rsa.generateKeypair(options, function(err, keypair) {
-      if(err) {
-        console.log(err);
-      }
-      done.resolve(keypair);
-    });
-    const result: any = await done.promise;
-    const keyPair = new KeyPair(result);
-    return keyPair;
-  }
-
-  constructor(rsaKeyPairArg) {
-    this.rsaKeyPair = rsaKeyPairArg;
-  }
-}

ts/smartacme.classes.smartacme.ts

@@ -1,47 +1,128 @@
-const acme = require('acme-v2').ACME.create({
+import * as plugins from './smartacme.plugins';
-  RSA: require('rsa-compat').RSA,
+import { CertManager } from './smartacme.classes.certmanager';
+import { CertRemoteHandler } from './smartacme.classes.certremotehandler';
 
-  // other overrides
+/**
-  promisify: require('util').promisify,
+ *
-
+ */
-  // used for constructing user-agent
+export interface ISmartAcmeOptions {
-  os: require('os'),
+  accountPrivateKey?: string;
-  process: require('process'),
+  accountEmail: string;
-
+  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
-  // used for overriding the default user-agent
+  removeChallenge: (domainName: string) => Promise<any>;
-  userAgent: 'My custom UA String',
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
-  getUserAgentString: function(deps) {
+}
-    return 'My custom UA String';
-  },
-
-  // don't try to validate challenges locally
-  skipChallengeTest: false
-});
-
-import { KeyPair } from './smartacme.classes.keypair';
 
 export class SmartAcme {
-  keyPair: KeyPair;
+  private options: ISmartAcmeOptions;
-  directoryUrls: any;
 
-  async init() {
+  // the acme client
-    // get directory url
+  private client: any;
-    this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
+  private smartdns = new plugins.smartdns.Smartdns();
 
-    // create keyPair
+  // the account private key
-    this.keyPair = await KeyPair.generateFresh();
+  private privateKey: string;
 
-    // get account
+  // challenge fullfillment
-    const registrationData = await acme.accounts.create({
+  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
-      email: 'domains@lossless.org', // valid email (server checks MX records)
+  private removeChallenge: (domainName: string) => Promise<any>;
-      accountKeypair: this.keyPair.rsaKeyPair,
+
-      agreeToTerms: async tosUrl => {
+  // certmanager
-        return tosUrl;
+  private certmanager: CertManager;
+  private certremoteHandler: CertRemoteHandler;
+
+  constructor(optionsArg: ISmartAcmeOptions) {
+    this.options = optionsArg;
   }
-    }).catch(e => {
+
-      console.log(e);
+  public async init() {
+    this.privateKey = this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
+    this.setChallenge = this.options.setChallenge;
+    this.removeChallenge = this.options.removeChallenge;
+
+    this.certmanager = new CertManager({
+      mongoDescriptor: this.options.mongoDescriptor
+    });
+    await this.certmanager.init();
+    this.certremoteHandler = new CertRemoteHandler();
+
+    this.client = new plugins.acme.Client({
+      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      accountKey: this.privateKey
     });
 
-    console.log(registrationData);
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`]
+    });
   }
+
+  public async getCertificateForDomain(domainArg: string) {
+    const domain = domainArg;
+
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
+
+    if(retrievedCertificate) {
+      return retrievedCertificate;
+    }
+
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge(domainDnsName, keyAuthorization);
+        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge(domainDnsName);
+        } catch (e) {
+          console.log(e);
+        }
+      }
+    }
+
+    /* Finalize order */
+    const [key, csr] = await plugins.acme.forge.createCsr({
+      commonName: `*.${domain}`,
+      altNames: [domain]
+    });
+
+    await this.client.finalizeOrder(order, csr);
+    const cert = await this.client.getCertificate(order);
+
+    /* Done */
+    console.log(`CSR:\n${csr.toString()}`);
+    console.log(`Private key:\n${key.toString()}`);
+    console.log(`Certificate:\n${cert.toString()}`);
+
+    this.certmanager.storeCertificate(key.toString(), cert.toString(), csr.toString());
+  }
+
+  toStorageObject() {}
 }

ts/smartacme.plugins.ts

@@ -1,5 +1,17 @@
+// @pushrocks scope
+import * as lik from '@pushrocks/lik';
+import * as smartdata from '@pushrocks/smartdata';
+import * as smartdelay from '@pushrocks/smartdelay';
+import * as smartdns from '@pushrocks/smartdns';
+import * as smartexpress from '@pushrocks/smartexpress';
 import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartrequest from '@pushrocks/smartrequest';
+import * as smartunique from '@pushrocks/smartunique';
+import * as smarttime from '@pushrocks/smarttime';
 
-export {
+export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smarttime };
-  smartpromise
+
-}
+// thirs party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }