3.0.10

.gitignore

@@ -1,5 +1,20 @@
-node_modules/
+.nogit/
+
+# artifacts
 coverage/
 public/
 pages/
-.nogit/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_*/
+
+# custom

.gitlab-ci.yml

@@ -1,10 +1,10 @@
-# gitzone standard
+# gitzone ci_default
-image: hosttoday/ht-docker-node:npmci
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
 
 cache:
   paths:
     - .npmci_cache/
-  key: "$CI_BUILD_STAGE"
+  key: '$CI_BUILD_STAGE'
 
 stages:
   - security
@@ -19,56 +19,61 @@ mirror:
   stage: security
   script:
     - npmci git mirror
+  only:
+    - tags
   tags:
+    - lossless
     - docker
     - notpriv
 
-snyk:
+auditProductionDependencies:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
   stage: security
   script:
-    - npmci command npm install -g snyk
+    - npmci npm prepare
-    - npmci command npm install --ignore-scripts
+    - npmci command npm install --production --ignore-scripts
-    - npmci command snyk test
+    - npmci command npm config set registry https://registry.npmjs.org
+    - npmci command npm audit --audit-level=high --only=prod --production
   tags:
     - docker
-  - notpriv
+
+auditDevDependencies:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install --ignore-scripts
+    - npmci command npm config set registry https://registry.npmjs.org
+    - npmci command npm audit --audit-level=high --only=dev
+  tags:
+    - docker
+  allow_failure: true
 
 # ====================
 # test stage
 # ====================
-testLEGACY:
-  stage: test
-  script:
-  - npmci node install legacy
-  - npmci npm install
-  - npmci npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - docker
-  - notpriv
-  allow_failure: true
 
-testLTS:
+testStable:
-  stage: test
-  script:
-  - npmci node install lts
-  - npmci npm install
-  - npmci npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - docker
-  - notpriv
-    
-testSTABLE:
   stage: test
   script:
+    - npmci npm prepare
     - npmci node install stable
     - npmci npm install
     - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
     - docker
-  - notpriv
+
+testBuild:
+  stage: test
+  script:
+    - npmci npm prepare
+    - npmci node install stable
+    - npmci npm install
+    - npmci command npm run build
+  coverage: /\d+.?\d+?\%\s*coverage/
+  tags:
+    - docker
 
 release:
   stage: release
@@ -78,6 +83,7 @@ release:
   only:
     - tags
   tags:
+    - lossless
     - docker
     - notpriv
 
@@ -86,20 +92,16 @@ release:
 # ====================
 codequality:
   stage: metadata
-  image: docker:stable
   allow_failure: true
-  services:
+  only:
-    - docker:stable-dind
+    - tags
   script:
-    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - npmci command npm install -g tslint typescript
-    - docker run
+    - npmci npm prepare
-        --env SOURCE_CODE="$PWD"
+    - npmci npm install
-        --volume "$PWD":/code
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
-        --volume /var/run/docker.sock:/var/run/docker.sock
-        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
-  artifacts:
-    paths: [codeclimate.json]
   tags:
+    - lossless
     - docker
     - priv
 
@@ -110,17 +112,20 @@ trigger:
   only:
     - tags
   tags:
+    - lossless
     - docker
     - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmci
   stage: metadata
   script:
-    - npmci command npm install -g typedoc typescript
+    - npmci node install lts
+    - npmci command npm install -g @gitzone/tsdoc
+    - npmci npm prepare
     - npmci npm install
-    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
+    - npmci command tsdoc
   tags:
+    - lossless
     - docker
     - notpriv
   only:
@@ -130,13 +135,3 @@ pages:
     paths:
       - public
   allow_failure: true
-
-windowsCompatibility:
-  image: stefanscherer/node-windows:10-build-tools
-  stage: metadata
-  script:
-  - npm install & npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - windows
-  allow_failure: true

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "current file",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "${relativeFile}"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    },
+    {
+      "name": "test.ts",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "test/test.ts"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,26 @@
+{
+  "json.schemas": [
+    {
+      "fileMatch": ["/npmextra.json"],
+      "schema": {
+        "type": "object",
+        "properties": {
+          "npmci": {
+            "type": "object",
+            "description": "settings for npmci"
+          },
+          "gitzone": {
+            "type": "object",
+            "description": "settings for gitzone",
+            "properties": {
+              "projectType": {
+                "type": "string",
+                "enum": ["website", "element", "service", "npm", "wcc"]
+              }
+            }
+          }
+        }
+      }
+    }
+  ]
+}

README.md

@@ -1,33 +0,0 @@
-# smartacme
-
-acme implementation in TypeScript
-
-## Availabililty
-
-[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
-[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
-
-## Status for master
-
-[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
-
-## Usage
-
-Use TypeScript for best in class instellisense.
-
-For further information read the linked docs at the top of this README.
-
-> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
-
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone)

docs/index.md

@@ -1,63 +0,0 @@
-# smartacme
-
-acme implementation in TypeScript
-
-## Availabililty
-
-[![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
-[![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
-[![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
-
-## Status for master
-
-[![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
-[![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
-[![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
-
-## Usage
-
-Use TypeScript for best in class instellisense.
-
-```javascript
-import { SmartAcme } from 'smartacme';
-
-let smac = new SmartAcme()(async () => {
-  // learn async/await, it'll make your life easier
-
-  // optionally accepts a filePath Arg with a stored acmeaccount.json
-  // will create an account and
-  let myAccount = await smac.createAcmeAccount();
-
-  // will return a dnsHash to set in your DNS record
-  let myCert = await myAccount.createAcmeCert('example.com');
-
-  // gets and accepts the specified challenge
-  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
-  let myChallenge = await myCert.getChallenge('dns-01');
-
-  /* ----------
-    Now you need to set the challenge in your DNS
-    myChallenge.domainNamePrefixed is the address for the record
-    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
-    -------------*/
-})();
-```
-
-## Other relevant npm modules
-
-| module name | description                                                         |
-| ----------- | ------------------------------------------------------------------- |
-| cert        | a higlevel production module that uses smartacme to manage certs    |
-| smartnginx  | a highlevel production tool for docker environments to manage nginx |
-
-> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
-> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
-
-[![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone

npmextra.json

@@ -1,4 +1,16 @@
 {
+  "gitzone": {
+    "projectType": "npm",
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "pushrocks",
+      "gitrepo": "smartacme",
+      "shortDescription": "acme with an easy yet powerful interface in TypeScript",
+      "npmPackagename": "@pushrocks/smartacme",
+      "license": "MIT",
+      "projectDomain": "push.rocks"
+    }
+  },
   "npmci": {
     "npmGlobalTools": [],
     "npmAccessLevel": "public"

