3.0.2

.gitignore

@@ -1,5 +1,22 @@
-node_modules/
+.nogit/
+
+# artifacts
 coverage/
 public/
 pages/
-.nogit/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_web/
+dist_serve/
+dist_ts_web/
+
+# custom

.gitlab-ci.yml

@@ -1,16 +1,16 @@
-# gitzone standard
+# gitzone ci_default
-image: hosttoday/ht-docker-node:npmci
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
 
 cache:
   paths:
-  - .npmci_cache/
+    - .npmci_cache/
-  key: "$CI_BUILD_STAGE"
+  key: '$CI_BUILD_STAGE'
 
 stages:
-- security
+  - security
-- test
+  - test
-- release
+  - release
-- metadata
+  - metadata
 
 # ====================
 # security stage
@@ -18,109 +18,103 @@ stages:
 mirror:
   stage: security
   script:
-  - npmci git mirror
+    - npmci git mirror
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
+    - notpriv
 
 snyk:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:snyk
   stage: security
   script:
-    - npmci command npm install -g snyk
+    - npmci npm prepare
     - npmci command npm install --ignore-scripts
     - npmci command snyk test
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
+    - notpriv
 
 # ====================
 # test stage
 # ====================
-testLEGACY:
-  stage: test
-  script:
-  - npmci node install legacy
-  - npmci npm install
-  - npmci npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - docker
-  - notpriv
-  allow_failure: true
 
-testLTS:
+testStable:
   stage: test
   script:
-  - npmci node install lts
+    - npmci npm prepare
-  - npmci npm install
+    - npmci node install stable
-  - npmci npm test
+    - npmci npm install
+    - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
-    
+    - priv
-testSTABLE:
+
+testBuild:
   stage: test
   script:
-  - npmci node install stable
+    - npmci npm prepare
-  - npmci npm install
+    - npmci node install stable
-  - npmci npm test
+    - npmci npm install
+    - npmci command npm run build
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
+    - notpriv
 
 release:
   stage: release
   script:
-  - npmci node install stable
+    - npmci node install stable
-  - npmci npm publish
+    - npmci npm publish
   only:
-  - tags
+    - tags
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
+    - notpriv
 
 # ====================
 # metadata stage
 # ====================
 codequality:
   stage: metadata
-  image: docker:stable
   allow_failure: true
-  services:
-    - docker:stable-dind
   script:
-    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - npmci command npm install -g tslint typescript
-    - docker run
+    - npmci npm prepare
-        --env SOURCE_CODE="$PWD"
+    - npmci npm install
-        --volume "$PWD":/code
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
-        --volume /var/run/docker.sock:/var/run/docker.sock
-        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
-  artifacts:
-    paths: [codeclimate.json]
   tags:
-  - docker
+    - lossless
-  - priv
+    - docker
+    - priv
 
 trigger:
   stage: metadata
   script:
-  - npmci trigger
+    - npmci trigger
   only:
-  - tags
+    - tags
   tags:
-  - docker
+    - lossless
-  - notpriv
+    - docker
+    - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmci
   stage: metadata
   script:
-    - npmci command npm install -g typedoc typescript
+    - npmci node install lts
+    - npmci command npm install -g @gitzone/tsdoc
+    - npmci npm prepare
     - npmci npm install
-    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
+    - npmci command tsdoc
   tags:
+    - lossless
     - docker
     - notpriv
   only:
@@ -128,15 +122,5 @@ pages:
   artifacts:
     expire_in: 1 week
     paths:
-    - public
+      - public
-  allow_failure: true
-
-windowsCompatibility:
-  image: stefanscherer/node-windows:10-build-tools
-  stage: metadata
-  script:
-  - npm install & npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - windows
   allow_failure: true

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "current file",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "${relativeFile}"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    },
+    {
+      "name": "test.ts",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "test/test.ts"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,26 @@
+{
+  "json.schemas": [
+    {
+      "fileMatch": ["/npmextra.json"],
+      "schema": {
+        "type": "object",
+        "properties": {
+          "npmci": {
+            "type": "object",
+            "description": "settings for npmci"
+          },
+          "gitzone": {
+            "type": "object",
+            "description": "settings for gitzone",
+            "properties": {
+              "projectType": {
+                "type": "string",
+                "enum": ["website", "element", "service", "npm"]
+              }
+            }
+          }
+        }
+      }
+    }
+  ]
+}

README.md

@@ -1,33 +1,36 @@
-# smartacme
+# @pushrocks/smartuniverse
+acme with an easy yet powerful interface in TypeScript
 
-acme implementation in TypeScript
+## Availabililty and Links
-
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
-## Availabililty
+* [gitlab.com (source)](https://gitlab.com/pushrocks/smartuniverse)
-
+* [github.com (source mirror)](https://github.com/pushrocks/smartuniverse)
-[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
+* [docs (typedoc)](https://pushrocks.gitlab.io/smartuniverse/)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
-[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 
 ## Status for master
-
+[![build status](https://gitlab.com/pushrocks/smartuniverse/badges/master/build.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
-[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
+[![coverage report](https://gitlab.com/pushrocks/smartuniverse/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartuniverse/commits/master)
-[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
+[![npm downloads per month](https://img.shields.io/npm/dm/@pushrocks/smartuniverse.svg)](https://www.npmjs.com/package/@pushrocks/smartuniverse)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
+[![Known Vulnerabilities](https://snyk.io/test/npm/@pushrocks/smartuniverse/badge.svg)](https://snyk.io/test/npm/@pushrocks/smartuniverse)
-[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
+[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
-[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
+[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
-[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 
 ## Usage
 
 Use TypeScript for best in class instellisense.
 
-For further information read the linked docs at the top of this README.
+```javascript
+import { SmartAcme } from 'smartacme';
+
+let smac = new SmartAcme()
+
+// TODO
+```
+
+For further information read the linked docs at the top of this readme.
 
 > MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone)
+[![repo-footer](https://pushrocks.gitlab.io/assets/repo-footer.svg)](https://maintainedby.lossless.com)

docs/index.md

@@ -1,63 +0,0 @@
-# smartacme
-
-acme implementation in TypeScript
-
-## Availabililty
-
-[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
-[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
-
-## Status for master
-
-[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
-
-## Usage
-
-Use TypeScript for best in class instellisense.
-
-```javascript
-import { SmartAcme } from 'smartacme';
-
-let smac = new SmartAcme()(async () => {
-  // learn async/await, it'll make your life easier
-
-  // optionally accepts a filePath Arg with a stored acmeaccount.json
-  // will create an account and
-  let myAccount = await smac.createAcmeAccount();
-
-  // will return a dnsHash to set in your DNS record
-  let myCert = await myAccount.createAcmeCert('example.com');
-
-  // gets and accepts the specified challenge
-  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-  let myChallenge = await myCert.getChallenge('dns-01');
-
-  /* ----------
-    Now you need to set the challenge in your DNS
-    myChallenge.domainNamePrefixed is the address for the record
-    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
-    -------------*/
-})();
-```
-
-## Other relevant npm modules
-
-| module name | description                                                         |
-| ----------- | ------------------------------------------------------------------- |
-| cert        | a higlevel production module that uses smartacme to manage certs    |
-| smartnginx  | a highlevel production tool for docker environments to manage nginx |
-
-> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
-
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

npmextra.json

@@ -1,6 +1,18 @@
 {
+  "gitzone": {
+    "projectType": "npm",
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "pushrocks",
+      "gitrepo": "smartuniverse",
+      "shortDescription": "acme with an easy yet powerful interface in TypeScript",
+      "npmPackagename": "@pushrocks/smartuniverse",
+      "license": "MIT",
+      "projectDomain": "push.rocks"
+    }
+  },
   "npmci": {
     "npmGlobalTools": [],
     "npmAccessLevel": "public"
   }
-}
+}

