2.0.28

fix(core): update
2.0.27
2019-01-15 23:39:31 +01:00 · 2019-01-15 23:39:31 +01:00 · 2019-01-14 02:46:36 +01:00 · 2019-01-14 02:46:36 +01:00 · 2019-01-13 21:40:40 +01:00 · 2019-01-13 21:40:40 +01:00
9 changed files with 144 additions and 87 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1,6 +1,6 @@
 {
  "name": "@pushrocks/smartacme",
-  "version": "2.0.16",
+  "version": "2.0.28",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
@ -170,13 +170,14 @@
      }
    },
    "@pushrocks/smartexpress": {
-      "version": "3.0.0",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartexpress/-/smartexpress-3.0.0.tgz",
-      "integrity": "sha512-F3x+AFUxkKxb5WgQuIZsfkrNzMz0PaYYIw4gdQbAPn5N/UCEP4eE2OQWXnAcCSYwsXI8hgjEuUOC9gTbCSPDRg==",
+      "version": "3.0.4",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartexpress/-/smartexpress-3.0.4.tgz",
+      "integrity": "sha512-sn6yQpTGylvT/t4arCN7te8EUzimhv9JB+73XOwv503u6HokE//nT8eCAhkjprH3hgHpIgvR3iPGI8UBSCJFsw==",
      "requires": {
        "@pushrocks/lik": "^3.0.4",
        "@pushrocks/smartfile": "^6.0.11",
        "@pushrocks/smartpromise": "^2.0.5",
+        "@pushrocks/smartrequest": "^1.1.14",
        "@types/express": "^4.16.0",
        "@types/finalhandler": "0.0.33",
        "@types/helmet": "0.0.42",
@ -271,12 +272,12 @@
      }
    },
    "@pushrocks/smartstring": {
-      "version": "3.0.5",
-      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.5.tgz",
-      "integrity": "sha512-Bws2s6+Pc0HIXA35QH6cl6LJywhZ1U5icjyYMx+1kH8nURG+njzkacfarr9NWqyVYYOVu7SgXLzp9sR0eH7k9g==",
+      "version": "3.0.8",
+      "resolved": "https://verdaccio.lossless.one/@pushrocks%2fsmartstring/-/smartstring-3.0.8.tgz",
+      "integrity": "sha512-twmCGF47+TJoiCpj6t5MxwcKDDJEATuKqJXxftcHOlXWW743LJ/1bCpMueDdtumo5EheUfSxb43aRse3DU3wig==",
      "requires": {
        "crypto-random-string": "^1.0.0",
-        "js-base64": "^2.4.9",
+        "js-base64": "^2.5.0",
        "normalize-newline": "^3.0.0",
        "randomatic": "^3.1.1",
        "strip-indent": "^2.0.0"
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "@pushrocks/smartacme",
-  "version": "2.0.16",
+  "version": "2.0.28",
  "private": false,
  "description": "acme implementation in TypeScript",
  "main": "dist/index.js",
@ -29,12 +29,14 @@
    "@pushrocks/smartdata": "^3.1.13",
    "@pushrocks/smartdelay": "^2.0.2",
    "@pushrocks/smartdns": "^3.0.8",
-    "@pushrocks/smartexpress": "^3.0.0",
+    "@pushrocks/smartexpress": "^3.0.4",
+    "@pushrocks/smartlog": "^2.0.9",
    "@pushrocks/smartpromise": "^2.0.5",
    "@pushrocks/smartrequest": "^1.1.14",
+    "@pushrocks/smartstring": "^3.0.8",
    "@pushrocks/smarttime": "^3.0.5",
    "@pushrocks/smartunique": "^3.0.1",
-    "acme-client": "^2.2.2"
+    "acme-client": "2.2.2"
  },
  "devDependencies": {
    "@gitzone/tsbuild": "^2.1.4",
--- a/test/test.ts
+++ b/test/test.ts
@ -30,4 +30,15 @@ tap.test('should create a valid instance of SmartAcme', async () => {
  // await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });

+tap.test('certmatcher should correctly match domains', async () => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher'); 
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
+
+tap.test('should stop correctly', async () => {
+  await smartAcmeInstance.stop();
+});
+
 tap.start();
--- a/ts/smartacme.classes.cert.ts
+++ b/ts/smartacme.classes.cert.ts
@ -31,10 +31,10 @@ export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements inte

  constructor(optionsArg: ICert) {
    super();
-    this.created = optionsArg.created;
-    this.domainName = optionsArg.domainName;
-    this.privateKey = optionsArg.privateKey;
-    this.publicKey = optionsArg.publicKey;
-    this.csr = optionsArg.csr;
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach(key => {
+        this[key] = optionsArg[key];
+      });
+    }
  }
 }
--- a/ts/smartacme.classes.certmanager.ts
+++ b/ts/smartacme.classes.certmanager.ts
@ -3,7 +3,6 @@ import { Cert } from './smartacme.classes.cert';
 import { SmartAcme } from './smartacme.classes.smartacme';

 import * as interfaces from './interfaces';
-import { ICert } from './interfaces';


 export class CertManager {
@ -35,7 +34,7 @@ export class CertManager {

    // Pending Map
    this.pendingMap = new plugins.lik.Stringmap();
-  };
+  }

  /**
   * retrieves a certificate
@ -45,7 +44,7 @@ export class CertManager {
  public async retrieveCertificate(domainName: string): Promise<Cert> {
    await this.checkCerts();
    const existingCertificate: Cert = await Cert.getInstance({
-      name: domainName
+      domainName
    });

    if(existingCertificate) {
@ -57,28 +56,37 @@ export class CertManager {
  }

  /**
-   * stores the certificate with the 
-   * @param publicKeyArg 
-   * @param privateKeyArg 
-   * @param csrArg 
+   * stores the certificate
+   * @param optionsArg 
   */
-  public async storeCertificate(optionsArg: ICert) {
+  public async storeCertificate(optionsArg: interfaces.ICert) {
    const cert = new Cert(optionsArg);
-    cert.save();
-  };
+    await cert.save();
+  }

  public async deleteCertificate(domainNameArg: string) {

  }

-  public async getCertificateStatus(domainNameArg: string): Promise<interfaces.TCertStatus> {
-    const isPending = this.pendingMap.checkString('domainNameArg');
+  /**
+   * announce a certificate as being in the process of being retrieved
+   */
+  public async announceCertificate (domainNameArg: string) {
+    this.pendingMap.addString(domainNameArg);
+  }
+
+  /**
+   * gets the status of a certificate by certDomain name
+   * @param certDomainArg
+   */
+  public async getCertificateStatus(certDomainArg: string): Promise<interfaces.TCertStatus> {
+    const isPending = this.pendingMap.checkString(certDomainArg);
    if (isPending) {
      return 'pending';
    }

    // otherwise lets continue
-    const existingCertificate = this.retrieveCertificate(domainNameArg);
+    const existingCertificate = this.retrieveCertificate(certDomainArg);
    if (existingCertificate) {
      return 'existing';
    }
--- a/ts/smartacme.classes.certmatcher.ts
+++ b/ts/smartacme.classes.certmatcher.ts
@ -0,0 +1,10 @@
+import * as plugins from './smartacme.plugins';
+
+export class CertMatcher {
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}
--- a/ts/smartacme.classes.certremoteclient.ts
+++ b/ts/smartacme.classes.certremoteclient.ts
@ -1,34 +1,41 @@
 import * as plugins from './smartacme.plugins';
 import * as interfaces from './interfaces';
-import { ICertRemoteResponse } from './interfaces';

 // tslint:disable-next-line: max-classes-per-file
 export class CertRemoteClient {
  private remoteUrl: string;
  private secret: string;
+  private logger: plugins.smartlog.Smartlog;

  constructor(optionsArg: {
    remoteUrl: string;
    secret: string;
+    logger?: plugins.smartlog.Smartlog;
  }) {
    this.remoteUrl = optionsArg.remoteUrl;
    this.secret = optionsArg.secret;
+    optionsArg.logger
+      ? (this.logger = optionsArg.logger)
+      : (this.logger = plugins.smartlog.defaultLogger);
  }

  /**
   *
   * @param domainNameArg
   */
-  async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
+  public async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
    let certificate: interfaces.ICert;
    const doRequestCycle = async (): Promise<interfaces.ICert> => {
-      const response: ICertRemoteResponse = (await plugins.smartrequest.postJson(this.remoteUrl, {
+      const response: interfaces.ICertRemoteResponse = (await plugins.smartrequest.postJson(
+        this.remoteUrl,
+        {
          requestBody: <interfaces.ICertRemoteRequest>{
            domainName: domainNameArg,
            secret: this.secret
          }
-      })).body;
-      switch(response.status) {
+        }
+      )).body;
+      switch (response.status as interfaces.TCertStatus) {
        case 'pending':
          await plugins.smartdelay.delayFor(5000);
          const finalResponse = await doRequestCycle();
--- a/ts/smartacme.classes.smartacme.ts
+++ b/ts/smartacme.classes.smartacme.ts
@ -1,11 +1,13 @@
 import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
 import { CertManager } from './smartacme.classes.certmanager';
+import { CertMatcher } from './smartacme.classes.certmatcher';

 import * as interfaces from './interfaces';
 import { request } from 'http';

