greenlock-store-sequelize.js/le-store-sequelize.js

179 lines
5.0 KiB
JavaScript

'use strict';
module.exports.create = function (config={}) {
var store = {
options: {},
accounts: {},
certificates: {}
};
// The user can provide their own db, but if they don't, we'll use the
// baked-in db.
if (!config.db) {
// If the user provides options for the baked-in db, we'll use them. If
// they don't, we'll use the baked-in db with its defaults.
config.db = require('./db')(config.dbConfig || null);
}
else {
// This library expects config.db to resolve the db object. We'll ensure
// that this is the case with the provided db, as it was with the baked-in
// db.
config.db = Promise.resolve(config.db);
}
store.certificates.check = function (opts) {
return config.db.then(function (db) {
return db.Certificate.findOne({
where: {
subject: opts.subject
},
attributes: {
exclude: ['createdAt','updatedAt']
},
include: {
model: db.Chain
}
});
}).then(function (record) {
if (record) {
var obj = record.get();
obj.Chain = obj.Chain.get();
obj.chain = obj.Chain.content;
delete obj.Chain;
obj.issuedAt = new Date(obj.issuedAt).getTime();
obj.expiresAt = new Date(obj.expiresAt).getTime();
obj.altnames = String(obj.altnames).split(',');
return obj;
}
var err = new Error('certificate record not found');
err.code = 'ENOENT';
throw err;
}).catch(function (err) {
if (err.code == 'ENOENT') {
return null;
}
throw err;
});
};
// optional, not implemented
store.accounts.check = function () {
return Promise.resolve(null);
};
store.accounts.checkKeypair = function (opts) {
return config.db.then(function (db) {
return db.Keypair.findOne({
where: {
// using xid because id is reserved by sequelize
xid: opts.account.id || opts.email || 'single-user'
}
});
}).then(function (record) {
if (record) {
return JSON.parse(record.get().content);
}
var err = new Error('keypair record not found');
err.code = 'ENOENT';
throw err;
}).catch(function (err) {
if (err.code == 'ENOENT') {
return null;
}
throw err;
});
};
store.accounts.setKeypair = function (opts) {
return config.db.then(function (db) {
return db.Keypair.findOrCreate({
where: {
// using xid because id is reserved by sequelize
xid: opts.account.id || opts.email || 'single-user'
}
});
}).then(function ([record,created]) {
record.content = JSON.stringify(opts.keypair);
return record.save();
});
};
// optional, not implemented
store.accounts.set = function (opts) {
return Promise.resolve(null);
};
store.certificates.checkKeypair = function (opts) {
return config.db.then(function (db) {
return db.Keypair.findOne({
where: {
// using xid because id is reserved by sequelize
xid: opts.certificate.kid || opts.certificate.id || opts.subject
}
});
}).then(function (record) {
if (record) {
return JSON.parse(record.get().content);
}
var err = new Error('keypair record not found');
err.code = 'ENOENT';
throw err;
}).catch(function (err) {
if (err.code == 'ENOENT') {
return null;
}
throw err;
});
};
store.certificates.setKeypair = function (opts) {
return config.db.then(function (db) {
return db.Keypair.findOrCreate({
where: {
// using xid because id is reserved by sequelize
xid: opts.certificate.kid || opts.certificate.id || opts.subject
}
})
}).then(function ([record,created]) {
// { privateKeyPem, privateKeyJWK }
record.content = JSON.stringify(opts.keypair);
return record.save();
});
};
store.certificates.set = function (opts) {
var chainDbId;
var chainShaId = require('./make-safe-sha-str')(opts.pems.chain);
return config.db.then(function (db) {
return db.Chain.findOrCreate({
where: {
xid: chainShaId
}
}).then(function ([chainRec,created]) {
chainDbId = chainRec.id;
chainRec.content = opts.pems.chain;
return chainRec.save();
}).then(function () {
var query = { where: {} };
if (opts.certificate.id) {
query.where.id = opts.certificate.id;
}
else {
query.where.subject = opts.subject;
}
return db.Certificate.findOrCreate(query);
}).then(function (records) {
var record = records[0];
record.cert = opts.pems.cert;
record.altnames = opts.pems.altnames.join(',');
record.issuedAt = new Date(opts.pems.issuedAt).toISOString();
record.expiresAt = new Date(opts.pems.expiresAt).toISOString();
record.setChain(chainDbId);
return record.save();
});
});
};
return store;
};