@certd/acme-client 1.33.7 → 1.34.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -4
- package/src/auto.js +2 -2
- package/src/index.js +2 -0
- package/src/util.js +1 -0
- package/types/dist/index.test-d.js +58 -0
- package/types/index.d.ts +4 -2
- package/types/index.test-d.js +0 -137
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"description": "Simple and unopinionated ACME client",
|
|
4
4
|
"private": false,
|
|
5
5
|
"author": "nmorsman",
|
|
6
|
-
"version": "1.
|
|
6
|
+
"version": "1.34.0",
|
|
7
7
|
"type": "module",
|
|
8
8
|
"module": "scr/index.js",
|
|
9
9
|
"main": "src/index.js",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"types"
|
|
19
19
|
],
|
|
20
20
|
"dependencies": {
|
|
21
|
-
"@certd/basic": "^1.
|
|
21
|
+
"@certd/basic": "^1.34.0",
|
|
22
22
|
"@peculiar/x509": "^1.11.0",
|
|
23
23
|
"asn1js": "^3.0.5",
|
|
24
24
|
"axios": "^1.7.2",
|
|
@@ -26,7 +26,8 @@
|
|
|
26
26
|
"http-proxy-agent": "^7.0.2",
|
|
27
27
|
"https-proxy-agent": "^7.0.5",
|
|
28
28
|
"lodash-es": "^4.17.21",
|
|
29
|
-
"node-forge": "^1.3.1"
|
|
29
|
+
"node-forge": "^1.3.1",
|
|
30
|
+
"punycode": "^2.3.1"
|
|
30
31
|
},
|
|
31
32
|
"devDependencies": {
|
|
32
33
|
"@types/node": "^20.14.10",
|
|
@@ -67,5 +68,5 @@
|
|
|
67
68
|
"bugs": {
|
|
68
69
|
"url": "https://github.com/publishlab/node-acme-client/issues"
|
|
69
70
|
},
|
|
70
|
-
"gitHead": "
|
|
71
|
+
"gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
|
|
71
72
|
}
|
package/src/auto.js
CHANGED
|
@@ -117,12 +117,12 @@ export default async (client, userOpts) => {
|
|
|
117
117
|
|
|
118
118
|
log(`[auto] [${d}] Trigger challengeCreateFn()`);
|
|
119
119
|
try {
|
|
120
|
-
const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization } = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
|
|
120
|
+
const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization ,httpUploader} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
|
|
121
121
|
clearTasks.push(async () => {
|
|
122
122
|
/* Trigger challengeRemoveFn(), suppress errors */
|
|
123
123
|
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
|
|
124
124
|
try {
|
|
125
|
-
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
|
|
125
|
+
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider,httpUploader);
|
|
126
126
|
} catch (e) {
|
|
127
127
|
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
|
|
128
128
|
}
|
package/src/index.js
CHANGED
package/src/util.js
CHANGED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* acme-client type definition tests
|
|
3
|
+
*/
|
|
4
|
+
import * as acme from 'acme-client';
|
|
5
|
+
(async () => {
|
|
6
|
+
/* Client */
|
|
7
|
+
const accountKey = await acme.crypto.createPrivateKey();
|
|
8
|
+
const client = new acme.Client({
|
|
9
|
+
accountKey,
|
|
10
|
+
directoryUrl: acme.directory.letsencrypt.staging
|
|
11
|
+
});
|
|
12
|
+
/* Account */
|
|
13
|
+
await client.createAccount({
|
|
14
|
+
termsOfServiceAgreed: true,
|
|
15
|
+
contact: ['mailto:test@example.com']
|
|
16
|
+
});
|
|
17
|
+
/* Order */
|
|
18
|
+
const order = await client.createOrder({
|
|
19
|
+
identifiers: [
|
|
20
|
+
{ type: 'dns', value: 'example.com' },
|
|
21
|
+
{ type: 'dns', value: '*.example.com' },
|
|
22
|
+
]
|
|
23
|
+
});
|
|
24
|
+
await client.getOrder(order);
|
|
25
|
+
/* Authorizations / Challenges */
|
|
26
|
+
const authorizations = await client.getAuthorizations(order);
|
|
27
|
+
const authorization = authorizations[0];
|
|
28
|
+
const challenge = authorization.challenges[0];
|
|
29
|
+
