@certd/acme-client 1.37.1 → 1.37.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -4
- package/src/api.js +0 -1
- package/src/auto.js +4 -2
- package/src/axios.js +1 -1
- package/src/client.js +12 -8
- package/src/http.js +8 -7
- package/types/index.d.ts +1 -0
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"description": "Simple and unopinionated ACME client",
|
|
4
4
|
"private": false,
|
|
5
5
|
"author": "nmorsman",
|
|
6
|
-
"version": "1.37.
|
|
6
|
+
"version": "1.37.3",
|
|
7
7
|
"type": "module",
|
|
8
8
|
"module": "scr/index.js",
|
|
9
9
|
"main": "src/index.js",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"types"
|
|
19
19
|
],
|
|
20
20
|
"dependencies": {
|
|
21
|
-
"@certd/basic": "^1.37.
|
|
21
|
+
"@certd/basic": "^1.37.3",
|
|
22
22
|
"@peculiar/x509": "^1.11.0",
|
|
23
23
|
"asn1js": "^3.0.5",
|
|
24
24
|
"axios": "^1.7.2",
|
|
@@ -52,7 +52,8 @@
|
|
|
52
52
|
"lint-types": "tsd",
|
|
53
53
|
"prepublishOnly": "npm run build-docs",
|
|
54
54
|
"test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
|
|
55
|
-
"pub": "npm publish"
|
|
55
|
+
"pub": "npm publish",
|
|
56
|
+
"compile": "tsc --skipLibCheck --watch"
|
|
56
57
|
},
|
|
57
58
|
"repository": {
|
|
58
59
|
"type": "git",
|
|
@@ -69,5 +70,5 @@
|
|
|
69
70
|
"bugs": {
|
|
70
71
|
"url": "https://github.com/publishlab/node-acme-client/issues"
|
|
71
72
|
},
|
|
72
|
-
"gitHead": "
|
|
73
|
+
"gitHead": "335745d3651461fcc934154238a98a85be455e4f"
|
|
73
74
|
}
|
package/src/api.js
CHANGED
package/src/auto.js
CHANGED
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
* ACME auto helper
|
|
3
3
|
*/
|
|
4
4
|
import { readCsrDomains } from "./crypto/index.js";
|
|
5
|
-
import { log } from "./logger.js";
|
|
6
5
|
import { wait } from "./wait.js";
|
|
7
6
|
import { CancelError } from "./error.js";
|
|
8
7
|
|
|
@@ -45,6 +44,9 @@ export default async (client, userOpts) => {
|
|
|
45
44
|
accountPayload.externalAccountBinding = opts.externalAccountBinding;
|
|
46
45
|
}
|
|
47
46
|
|
|
47
|
+
const log = (...args)=>{
|
|
48
|
+
return client.logger.info(...args);
|
|
49
|
+
}
|
|
48
50
|
/**
|
|
49
51
|
* Register account
|
|
50
52
|
*/
|
|
@@ -255,7 +257,7 @@ export default async (client, userOpts) => {
|
|
|
255
257
|
await wait(waitDnsDiffuseTime * 1000)
|
|
256
258
|
}
|
|
257
259
|
|
|
258
|
-
log("
|
|
260
|
+
log("开始向提供商请求检查验证");
|
|
259
261
|
await runPromisePa(completeChallengeTasks, 1000);
|
|
260
262
|
} catch (e) {
|
|
261
263
|
log(`证书申请失败${e.message}`);
|
package/src/axios.js
CHANGED
|
@@ -3,9 +3,9 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import axios from 'axios';
|
|
5
5
|
import { parseRetryAfterHeader } from './util.js';
|
|
6
|
-
import { log } from './logger.js';
|
|
7
6
|
const { AxiosError } = axios;
|
|
8
7
|
import {getGlobalAgents, HttpError} from '@certd/basic'
|
|
8
|
+
import { log } from './logger.js';
|
|
9
9
|
/**
|
|
10
10
|
* Defaults
|
|
11
11
|
*/
|
package/src/client.js