package.json

@@ -1,13 +1,13 @@
 {
-  "name": "smartacme",
+  "name": "@pushrocks/smartacme",
-  "version": "1.1.4",
+  "version": "3.0.2",
   "private": false,
-  "description": "acme implementation in TypeScript",
+  "description": "acme with an easy yet powerful interface in TypeScript",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
   "scripts": {
     "test": "(tstest test/)",
-    "build": "echo \"Not needed for now\""
+    "build": "(tsbuild)"
   },
   "repository": {
     "type": "git",
@@ -25,18 +25,40 @@
   },
   "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@pushrocks/smartdelay": "^2.0.2",
+    "@pushrocks/lik": "^3.0.17",
-    "@pushrocks/smartpromise": "^2.0.5",
+    "@pushrocks/smartdata": "^3.1.25",
-    "acme-v2": "^1.2.0",
+    "@pushrocks/smartdelay": "^2.0.6",
-    "rsa-compat": "^1.5.1"
+    "@pushrocks/smartdns": "^3.0.8",
+    "@pushrocks/smartexpress": "^3.0.57",
+    "@pushrocks/smartlog": "^2.0.21",
+    "@pushrocks/smartpromise": "^3.0.6",
+    "@pushrocks/smartrequest": "^1.1.47",
+    "@pushrocks/smartstring": "^3.0.18",
+    "@pushrocks/smarttime": "^3.0.12",
+    "@pushrocks/smartunique": "^3.0.1",
+    "@tsclass/tsclass": "^3.0.4",
+    "acme-client": "^3.3.1"
   },
   "devDependencies": {
-    "@gitzone/tsbuild": "^2.0.22",
+    "@gitzone/tsbuild": "^2.1.17",
-    "@gitzone/tsrun": "^1.1.12",
+    "@gitzone/tsrun": "^1.2.8",
-    "@gitzone/tstest": "^1.0.13",
+    "@gitzone/tstest": "^1.0.28",
-    "@types/node": "^10.5.8",
+    "@mojoio/cloudflare": "^4.0.3",
-    "cflare": "^1.0.5",
+    "@pushrocks/qenv": "^4.0.6",
-    "qenv": "^1.1.7",
+    "@pushrocks/tapbundle": "^3.2.0",
-    "tapbundle": "^2.0.2"
+    "@types/node": "^13.7.0",
-  }
+    "tslint": "^6.0.0",
+    "tslint-config-prettier": "^1.18.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_web/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ]
 }

qenv.yml

@@ -1,3 +1,6 @@
-vars:
+required:
-    - CF_EMAIL
+  - CF_EMAIL
-    - CF_KEY
+  - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

test/test.ts

@@ -1,14 +1,50 @@
-import { tap, expect } from 'tapbundle';
+import { tap, expect } from '@pushrocks/tapbundle';
+import { Qenv } from '@pushrocks/qenv';
+import * as cloudflare from '@mojoio/cloudflare';
+
+const testQenv = new Qenv('./', './.nogit/');
+const testCloudflare = new cloudflare.CloudflareAccount({
+  email: testQenv.getEnvVarOnDemand('CF_EMAIL'),
+  key: testQenv.getEnvVarOnDemand('CF_KEY')
+});
 
 import * as smartacme from '../ts/index';
 
 let smartAcmeInstance: smartacme.SmartAcme;
 
 tap.test('should create a valid instance of SmartAcme', async () => {
-  smartAcmeInstance = new smartacme.SmartAcme();
+  smartAcmeInstance = new smartacme.SmartAcme({
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
+    },
+    removeChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeRemoveDnsChallenge(dnsChallenge);
+    },
+    setChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeSetDnsChallenge(dnsChallenge);
+    },
+    environment: 'integration'
+  });
   await smartAcmeInstance.init();
-  console.log(smartAcmeInstance.directoryUrls);
+});
+
+tap.test('should get a domain certificate', async () => {
   await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });
 