package.json

@@ -1,13 +1,13 @@
 {
   "name": "@pushrocks/smartacme",
-  "version": "2.0.2",
+  "version": "3.0.10",
   "private": false,
-  "description": "acme implementation in TypeScript",
+  "description": "acme with an easy yet powerful interface in TypeScript",
-  "main": "dist/index.js",
+  "main": "dist_ts/index.js",
-  "typings": "dist/index.d.ts",
+  "typings": "dist_ts/index.d.ts",
   "scripts": {
     "test": "(tstest test/)",
-    "build": "echo \"Not needed for now\""
+    "build": "(tsbuild --web)"
   },
   "repository": {
     "type": "git",
@@ -25,18 +25,44 @@
   },
   "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@pushrocks/smartdelay": "^2.0.2",
+    "@pushrocks/lik": "^4.0.20",
-    "@pushrocks/smartpromise": "^2.0.5",
+    "@pushrocks/smartdata": "^3.1.54",
-    "acme-v2": "^1.2.1",
+    "@pushrocks/smartdelay": "^2.0.10",
-    "rsa-compat": "^1.6.0"
+    "@pushrocks/smartdns": "^4.0.4",
+    "@pushrocks/smartexpress": "^3.0.100",
+    "@pushrocks/smartlog": "^2.0.39",
+    "@pushrocks/smartpromise": "^3.1.3",
+    "@pushrocks/smartrequest": "^1.1.51",
+    "@pushrocks/smartstring": "^3.0.24",
+    "@pushrocks/smarttime": "^3.0.38",
+    "@pushrocks/smartunique": "^3.0.3",
+    "@tsclass/tsclass": "^3.0.29",
+    "acme-client": "^3.3.1"
   },
   "devDependencies": {
-    "@gitzone/tsbuild": "^2.0.22",
+    "@gitzone/tsbuild": "^2.1.25",
-    "@gitzone/tsrun": "^1.1.12",
+    "@gitzone/tsrun": "^1.2.12",
-    "@gitzone/tstest": "^1.0.15",
+    "@gitzone/tstest": "^1.0.52",
-    "@types/node": "^10.11.4",
+    "@mojoio/cloudflare": "^5.0.6",
-    "cflare": "^1.0.5",
+    "@pushrocks/qenv": "^4.0.10",
-    "qenv": "^1.1.7",
+    "@pushrocks/tapbundle": "^3.2.9",
-    "tapbundle": "^2.0.2"
+    "@types/node": "^14.14.22",
-  }
+    "tslint": "^6.1.3",
+    "tslint-config-prettier": "^1.18.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_*/**/*",
+    "dist_ts/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ],
+  "browserslist": [
+    "last 1 chrome versions"
+  ]
 }

qenv.yml

@@ -1,3 +1,5 @@
-vars:
+required:
-    - CF_EMAIL
+  - CF_TOKEN
-    - CF_KEY
+  - MONGODB_URL
+  - MONGODB_PASSWORD
+  - MONGODB_DATABASE

readme.md

@@ -0,0 +1,66 @@
+# @pushrocks/smartacme
+acme with an easy yet powerful interface in TypeScript
+
+## Availabililty and Links
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartacme)
+* [gitlab.com (source)](https://gitlab.com/pushrocks/smartacme)
+* [github.com (source mirror)](https://github.com/pushrocks/smartacme)
+* [docs (typedoc)](https://pushrocks.gitlab.io/smartacme/)
+
+## Status for master
+
+Status Category | Status Badge
+-- | --
+GitLab Pipelines | [![pipeline status](https://gitlab.com/pushrocks/smartacme/badges/master/pipeline.svg)](https://lossless.cloud)
+GitLab Pipline Test Coverage | [![coverage report](https://gitlab.com/pushrocks/smartacme/badges/master/coverage.svg)](https://lossless.cloud)
+npm | [![npm downloads per month](https://badgen.net/npm/dy/@pushrocks/smartacme)](https://lossless.cloud)
+Snyk | [![Known Vulnerabilities](https://badgen.net/snyk/pushrocks/smartacme)](https://lossless.cloud)
+TypeScript Support | [![TypeScript](https://badgen.net/badge/TypeScript/>=%203.x/blue?icon=typescript)](https://lossless.cloud)
+node Support | [![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+Code Style | [![Code Style](https://badgen.net/badge/style/prettier/purple)](https://lossless.cloud)
+PackagePhobia (total standalone install weight) | [![PackagePhobia](https://badgen.net/packagephobia/install/@pushrocks/smartacme)](https://lossless.cloud)
+PackagePhobia (package size on registry) | [![PackagePhobia](https://badgen.net/packagephobia/publish/@pushrocks/smartacme)](https://lossless.cloud)
+BundlePhobia (total size when bundled) | [![BundlePhobia](https://badgen.net/bundlephobia/minzip/@pushrocks/smartacme)](https://lossless.cloud)
+Platform support | [![Supports Windows 10](https://badgen.net/badge/supports%20Windows%2010/yes/green?icon=windows)](https://lossless.cloud) [![Supports Mac OS X](https://badgen.net/badge/supports%20Mac%20OS%20X/yes/green?icon=apple)](https://lossless.cloud)
+
+## Usage
+
+Use TypeScript for best in class instellisense.
+
+```javascript
+import { SmartAcme } from 'smartacme';
+
+const run = async () => {
+  smartAcmeInstance = new smartacme.SmartAcme({
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL'),
+    },
+    removeChallenge: async (dnsChallenge) => {
+      // somehow provide a function that is able to remove the dns challenge
+    },
+    setChallenge: async (dnsChallenge) => {
+      // somehow provide a function that is able to the dns challenge
+    },
+    environment: 'integration',
+  });
+  await smartAcmeInstance.init();
+
+  // myCert has properties for public/private keys and csr ;)
+  const myCert = await smartAcmeInstance.getCertificateForDomain('bleu.de');
+};
+```
+
+## Contribution
+
+We are always happy for code contributions. If you are not the code contributing type that is ok. Still, maintaining Open Source repositories takes considerable time and thought. If you like the quality of what we do and our modules are useful to you we would appreciate a little monthly contribution: You can [contribute one time](https://lossless.link/contribute-onetime) or [contribute monthly](https://lossless.link/contribute). :)
+
+For further information read the linked docs at the top of this readme.
+
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
+
+[![repo-footer](https://lossless.gitlab.io/publicrelations/repofooter.svg)](https://maintainedby.lossless.com)

