2.0.0

.gitlab-ci.yml

@@ -3,69 +3,140 @@ image: hosttoday/ht-docker-node:npmci
 
 cache:
   paths:
-  - .yarn/
+  - .npmci_cache/
   key: "$CI_BUILD_STAGE"
 
 stages:
+- security
 - test
 - release
-- trigger
-- pages
+- metadata
 
+# ====================
+# security stage
+# ====================
+mirror:
+  stage: security
+  script:
+  - npmci git mirror
+  tags:
+  - docker
+  - notpriv
+
+snyk:
+  stage: security
+  script:
+    - npmci command npm install -g snyk
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+  - docker
+  - notpriv
+
+# ====================
+# test stage
+# ====================
 testLEGACY:
   stage: test
   script:
-    - npmci test legacy
+  - npmci node install legacy
+  - npmci npm install
+  - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
   allow_failure: true
 
 testLTS:
   stage: test
   script:
-    - npmci test lts
+  - npmci node install lts
+  - npmci npm install
+  - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
     
 testSTABLE:
   stage: test
   script:
-    - npmci test stable
+  - npmci node install stable
+  - npmci npm install
+  - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
+  - docker
+  - notpriv
 
 release:
   stage: release
   script:
-    - npmci publish
+  - npmci node install stable
+  - npmci npm publish
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  image: docker:stable
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
+  artifacts:
+    paths: [codeclimate.json]
+  tags:
+  - docker
+  - priv
 
 trigger:
-  stage: trigger
+  stage: metadata
   script:
-    - npmci trigger
+  - npmci trigger
   only:
-    - tags
+  - tags
   tags:
-    - docker
+  - docker
+  - notpriv
 
 pages:
   image: hosttoday/ht-docker-node:npmci
-  stage: pages
+  stage: metadata
   script:
-    - npmci command yarn global add npmpage
-    - npmci command npmpage
+    - npmci command npm install -g typedoc typescript
+    - npmci npm install
+    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
   tags:
     - docker
+    - notpriv
   only:
     - tags
   artifacts:
     expire_in: 1 week
     paths:
     - public
+  allow_failure: true
+
+windowsCompatibility:
+  image: stefanscherer/node-windows:10-build-tools
+  stage: metadata
+  script:
+  - npm install & npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
+  tags:
+  - windows
+  allow_failure: true

.snyk

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:node-forge:20180226':
+    - rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+    - acme-v2 > rsa-compat > node-forge:
+        reason: None given
+        expires: '2018-09-11T19:17:24.148Z'
+patch: {}

README.md

@@ -1,13 +1,16 @@
 # smartacme
+
 acme implementation in TypeScript
 
 ## Availabililty
+
 [![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
 [![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
+
 [![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
@@ -19,11 +22,12 @@ acme implementation in TypeScript
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
+
 Use TypeScript for best in class instellisense.
 
 For further information read the linked docs at the top of this README.
 
 > MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 
 [![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone)

docs/index.md

@@ -1,13 +1,16 @@
 # smartacme
+
 acme implementation in TypeScript
 
 ## Availabililty
+
 [![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
 [![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
+
 [![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
@@ -19,41 +22,42 @@ acme implementation in TypeScript
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
+
 Use TypeScript for best in class instellisense.
 
 ```javascript
-import { SmartAcme } from 'smartacme'
+import { SmartAcme } from 'smartacme';
 
-let smac = new SmartAcme()
+let smac = new SmartAcme()(async () => {
+  // learn async/await, it'll make your life easier
 
-(async () => { // learn async/await, it'll make your life easier
+  // optionally accepts a filePath Arg with a stored acmeaccount.json
+  // will create an account and
+  let myAccount = await smac.createAcmeAccount();
 
-    // optionally accepts a filePath Arg with a stored acmeaccount.json
-    // will create an account and 
-    let myAccount = await smac.createAcmeAccount()
+  // will return a dnsHash to set in your DNS record
+  let myCert = await myAccount.createAcmeCert('example.com');
 
-    // will return a dnsHash to set in your DNS record
-    let myCert = await myAccount.createAcmeCert('example.com')
+  // gets and accepts the specified challenge
+  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
+  let myChallenge = await myCert.getChallenge('dns-01');
 
-    // gets and accepts the specified challenge
-    // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-    let myChallenge = await myCert.getChallenge('dns-01')
-
-    /* ----------
+  /* ----------
     Now you need to set the challenge in your DNS
     myChallenge.domainNamePrefixed is the address for the record
     myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
     -------------*/
-})()
+})();
 ```
 
 ## Other relevant npm modules
-module name | description
---- | ---
-cert | a higlevel production module that uses smartacme to manage certs
-smartnginx | a highlevel production tool for docker environments to manage nginx 
+
+| module name | description                                                         |
+| ----------- | ------------------------------------------------------------------- |
+| cert        | a higlevel production module that uses smartacme to manage certs    |
+| smartnginx  | a highlevel production tool for docker environments to manage nginx |
 
 > MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 
 [![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

npmextra.json

@@ -1,7 +1,6 @@
 {
-    "npmci": {
-        "globalNpmTools": [
-            "npmts"
-        ]
-    }
+  "npmci": {
+    "npmGlobalTools": [],
+    "npmAccessLevel": "public"
+  }
 }