CHANGED
|
@@ -5,7 +5,6 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import { createHash } from 'crypto';
|
|
7
7
|
import { getPemBodyAsB64u } from './crypto/index.js';
|
|
8
|
-
import { log } from './logger.js';
|
|
9
8
|
import HttpClient from './http.js';
|
|
10
9
|
import AcmeApi from './api.js';
|
|
11
10
|
import verify from './verify.js';
|
|
@@ -104,8 +103,13 @@ class AcmeClient {
|
|
|
104
103
|
max: this.opts.backoffMax,
|
|
105
104
|
};
|
|
106
105
|
|
|
107
|
-
this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping);
|
|
106
|
+
this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger);
|
|
108
107
|
this.api = new AcmeApi(this.http, this.opts.accountUrl);
|
|
108
|
+
this.logger = opts.logger;
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
log(...args) {
|
|
112
|
+
this.logger.info(...args);
|
|
109
113
|
}
|
|
110
114
|
|
|
111
115
|
/**
|
|
@@ -177,7 +181,7 @@ class AcmeClient {
|
|
|
177
181
|
this.getAccountUrl();
|
|
178
182
|
|
|
179
183
|
/* Account URL exists */
|
|
180
|
-
log('Account URL exists, returning updateAccount()');
|
|
184
|
+
this.log('Account URL exists, returning updateAccount()');
|
|
181
185
|
return this.updateAccount(data);
|
|
182
186
|
}
|
|
183
187
|
catch (e) {
|
|
@@ -185,7 +189,7 @@ class AcmeClient {
|
|
|
185
189
|
|
|
186
190
|
/* HTTP 200: Account exists */
|
|
187
191
|
if (resp.status === 200) {
|
|
188
|
-
log('Account already exists (HTTP 200), returning updateAccount()');
|
|
192
|
+
this.log('Account already exists (HTTP 200), returning updateAccount()');
|
|
189
193
|
return this.updateAccount(data);
|
|
190
194
|
}
|
|
191
195
|
|
|
@@ -214,7 +218,7 @@ class AcmeClient {
|
|
|
214
218
|
this.api.getAccountUrl();
|
|
215
219
|
}
|
|
216
220
|
catch (e) {
|
|
217
|
-
log('No account URL found, returning createAccount()');
|
|
221
|
+
this.log('No account URL found, returning createAccount()');
|
|
218
222
|
return this.createAccount(data);
|
|
219
223
|
}
|
|
220
224
|
|
|
@@ -502,7 +506,7 @@ class AcmeClient {
|
|
|
502
506
|
await verify[challenge.type](authz, challenge, keyAuthorization);
|
|
503
507
|
};
|
|
504
508
|
|
|
505
|
-
log('Waiting for ACME challenge verification(等待ACME
|
|
509
|
+
this.log('Waiting for ACME challenge verification(等待ACME检查验证)');
|
|
506
510
|
return util.retry(verifyFn, this.backoffOpts);
|
|
507
511
|
}
|
|
508
512
|
|
|
@@ -570,7 +574,7 @@ class AcmeClient {
|
|
|
570
574
|
const resp = await this.api.apiRequest(item.url, null, [200]);
|
|
571
575
|
|
|
572
576
|
/* Verify status */
|
|
573
|
-
log(`[${d}] Item has status
|
|
577
|
+
this.log(`[${d}] Item has status(检查状态): ${resp.data.status}`);
|
|
574
578
|
|
|
575
579
|
if (invalidStates.includes(resp.data.status)) {
|
|
576
580
|
abort();
|
|
@@ -586,7 +590,7 @@ class AcmeClient {
|
|
|
586
590
|
throw new Error(`[${d}] Unexpected item status: ${resp.data.status}`);
|
|
587
591
|
};
|
|
588
592
|
|
|
589
|
-