await client.getChallengeKeyAuthorization(challenge);
|
|
30
|
+
await client.verifyChallenge(authorization, challenge);
|
|
31
|
+
await client.completeChallenge(challenge);
|
|
32
|
+
await client.waitForValidStatus(challenge);
|
|
33
|
+
/* Finalize */
|
|
34
|
+
const [certKey, certCsr] = await acme.crypto.createCsr({
|
|
35
|
+
commonName: 'example.com',
|
|
36
|
+
altNames: ['example.com', '*.example.com']
|
|
37
|
+
});
|
|
38
|
+
await client.finalizeOrder(order, certCsr);
|
|
39
|
+
await client.getCertificate(order);
|
|
40
|
+
await client.getCertificate(order, 'DST Root CA X3');
|
|
41
|
+
/* Auto */
|
|
42
|
+
await client.auto({
|
|
43
|
+
csr: certCsr,
|
|
44
|
+
challengeCreateFn: async (authz, challenge, keyAuthorization) => { },
|
|
45
|
+
challengeRemoveFn: async (authz, challenge, keyAuthorization) => { }
|
|
46
|
+
});
|
|
47
|
+
await client.auto({
|
|
48
|
+
csr: certCsr,
|
|
49
|
+
email: 'test@example.com',
|
|
50
|
+
termsOfServiceAgreed: false,
|
|
51
|
+
skipChallengeVerification: false,
|
|
52
|
+
challengePriority: ['http-01', 'dns-01'],
|
|
53
|
+
preferredChain: 'DST Root CA X3',
|
|
54
|
+
challengeCreateFn: async (authz, challenge, keyAuthorization) => { },
|
|
55
|
+
challengeRemoveFn: async (authz, challenge, keyAuthorization) => { }
|
|
56
|
+
});
|
|
57
|
+
})();
|
|
58
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXgudGVzdC1kLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vaW5kZXgudGVzdC1kLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBRUgsT0FBTyxLQUFLLElBQUksTUFBTSxhQUFhLENBQUM7QUFFcEMsQ0FBQyxLQUFLLElBQUksRUFBRTtJQUNSLFlBQVk7SUFDWixNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztJQUV4RCxNQUFNLE1BQU0sR0FBRyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUM7UUFDM0IsVUFBVTtRQUNWLFlBQVksRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxPQUFPO0tBQ25ELENBQUMsQ0FBQztJQUVILGFBQWE7SUFDYixNQUFNLE1BQU0sQ0FBQyxhQUFhLENBQUM7UUFDdkIsb0JBQW9CLEVBQUUsSUFBSTtRQUMxQixPQUFPLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQztLQUN2QyxDQUFDLENBQUM7SUFFSCxXQUFXO0lBQ1gsTUFBTSxLQUFLLEdBQUcsTUFBTSxNQUFNLENBQUMsV0FBVyxDQUFDO1FBQ25DLFdBQVcsRUFBRTtZQUNULEVBQUUsSUFBSSxFQUFFLEtBQUssRUFBRSxLQUFLLEVBQUUsYUFBYSxFQUFFO1lBQ3JDLEVBQUUsSUFBSSxFQUFFLEtBQUssRUFBRSxLQUFLLEVBQUUsZUFBZSxFQUFFO1NBQzFDO0tBQ0osQ0FBQyxDQUFDO0lBRUgsTUFBTSxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBRTdCLGlDQUFpQztJQUNqQyxNQUFNLGNBQWMsR0FBRyxNQUFNLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUM3RCxNQUFNLGFBQWEsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEMsTUFBTSxTQUFTLEdBQUcsYUFBYSxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUU5QyxNQUFNLE1BQU0sQ0FBQyw0QkFBNEIsQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUNyRCxNQUFNLE1BQU0sQ0FBQyxlQUFlLENBQUMsYUFBYSxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ3ZELE1BQU0sTUFBTSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQzFDLE1BQU0sTUFBTSxDQUFDLGtCQUFrQixDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBRTNDLGNBQWM7SUFDZCxNQUFNLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUM7UUFDbkQsVUFBVSxFQUFFLGFBQWE7UUFDekIsUUFBUSxFQUFFLENBQUMsYUFBYSxFQUFFLGVBQWUsQ0FBQztLQUM3QyxDQUFDLENBQUM7SUFFSCxNQUFNLE1BQU0sQ0FBQyxhQUFhLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQzNDLE1BQU0sTUFBTSxDQUFDLGNBQWMsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUNuQyxNQUFNLE1BQU0sQ0FBQyxjQUFjLENBQUMsS0FBSyxFQUFFLGdCQUFnQixDQUFDLENBQUM7SUFFckQsVUFBVTtJQUNWLE1BQU0sTUFBTSxDQUFDLElBQUksQ0FBQztRQUNkLEdBQUcsRUFBRSxPQUFPO1FBQ1osaUJBQWlCLEVBQUUsS0FBSyxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsZ0JBQWdCLEVBQUUsRUFBRSxHQUFFLENBQUM7UUFDbkUsaUJBQWlCLEVBQUUsS0FBSyxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsZ0JBQWdCLEVBQUUsRUFBRSxHQUFFLENBQUM7S0FDdEUsQ0FBQyxDQUFDO0lBRUgsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDO1FBQ2QsR0FBRyxFQUFFLE9BQU87UUFDWixLQUFLLEVBQUUsa0JBQWtCO1FBQ3pCLG9CQUFvQixFQUFFLEtBQUs7UUFDM0IseUJBQXlCLEVBQUUsS0FBSztRQUNoQyxpQkFBaUIsRUFBRSxDQUFDLFNBQVMsRUFBRSxRQUFRLENBQUM7UUFDeEMsY0FBYyxFQUFFLGdCQUFnQjtRQUNoQyxpQkFBaUIsRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxnQkFBZ0IsRUFBRSxFQUFFLEdBQUUsQ0FBQztRQUNuRSxpQkFBaUIsRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxnQkFBZ0IsRUFBRSxFQUFFLEdBQUUsQ0FBQztLQUN0RSxDQUFDLENBQUM7QUFDUCxDQUFDLENBQUMsRUFBRSxDQUFDIn0=
|
package/types/index.d.ts
CHANGED
|
@@ -59,7 +59,7 @@ export interface ClientExternalAccountBindingOptions {
|
|
|
59
59
|
export interface ClientAutoOptions {
|
|
60
60
|
csr: CsrBuffer | CsrString;
|
|
61
61
|
challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
|
|
62
|
-
challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
|
|
62
|
+
challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any,httpUploader:any) => Promise<any>;
|
|
63
63
|
email?: string;
|
|
64
64
|
termsOfServiceAgreed?: boolean;
|
|
65
65
|
skipChallengeVerification?: boolean;
|
|
@@ -204,4 +204,6 @@ export function setLogger(fn: (message: any, ...args: any[]) => void): void;
|
|
|
204
204
|
|
|
205
205
|
export function walkTxtRecord(record: any): Promise<string[]>;
|
|
206
206
|
|
|
207
|
-
export const CancelError: typeof CancelError;
|
|
207
|
+
export const CancelError: typeof CancelError;
|
|
208
|
+
|
|
209
|
+
export function resolveDomainBySoaRecord(domain: string): Promise<string>;
|
package/types/index.test-d.js
DELETED
|
@@ -1,137 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* acme-client type definition tests
|
|
4
|
-
*/
|
|
5
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
6
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
7
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
8
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
9
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
10
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
11
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
12
|
-
});
|
|
13
|
-
};
|
|
14
|
-
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
15
|
-
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
16
|
-
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
17
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
18
|
-
function step(op) {
|
|
19
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
20
|
-
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
21
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
22
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
23
|
-
switch (op[0]) {
|
|
24
|
-
case 0: case 1: t = op; break;
|
|
25
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
26
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
27
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
28
|
-
default:
|
|
29
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
30
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
31
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
32
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
33
|
-
if (t[2]) _.ops.pop();
|
|
34
|
-
_.trys.pop(); continue;
|
|
35
|
-
}
|
|
36
|
-
op = body.call(thisArg, _);
|
|
37
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
38
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
39
|
-
}
|
|
40
|
-
};
|
|
41