+tap.test('certmatcher should correctly match domains', async () => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher');
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
+
+tap.test('should stop correctly', async () => {
+  await smartAcmeInstance.stop();
+});
+
 tap.start();

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './accountdata';

ts/smartacme.classes.cert.ts

@@ -0,0 +1,62 @@
+import * as plugins from './smartacme.plugins';
+
+import * as interfaces from './interfaces';
+
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements plugins.tsclass.network.ICert {
+  @unI()
+  public id: string;
+
+  @svDb()
+  public domainName: string;
+
+  @svDb()
+  public created: number;
+
+  @svDb()
+  public privateKey: string;
+
+  @svDb()
+  public publicKey: string;
+
+  @svDb()
+  public csr: string;
+
+  @svDb()
+  public validUntil: number;
+
+  public isStillValid(): boolean {
+    return this.validUntil >= Date.now();
+  }
+
+  public shouldBeRenewed(): boolean {
+    const shouldBeValidAtLeastUntil =
+      Date.now() +
+      plugins.smarttime.getMilliSecondsFromUnits({
+        days: 10
+      });
+    return !(this.validUntil >= shouldBeValidAtLeastUntil);
+  }
+
+  public update(certDataArg: plugins.tsclass.network.ICert) {
+    Object.keys(certDataArg).forEach(key => {
+      this[key] = certDataArg[key];
+    });
+  }
+
+
+  constructor(optionsArg: plugins.tsclass.network.ICert) {
+    super();
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,77 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { SmartAcme } from './smartacme.classes.smartacme';
+
+import * as interfaces from './interfaces';
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  public interestMap: plugins.lik.InterestMap<string, Cert>;
+
+  constructor(
+    smartAcmeArg: SmartAcme,
+    optionsArg: {
+      mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+    }
+  ) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init() {
+    // Smartdata DB
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+
+    // Pending Map
+    this.interestMap = new plugins.lik.InterestMap((certName) => certName);
+  }
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param certDomainNameArg the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(certDomainNameArg: string): Promise<Cert> {
+    const existingCertificate: Cert = await Cert.getInstance({
+      domainName: certDomainNameArg
+    });
+
+    if (existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * stores the certificate
+   * @param optionsArg
+   */
+  public async storeCertificate(optionsArg: plugins.tsclass.network.ICert) {
+    const cert = new Cert(optionsArg);
+    await cert.save();
+    const interest = this.interestMap.findInterest(cert.domainName);
+    if (interest) {
+      interest.fullfillInterest(cert);
+      interest.markLost();
+    }
+  }
+
+  public async deleteCertificate(certDomainNameArg: string) {
+    const cert: Cert = await Cert.getInstance({
+      domainName: certDomainNameArg
+    });
+    await cert.delete();
+  }
+}

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,19 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+
+/**
+ * certmatcher is responsible for matching certificates
+ */
+export class CertMatcher {
+  /**
+   * creates a domainName for the certificate that will include the broadest scope
+   * for wild card certificates
+   * @param domainNameArg the domainNameArg to create the scope from
+   */
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.keypair.ts

@@ -1,27 +0,0 @@
-import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
-
-export class KeyPair {
-  rsaKeyPair: any;
-
-  /**
-   * generates a fresh rsa keyPair
-   */
-  static async generateFresh(): Promise<KeyPair> {
-    const done = plugins.smartpromise.defer();
-    var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
-    rsa.generateKeypair(options, function(err, keypair) {
-      if (err) {
-        console.log(err);
-      }
-      done.resolve(keypair);
-    });
-    const result: any = await done.promise;
-    const keyPair = new KeyPair(result);
-    return keyPair;
-  }
-
-  constructor(rsaKeyPairArg) {
-    this.rsaKeyPair = rsaKeyPairArg;
-  }
-}

ts/smartacme.classes.smartacme.ts

@@ -1,86 +1,213 @@
-const acme = require('acme-v2').ACME.create({
-  RSA: require('rsa-compat').RSA,
-
-  // used for constructing user-agent
-  os: require('os'),
-  process: require('process'),
-
-  // used for overriding the default user-agent
-  userAgent: 'My custom UA String',
-  getUserAgentString: function(deps) {
-    return 'My custom UA String';
-  },
-
-  // don't try to validate challenges locally
-  skipChallengeTest: true
-});
-
-import { KeyPair } from './smartacme.classes.keypair';
 import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
+import { Cert } from './smartacme.classes.cert';
+import { CertManager } from './smartacme.classes.certmanager';
+import { CertMatcher } from './smartacme.classes.certmatcher';
 