log(`[${d}] Waiting for valid status (等待valid状态): ${item.url}`, this.backoffOpts);
|
|
593
|
+
this.log(`[${d}] Waiting for valid status (等待valid状态): ${item.url}`, this.backoffOpts);
|
|
590
594
|
return util.retry(verifyFn, this.backoffOpts);
|
|
591
595
|
}
|
|
592
596
|
|
package/src/http.js
CHANGED
|
@@ -19,7 +19,7 @@ import { getJwk } from './crypto/index.js';
|
|
|
19
19
|
*/
|
|
20
20
|
|
|
21
21
|
class HttpClient {
|
|
22
|
-
constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {}) {
|
|
22
|
+
constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {},logger) {
|
|
23
23
|
this.directoryUrl = directoryUrl;
|
|
24
24
|
this.accountKey = accountKey;
|
|
25
25
|
this.externalAccountBinding = externalAccountBinding;
|
|
@@ -31,6 +31,7 @@ class HttpClient {
|
|
|
31
31
|
this.directoryMaxAge = 86400;
|
|
32
32
|
this.directoryTimestamp = 0;
|
|
33
33
|
this.urlMapping = urlMapping;
|
|
34
|
+
this.log = logger? logger.info.bind(logger) : log;
|
|
34
35
|
}
|
|
35
36
|
|
|
36
37
|
/**
|
|
@@ -48,7 +49,7 @@ class HttpClient {
|
|
|
48
49
|
for (const key in this.urlMapping.mappings) {
|
|
49
50
|
if (url.includes(key)) {
|
|
50
51
|
const newUrl = url.replace(key, this.urlMapping.mappings[key]);
|
|
51
|
-
log(`use reverse proxy: ${newUrl}`);
|
|
52
|
+
this.log(`use reverse proxy: ${newUrl}`);
|
|
52
53
|
url = newUrl;
|
|
53
54
|
}
|
|
54
55
|
}
|
|
@@ -65,10 +66,10 @@ class HttpClient {
|
|
|
65
66
|
opts.headers['Content-Type'] = 'application/jose+json';
|
|
66
67
|
|
|
67
68
|
/* Request */
|
|
68
|
-
log(`HTTP request: ${method} ${url}`);
|
|
69
|
+
this.log(`HTTP request: ${method} ${url}`);
|
|
69
70
|
const resp = await axios.request(opts);
|
|
70
71
|
|
|
71
|
-
log(`RESP ${resp.status} ${method} ${url}`);
|
|
72
|
+
this.log(`RESP ${resp.status} ${method} ${url}`);
|
|
72
73
|
return resp;
|
|
73
74
|
}
|
|
74
75
|
|
|
@@ -85,7 +86,7 @@ class HttpClient {
|
|
|
85
86
|
const age = (now - this.directoryTimestamp);
|
|
86
87
|
|
|
87
88
|
if (!this.directoryCache || (age > this.directoryMaxAge)) {
|
|
88
|
-
log(`Refreshing ACME directory, age: ${age}`);
|
|
89
|
+
this.log(`Refreshing ACME directory, age: ${age}`);
|
|
89
90
|
const resp = await this.request(this.directoryUrl, 'get');
|
|
90
91
|
|
|
91
92
|
if (resp.status >= 400) {
|
|
@@ -187,7 +188,7 @@ class HttpClient {
|
|
|
187
188
|
|
|
188
189
|
/* Nonce */
|
|
189
190
|
if (nonce) {
|
|
190
|
-
log(`Using nonce: ${nonce}`);
|
|
191
|
+
this.log(`Using nonce: ${nonce}`);
|
|
191
192
|
header.nonce = nonce;
|
|
192
193
|
}
|
|
193
194
|
|
|
@@ -314,7 +315,7 @@ class HttpClient {
|
|
|
314
315
|
nonce = resp.headers['replay-nonce'] || null;
|
|
315
316
|
attempts += 1;
|
|
316
317
|
|
|
317
|
-
log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
|
|
318
|
+
this.log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
|
|
318
319
|
return this.signedRequest(url, payload, { kid, nonce, includeExternalAccountBinding }, attempts);
|
|
319
320
|
}
|
|
320
321
|
|