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
var acme = require("acme-client");
|
|
43
|
-
(function () { return __awaiter(void 0, void 0, void 0, function () {
|
|
44
|
-
var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
|
|
45
|
-
return __generator(this, function (_b) {
|
|
46
|
-
switch (_b.label) {
|
|
47
|
-
case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
|
|
48
|
-
case 1:
|
|
49
|
-
accountKey = _b.sent();
|
|
50
|
-
client = new acme.Client({
|
|
51
|
-
accountKey: accountKey,
|
|
52
|
-
directoryUrl: acme.directory.letsencrypt.staging
|
|
53
|
-
});
|
|
54
|
-
/* Account */
|
|
55
|
-
return [4 /*yield*/, client.createAccount({
|
|
56
|
-
termsOfServiceAgreed: true,
|
|
57
|
-
contact: ['mailto:test@example.com']
|
|
58
|
-
})];
|
|
59
|
-
case 2:
|
|
60
|
-
/* Account */
|
|
61
|
-
_b.sent();
|
|
62
|
-
return [4 /*yield*/, client.createOrder({
|
|
63
|
-
identifiers: [
|
|
64
|
-
{ type: 'dns', value: 'example.com' },
|
|
65
|
-
{ type: 'dns', value: '*.example.com' },
|
|
66
|
-
]
|
|
67
|
-
})];
|
|
68
|
-
case 3:
|
|
69
|
-
order = _b.sent();
|
|
70
|
-
return [4 /*yield*/, client.getOrder(order)];
|
|
71
|
-
case 4:
|
|
72
|
-
_b.sent();
|
|
73
|
-
return [4 /*yield*/, client.getAuthorizations(order)];
|
|
74
|
-
case 5:
|
|
75
|
-
authorizations = _b.sent();
|
|
76
|
-
authorization = authorizations[0];
|
|
77
|
-
challenge = authorization.challenges[0];
|
|
78
|
-
return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
|
|
79
|
-
case 6:
|
|
80
|
-
_b.sent();
|
|
81
|
-
return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
|
|
82
|
-
case 7:
|
|
83
|
-
_b.sent();
|
|
84
|
-
return [4 /*yield*/, client.completeChallenge(challenge)];
|
|
85
|
-
case 8:
|
|
86
|
-
_b.sent();
|
|
87
|
-
return [4 /*yield*/, client.waitForValidStatus(challenge)];
|
|
88
|
-
case 9:
|
|
89
|
-
_b.sent();
|
|
90
|
-
return [4 /*yield*/, acme.crypto.createCsr({
|
|
91
|
-
commonName: 'example.com',
|
|
92
|
-
altNames: ['example.com', '*.example.com']
|
|
93
|
-
})];
|
|
94
|
-
case 10:
|
|
95
|
-
_a = _b.sent(), certKey = _a[0], certCsr = _a[1];
|
|
96
|
-
return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
|
|
97
|
-
case 11:
|
|
98
|
-
_b.sent();
|
|
99
|
-
return [4 /*yield*/, client.getCertificate(order)];
|
|
100
|
-
case 12:
|
|
101
|
-
_b.sent();
|
|
102
|
-
return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
|
|
103
|
-
case 13:
|
|
104
|
-
_b.sent();
|
|
105
|
-
/* Auto */
|
|
106
|
-
return [4 /*yield*/, client.auto({
|
|
107
|
-
csr: certCsr,
|
|
108
|
-
challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
109
|
-
return [2 /*return*/];
|
|
110
|
-
}); }); },
|
|
111
|
-
challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
112
|
-
return [2 /*return*/];
|
|
113
|
-
}); }); }
|
|
114
|
-
})];
|
|
115
|
-
case 14:
|
|
116
|
-
/* Auto */
|
|
117
|
-
_b.sent();
|
|
118
|
-
return [4 /*yield*/, client.auto({
|
|
119
|
-
csr: certCsr,
|
|
120
|
-
email: 'test@example.com',
|
|
121
|
-
termsOfServiceAgreed: false,
|
|
122
|
-
skipChallengeVerification: false,
|
|
123
|
-
challengePriority: ['http-01', 'dns-01'],
|
|
124
|
-
preferredChain: 'DST Root CA X3',
|
|
125
|
-
challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
126
|
-
return [2 /*return*/];
|
|
127
|
-
}); }); },
|
|
128
|
-
challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
129
|
-
return [2 /*return*/];
|
|
130
|
-
}); }); }
|
|
131
|
-
})];
|
|
132
|
-
case 15:
|
|
133
|
-
_b.sent();
|
|
134
|
-
return [2 /*return*/];
|
|
135
|
-
}
|
|
136
|
-
});
|
|
137
|
-
}); })();
|