npm - @certd/acme-client - Versions diffs - 1.20.15 → 1.20.16 - Mend

@certd/acme-client 1.20.15 → 1.20.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/README.md CHANGED Viewed

@@ -9,13 +9,13 @@ This module is written to handle communication with a Boulder/Let's Encrypt-styl
 ## Compatibility
-| acme-client   | Node.js   |                                           |
-| ------------- | --------- | ----------------------------------------- |
-| v5.x          | >= v16    | [Upgrade guide](docs/upgrade-v5.md)       |
-| v4.x          | >= v10    | [Changelog](CHANGELOG.md#v400-2020-05-29) |
-| v3.x          | >= v8     | [Changelog](CHANGELOG.md#v300-2019-07-13) |
-| v2.x          | >= v4     | [Changelog](CHANGELOG.md#v200-2018-04-02) |
-| v1.x          | >= v4     | [Changelog](CHANGELOG.md#v100-2017-10-20) |
+| acme-client | Node.js |                                           |
+| ----------- | ------- | ----------------------------------------- |
+| v5.x        | >= v16  | [Upgrade guide](docs/upgrade-v5.md)       |
+| v4.x        | >= v10  | [Changelog](CHANGELOG.md#v400-2020-05-29) |
+| v3.x        | >= v8   | [Changelog](CHANGELOG.md#v300-2019-07-13) |
+| v2.x        | >= v4   | [Changelog](CHANGELOG.md#v200-2018-04-02) |
+| v1.x        | >= v4   | [Changelog](CHANGELOG.md#v100-2017-10-20) |
 ## Table of contents
@@ -49,7 +49,7 @@ const accountPrivateKey = '<PEM encoded private key>';
 const client = new acme.Client({
     directoryUrl: acme.directory.letsencrypt.staging,
-    accountKey: accountPrivateKey
+    accountKey: accountPrivateKey,
 });
 ```
@@ -75,8 +75,8 @@ const client = new acme.Client({
     accountKey: accountPrivateKey,
     externalAccountBinding: {
         kid: 'YOUR-EAB-KID',
-        hmacKey: 'YOUR-EAB-HMAC-KEY'
-    }
+        hmacKey: 'YOUR-EAB-HMAC-KEY',
+    },
 });
 ```
@@ -90,7 +90,7 @@ In some cases, for example with some EAB providers, this account creation step m
 const client = new acme.Client({
     directoryUrl: acme.directory.letsencrypt.staging,
     accountKey: accountPrivateKey,
-    accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678'
+    accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678',
 });
 ```
@@ -113,8 +113,7 @@ const privateRsaKey = await acme.crypto.createPrivateRsaKey();
 const privateEcdsaKey = await acme.crypto.createPrivateEcdsaKey();
 const [certificateKey, certificateCsr] = await acme.crypto.createCsr({
-    commonName: '*.example.com',
-    altNames: ['example.com']
+    altNames: ['example.com', '*.example.com'],
 });
 ```
@@ -139,7 +138,7 @@ const autoOpts = {
     email: 'test@example.com',
     termsOfServiceAgreed: true,
     challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
-    challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
+    challengeRemoveFn: async (authz, challenge, keyAuthorization) => {},
 };
 const certificate = await client.auto(autoOpts);
@@ -156,7 +155,7 @@ To modify challenge priority, provide a list of challenge types in `challengePri
 ```js
 await client.auto({
     ...,
-    challengePriority: ['http-01', 'dns-01']
+    challengePriority: ['http-01', 'dns-01'],
 });
 ```
@@ -171,7 +170,7 @@ To completely disable `acme-client`s internal challenge verification, enable `sk
 ```js
 await client.auto({
     ...,
-    skipChallengeVerification: true
+    skipChallengeVerification: true,
 });
 ```
@@ -185,14 +184,14 @@ For more fine-grained control you can interact with the ACME API using the metho
 ```js
 const account = await client.createAccount({
     termsOfServiceAgreed: true,
-    contact: ['mailto:test@example.com']
