2.0.29

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "@pushrocks/smartacme",
-  "version": "2.0.13",
+  "version": "2.0.29",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -104,9 +104,9 @@
       }
     },
     "@pushrocks/qenv": {
-      "version": "3.0.2",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fqenv/-/qenv-3.0.2.tgz",
-      "integrity": "sha512-gXW9Cib6izqY7W1MssryFBrjIoKwadftjv5G3y/BE4LboCkGazqjMJsea6z6G79rwvX1M+yxEEcIdIsDvBBSiA==",
+      "version": "4.0.0",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fqenv/-/qenv-4.0.0.tgz",
+      "integrity": "sha512-3/odPJaGp3ALtcSG/+N3dGtFX/CVBed9a5XKDa0bv7LoKCgYZeQwpF3jkCnNPjs7GKyzOzALHHID1L+zcb1RXw==",
       "dev": true,
       "requires": {
         "@pushrocks/smartfile": "^6.0.6",
@@ -170,13 +170,14 @@
       }
     },
     "@pushrocks/smartexpress": {
-      "version": "3.0.0",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartexpress/-/smartexpress-3.0.0.tgz",
-      "integrity": "sha512-F3x+AFUxkKxb5WgQuIZsfkrNzMz0PaYYIw4gdQbAPn5N/UCEP4eE2OQWXnAcCSYwsXI8hgjEuUOC9gTbCSPDRg==",
+      "version": "3.0.6",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartexpress/-/smartexpress-3.0.6.tgz",
+      "integrity": "sha512-Y/Av43ttryHO93BtrKAalPMQxymEn3HTjylnkgXFOTE5Ir4epGX8cG7FDnKUQIuM9Gx8nzFJfW16a90KUpExxQ==",
       "requires": {
         "@pushrocks/lik": "^3.0.4",
         "@pushrocks/smartfile": "^6.0.11",
         "@pushrocks/smartpromise": "^2.0.5",
+        "@pushrocks/smartrequest": "^1.1.14",
         "@types/express": "^4.16.0",
         "@types/finalhandler": "0.0.33",
         "@types/helmet": "0.0.42",
@@ -205,9 +206,9 @@
       }
     },
     "@pushrocks/smartlog": {
-      "version": "2.0.9",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartlog/-/smartlog-2.0.9.tgz",
-      "integrity": "sha512-F2u3O8OOQ7QXgg9o0lI7HnqEhSQZo2A8u0EuNbQH+Kj2oL62xDwjAg6KkINwH7ObSWpaldZ+I28prG0JxaRzvg==",
+      "version": "2.0.10",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartlog/-/smartlog-2.0.10.tgz",
+      "integrity": "sha512-4Ir4/JvfL+d5VsN+O8BpFSgUc1mWgr9s6S/cwYBCAIrWdqGomUM5RsZs57RMDn9MWW0JGJjGhUA0M+A8LSSgHw==",
       "requires": {
         "@pushrocks/smartlog-interfaces": "^2.0.2"
       }
@@ -271,12 +272,12 @@
       }
     },
     "@pushrocks/smartstring": {
-      "version": "3.0.5",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.5.tgz",
-      "integrity": "sha512-Bws2s6+Pc0HIXA35QH6cl6LJywhZ1U5icjyYMx+1kH8nURG+njzkacfarr9NWqyVYYOVu7SgXLzp9sR0eH7k9g==",
+      "version": "3.0.8",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.8.tgz",
+      "integrity": "sha512-twmCGF47+TJoiCpj6t5MxwcKDDJEATuKqJXxftcHOlXWW743LJ/1bCpMueDdtumo5EheUfSxb43aRse3DU3wig==",