 /**
- * the options for the @see SmartAcme
+ * the options for the class @see SmartAcme
 */
 export interface ISmartAcmeOptions {
  accountPrivateKey?: string;
@ -13,7 +15,7 @@ export interface ISmartAcmeOptions {
  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
  removeChallenge: (domainName: string) => Promise<any>;
-  validateRemoteRequest: () => Promise<boolean>;
+  environment: 'production' | 'integration';
 }

 /**
@ -39,11 +41,44 @@ export class SmartAcme {
  // challenge fullfillment
  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
  private removeChallenge: (domainName: string) => Promise<any>;
-  private validateRemoteRequest: () => Promise<boolean>;

  // certmanager
  private certmanager: CertManager;
-  private certremoteHandler: plugins.smartexpress.Handler;
+  private certmatcher: CertMatcher;
+
+  /**
+   * the remote handler to hand the request and response to.
+   */
+  public certremoteHandler = async (req: plugins.smartexpress.Request, res: plugins.smartexpress.Response) => {
+    const requestBody: interfaces.ICertRemoteRequest = req.body;
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(requestBody.domainName);
+    let status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(
+      certDomain
+    );
+    let response: interfaces.ICertRemoteResponse;
+    switch (status) {
+      case 'existing':
+        response = {
+          status,
+          certificate: await (await this.certmanager.retrieveCertificate(
+            certDomain
+          )).createSavableObject()
+        };
+        break;
+      default:
+        if (status === "nonexisting") {
+          this.getCertificateForDomain(certDomain);
+          status = 'pending';
+        }
+        response = {
+          status
+        };
+        break;
+    }
+    res.status(200);
+    res.send(response);
+    res.end();
+  }

  constructor(optionsArg: ISmartAcmeOptions) {
    this.options = optionsArg;
@ -67,41 +102,18 @@ export class SmartAcme {
    });
    await this.certmanager.init();

-    // CertRemoteHandler
-    this.certremoteHandler = new plugins.smartexpress.Handler('POST', async (req, res) => {
-      const requestBody: interfaces.ICertRemoteRequest = req.body;
-      const status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(requestBody.domainName);
-      const existingCertificate = await this.certmanager.retrieveCertificate(
-        requestBody.domainName
-      );
-      let response: interfaces.ICertRemoteResponse;
-      switch (status) {
-         case 'existing':
-          response = {
-            status,
-            certificate: {
-              created: existingCertificate.created,
-              csr: existingCertificate.csr,
-              domainName: existingCertificate.domainName,
-              privateKey: existingCertificate.privateKey,
-              publicKey: existingCertificate.publicKey
-            }
-          };
-          break;
-        default:
-          response = {
-            status
-          };
-          break;
-      }
-      res.status(200);
-      res.send(response);
-      res.end();
-    });
+    // CertMatcher
+    this.certmatcher = new CertMatcher();

    // ACME Client
    this.client = new plugins.acme.Client({
-      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      directoryUrl: (() => {
+        if (this.options.environment === 'production') {
+          return plugins.acme.directory.letsencrypt.production;
+        } else {
+          return plugins.acme.directory.letsencrypt.staging;
+        }
+      })(),
      accountKey: this.privateKey
    });

@ -112,12 +124,14 @@ export class SmartAcme {
    });
  }

-  public async stop() {};
+  public async stop() {
+    await this.certmanager.smartdataDb.close();
+  }

-  public async getCertificateForDomain(domainArg: string) {
-    const domain = domainArg;
-
-    const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
+    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+    await this.certmanager.announceCertificate(certDomain);
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomain);

    if (retrievedCertificate) {
      return retrievedCertificate;
@ -125,7 +139,7 @@ export class SmartAcme {

    /* Place new order */
    const order = await this.client.createOrder({
-      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+      identifiers: [{ type: 'dns', value: certDomain }, { type: 'dns', value: `*.${certDomain}` }]
    });

    /* Get authorizations and select challenges */
@ -144,6 +158,8 @@ export class SmartAcme {
        /* Satisfy challenge */
        await this.setChallenge(domainDnsName, keyAuthorization);
        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);