+    contact: ['mailto:test@example.com'],
 });
 const order = await client.createOrder({
     identifiers: [
         { type: 'dns', value: 'example.com' },
-        { type: 'dns', value: '*.example.com' }
-    ]
+        { type: 'dns', value: '*.example.com' },
+    ],
 });
 ```
@@ -207,7 +206,7 @@ const acme = require('acme-client');
 acme.axios.defaults.proxy = {
     host: '127.0.0.1',
-    port: 9000
+    port: 9000,
 };
 ```

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.20.15",
+    "version": "1.20.16",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -16,24 +16,24 @@
         "types"
     ],
     "dependencies": {
-        "@peculiar/x509": "^1.9.7",
+        "@peculiar/x509": "^1.10.0",
         "asn1js": "^3.0.5",
-        "axios": "^1.6.5",
+        "axios": "^1.7.2",
         "debug": "^4.1.1",
         "https-proxy-agent": "^7.0.4",
         "node-forge": "^1.3.1"
     },
     "devDependencies": {
-        "@types/node": "^20.11.5",
+        "@types/node": "^20.12.12",
         "chai": "^4.4.1",
-        "chai-as-promised": "^7.1.1",
-        "eslint": "^8.56.0",
+        "chai-as-promised": "^7.1.2",
+        "eslint": "^8.57.0",
         "eslint-config-airbnb-base": "^15.0.0",
         "eslint-plugin-import": "^2.29.1",
-        "jsdoc-to-markdown": "^8.0.0",
-        "mocha": "^10.2.0",
-        "nock": "^13.5.0",
-        "tsd": "^0.30.4",
+        "jsdoc-to-markdown": "^8.0.1",
+        "mocha": "^10.4.0",
+        "nock": "^13.5.4",
+        "tsd": "^0.31.0",
         "typescript": "^4.8.4",
         "uuid": "^8.3.2"
     },
@@ -59,5 +59,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "19a6b9468033be609e9e574ae5f1cf05a07a7592"
+    "gitHead": "d46dab4fdda738fac0be87a60a3af6037feb42d4"
 }

package/src/api.js CHANGED Viewed

@@ -4,7 +4,6 @@
 const util = require('./util');
 /**
  * AcmeApi
  *
@@ -18,7 +17,6 @@ class AcmeApi {
         this.accountUrl = accountUrl;
     }
     /**
      * Get account URL
      *
@@ -34,7 +32,6 @@ class AcmeApi {
         return this.accountUrl;
     }
     /**
      * ACME API request
      *
@@ -59,7 +56,6 @@ class AcmeApi {
         return resp;
     }
     /**
      * ACME API request by resource name helper
      *
@@ -78,7 +74,6 @@ class AcmeApi {
         return this.apiRequest(resourceUrl, payload, validStatusCodes, { includeJwsKid, includeExternalAccountBinding });
     }
     /**
      * Get Terms of Service URL if available
      *
@@ -91,7 +86,6 @@ class AcmeApi {
         return this.http.getMetaField('termsOfService');
     }
     /**
      * Create new account
      *
@@ -104,7 +98,7 @@ class AcmeApi {
     async createAccount(data) {
         const resp = await this.apiResourceRequest('newAccount', data, [200, 201], {
             includeJwsKid: false,
-            includeExternalAccountBinding: (data.onlyReturnExisting !== true)
+            includeExternalAccountBinding: (data.onlyReturnExisting !== true),
         });
         /* Set account URL */
@@ -115,7 +109,6 @@ class AcmeApi {
         return resp;
     }
     /**
      * Update account
      *
@@ -129,7 +122,6 @@ class AcmeApi {
         return this.apiRequest(this.getAccountUrl(), data, [200, 202]);
     }
     /**
      * Update account key
      *
@@ -143,7 +135,6 @@ class AcmeApi {
         return this.apiResourceRequest('keyChange', data, [200]);
     }
     /**
      * Create new order
      *
@@ -157,7 +148,6 @@ class AcmeApi {
         return this.apiResourceRequest('newOrder', data, [201]);
     }
     /**
      * Get order
      *
@@ -171,7 +161,6 @@ class AcmeApi {
         return this.apiRequest(url, null, [200]);
     }