       "requires": {
         "crypto-random-string": "^1.0.0",
-        "js-base64": "^2.4.9",
+        "js-base64": "^2.5.0",
         "normalize-newline": "^3.0.0",
         "randomatic": "^3.1.1",
         "strip-indent": "^2.0.0"
@@ -1614,9 +1615,9 @@
       "integrity": "sha1-k2pOMJ7zMKdkXtQUWYbIWuWyCAU="
     },
     "luxon": {
-      "version": "1.9.0",
-      "resolved": "https://verdaccio.lossless.one/luxon/-/luxon-1.9.0.tgz",
-      "integrity": "sha512-N1kSwtIEhM/gIRGASXPgi1CwfQZX5VTjndYFjOsZdEEtWij2uSoRrgDGWwViZCUNY9Rwh4UVG/TLcUinHM20cA=="
+      "version": "1.10.0",
+      "resolved": "https://verdaccio.lossless.one/luxon/-/luxon-1.10.0.tgz",
+      "integrity": "sha512-ry3GKh//v3isD6oJN5pFWmdh+3GiScwv9q8VgG6fZ2j1guGOol2vVVdo4GBAWCrcq5RHOqSeipqHBnOu/u024Q=="
     },
     "make-error": {
       "version": "1.3.5",
@@ -2350,9 +2351,9 @@
       "integrity": "sha512-4krF8scpejhaOgqzBEcGM7yDIEfi0/8+8zDRZhNZZ2kjmHJ4hv3zCbQWxoJGz1iw5U0Jl0nma13xzHXcncMavQ=="
     },
     "tslint": {
-      "version": "5.12.0",
-      "resolved": "https://verdaccio.lossless.one/tslint/-/tslint-5.12.0.tgz",
-      "integrity": "sha512-CKEcH1MHUBhoV43SA/Jmy1l24HJJgI0eyLbBNSRyFlsQvb9v6Zdq+Nz2vEOH00nC5SUx4SneJ59PZUS/ARcokQ==",
+      "version": "5.12.1",
+      "resolved": "https://verdaccio.lossless.one/tslint/-/tslint-5.12.1.tgz",
+      "integrity": "sha512-sfodBHOucFg6egff8d1BvuofoOQ/nOeYNfbp7LDlKBcLNrL3lmS5zoiDGyOMdT7YsEXAwWpTdAHwOGOc8eRZAw==",
       "dev": true,
       "requires": {
         "babel-code-frame": "^6.22.0",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pushrocks/smartacme",
-  "version": "2.0.13",
+  "version": "2.0.29",
   "private": false,
   "description": "acme implementation in TypeScript",
   "main": "dist/index.js",
@@ -29,22 +29,24 @@
     "@pushrocks/smartdata": "^3.1.13",
     "@pushrocks/smartdelay": "^2.0.2",
     "@pushrocks/smartdns": "^3.0.8",
-    "@pushrocks/smartexpress": "^3.0.0",
+    "@pushrocks/smartexpress": "^3.0.6",
+    "@pushrocks/smartlog": "^2.0.10",
     "@pushrocks/smartpromise": "^2.0.5",
     "@pushrocks/smartrequest": "^1.1.14",
+    "@pushrocks/smartstring": "^3.0.8",
     "@pushrocks/smarttime": "^3.0.5",
     "@pushrocks/smartunique": "^3.0.1",
-    "acme-client": "^2.2.2"
+    "acme-client": "2.2.2"
   },
   "devDependencies": {
     "@gitzone/tsbuild": "^2.1.4",
     "@gitzone/tsrun": "^1.1.17",
     "@gitzone/tstest": "^1.0.18",
     "@mojoio/cloudflare": "^2.0.0",
-    "@pushrocks/qenv": "^3.0.2",
+    "@pushrocks/qenv": "^4.0.0",
     "@pushrocks/tapbundle": "^3.0.7",
     "@types/node": "^10.12.18",
-    "tslint": "^5.12.0",
+    "tslint": "^5.12.1",
     "tslint-config-prettier": "^1.17.0"
   }
 }

