Compare commits
22 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 0d1ebf2d1a | |||
| 6edbf3cb46 | |||
| b26f7ac3e9 | |||
| 5129c5d601 | |||
| d09b3fd1bc | |||
| 14fccd40d8 | |||
| c0f45a10e0 | |||
| f9db3d28fe | |||
| c3fd8750b2 | |||
| 2b3c28c7a1 | |||
| d6b1f942b3 | |||
| 7eff6ea36a | |||
| 1ef3615a49 | |||
| 3653cdc797 | |||
| c0271648fc | |||
| 5546fa5f49 | |||
| 54fe89860e | |||
| d1edf75f6f | |||
| 6f9c644221 | |||
| 0b26054687 | |||
| e3323ed4ef | |||
| 24f692636c |
10
package-lock.json
generated
10
package-lock.json
generated
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@pushrocks/smartacme",
|
||||
"version": "2.0.14",
|
||||
"version": "2.0.25",
|
||||
"lockfileVersion": 1,
|
||||
"requires": true,
|
||||
"dependencies": {
|
||||
@ -271,12 +271,12 @@
|
||||
}
|
||||
},
|
||||
"@pushrocks/smartstring": {
|
||||
"version": "3.0.5",
|
||||
"resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.5.tgz",
|
||||
"integrity": "sha512-Bws2s6+Pc0HIXA35QH6cl6LJywhZ1U5icjyYMx+1kH8nURG+njzkacfarr9NWqyVYYOVu7SgXLzp9sR0eH7k9g==",
|
||||
"version": "3.0.8",
|
||||
"resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.8.tgz",
|
||||
"integrity": "sha512-twmCGF47+TJoiCpj6t5MxwcKDDJEATuKqJXxftcHOlXWW743LJ/1bCpMueDdtumo5EheUfSxb43aRse3DU3wig==",
|
||||
"requires": {
|
||||
"crypto-random-string": "^1.0.0",
|
||||
"js-base64": "^2.4.9",
|
||||
"js-base64": "^2.5.0",
|
||||
"normalize-newline": "^3.0.0",
|
||||
"randomatic": "^3.1.1",
|
||||
"strip-indent": "^2.0.0"
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@pushrocks/smartacme",
|
||||
"version": "2.0.14",
|
||||
"version": "2.0.25",
|
||||
"private": false,
|
||||
"description": "acme implementation in TypeScript",
|
||||
"main": "dist/index.js",
|
||||
@ -32,6 +32,7 @@
|
||||
"@pushrocks/smartexpress": "^3.0.0",
|
||||
"@pushrocks/smartpromise": "^2.0.5",
|
||||
"@pushrocks/smartrequest": "^1.1.14",
|
||||
"@pushrocks/smartstring": "^3.0.8",
|
||||
"@pushrocks/smarttime": "^3.0.5",
|
||||
"@pushrocks/smartunique": "^3.0.1",
|
||||
"acme-client": "^2.2.2"
|
||||
|
||||
11
test/test.ts
11
test/test.ts
@ -30,4 +30,15 @@ tap.test('should create a valid instance of SmartAcme', async () => {
|
||||
// await smartAcmeInstance.getCertificateForDomain('bleu.de');
|
||||
});
|
||||
|
||||
tap.test('certmatcher should correctly match domains', async () => {
|
||||
const certMatcherMod = await import('../ts/smartacme.classes.certmatcher');
|
||||
const certMatcher = new certMatcherMod.CertMatcher();
|
||||
const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
|
||||
expect(matchedCert).to.equal('level2.level1');
|
||||
});
|
||||
|
||||
tap.test('should stop correctly', async () => {
|
||||
await smartAcmeInstance.stop();
|
||||
});
|
||||
|
||||
tap.start();
|
||||
|
||||
@ -31,10 +31,10 @@ export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements inte
|
||||
|
||||
constructor(optionsArg: ICert) {
|
||||
super();
|
||||
this.created = optionsArg.created;
|
||||
this.domainName = optionsArg.domainName;
|
||||
this.privateKey = optionsArg.privateKey;
|
||||
this.publicKey = optionsArg.publicKey;
|
||||
this.csr = optionsArg.csr;
|
||||
if (optionsArg) {
|
||||
Object.keys(optionsArg).forEach(key => {
|
||||
this[key] = optionsArg[key];
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -45,7 +45,7 @@ export class CertManager {
|
||||
public async retrieveCertificate(domainName: string): Promise<Cert> {
|
||||
await this.checkCerts();
|
||||
const existingCertificate: Cert = await Cert.getInstance({
|
||||
name: domainName
|
||||
domainName
|
||||
});
|
||||
|
||||
if(existingCertificate) {
|
||||
@ -64,8 +64,8 @@ export class CertManager {
|
||||
*/
|
||||
public async storeCertificate(optionsArg: ICert) {
|
||||
const cert = new Cert(optionsArg);
|
||||
cert.save();
|
||||
};
|
||||
await cert.save();
|
||||
}
|
||||
|
||||
public async deleteCertificate(domainNameArg: string) {
|
||||
|
||||
|
||||
10
ts/smartacme.classes.certmatcher.ts
Normal file
10
ts/smartacme.classes.certmatcher.ts
Normal file
@ -0,0 +1,10 @@
|
||||
import * as plugins from './smartacme.plugins';
|
||||
|
||||
export class CertMatcher {
|
||||
public getCertificateDomainNameByDomainName(domainNameArg: string): string {
|
||||
const originalDomain = new plugins.smartstring.Domain(domainNameArg);
|
||||
if (!originalDomain.level4) {
|
||||
return `${originalDomain.level2}.${originalDomain.level1}`;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,11 +1,13 @@
|
||||
import * as plugins from './smartacme.plugins';
|
||||
import { Cert } from './smartacme.classes.cert';
|
||||
import { CertManager } from './smartacme.classes.certmanager';