+/**
+ * the options for the class @see SmartAcme
+ */
+export interface ISmartAcmeOptions {
+  accountPrivateKey?: string;
+  accountEmail: string;
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  environment: 'production' | 'integration';
+  logger?: plugins.smartlog.Smartlog;
+}
+
+/**
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ *
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
+ */
 export class SmartAcme {
-  domainKeyPair: KeyPair;
+  private options: ISmartAcmeOptions;
-  accountKeyPair: KeyPair;
-  accountData: any;
-  directoryUrls: any;
 
-  async init() {
+  // the acme client
-    // get directory url
+  private client: any;
-    this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
+  private smartdns = new plugins.smartdns.Smartdns();
+  public logger: plugins.smartlog.Smartlog;
 
-    // create keyPairs
+  // the account private key
-    this.domainKeyPair = await KeyPair.generateFresh();
+  private privateKey: string;
-    this.accountKeyPair = await KeyPair.generateFresh();
 
-    // get account
+  // challenge fullfillment
-    const registrationData = await acme.accounts
+  private setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
-      .create({
+  private removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
-        email: 'domains@lossless.org', // valid email (server checks MX records)
+
-        accountKeypair: this.accountKeyPair.rsaKeyPair,
+  // certmanager
-        agreeToTerms: async tosUrl => {
+  private certmanager: CertManager;
-          return tosUrl;
+  private certmatcher: CertMatcher;
-        }
+
-      })
+  constructor(optionsArg: ISmartAcmeOptions) {
-      .catch(e => {
+    this.options = optionsArg;
-        console.log(e);
+    this.options.logger
-      });
+      ? (this.logger = optionsArg.logger)
-    this.accountData = registrationData;
+      : (this.logger = plugins.smartlog.defaultLogger);
   }
 
-  async getCertificateForDomain(domain) {
+  /**
-    const result = await acme.certificates
+   * inits the instance
-      .create({
+   * ```ts
-        domainKeypair: this.domainKeyPair.rsaKeyPair,
+   * await myCloudlyInstance.init() // does not support options
-        accountKeypair: this.accountKeyPair.rsaKeyPair,
+   * ```
-        domains: ['bleu.de'],
+   */
-        challengeType: 'dns-01',
+  public async init() {
+    this.privateKey =
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
+    this.setChallenge = this.options.setChallenge;
+    this.removeChallenge = this.options.removeChallenge;
 
-        setChallenge: async (hostname, key, val, cb) => {
+    // CertMangaer
-          console.log('set challenge');
+    this.certmanager = new CertManager(this, {
-          console.log(hostname);
+      mongoDescriptor: this.options.mongoDescriptor
-          //console.log(key);
+    });
-          //console.log(val);
+    await this.certmanager.init();
-          const dnsKey = rsa.utils.toWebsafeBase64(
-            require('crypto')
-              .createHash('sha256')
-              .update(val)
-              .digest('base64')
-          );
 