test/test.ts

@@ -12,9 +12,9 @@ tap.test('should create a valid instance of SmartAcme', async () => {
     accountEmail: 'domains@lossless.org',
     accountPrivateKey: null,
     mongoDescriptor: {
-      mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
-      mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
-      mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL')
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
     },
     removeChallenge: async (...args) => {
       console.log(args);
@@ -22,12 +22,21 @@ tap.test('should create a valid instance of SmartAcme', async () => {
     setChallenge: async (...args) => {
       console.log(args);
     },
-    validateRemoteRequest: async () => {
-      return true;
-    }
+    environment: "integration"
   });
   await smartAcmeInstance.init();
   // await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });
 
+tap.test('certmatcher should correctly match domains', async () => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher'); 
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
+
+tap.test('should stop correctly', async () => {
+  await smartAcmeInstance.stop();
+});
+
 tap.start();

ts/smartacme.classes.cert.ts

@@ -5,6 +5,7 @@ import * as interfaces from './interfaces';
 import { CertManager } from './smartacme.classes.certmanager';
 
 import { Collection, svDb, unI } from '@pushrocks/smartdata';
+import { ICert } from './interfaces';
 
 @plugins.smartdata.Collection(() => {
   return CertManager.activeDB;
@@ -28,10 +29,12 @@ export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements inte
   @svDb()
   public csr: string;
 
-  constructor(privateKeyArg: string, publicKeyArg: string, csrArg: string) {
+  constructor(optionsArg: ICert) {
     super();
-    this.privateKey = privateKeyArg;
-    this.publicKey = publicKeyArg;
-    this.csr = csrArg;
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
   }
 }

ts/smartacme.classes.certmanager.ts

@@ -34,7 +34,7 @@ export class CertManager {
 
     // Pending Map
     this.pendingMap = new plugins.lik.Stringmap();
-  };
+  }
 
   /**
    * retrieves a certificate
@@ -44,7 +44,7 @@ export class CertManager {
   public async retrieveCertificate(domainName: string): Promise<Cert> {
     await this.checkCerts();
     const existingCertificate: Cert = await Cert.getInstance({
-      name: domainName
+      domainName
     });
 
     if(existingCertificate) {
@@ -56,28 +56,37 @@ export class CertManager {
   }
 
   /**
-   * stores the certificate with the 
-   * @param publicKeyArg 
-   * @param privateKeyArg 
-   * @param csrArg 
+   * stores the certificate
+   * @param optionsArg 
    */
-  public async storeCertificate(privateKeyArg: string, publicKeyArg: string, csrArg: string) {
-    const cert = new Cert(privateKeyArg, publicKeyArg, csrArg);
-    cert.save();
-  };
+  public async storeCertificate(optionsArg: interfaces.ICert) {
+    const cert = new Cert(optionsArg);
+    await cert.save();
+  }
 
   public async deleteCertificate(domainNameArg: string) {
 
   }
 
-  public async getCertificateStatus(domainNameArg: string): Promise<interfaces.TCertStatus> {
-    const isPending = this.pendingMap.checkString('domainNameArg');
+  /**
+   * announce a certificate as being in the process of being retrieved
+   */
+  public async announceCertificate (domainNameArg: string) {
+    this.pendingMap.addString(domainNameArg);
+  }
+
+  /**
+   * gets the status of a certificate by certDomain name
+   * @param certDomainArg
+   */
+  public async getCertificateStatus(certDomainArg: string): Promise<interfaces.TCertStatus> {
+    const isPending = this.pendingMap.checkString(certDomainArg);
     if (isPending) {
       return 'pending';
     }
 
     // otherwise lets continue
-    const existingCertificate = this.retrieveCertificate(domainNameArg);
+    const existingCertificate = this.retrieveCertificate(certDomainArg);
     if (existingCertificate) {
       return 'existing';
     }

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,10 @@
+import * as plugins from './smartacme.plugins';
+
+export class CertMatcher {
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.certremoteclient.ts

@@ -1,34 +1,41 @@
 import * as plugins from './smartacme.plugins';
 import * as interfaces from './interfaces';
-import { ICertRemoteResponse } from './interfaces';
 
 // tslint:disable-next-line: max-classes-per-file
 export class CertRemoteClient {
   private remoteUrl: string;
   private secret: string;
+  private logger: plugins.smartlog.Smartlog;
 
   constructor(optionsArg: {
     remoteUrl: string;
     secret: string;
+    logger?: plugins.smartlog.Smartlog;
   }) {
     this.remoteUrl = optionsArg.remoteUrl;
     this.secret = optionsArg.secret;
+    optionsArg.logger
+      ? (this.logger = optionsArg.logger)
+      : (this.logger = plugins.smartlog.defaultLogger);
   }
 
   /**
-   * 
-   * @param domainNameArg 
+   *
+   * @param domainNameArg
    */
-  async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
+  public async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
     let certificate: interfaces.ICert;
     const doRequestCycle = async (): Promise<interfaces.ICert> => {
-      const response: ICertRemoteResponse = (await plugins.smartrequest.postJson(this.remoteUrl, {
-        requestBody: <interfaces.ICertRemoteRequest>{
-          domainName: domainNameArg,
-          secret: this.secret
+      const response: interfaces.ICertRemoteResponse = (await plugins.smartrequest.postJson(
+        this.remoteUrl,
+        {
+          requestBody: <interfaces.ICertRemoteRequest>{
+            domainName: domainNameArg,
+            secret: this.secret
+          }
         }
-      })).body;
-      switch(response.status) {
+      )).body;
+      switch (response.status as interfaces.TCertStatus) {
         case 'pending':
           await plugins.smartdelay.delayFor(5000);
           const finalResponse = await doRequestCycle();

ts/smartacme.classes.smartacme.ts

@@ -1,11 +1,13 @@
 import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
 import { CertManager } from './smartacme.classes.certmanager';
+import { CertMatcher } from './smartacme.classes.certmatcher';
 
 import * as interfaces from './interfaces';
 import { request } from 'http';
 
 /**
- *
+ * the options for the class @see SmartAcme
  */
 export interface ISmartAcmeOptions {
   accountPrivateKey?: string;
@@ -13,9 +15,19 @@ export interface ISmartAcmeOptions {
   mongoDescriptor: plugins.smartdata.IMongoDescriptor;
   setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
   removeChallenge: (domainName: string) => Promise<any>;
-  validateRemoteRequest: () => Promise<boolean>;
+  environment: 'production' | 'integration';
 }
 
+/**
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ *
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
+ */
 export class SmartAcme {
   private options: ISmartAcmeOptions;
 
@@ -29,11 +41,44 @@ export class SmartAcme {
   // challenge fullfillment
   private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
   private removeChallenge: (domainName: string) => Promise<any>;
-  private validateRemoteRequest: () => Promise<boolean>;
 
   // certmanager
   private certmanager: CertManager;
-  private certremoteHandler: plugins.smartexpress.Handler;
+  private certmatcher: CertMatcher;
+
+  /**
+   * the remote handler to hand the request and response to.
+   */
+  public certremoteHandler = async (req: plugins.smartexpress.Request, res: plugins.smartexpress.Response) => {
+    const requestBody: interfaces.ICertRemoteRequest = req.body;
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(requestBody.domainName);
+    let status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(
+      certDomain
+    );
+    let response: interfaces.ICertRemoteResponse;
+    switch (status) {
+      case 'existing':
+        response = {
+          status,
+          certificate: await (await this.certmanager.retrieveCertificate(
+            certDomain
+          )).createSavableObject()
+        };
+        break;
+      default:
+        if (status === "nonexisting") {
+          this.getCertificateForDomain(certDomain);
+          status = 'pending';
+        }
+        response = {
+          status
+        };
+        break;
+    }
+    res.status(200);
+    res.send(response);
+    res.end();
+  }
 
   constructor(optionsArg: ISmartAcmeOptions) {
     this.options = optionsArg;
@@ -41,6 +86,9 @@ export class SmartAcme {
 
   /**
    * inits the instance
+   * ```ts
+   * await myCloudlyInstance.init() // does not support options
+   * ```
    */
   public async init() {
     this.privateKey =
@@ -54,41 +102,18 @@ export class SmartAcme {
     });
     await this.certmanager.init();
 
