root
/
acme.js
mirror of https://github.com/therootcompany/acme.js
2
0
Fork 1
Code Issues 8 Releases Wiki Activity

v1

This commit is contained in:
AJ ONeal 2018-04-11 18:03:40 +00:00
parent 0c3ff85d2f
commit 851d6d4299
3 changed files with 60 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
compat.js
View File

@ -10,10 +10,14 @@ function resolveFn(cb) {
} }
function rejectFn(cb) { function rejectFn(cb) {
return function (err) { return function (err) {
console.log('reject something or other:'); console.error('[acme-v2] handled(?) rejection as errback:');
console.log(err.stack); console.error(err.stack);
// nextTick to get out of Promise chain // nextTick to get out of Promise chain
process.nextTick(function () { cb(err); }); process.nextTick(function () { cb(err); });
// do not resolve promise further
return new Promise(function () {});
}; };
} }

91
node.js
View File

@ -97,7 +97,7 @@ ACME._getNonce = function (me) {
} }
*/ */
ACME._registerAccount = function (me, options) { ACME._registerAccount = function (me, options) {
if (me.debug) { console.log('[acme-v2] accounts.create'); } if (me.debug) console.debug('[acme-v2] accounts.create');
return ACME._getNonce(me).then(function () { return ACME._getNonce(me).then(function () {
return new Promise(function (resolve, reject) { return new Promise(function (resolve, reject) {
@ -141,8 +141,8 @@ ACME._registerAccount = function (me, options) {
); );
delete jws.header; delete jws.header;
if (me.debug) { console.log('[acme-v2] accounts.create JSON body:'); } if (me.debug) console.debug('[acme-v2] accounts.create JSON body:');
if (me.debug) { console.log(jws); } if (me.debug) console.debug(jws);
me._nonce = null; me._nonce = null;
return me._request({ return me._request({
method: 'POST' method: 'POST'
@ -152,18 +152,16 @@ ACME._registerAccount = function (me, options) {
}).then(function (resp) { }).then(function (resp) {
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
var location = resp.toJSON().headers.location; var location = resp.toJSON().headers.location;
if (me.debug) { // the account id url
// the account id url
console.log('[DEBUG] new account location:');
console.log(location); // the account id url
console.log(resp.toJSON());
}
me._kid = location; me._kid = location;
if (me.debug) console.debug('[DEBUG] new account location:');
if (me.debug) console.debug(location);
if (me.debug) console.debug(resp.toJSON());
return resp.body; return resp.body;
}).then(resolve, reject); }).then(resolve, reject);
} }
if (me.debug) { console.log('[acme-v2] agreeToTerms'); } if (me.debug) console.debug('[acme-v2] agreeToTerms');
if (1 === options.agreeToTerms.length) { if (1 === options.agreeToTerms.length) {
return options.agreeToTerms(me._tos).then(agree, reject); return options.agreeToTerms(me._tos).then(agree, reject);
} }
@ -201,7 +199,7 @@ ACME._registerAccount = function (me, options) {
} }
*/ */
ACME._getChallenges = function (me, options, auth) { ACME._getChallenges = function (me, options, auth) {
if (me.debug) { console.log('\n[DEBUG] getChallenges\n'); } if (me.debug) console.debug('\n[DEBUG] getChallenges\n');
return me._request({ method: 'GET', url: auth, json: true }).then(function (resp) { return me._request({ method: 'GET', url: auth, json: true }).then(function (resp) {
return resp.body; return resp.body;
}); });
@ -264,14 +262,14 @@ ACME._postChallenge = function (me, options, identifier, ch) {
, headers: { 'Content-Type': 'application/jose+json' } , headers: { 'Content-Type': 'application/jose+json' }
, json: jws , json: jws
}).then(function (resp) { }).then(function (resp) {
console.log('[acme-v2.js] deactivate:'); if (me.debug) console.debug('[acme-v2.js] deactivate:');
console.log(resp.headers); if (me.debug) console.debug(resp.headers);
console.log(resp.body); if (me.debug) console.debug(resp.body);
console.log(); if (me.debug) console.debug();
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
if (me.debug) { console.log('deactivate challenge: resp.body:'); } if (me.debug) console.debug('deactivate challenge: resp.body:');
if (me.debug) { console.log(resp.body); } if (me.debug) console.debug(resp.body);
return ACME._wait(10 * 1000); return ACME._wait(10 * 1000);
}); });
} }
@ -283,13 +281,13 @@ ACME._postChallenge = function (me, options, identifier, ch) {
count += 1; count += 1;
if (me.debug) { console.log('\n[DEBUG] statusChallenge\n'); } if (me.debug) console.debug('\n[DEBUG] statusChallenge\n');
return me._request({ method: 'GET', url: ch.url, json: true }).then(function (resp) { return me._request({ method: 'GET', url: ch.url, json: true }).then(function (resp) {
console.error('poll: resp.body:'); console.error('poll: resp.body:');
console.error(resp.body); console.error(resp.body);
if ('processing' === resp.body.status) { if ('processing' === resp.body.status) {
if (me.debug) { console.log('poll: again'); } if (me.debug) console.debug('poll: again');
return ACME._wait(1 * 1000).then(pollStatus); return ACME._wait(1 * 1000).then(pollStatus);
} }
@ -298,12 +296,12 @@ ACME._postChallenge = function (me, options, identifier, ch) {
if (count >= 4) { if (count >= 4) {
return ACME._wait(1 * 1000).then(deactivate).then(testChallenge); return ACME._wait(1 * 1000).then(deactivate).then(testChallenge);
} }
if (me.debug) { console.log('poll: again'); } if (me.debug) console.debug('poll: again');
return ACME._wait(1 * 1000).then(testChallenge); return ACME._wait(1 * 1000).then(testChallenge);
} }
if ('valid' === resp.body.status) { if ('valid' === resp.body.status) {
if (me.debug) { console.log('poll: valid'); } if (me.debug) console.debug('poll: valid');
try { try {
if (1 === options.removeChallenge.length) { if (1 === options.removeChallenge.length) {
@ -345,14 +343,14 @@ ACME._postChallenge = function (me, options, identifier, ch) {
, headers: { 'Content-Type': 'application/jose+json' } , headers: { 'Content-Type': 'application/jose+json' }
, json: jws , json: jws
}).then(function (resp) { }).then(function (resp) {
console.log('[acme-v2.js] challenge accepted!'); if (me.debug) console.debug('[acme-v2.js] challenge accepted!');
console.log(resp.headers); if (me.debug) console.debug(resp.headers);
console.log(resp.body); if (me.debug) console.debug(resp.body);
console.log(); if (me.debug) console.debug();
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
if (me.debug) { console.log('respond to challenge: resp.body:'); } if (me.debug) console.debug('respond to challenge: resp.body:');
if (me.debug) { console.log(resp.body); } if (me.debug) console.debug(resp.body);
return ACME._wait(1 * 1000).then(pollStatus).then(resolve, reject); return ACME._wait(1 * 1000).then(pollStatus).then(resolve, reject);
}); });
} }
@ -367,8 +365,8 @@ ACME._postChallenge = function (me, options, identifier, ch) {
// http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}} // http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}}
// dns-01: TXT _acme-challenge.example.org. => "{{urlSafeBase64(sha256(keyAuth))}}" // dns-01: TXT _acme-challenge.example.org. => "{{urlSafeBase64(sha256(keyAuth))}}"
if (me.debug) {console.log('\n[DEBUG] postChallenge\n'); } if (me.debug) {console.debug('\n[DEBUG] postChallenge\n'); }
//console.log('\n[DEBUG] stop to fix things\n'); return; //if (me.debug) console.debug('\n[DEBUG] stop to fix things\n'); return;
return ACME._wait(1 * 1000).then(function () { return ACME._wait(1 * 1000).then(function () {
if (!me.skipChallengeTest) { if (!me.skipChallengeTest) {
@ -391,7 +389,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
}); });
}; };
ACME._finalizeOrder = function (me, options, validatedDomains) { ACME._finalizeOrder = function (me, options, validatedDomains) {
if (me.debug) { console.log('finalizeOrder:'); } if (me.debug) console.debug('finalizeOrder:');
var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains); var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains);
var body = { csr: csr }; var body = { csr: csr };
var payload = JSON.stringify(body); var payload = JSON.stringify(body);
@ -404,7 +402,7 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
, new Buffer(payload) , new Buffer(payload)
); );
if (me.debug) { console.log('finalize:', me._finalize); } if (me.debug) console.debug('finalize:', me._finalize);
me._nonce = null; me._nonce = null;
return me._request({ return me._request({
method: 'POST' method: 'POST'
@ -414,8 +412,8 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
}).then(function (resp) { }).then(function (resp) {
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
if (me.debug) { console.log('order finalized: resp.body:'); } if (me.debug) console.debug('order finalized: resp.body:');
if (me.debug) { console.log(resp.body); } if (me.debug) console.debug(resp.body);
if ('processing' === resp.body.status) { if ('processing' === resp.body.status) {
return ACME._wait().then(pollCert); return ACME._wait().then(pollCert);
@ -441,7 +439,7 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
return pollCert(); return pollCert();
}; };
ACME._getCertificate = function (me, options) { ACME._getCertificate = function (me, options) {
if (me.debug) { console.log('[acme-v2] DEBUG get cert 1'); } if (me.debug) console.debug('[acme-v2] DEBUG get cert 1');
if (!options.challengeTypes) { if (!options.challengeTypes) {
if (!options.challengeType) { if (!options.challengeType) {
@ -461,7 +459,7 @@ ACME._getCertificate = function (me, options) {
} }
} }
if (me.debug) { console.log('[acme-v2] certificates.create'); } if (me.debug) console.debug('[acme-v2] certificates.create');
return ACME._getNonce(me).then(function () { return ACME._getNonce(me).then(function () {
var body = { var body = {
identifiers: options.domains.map(function (hostname) { identifiers: options.domains.map(function (hostname) {
@ -479,7 +477,7 @@ ACME._getCertificate = function (me, options) {
, new Buffer(payload) , new Buffer(payload)
); );
if (me.debug) { console.log('\n[DEBUG] newOrder\n'); } if (me.debug) console.debug('\n[DEBUG] newOrder\n');
me._nonce = null; me._nonce = null;
return me._request({ return me._request({
method: 'POST' method: 'POST'
@ -490,21 +488,19 @@ ACME._getCertificate = function (me, options) {
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
var location = resp.toJSON().headers.location; var location = resp.toJSON().headers.location;
var auths; var auths;
if (me.debug) { if (me.debug) console.debug(location); // the account id url
console.log(location); // the account id url if (me.debug) console.debug(resp.toJSON());
console.log(resp.toJSON());
}
me._authorizations = resp.body.authorizations; me._authorizations = resp.body.authorizations;
me._order = location; me._order = location;
me._finalize = resp.body.finalize; me._finalize = resp.body.finalize;
//console.log('[DEBUG] finalize:', me._finalize); return; //if (me.debug) console.debug('[DEBUG] finalize:', me._finalize); return;
if (!me._authorizations) { if (!me._authorizations) {
console.error("[acme-v2.js] authorizations were not fetched:"); console.error("[acme-v2.js] authorizations were not fetched:");
console.error(resp.body); console.error(resp.body);
return Promise.reject(new Error("authorizations were not fetched")); return Promise.reject(new Error("authorizations were not fetched"));
} }
if (me.debug) { console.log("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); } if (me.debug) console.debug("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
//return resp.body; //return resp.body;
auths = me._authorizations.slice(0); auths = me._authorizations.slice(0);
@ -538,17 +534,17 @@ ACME._getCertificate = function (me, options) {
} }
return next().then(function () { return next().then(function () {
if (me.debug) { console.log("37 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); } if (me.debug) console.debug("37 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
var validatedDomains = body.identifiers.map(function (ident) { var validatedDomains = body.identifiers.map(function (ident) {
return ident.value; return ident.value;
}); });
return ACME._finalizeOrder(me, options, validatedDomains); return ACME._finalizeOrder(me, options, validatedDomains);
}).then(function () { }).then(function () {
console.log('acme-v2: order was finalized'); if (me.debug) console.debug('acme-v2: order was finalized');
return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) { return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) {
console.log('acme-v2: csr submitted and cert received:'); if (me.debug) console.debug('acme-v2: csr submitted and cert received:');
console.log(resp.body); if (me.debug) console.debug(resp.body);
return resp.body; return resp.body;
}); });
}); });
@ -558,8 +554,7 @@ ACME._getCertificate = function (me, options) {
ACME.create = function create(me) { ACME.create = function create(me) {
if (!me) { me = {}; } if (!me) { me = {}; }
// // me.debug = true;
me.debug = true;
me.challengePrefixes = ACME.challengePrefixes; me.challengePrefixes = ACME.challengePrefixes;
me.RSA = me.RSA || require('rsa-compat').RSA; me.RSA = me.RSA || require('rsa-compat').RSA;
me.request = me.request || require('request'); me.request = me.request || require('request');

13
package.json
View File

@ -1,7 +1,7 @@
{ {
"name": "acme-v2", "name": "acme-v2",
"version": "0.9.0", "version": "1.0.0",
"description": "A framework for building letsencrypt clients (and other ACME v2 clients), forked from le-acme-core.js.", "description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js",
"homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js", "homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
"main": "node.js", "main": "node.js",
"scripts": { "scripts": {
@ -13,16 +13,25 @@
}, },
"keywords": [ "keywords": [
"acmev2", "acmev2",
"acmev02",
"acme-v2", "acme-v2",
"acme-v02",
"acme", "acme",
"acme2", "acme2",
"acme11",
"acme-draft11",
"acme-draft-11",
"draft",
"11",
"ssl", "ssl",
"tls", "tls",
"https", "https",
"Let's Encrypt", "Let's Encrypt",
"letsencrypt", "letsencrypt",
"letsencrypt-v2", "letsencrypt-v2",
"letsencrypt-v02",
"letsencryptv2", "letsencryptv2",
"letsencryptv02",
"letsencrypt2", "letsencrypt2",
"greenlock", "greenlock",
"greenlock2" "greenlock2"