|
||||
import { CertMatcher } from './smartacme.classes.certmatcher';
|
||||
|
||||
import * as interfaces from './interfaces';
|
||||
import { request } from 'http';
|
||||
|
||||
/**
|
||||
*
|
||||
* the options for the class @see SmartAcme
|
||||
*/
|
||||
export interface ISmartAcmeOptions {
|
||||
accountPrivateKey?: string;
|
||||
@ -16,6 +18,16 @@ export interface ISmartAcmeOptions {
|
||||
validateRemoteRequest: () => Promise<boolean>;
|
||||
}
|
||||
|
||||
/**
|
||||
* class SmartAcme
|
||||
* can be used for setting up communication with an ACME authority
|
||||
*
|
||||
* ```ts
|
||||
* const mySmartAcmeInstance = new SmartAcme({
|
||||
* // see ISmartAcmeOptions for options
|
||||
* })
|
||||
* ```
|
||||
*/
|
||||
export class SmartAcme {
|
||||
private options: ISmartAcmeOptions;
|
||||
|
||||
@ -33,6 +45,7 @@ export class SmartAcme {
|
||||
|
||||
// certmanager
|
||||
private certmanager: CertManager;
|
||||
private certmatcher: CertMatcher;
|
||||
private certremoteHandler: plugins.smartexpress.Handler;
|
||||
|
||||
constructor(optionsArg: ISmartAcmeOptions) {
|
||||
@ -57,6 +70,9 @@ export class SmartAcme {
|
||||
});
|
||||
await this.certmanager.init();
|
||||
|
||||
// CertMatcher
|
||||
this.certmatcher = new CertMatcher();
|
||||
|
||||
// CertRemoteHandler
|
||||
this.certremoteHandler = new plugins.smartexpress.Handler('POST', async (req, res) => {
|
||||
const requestBody: interfaces.ICertRemoteRequest = req.body;
|
||||
@ -102,12 +118,14 @@ export class SmartAcme {
|
||||
});
|
||||
}
|
||||
|
||||
public async stop() {};
|
||||
public async stop() {
|
||||
await this.certmanager.smartdataDb.close();
|
||||
}
|
||||
|
||||
public async getCertificateForDomain(domainArg: string) {
|
||||
const domain = domainArg;
|
||||
public async getCertificateForDomain(domainArg: string): Promise<Cert> {
|
||||
const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
|
||||
|
||||
const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
|
||||
const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomain);
|
||||
|
||||
if (retrievedCertificate) {
|
||||
return retrievedCertificate;
|
||||
@ -115,7 +133,7 @@ export class SmartAcme {
|
||||
|
||||
/* Place new order */
|
||||
const order = await this.client.createOrder({
|
||||
identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
|
||||
identifiers: [{ type: 'dns', value: certDomain }, { type: 'dns', value: `*.${certDomain}` }]
|
||||
});
|
||||
|
||||
/* Get authorizations and select challenges */
|
||||
@ -134,6 +152,8 @@ export class SmartAcme {
|
||||
/* Satisfy challenge */
|
||||
await this.setChallenge(domainDnsName, keyAuthorization);
|
||||
await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
|
||||
console.log('Cool down an extra 60 second for region availability');
|
||||
await plugins.smartdelay.delayFor(60000);
|
||||
|
||||
/* Verify that challenge is satisfied */
|
||||
await this.client.verifyChallenge(authz, dnsChallenge);
|
||||
@ -155,8 +175,8 @@ export class SmartAcme {
|
||||
|
||||
/* Finalize order */
|
||||
const [key, csr] = await plugins.acme.forge.createCsr({
|
||||
commonName: `*.${domain}`,
|
||||
altNames: [domain]
|
||||
commonName: `*.${certDomain}`,
|
||||
altNames: [certDomain]
|
||||
});
|
||||
|
||||
await this.client.finalizeOrder(order, csr);
|
||||
@ -168,14 +188,14 @@ export class SmartAcme {
|
||||
console.log(`Certificate:\n${cert.toString()}`);
|
||||
|
||||
await this.certmanager.storeCertificate({
|
||||
domainName: domainArg,
|
||||
domainName: certDomain,
|
||||
privateKey: key.toString(),
|
||||
publicKey: cert.toString(),
|
||||
csr: csr.toString(),
|
||||
created: Date.now()
|
||||
});
|
||||
|
||||
const newCertificate = await this.certmanager.retrieveCertificate(domainArg);
|
||||
const newCertificate = await this.certmanager.retrieveCertificate(certDomain);
|
||||
return newCertificate;
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,9 +7,10 @@ import * as smartexpress from '@pushrocks/smartexpress';
|
||||
import * as smartpromise from '@pushrocks/smartpromise';
|
||||
import * as smartrequest from '@pushrocks/smartrequest';
|
||||
import * as smartunique from '@pushrocks/smartunique';
|
||||
import * as smartstring from '@pushrocks/smartstring';
|
||||
import * as smarttime from '@pushrocks/smarttime';
|
||||
|
||||
export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smarttime };
|
||||
export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smartstring, smarttime };
|
||||
|
||||
// thirs party scope
|
||||
import * as acme from 'acme-client';
|
||||
|
||||
Reference in New Issue
Block a user