        /* Verify that challenge is satisfied */
        await this.client.verifyChallenge(authz, dnsChallenge);
@ -165,8 +181,8 @@ export class SmartAcme {

    /* Finalize order */
    const [key, csr] = await plugins.acme.forge.createCsr({
-      commonName: `*.${domain}`,
-      altNames: [domain]
+      commonName: `*.${certDomain}`,
+      altNames: [certDomain]
    });

    await this.client.finalizeOrder(order, csr);
@ -178,14 +194,14 @@ export class SmartAcme {
    console.log(`Certificate:\n${cert.toString()}`);

    await this.certmanager.storeCertificate({
-      domainName: domainArg,
+      domainName: certDomain,
      privateKey: key.toString(),
      publicKey: cert.toString(),
      csr: csr.toString(),
      created: Date.now()
    });

-    const newCertificate = await this.certmanager.retrieveCertificate(domainArg);
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomain);
    return newCertificate;
  }
 }
--- a/ts/smartacme.plugins.ts
+++ b/ts/smartacme.plugins.ts
@ -4,12 +4,14 @@ import * as smartdata from '@pushrocks/smartdata';
 import * as smartdelay from '@pushrocks/smartdelay';
 import * as smartdns from '@pushrocks/smartdns';
 import * as smartexpress from '@pushrocks/smartexpress';
+import * as smartlog from '@pushrocks/smartlog';
 import * as smartpromise from '@pushrocks/smartpromise';
 import * as smartrequest from '@pushrocks/smartrequest';
 import * as smartunique from '@pushrocks/smartunique';
+import * as smartstring from '@pushrocks/smartstring';
 import * as smarttime from '@pushrocks/smarttime';

-export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smarttime };
+export { lik, smartdata, smartdelay, smartdns, smartexpress, smartlog, smartpromise, smartrequest, smartunique, smartstring, smarttime };

 // thirs party scope
 import * as acme from 'acme-client';
Author	SHA1	Message	Date
Phil Kunz	a1134cf227	2.0.28	2019-01-15 23:39:31 +01:00
Phil Kunz	4ee1c4b08c	fix(core): update	2019-01-15 23:39:31 +01:00
Phil Kunz	08c3eaa65f	2.0.27	2019-01-14 02:46:36 +01:00
Phil Kunz	2717f08476	fix(core): update	2019-01-14 02:46:36 +01:00
Phil Kunz	f16dbeea32	2.0.26	2019-01-13 21:40:40 +01:00
Phil Kunz	a0c0230419	fix(core): update	2019-01-13 21:40:40 +01:00
Phil Kunz	0d1ebf2d1a	2.0.25	2019-01-13 19:40:32 +01:00
Phil Kunz	6edbf3cb46	fix(core): update	2019-01-13 19:40:32 +01:00
Phil Kunz	b26f7ac3e9	2.0.24	2019-01-13 19:15:04 +01:00
Phil Kunz	5129c5d601	fix(core): update	2019-01-13 19:15:03 +01:00
Phil Kunz	d09b3fd1bc	2.0.23	2019-01-13 02:11:56 +01:00
Phil Kunz	14fccd40d8	fix(core): update	2019-01-13 02:11:56 +01:00
Phil Kunz	c0f45a10e0	2.0.22	2019-01-13 02:10:00 +01:00
Phil Kunz	f9db3d28fe	fix(core): update	2019-01-13 02:10:00 +01:00
Phil Kunz	c3fd8750b2	2.0.21	2019-01-13 00:50:44 +01:00
Phil Kunz	2b3c28c7a1	fix(core): update	2019-01-13 00:50:43 +01:00
Phil Kunz	d6b1f942b3	2.0.20	2019-01-13 00:24:40 +01:00
Phil Kunz	7eff6ea36a	fix(core): update	2019-01-13 00:24:39 +01:00
Phil Kunz	1ef3615a49	2.0.19	2019-01-13 00:06:00 +01:00
Phil Kunz	3653cdc797	fix(core): update	2019-01-13 00:06:00 +01:00
Phil Kunz	c0271648fc	2.0.18	2019-01-12 21:06:29 +01:00
Phil Kunz	5546fa5f49	fix(core): update	2019-01-12 21:06:29 +01:00
Phil Kunz	54fe89860e	2.0.17	2019-01-12 19:12:53 +01:00
Phil Kunz	d1edf75f6f	fix(core): update	2019-01-12 19:12:52 +01:00