     /**
      * Finalize order
      *
@@ -186,7 +175,6 @@ class AcmeApi {
         return this.apiRequest(url, data, [200]);
     }
     /**
      * Get identifier authorization
      *
@@ -200,7 +188,6 @@ class AcmeApi {
         return this.apiRequest(url, null, [200]);
     }
     /**
      * Update identifier authorization
      *
@@ -215,7 +202,6 @@ class AcmeApi {
         return this.apiRequest(url, data, [200]);
     }
     /**
      * Complete challenge
      *
@@ -230,7 +216,6 @@ class AcmeApi {
         return this.apiRequest(url, data, [200]);
     }
     /**
      * Revoke certificate
      *
@@ -245,6 +230,5 @@ class AcmeApi {
     }
 }
 /* Export API */
 module.exports = AcmeApi;

package/src/auto.js CHANGED Viewed

@@ -14,10 +14,9 @@ const defaultOpts = {
     skipChallengeVerification: false,
     challengePriority: ['http-01', 'dns-01'],
     challengeCreateFn: async () => { throw new Error('Missing challengeCreateFn()'); },
-    challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); }
+    challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); },
 };
 /**
  * ACME client auto mode
  *
@@ -26,8 +25,8 @@ const defaultOpts = {
  * @returns {Promise<buffer>} Certificate
  */
-module.exports = async function(client, userOpts) {
-    const opts = Object.assign({}, defaultOpts, userOpts);
+module.exports = async (client, userOpts) => {
+    const opts = { ...defaultOpts, ...userOpts };
     const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
     if (!Buffer.isBuffer(opts.csr)) {
@@ -38,7 +37,6 @@ module.exports = async function(client, userOpts) {
         accountPayload.contact = [`mailto:${opts.email}`];
     }
     /**
      * Register account
      */
@@ -54,7 +52,6 @@ module.exports = async function(client, userOpts) {
         await client.createAccount(accountPayload);
     }
     /**
      * Parse domains from CSR
      */
@@ -65,7 +62,6 @@ module.exports = async function(client, userOpts) {
     log(`[auto] Resolved ${uniqueDomains.length} unique domains from parsing the Certificate Signing Request`);
     /**
      * Place order
      */
@@ -77,7 +73,6 @@ module.exports = async function(client, userOpts) {
     log(`[auto] Placed certificate order successfully, received ${authorizations.length} identity authorizations`);
     /**
      * Resolve and satisfy challenges
      */
@@ -176,7 +171,6 @@ module.exports = async function(client, userOpts) {
         await challengeFunc(authz);
     });
     function runAllPromise(tasks) {
         let promise = Promise.resolve();
         tasks.forEach((task) => {
@@ -196,7 +190,6 @@ module.exports = async function(client, userOpts) {
         return Promise.all(results);
     }
     try {
         log('开始challenge');
         await runPromisePa(challengePromises);
@@ -216,11 +209,18 @@ module.exports = async function(client, userOpts) {
     }
     catch (e) {
         log('证书申请失败');
-        throw e;
+        log(e);
+        throw new Error(`证书申请失败:${e.message}`);
     }
     finally {
         log(`清理challenge痕迹，length:${clearTasks.length}`);
-        await runAllPromise(clearTasks);
+        try {
+            await runAllPromise(clearTasks);
+        }
+        catch (e) {
+            log('清理challenge失败');
+            log(e);
+        }
     }
     // try {

package/src/axios.js CHANGED Viewed

@@ -5,7 +5,6 @@
 const axios = require('axios');
 const pkg = require('./../package.json');
 /**
  * Instance
  */
@@ -19,9 +18,8 @@ instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version
 instance.defaults.acmeSettings = {
     httpChallengePort: 80,
     httpsChallengePort: 443,
-    tlsAlpnChallengePort: 443
+    tlsAlpnChallengePort: 443,
 };
 // instance.defaults.proxy = {
 //     host: '192.168.34.139',
 //     port: 10811
@@ -35,7 +33,6 @@ instance.defaults.acmeSettings = {
 instance.defaults.adapter = 'http';
 /**
  * Export instance
  */

package/src/client.js CHANGED Viewed

@@ -13,7 +13,6 @@ const verify = require('./verify');
 const util = require('./util');
 const auto = require('./auto');
 /**
  * ACME states
  *
@@ -24,7 +23,6 @@ const validStates = ['ready', 'valid'];
 const pendingStates = ['pending', 'processing'];
 const invalidStates = ['invalid'];
 /**
  * Default options
  *
@@ -38,10 +36,9 @@ const defaultOpts = {
     externalAccountBinding: {},
     backoffAttempts: 10,
     backoffMin: 5000,
-    backoffMax: 30000
+    backoffMax: 30000,
 };
 /**
  * AcmeClient
  *
@@ -61,7 +58,7 @@ const defaultOpts = {
  * ```js
  * const client = new acme.Client({
  *     directoryUrl: acme.directory.letsencrypt.staging,
- *     accountKey: 'Private key goes here'
+ *     accountKey: 'Private key goes here',
  * });
  * ```
  *
@@ -73,7 +70,7 @@ const defaultOpts = {
  *     accountUrl: 'Optional account URL goes here',
  *     backoffAttempts: 10,
  *     backoffMin: 5000,
- *     backoffMax: 30000
+ *     backoffMax: 30000,
  * });
  * ```
  *
@@ -84,8 +81,8 @@ const defaultOpts = {
  *     accountKey: 'Private key goes here',
  *     externalAccountBinding: {
  *         kid: 'YOUR-EAB-KID',
- *         hmacKey: 'YOUR-EAB-HMAC-KEY'
- *     }
+ *         hmacKey: 'YOUR-EAB-HMAC-KEY',
+ *     },
  * });
  * ```
  */
@@ -96,19 +93,17 @@ class AcmeClient {
             opts.accountKey = Buffer.from(opts.accountKey);
         }
-        this.opts = Object.assign({}, defaultOpts, opts);
+        this.opts = { ...defaultOpts, ...opts };
         this.backoffOpts = {
             attempts: this.opts.backoffAttempts,
             min: this.opts.backoffMin,
-            max: this.opts.backoffMax
+            max: this.opts.backoffMax,
         };
         this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding);
         this.api = new AcmeApi(this.http, this.opts.accountUrl);
     }
     /**
      * Get Terms of Service URL if available
      *
@@ -128,7 +123,6 @@ class AcmeClient {
         return this.api.getTermsOfServiceUrl();
     }
     /**
      * Get current account URL
      *
@@ -150,7 +144,6 @@ class AcmeClient {
         return this.api.getAccountUrl();
     }
     /**
      * Create a new account
      *
@@ -162,7 +155,7 @@ class AcmeClient {
      * @example Create a new account
      * ```js
      * const account = await client.createAccount({
-     *     termsOfServiceAgreed: true
+     *     termsOfServiceAgreed: true,
      * });
      * ```
      *
@@ -170,7 +163,7 @@ class AcmeClient {
      * ```js
      * const account = await client.createAccount({
      *     termsOfServiceAgreed: true,
-     *     contact: ['mailto:test@example.com']
+     *     contact: ['mailto:test@example.com'],
      * });
      * ```
      */
@@ -196,7 +189,6 @@ class AcmeClient {
         }
     }
     /**
      * Update existing account
      *
@@ -208,7 +200,7 @@ class AcmeClient {
      * @example Update existing account
      * ```js
      * const account = await client.updateAccount({
-     *     contact: ['mailto:foo@example.com']
+     *     contact: ['mailto:foo@example.com'],
      * });
      * ```
      */
@@ -236,7 +228,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Update account private key
      *
@@ -282,7 +273,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Create a new order
      *
@@ -296,8 +286,8 @@ class AcmeClient {
      * const order = await client.createOrder({
      *     identifiers: [
      *         { type: 'dns', value: 'example.com' },
-     *         { type: 'dns', value: 'test.example.com' }
-     *     ]
+     *         { type: 'dns', value: 'test.example.com' },
+     *     ],
      * });
      * ```
      */
@@ -314,7 +304,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Refresh order object from CA
      *
@@ -376,7 +365,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Get identifier authorizations from order
      *
@@ -406,7 +394,6 @@ class AcmeClient {
         }));
     }
     /**
      * Deactivate identifier authorization
      *
@@ -427,10 +414,7 @@ class AcmeClient {
             throw new Error('Unable to deactivate identifier authorization, URL not found');
         }
-        const data = {
-            status: 'deactivated'
-        };
+        const data = { status: 'deactivated' };
         const resp = await this.api.updateAuthorization(authz.url, data);
         /* Add URL to response */
@@ -438,7 +422,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Get key authorization for ACME challenge
      *
@@ -480,7 +463,6 @@ class AcmeClient {
         throw new Error(`Unable to produce key authorization, unknown challenge type: ${challenge.type}`);
     }
     /**
      * Verify that ACME challenge is satisfied
      *
@@ -515,7 +497,6 @@ class AcmeClient {
         return util.retry(verifyFn, this.backoffOpts);
     }
     /**
      * Notify CA that challenge has been completed
      *
@@ -536,7 +517,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Wait for ACME provider to verify status on a order, authorization or challenge
      *
@@ -593,7 +573,6 @@ class AcmeClient {
         return util.retry(verifyFn, this.backoffOpts);
     }
     /**
      * Get certificate from ACME order
      *
@@ -640,7 +619,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Revoke certificate
      *
@@ -660,7 +638,7 @@ class AcmeClient {
      * ```js
      * const certificate = { ... }; // Previously created certificate
      * const result = await client.revokeCertificate(certificate, {
-     *     reason: 4
+     *     reason: 4,
      * });
      * ```
      */
@@ -671,7 +649,6 @@ class AcmeClient {
         return resp.data;
     }
     /**
      * Auto mode
      *
@@ -689,7 +666,7 @@ class AcmeClient {
      * @example Order a certificate using auto mode
      * ```js
      * const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
-     *     commonName: 'test.example.com'
+     *     altNames: ['test.example.com'],
      * });
      *
      * const certificate = await client.auto({
@@ -701,14 +678,14 @@ class AcmeClient {
      *     },
      *     challengeRemoveFn: async (authz, challenge, keyAuthorization) => {
      *         // Clean up challenge here
-     *     }
+     *     },
      * });
      * ```
      *
      * @example Order a certificate using auto mode with preferred chain
      * ```js
      * const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
-     *     commonName: 'test.example.com'
+     *     altNames: ['test.example.com'],
      * });
      *
      * const certificate = await client.auto({
@@ -717,7 +694,7 @@ class AcmeClient {
      *     termsOfServiceAgreed: true,
      *     preferredChain: 'DST Root CA X3',
      *     challengeCreateFn: async () => {},
-     *     challengeRemoveFn: async () => {}
+     *     challengeRemoveFn: async () => {},
      * });
      * ```
      */
@@ -727,6 +704,5 @@ class AcmeClient {
     }
 }
 /* Export client */
 module.exports = AcmeClient;