-    // CertRemoteHandler
-    this.certremoteHandler = new plugins.smartexpress.Handler('POST', async (req, res) => {
-      const requestBody: interfaces.ICertRemoteRequest = req.body;
-      const status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(requestBody.domainName);
-      const existingCertificate = await this.certmanager.retrieveCertificate(
-        requestBody.domainName
-      );
-      let response: interfaces.ICertRemoteResponse;
-      switch (status) {
-         case 'existing':
-          response = {
-            status,
-            certificate: {
-              created: existingCertificate.created,
-              csr: existingCertificate.csr,
-              domainName: existingCertificate.domainName,
-              privateKey: existingCertificate.privateKey,
-              publicKey: existingCertificate.publicKey
-            }
-          };
-          break;
-        default:
-          response = {
-            status
-          };
-          break;
-      }
-      res.status(200);
-      res.send(response);
-      res.end();
-    });
+    // CertMatcher
+    this.certmatcher = new CertMatcher();
 
     // ACME Client
     this.client = new plugins.acme.Client({
-      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      directoryUrl: (() => {
+        if (this.options.environment === 'production') {
+          return plugins.acme.directory.letsencrypt.production;
+        } else {
+          return plugins.acme.directory.letsencrypt.staging;
+        }
+      })(),
       accountKey: this.privateKey
     });
 
@@ -99,10 +124,14 @@ export class SmartAcme {
     });
   }
 
-  public async getCertificateForDomain(domainArg: string) {
-    const domain = domainArg;
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
+  }
 
-    const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+    await this.certmanager.announceCertificate(certDomain);
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomain);
 
     if (retrievedCertificate) {
       return retrievedCertificate;
@@ -110,7 +139,7 @@ export class SmartAcme {
 
     /* Place new order */
     const order = await this.client.createOrder({
-      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+      identifiers: [{ type: 'dns', value: certDomain }, { type: 'dns', value: `*.${certDomain}` }]
     });
 
     /* Get authorizations and select challenges */
@@ -129,6 +158,8 @@ export class SmartAcme {
         /* Satisfy challenge */
         await this.setChallenge(domainDnsName, keyAuthorization);
         await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);
 
         /* Verify that challenge is satisfied */
         await this.client.verifyChallenge(authz, dnsChallenge);
@@ -150,8 +181,8 @@ export class SmartAcme {
 
     /* Finalize order */
     const [key, csr] = await plugins.acme.forge.createCsr({
-      commonName: `*.${domain}`,
-      altNames: [domain]
+      commonName: `*.${certDomain}`,
+      altNames: [certDomain]
     });
 
     await this.client.finalizeOrder(order, csr);
@@ -162,6 +193,15 @@ export class SmartAcme {
     console.log(`Private key:\n${key.toString()}`);
     console.log(`Certificate:\n${cert.toString()}`);
 
-    this.certmanager.storeCertificate(key.toString(), cert.toString(), csr.toString());
+    await this.certmanager.storeCertificate({
+      domainName: certDomain,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now()
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomain);
+    return newCertificate;
   }
 }

ts/smartacme.plugins.ts

@@ -4,12 +4,14 @@ import * as smartdata from '@pushrocks/smartdata';
 import * as smartdelay from '@pushrocks/smartdelay';
 import * as smartdns from '@pushrocks/smartdns';
 import * as smartexpress from '@pushrocks/smartexpress';
+import * as smartlog from '@pushrocks/smartlog';
 import * as smartpromise from '@pushrocks/smartpromise';
 import * as smartrequest from '@pushrocks/smartrequest';
 import * as smartunique from '@pushrocks/smartunique';
+import * as smartstring from '@pushrocks/smartstring';
 import * as smarttime from '@pushrocks/smarttime';
 
-export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smarttime };
+export { lik, smartdata, smartdelay, smartdns, smartexpress, smartlog, smartpromise, smartrequest, smartunique, smartstring, smarttime };
 
 // thirs party scope
 import * as acme from 'acme-client';