test/test.ts

@@ -1,14 +1,48 @@
-import { tap, expect } from 'tapbundle';
+import { tap, expect } from '@pushrocks/tapbundle';
+import { Qenv } from '@pushrocks/qenv';
+import * as cloudflare from '@mojoio/cloudflare';
+
+const testQenv = new Qenv('./', './.nogit/');
+const testCloudflare = new cloudflare.CloudflareAccount(testQenv.getEnvVarOnDemand('CF_TOKEN'));
 
 import * as smartacme from '../ts/index';
 
 let smartAcmeInstance: smartacme.SmartAcme;
 
 tap.test('should create a valid instance of SmartAcme', async () => {
-  smartAcmeInstance = new smartacme.SmartAcme();
+  smartAcmeInstance = new smartacme.SmartAcme({
+    accountEmail: 'domains@lossless.org',
+    accountPrivateKey: null,
+    mongoDescriptor: {
+      mongoDbName: testQenv.getEnvVarRequired('MONGODB_DATABASE'),
+      mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
+      mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL'),
+    },
+    removeChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeRemoveDnsChallenge(dnsChallenge);
+    },
+    setChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeSetDnsChallenge(dnsChallenge);
+    },
+    environment: 'integration',
+  });
   await smartAcmeInstance.init();
-  console.log(smartAcmeInstance.directoryUrls);
+});
-  await smartAcmeInstance.getCertificateForDomain('bleu.de');
+
+tap.test('should get a domain certificate', async () => {
+  const certificate = await smartAcmeInstance.getCertificateForDomain('bleu.de');
+  console.log(certificate);
+});
+
+tap.test('certmatcher should correctly match domains', async () => {
+  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher');
+  const certMatcher = new certMatcherMod.CertMatcher();
+  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
+  expect(matchedCert).to.equal('level2.level1');
+});
+
+tap.test('should stop correctly', async () => {
+  await smartAcmeInstance.stop();
 });
 
 tap.start();

ts/interfaces/accountdata.ts

@@ -0,0 +1,8 @@
+export interface IAccountData {
+  id: number;
+  key: { kty: 'RSA'; n: string; e: string; kid: string };
+  contact: string[];
+  initialIp: string;
+  createdAt: string;
+  status: string;
+}

ts/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './accountdata';

ts/smartacme.classes.cert.ts

@@ -0,0 +1,62 @@
+import * as plugins from './smartacme.plugins';
+
+import * as interfaces from './interfaces';
+
+import { CertManager } from './smartacme.classes.certmanager';
+
+import { Collection, svDb, unI } from '@pushrocks/smartdata';
+
+@plugins.smartdata.Collection(() => {
+  return CertManager.activeDB;
+})
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert, plugins.tsclass.network.ICert>
+  implements plugins.tsclass.network.ICert {
+  @unI()
+  public id: string;
+
+  @svDb()
+  public domainName: string;
+
+  @svDb()
+  public created: number;
+
+  @svDb()
+  public privateKey: string;
+
+  @svDb()
+  public publicKey: string;
+
+  @svDb()
+  public csr: string;
+
+  @svDb()
+  public validUntil: number;
+
+  public isStillValid(): boolean {
+    return this.validUntil >= Date.now();
+  }
+
+  public shouldBeRenewed(): boolean {
+    const shouldBeValidAtLeastUntil =
+      Date.now() +
+      plugins.smarttime.getMilliSecondsFromUnits({
+        days: 10,
+      });
+    return !(this.validUntil >= shouldBeValidAtLeastUntil);
+  }
+
+  public update(certDataArg: plugins.tsclass.network.ICert) {
+    Object.keys(certDataArg).forEach((key) => {
+      this[key] = certDataArg[key];
+    });
+  }
+
+  constructor(optionsArg: plugins.tsclass.network.ICert) {
+    super();
+    if (optionsArg) {
+      Object.keys(optionsArg).forEach((key) => {
+        this[key] = optionsArg[key];
+      });
+    }
+  }
+}

ts/smartacme.classes.certmanager.ts

@@ -0,0 +1,77 @@
+import * as plugins from './smartacme.plugins';
+import { Cert } from './smartacme.classes.cert';
+import { SmartAcme } from './smartacme.classes.smartacme';
+
+import * as interfaces from './interfaces';
+
+export class CertManager {
+  // =========
+  // STATIC
+  // =========
+  public static activeDB: plugins.smartdata.SmartdataDb;
+
+  // =========
+  // INSTANCE
+  // =========
+  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  public smartdataDb: plugins.smartdata.SmartdataDb;
+
+  public interestMap: plugins.lik.InterestMap<string, Cert>;
+
+  constructor(
+    smartAcmeArg: SmartAcme,
+    optionsArg: {
+      mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+    }
+  ) {
+    this.mongoDescriptor = optionsArg.mongoDescriptor;
+  }
+
+  public async init() {
+    // Smartdata DB
+    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
+    await this.smartdataDb.init();
+    CertManager.activeDB = this.smartdataDb;
+
+    // Pending Map
+    this.interestMap = new plugins.lik.InterestMap((certName) => certName);
+  }
+
+  /**
+   * retrieves a certificate
+   * @returns the Cert class or null
+   * @param certDomainNameArg the domain Name to retrieve the vcertificate for
+   */
+  public async retrieveCertificate(certDomainNameArg: string): Promise<Cert> {
+    const existingCertificate: Cert = await Cert.getInstance<Cert>({
+      domainName: certDomainNameArg,
+    });
+
+    if (existingCertificate) {
+      return existingCertificate;
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * stores the certificate
+   * @param optionsArg
+   */
+  public async storeCertificate(optionsArg: plugins.tsclass.network.ICert) {
+    const cert = new Cert(optionsArg);
+    await cert.save();
+    const interest = this.interestMap.findInterest(cert.domainName);
+    if (interest) {
+      interest.fullfillInterest(cert);
+      interest.markLost();
+    }
+  }
+
+  public async deleteCertificate(certDomainNameArg: string) {
+    const cert: Cert = await Cert.getInstance<Cert>({
+      domainName: certDomainNameArg,
+    });
+    await cert.delete();
+  }
+}

ts/smartacme.classes.certmatcher.ts

@@ -0,0 +1,19 @@
+import * as plugins from './smartacme.plugins';
+import * as interfaces from './interfaces';
+
+/**
+ * certmatcher is responsible for matching certificates
+ */
+export class CertMatcher {
+  /**
+   * creates a domainName for the certificate that will include the broadest scope
+   * for wild card certificates
+   * @param domainNameArg the domainNameArg to create the scope from
+   */
+  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
+    if (!originalDomain.level4) {
+      return `${originalDomain.level2}.${originalDomain.level1}`;
+    }
+  }
+}

ts/smartacme.classes.keypair.ts

@@ -1,27 +0,0 @@
-import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
-
-export class KeyPair {
-  rsaKeyPair: any;
-
-  /**
-   * generates a fresh rsa keyPair
-   */
-  static async generateFresh(): Promise<KeyPair> {
-    const done = plugins.smartpromise.defer();
-    var options = { bitlen: 2048, exp: 65537, public: true, pem: true, internal: true };
-    rsa.generateKeypair(options, function(err, keypair) {
-      if (err) {
-        console.log(err);
-      }
-      done.resolve(keypair);
-    });
-    const result: any = await done.promise;
-    const keyPair = new KeyPair(result);
-    return keyPair;
-  }
-
-  constructor(rsaKeyPairArg) {
-    this.rsaKeyPair = rsaKeyPairArg;
-  }
-}

ts/smartacme.classes.smartacme.ts

@@ -1,86 +1,212 @@
-const acme = require('acme-v2').ACME.create({
-  RSA: require('rsa-compat').RSA,
-
-  // used for constructing user-agent
-  os: require('os'),
-  process: require('process'),
-
-  // used for overriding the default user-agent
-  userAgent: 'My custom UA String',
-  getUserAgentString: function(deps) {
-    return 'My custom UA String';
-  },
-
-  // don't try to validate challenges locally
-  skipChallengeTest: true
-});
-
-import { KeyPair } from './smartacme.classes.keypair';
 import * as plugins from './smartacme.plugins';
-const rsa = require('rsa-compat').RSA;
+import { Cert } from './smartacme.classes.cert';
+import { CertManager } from './smartacme.classes.certmanager';
+import { CertMatcher } from './smartacme.classes.certmatcher';
 
+/**
+ * the options for the class @see SmartAcme
+ */
+export interface ISmartAcmeOptions {
+  accountPrivateKey?: string;
+  accountEmail: string;
+  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  environment: 'production' | 'integration';
+}
+
+/**
+ * class SmartAcme
+ * can be used for setting up communication with an ACME authority
+ *
+ * ```ts
+ * const mySmartAcmeInstance = new SmartAcme({
+ *  // see ISmartAcmeOptions for options
+ * })
+ * ```
+ */
 export class SmartAcme {
-  domainKeyPair: KeyPair;
+  private options: ISmartAcmeOptions;
-  accountKeyPair: KeyPair;
-  accountData: any;
-  directoryUrls: any;
 
-  async init() {
+  // the acme client
-    // get directory url
+  private client: any;
-    this.directoryUrls = await acme.init('https://acme-staging-v02.api.letsencrypt.org/directory');
+  private smartdns = new plugins.smartdns.Smartdns({});
+  public logger: plugins.smartlog.ConsoleLog;
 
-    // create keyPairs
+  // the account private key
-    this.domainKeyPair = await KeyPair.generateFresh();
+  private privateKey: string;
-    this.accountKeyPair = await KeyPair.generateFresh();
 
-    // get account
+  // challenge fullfillment
-    const registrationData = await acme.accounts
+  private setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
-      .create({
+  private removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
-        email: 'domains@lossless.org', // valid email (server checks MX records)
+
-        accountKeypair: this.accountKeyPair.rsaKeyPair,
+  // certmanager
-        agreeToTerms: async tosUrl => {
+  private certmanager: CertManager;
-          return tosUrl;
+  private certmatcher: CertMatcher;
+
+  constructor(optionsArg: ISmartAcmeOptions) {
+    this.options = optionsArg;
+    this.logger = new plugins.smartlog.ConsoleLog();
   }
-      })
+
-      .catch(e => {
+  /**
-        console.log(e);
+   * inits the instance
+   * ```ts
+   * await myCloudlyInstance.init() // does not support options
+   * ```
+   */
+  public async init() {
+    this.privateKey =
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
+    this.setChallenge = this.options.setChallenge;
+    this.removeChallenge = this.options.removeChallenge;
+
+    // CertMangaer
+    this.certmanager = new CertManager(this, {
+      mongoDescriptor: this.options.mongoDescriptor,
+    });
+    await this.certmanager.init();
+
+    // CertMatcher
+    this.certmatcher = new CertMatcher();
+
+    // ACME Client
+    this.client = new plugins.acme.Client({
+      directoryUrl: (() => {
+        if (this.options.environment === 'production') {
+          return plugins.acme.directory.letsencrypt.production;
+        } else {
+          return plugins.acme.directory.letsencrypt.staging;
+        }
+      })(),
+      accountKey: this.privateKey,
+    });
+
+    /* Register account */
+    await this.client.createAccount({
+      termsOfServiceAgreed: true,
+      contact: [`mailto:${this.options.accountEmail}`],
     });
-    this.accountData = registrationData;
   }
 
-  async getCertificateForDomain(domain) {
+  public async stop() {
-    const result = await acme.certificates
+    await this.certmanager.smartdataDb.close();
-      .create({
+  }
-        domainKeypair: this.domainKeyPair.rsaKeyPair,
-        accountKeypair: this.accountKeyPair.rsaKeyPair,
-        domains: ['bleu.de'],
-        challengeType: 'dns-01',
 
-        setChallenge: async (hostname, key, val, cb) => {
+  /**
-          console.log('set challenge');
+   * gets a certificate
-          console.log(hostname);
+   * it runs through the following steps
-          //console.log(key);
+   *
-          //console.log(val);
+   * * look in the database
-          const dnsKey = rsa.utils.toWebsafeBase64(
+   * * if in the database and still valid return it
-            require('crypto')
+   * * if not in the database announce it
-              .createHash('sha256')
+   * * then get it from letsencrypt
-              .update(val)
+   * * store it
-              .digest('base64')
+   * * remove it from the pending map (which it go onto by announcing it)
-          );
+   * * retrieve it from the databse and return it
+   *
+   * @param domainArg
+   */
+  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
+    const certDomainName = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomainName);
 