-          console.log(dnsKey);
+    // CertMatcher
-          await plugins.smartdelay.delayFor(20000);
+    this.certmatcher = new CertMatcher();
-          console.log('ready!');
+
-          cb();
+    // ACME Client
-        }, // return Promise
+    this.client = new plugins.acme.Client({
-        removeChallenge: async (hostname, key) => {
+      directoryUrl: (() => {
-          console.log('removing challenge');
+        if (this.options.environment === 'production') {
-          return;
+          return plugins.acme.directory.letsencrypt.production;
-        } // return Promise
+        } else {
-      })
+          return plugins.acme.directory.letsencrypt.staging;
-      .catch(e => {
+        }
-        console.log(e);
+      })(),
-      }); // returns Promise<pems={ privkey (key), cert, chain (ca) }>
+      accountKey: this.privateKey
-    console.log(result);
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`]
+    });
+  }
+
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
+  }
+
+  /**
+   * gets a certificate
+   * it runs through the following steps
+   *
+   * * look in the database
+   * * if in the database and still valid return it
+   * * if not in the database announce it
+   * * then get it from letsencrypt
+   * * store it
+   * * remove it from the pending map (which it go onto by announcing it)
+   * * retrieve it from the databse and return it
+   *
+   * @param domainArg
+   */
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
+    const certDomainName = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomainName);
+
+    const shouldberenewed = retrievedCertificate.shouldBeRenewed();
+    const isStillValid = retrievedCertificate.isStillValid();
+
+    if (!retrievedCertificate && await this.certmanager.interestMap.checkInterest(certDomainName)) {
+      const existingCertificateInterest = this.certmanager.interestMap.findInterest(certDomainName);
+      const certificate = existingCertificateInterest.interestFullfilled;
+      return certificate;
+    } else if (retrievedCertificate && !retrievedCertificate.shouldBeRenewed()) {
+      return retrievedCertificate;
+    } else if (retrievedCertificate && retrievedCertificate.shouldBeRenewed()) {
+      // await retrievedCertificate.delete();
+    }
+
+    // lets make sure others get the same interest
+    await this.certmanager.interestMap.addInterest(certDomainName);
+    
+
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [
+        { type: 'dns', value: certDomainName },
+        { type: 'dns', value: `*.${certDomainName}` }
+      ]
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const fullHostName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge({
+          hostName: fullHostName,
+          challenge: keyAuthorization
+        });
+        await this.smartdns.checkUntilAvailable(fullHostName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge({
+            hostName: fullHostName,
+            challenge: keyAuthorization
+          });
+        } catch (e) {
+          console.log(e);
+        }
+      }
+    }
+
+    /* Finalize order */
+    const [key, csr] = await plugins.acme.forge.createCsr({
+      commonName: `*.${certDomainName}`,
+      altNames: [certDomainName]
+    });
+
+    await this.client.finalizeOrder(order, csr);
+    const cert = await this.client.getCertificate(order);
+
+    /* Done */
+
+    await this.certmanager.storeCertificate({
+      id: plugins.smartunique.shortId(),
+      domainName: certDomainName,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now(),
+      validUntil:
+        Date.now() +
+        plugins.smarttime.getMilliSecondsFromUnits({
+          days: 90
+        })
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomainName);
+    return newCertificate;
   }
 }

ts/smartacme.plugins.ts

@@ -1,4 +1,38 @@
-import * as smartpromise from '@pushrocks/smartpromise';
+// @pushrocks scope
+import * as lik from '@pushrocks/lik';
+import * as smartdata from '@pushrocks/smartdata';
 import * as smartdelay from '@pushrocks/smartdelay';
+import * as smartdns from '@pushrocks/smartdns';
+import * as smartexpress from '@pushrocks/smartexpress';
+import * as smartlog from '@pushrocks/smartlog';
+import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartrequest from '@pushrocks/smartrequest';
+import * as smartunique from '@pushrocks/smartunique';
+import * as smartstring from '@pushrocks/smartstring';
+import * as smarttime from '@pushrocks/smarttime';
 
-export { smartpromise, smartdelay };
+export {
+  lik,
+  smartdata,
+  smartdelay,
+  smartdns,
+  smartexpress,
+  smartlog,
+  smartpromise,
+  smartrequest,
+  smartunique,
+  smartstring,
+  smarttime
+};
+
+// @tsclass scope
+import * as tsclass from '@tsclass/tsclass';
+
+export {
+  tsclass
+}
+
+// third party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }