@certd/acme-client 1.38.4 → 1.38.5

package/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.38.4",
+    "version": "1.38.5",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.38.4",
+        "@certd/basic": "^1.38.5",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+    "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }

package/src/client.js

@@ -103,7 +103,9 @@ class AcmeClient {
             max: this.opts.backoffMax,
         };
 
-        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger);
+        const cacheNonce = true
+        // const cacheNonce = this.sslProvider === 'litessl';
+        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger, cacheNonce);
         this.api = new AcmeApi(this.http, this.opts.accountUrl);
         this.logger = opts.logger;
     }

package/src/http.js

@@ -19,7 +19,7 @@ import { getJwk } from './crypto/index.js';
  */
 
 class HttpClient {
-    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {},logger) {
+    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {}, logger, cacheNonce= false) {
         this.directoryUrl = directoryUrl;
         this.accountKey = accountKey;
         this.externalAccountBinding = externalAccountBinding;
@@ -31,7 +31,34 @@ class HttpClient {
         this.directoryMaxAge = 86400;
         this.directoryTimestamp = 0;
         this.urlMapping = urlMapping;
-        this.log = logger? logger.info.bind(logger) : log;
+        this.log = logger ? logger.info.bind(logger) : log;
+        this.nonces = [];
+        this.cacheNonce = cacheNonce;
+    }
+
+    pushNonce(nonce) {
+        if (!this.cacheNonce || !nonce) {
+            return;
+        }
+        this.nonces.push({
+            nonce,
+            expires: Date.now() + 30*1000,
+        });
+    }
+    popNonce() {
+        while (true) {
+            if (this.nonces.length === 0) {
+                return null;
+            }
+            const item = this.nonces.shift();
+            if (!item) {
+                return null;
+            }
+            if (item.expires < Date.now()) {
+                continue;
+            }
+            return item.nonce;
+        }
     }
 
     /**
@@ -70,6 +97,13 @@ class HttpClient {
         const resp = await axios.request(opts);
 
         this.log(`RESP ${resp.status} ${method} ${url}`);
+
+        const nonce = resp.headers['replay-nonce'];
+        if (nonce) {
+            //如果有nonce
+            this.pushNonce(nonce);
+        }
+
         return resp;
     }
 
@@ -127,6 +161,13 @@ class HttpClient {
      */
 
     async getNonce() {
+
+        //尝试从队列中pop一个nonce
+        const nonce = this.popNonce();
+        if (nonce) {
+            return nonce;
+        }
+
         const url = await this.getResourceUrl('newNonce');
         const resp = await this.request(url, 'head');
 
@@ -134,7 +175,11 @@ class HttpClient {
             throw new Error('Failed to get nonce from ACME provider');
         }
 
+        if (this.cacheNonce) {
+            return this.popNonce();
+        }
         return resp.headers['replay-nonce'];
+       
     }
 
     /**