-          console.log(dnsKey);
+    if (
-          await plugins.smartdelay.delayFor(20000);
+      !retrievedCertificate &&
-          console.log('ready!');
+      (await this.certmanager.interestMap.checkInterest(certDomainName))
-          cb();
+    ) {
-        }, // return Promise
+      const existingCertificateInterest = this.certmanager.interestMap.findInterest(certDomainName);
-        removeChallenge: async (hostname, key) => {
+      const certificate = existingCertificateInterest.interestFullfilled;
-          console.log('removing challenge');
+      return certificate;
-          return;
+    } else if (retrievedCertificate && !retrievedCertificate.shouldBeRenewed()) {
-        } // return Promise
+      return retrievedCertificate;
-      })
+    } else if (retrievedCertificate && retrievedCertificate.shouldBeRenewed()) {
-      .catch(e => {
+      await retrievedCertificate.delete();
+    }
+
+    // lets make sure others get the same interest
+    const currentDomainInterst = await this.certmanager.interestMap.addInterest(certDomainName);
+
+    /* Place new order */
+    const order = await this.client.createOrder({
+      identifiers: [
+        { type: 'dns', value: certDomainName },
+        { type: 'dns', value: `*.${certDomainName}` },
+      ],
+    });
+
+    /* Get authorizations and select challenges */
+    const authorizations = await this.client.getAuthorizations(order);
+
+    for (const authz of authorizations) {
+      console.log(authz);
+      const fullHostName: string = `_acme-challenge.${authz.identifier.value}`;
+      const dnsChallenge: string = authz.challenges.find((challengeArg) => {
+        return challengeArg.type === 'dns-01';
+      });
+      // process.exit(1);
+      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+
+      try {
+        /* Satisfy challenge */
+        await this.setChallenge({
+          hostName: fullHostName,
+          challenge: keyAuthorization,
+        });
+        await plugins.smartdelay.delayFor(30000);
+        await this.smartdns.checkUntilAvailable(fullHostName, 'TXT', keyAuthorization, 100, 5000);
+        console.log('Cool down an extra 60 second for region availability');
+        await plugins.smartdelay.delayFor(60000);
+
+        /* Verify that challenge is satisfied */
+        await this.client.verifyChallenge(authz, dnsChallenge);
+
+        /* Notify ACME provider that challenge is satisfied */
+        await this.client.completeChallenge(dnsChallenge);
+
+        /* Wait for ACME provider to respond with valid status */
+        await this.client.waitForValidStatus(dnsChallenge);
+      } finally {
+        /* Clean up challenge response */
+        try {
+          await this.removeChallenge({
+            hostName: fullHostName,
+            challenge: keyAuthorization,
+          });
+        } catch (e) {
           console.log(e);
-      }); // returns Promise<pems={ privkey (key), cert, chain (ca) }>
+        }
-    console.log(result);
+      }
+    }
+
+    /* Finalize order */
+    const [key, csr] = await plugins.acme.forge.createCsr({
+      commonName: `*.${certDomainName}`,
+      altNames: [certDomainName],
+    });
+
+    await this.client.finalizeOrder(order, csr);
+    const cert = await this.client.getCertificate(order);
+
+    /* Done */
+
+    await this.certmanager.storeCertificate({
+      id: plugins.smartunique.shortId(),
+      domainName: certDomainName,
+      privateKey: key.toString(),
+      publicKey: cert.toString(),
+      csr: csr.toString(),
+      created: Date.now(),
+      validUntil:
+        Date.now() +
+        plugins.smarttime.getMilliSecondsFromUnits({
+          days: 90,
+        }),
+    });
+
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomainName);
+    currentDomainInterst.fullfillInterest(newCertificate);
+    currentDomainInterst.destroy();
+    return newCertificate;
   }
 }

ts/smartacme.plugins.ts

@@ -1,4 +1,36 @@
-import * as smartpromise from '@pushrocks/smartpromise';
+// @pushrocks scope
+import * as lik from '@pushrocks/lik';
+import * as smartdata from '@pushrocks/smartdata';
 import * as smartdelay from '@pushrocks/smartdelay';
+import * as smartdns from '@pushrocks/smartdns';
+import * as smartexpress from '@pushrocks/smartexpress';
+import * as smartlog from '@pushrocks/smartlog';
+import * as smartpromise from '@pushrocks/smartpromise';
+import * as smartrequest from '@pushrocks/smartrequest';
+import * as smartunique from '@pushrocks/smartunique';
+import * as smartstring from '@pushrocks/smartstring';
+import * as smarttime from '@pushrocks/smarttime';
 
-export { smartpromise, smartdelay };
+export {
+  lik,
+  smartdata,
+  smartdelay,
+  smartdns,
+  smartexpress,
+  smartlog,
+  smartpromise,
+  smartrequest,
+  smartunique,
+  smartstring,
+  smarttime,
+};
+
+// @tsclass scope
+import * as tsclass from '@tsclass/tsclass';
+
+export { tsclass };
+
+// third party scope
+import * as acme from 'acme-client';
+
+export { acme };

tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "compilerOptions": {
+    "experimentalDecorators": true,
+    "target": "es2017",
+    "module": "commonjs"
+  }
+}

tslint.json

@@ -1,3 +1,17 @@
 {
-    "extends": "tslint-config-standard"
+  "extends": ["tslint:latest", "tslint-config-prettier"],
+  "rules": {
+    "semicolon": [true, "always"],
+    "no-console": false,
+    "ordered-imports": false,
+    "object-literal-sort-keys": false,
+    "member-ordering": {
+      "options":{
+        "order": [
+          "static-method"
+        ]
+      }
+    }
+  },
+  "defaultSeverity": "warning"
 }