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "smartacme",
-  "version": "1.1.0",
+  "version": "2.0.0",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -69,6 +69,14 @@
         "ansi-256-colors": "^1.1.0"
       }
     },
+    "@pushrocks/smartdelay": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/@pushrocks/smartdelay/-/smartdelay-2.0.2.tgz",
+      "integrity": "sha512-4xf6tMKwZcxBynKgXrM4SQKgeASfRvx43LUmR5DkStp26ZHAsarCXUdKJS6y8QIPygEOTOCP8we97JAcCzBuMg==",
+      "requires": {
+        "@pushrocks/smartpromise": "^2.0.5"
+      }
+    },
     "@pushrocks/smartfile": {
       "version": "6.0.6",
       "resolved": "https://registry.npmjs.org/@pushrocks/smartfile/-/smartfile-6.0.6.tgz",

package.json

@@ -1,11 +1,13 @@
 {
-  "name": "smartacme",
-  "version": "1.1.0",
+  "name": "@pushrocks/smartacme",
+  "version": "2.0.0",
+  "private": false,
   "description": "acme implementation in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
-    "test": "(tstest test/)"
+    "test": "(tstest test/)",
+    "build": "echo \"Not needed for now\""
   },
   "repository": {
     "type": "git",
@@ -23,6 +25,7 @@
   },
   "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
+    "@pushrocks/smartdelay": "^2.0.2",
     "@pushrocks/smartpromise": "^2.0.5",
     "acme-v2": "^1.2.0",
     "rsa-compat": "^1.5.1"

test/test.ts

@@ -4,10 +4,11 @@ import * as smartacme from '../ts/index';
 
 let smartAcmeInstance: smartacme.SmartAcme;
 
-tap.test('should create a valid instance of SmartAcme' , async () => {
+tap.test('should create a valid instance of SmartAcme', async () => {
   smartAcmeInstance = new smartacme.SmartAcme();
-  await smartAcmeInstance.init()
+  await smartAcmeInstance.init();
   console.log(smartAcmeInstance.directoryUrls);
-})
+  await smartAcmeInstance.getCertificateForDomain('bleu.de');
+});
 
 tap.start();

ts/index.ts

@@ -1 +1 @@
-export * from './smartacme.classes.smartacme'
+export * from './smartacme.classes.smartacme';

ts/smartacme.classes.keypair.ts

@@ -2,7 +2,7 @@ import * as plugins from './smartacme.plugins';
 const rsa = require('rsa-compat').RSA;
 
 export class KeyPair {
-  rsaKeyPair: any
+  rsaKeyPair: any;
 
   /**
    * generates a fresh rsa keyPair
@@ -11,7 +11,7 @@ export class KeyPair {
     const done = plugins.smartpromise.defer();
     var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
     rsa.generateKeypair(options, function(err, keypair) {
-      if(err) {
+      if (err) {
         console.log(err);
       }
       done.resolve(keypair);

ts/smartacme.classes.smartacme.ts

@@ -1,9 +1,6 @@
 const acme = require('acme-v2').ACME.create({
   RSA: require('rsa-compat').RSA,
 
-  // other overrides
-  promisify: require('util').promisify,
-
   // used for constructing user-agent
   os: require('os'),
   process: require('process'),
@@ -15,33 +12,75 @@ const acme = require('acme-v2').ACME.create({
   },
 
   // don't try to validate challenges locally
-  skipChallengeTest: false
+  skipChallengeTest: true
 });
 
 import { KeyPair } from './smartacme.classes.keypair';
+import * as plugins from './smartacme.plugins';
+const rsa = require('rsa-compat').RSA;
 
 export class SmartAcme {
-  keyPair: KeyPair;
+  domainKeyPair: KeyPair;
+  accountKeyPair: KeyPair;
+  accountData: any;
   directoryUrls: any;
 
   async init() {
     // get directory url
     this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
 
-    // create keyPair
-    this.keyPair = await KeyPair.generateFresh();
+    // create keyPairs
+    this.domainKeyPair = await KeyPair.generateFresh();
+    this.accountKeyPair = await KeyPair.generateFresh();
 
     // get account
-    const registrationData = await acme.accounts.create({
-      email: 'domains@lossless.org', // valid email (server checks MX records)
-      accountKeypair: this.keyPair.rsaKeyPair,
-      agreeToTerms: async tosUrl => {
-        return tosUrl;
-      }
-    }).catch(e => {
-      console.log(e);
-    });
+    const registrationData = await acme.accounts
+      .create({
+        email: 'domains@lossless.org', // valid email (server checks MX records)
+        accountKeypair: this.accountKeyPair.rsaKeyPair,
+        agreeToTerms: async tosUrl => {
+          return tosUrl;
+        }
+      })
+      .catch(e => {
+        console.log(e);
+      });
+    this.accountData = registrationData;
+  }
 
-    console.log(registrationData);
+  async getCertificateForDomain(domain) {
+    const result = await acme.certificates
+      .create({
+        domainKeypair: this.domainKeyPair.rsaKeyPair,
+        accountKeypair: this.accountKeyPair.rsaKeyPair,
+        domains: ['bleu.de'],
+        challengeType: 'dns-01',
+
+        setChallenge: async (hostname, key, val, cb) => {
+          console.log('set challenge');
+          console.log(hostname);
+          //console.log(key);
+          //console.log(val);
+          const dnsKey = rsa.utils.toWebsafeBase64(
+            require('crypto')
+              .createHash('sha256')
+              .update(val)
+              .digest('base64')
+          );
+
+          console.log(dnsKey);
+          await plugins.smartdelay.delayFor(20000);
+          console.log('ready!');
+          cb();
+        }, // return Promise
+        removeChallenge: async (hostname, key) => {
+          console.log('removing challenge');
+          return;
+        } // return Promise
+      })
+      .catch(e => {
+        console.log(e);
+      }); // returns Promise<pems={ privkey (key), cert, chain (ca) }>
+    console.log(result);
   }
 }

ts/smartacme.plugins.ts

@@ -1,5 +1,4 @@
 import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartdelay from '@pushrocks/smartdelay';
 
-export {
-  smartpromise
-}
+export { smartpromise, smartdelay };