@certd/plugin-cert 1.0.2 → 1.0.3

package/package.json

@@ -1,18 +1,19 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.0.2",
-  "main": "./dist/plugin-cert.umd.js",
+  "version": "1.0.3",
+  "main": "./dist/bundle.js",
   "module": "./dist/plugin-cert.mjs",
   "types": "./dist/es/plugin-cert.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "vue-tsc --noEmit && vite build",
+    "build": "rollup -c",
+    "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.0.2",
-    "@certd/pipeline": "^1.0.2",
+    "@certd/acme-client": "^1.0.3",
+    "@certd/pipeline": "^1.0.3",
     "node-forge": "^0.10.0"
   },
   "devDependencies": {
@@ -21,6 +22,11 @@
     "@alicloud/pop-core": "^1.7.10",
     "@midwayjs/core": "^3.0.0",
     "@midwayjs/decorator": "^3.0.0",
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
     "@types/chai": "^4.3.3",
     "@types/lodash": "^4.14.186",
     "@types/mocha": "^10.0.0",
@@ -37,10 +43,13 @@
     "lodash": "^4.17.21",
     "log4js": "^6.7.1",
     "mocha": "^10.1.0",
+    "rollup": "^3.7.4",
+    "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
+    "tslib": "^2.5.2",
     "typescript": "^4.8.4",
     "vite": "^3.1.0",
     "vue-tsc": "^0.38.9"
   },
-  "gitHead": "1a738403fcb2732c0797b51cba15ad2b18b66523"
+  "gitHead": "a43c5b0824d2cb19a731c16f62c5e7464f6635d6"
 }

package/rollup.config.js

@@ -0,0 +1,35 @@
+const resolve = require("@rollup/plugin-node-resolve");
+const commonjs = require("@rollup/plugin-commonjs");
+const rollupTypescript = require("rollup-plugin-typescript2");
+const json = require("@rollup/plugin-json");
+const terser = require("@rollup/plugin-terser");
+module.exports = {
+  input: "src/index.ts",
+  output: {
+    file: "dist/bundle.js",
+    format: "cjs",
+  },
+  plugins: [
+    // 解析第三方依赖
+    resolve(),
+    // 识别 commonjs 模式第三方依赖
+    commonjs(),
+    rollupTypescript(),
+    json(),
+    terser(),
+  ],
+  external: [
+    "vue",
+    "lodash",
+    "dayjs",
+    "@certd/acme-client",
+    "@certd/pipeline",
+    "@certd/plugin-cert",
+    "@certd/plugin-aliyun",
+    "@certd/plugin-tencent",
+    "@certd/plugin-huawei",
+    "@certd/plugin-host",
+    "@certd/plugin-tencent",
+    "@certd/plugin-util",
+  ],
+};

package/tsconfig.json

@@ -1,9 +1,8 @@
 {
   "compilerOptions": {
-    "noImplicitAny": true,
     "target": "ESNext",
     "useDefineForClassFields": true,
-    "module": "commonjs",
+    "module": "ESNext",
     "moduleResolution": "Node",
     "strict": true,
     "jsx": "preserve",

package/vite.config.ts

@@ -1,22 +1,54 @@
 import { defineConfig } from "vite";
+import visualizer from "rollup-plugin-visualizer";
+import typescript from "@rollup/plugin-typescript";
 // https://vitejs.dev/config/
 export default defineConfig({
   plugins: [],
   build: {
     lib: {
       entry: "src/index.ts",
-      name: "pipeline",
+      name: "CertdPluginCert",
     },
     rollupOptions: {
-      external: ["vue", "lodash", "dayjs", "@fast-crud/fast-crud"],
+      plugins: [
+        // @ts-ignore
+        visualizer(),
+        // @ts-ignore
+        typescript({
+          target: "esnext",
+          rootDir: "src",
+          declaration: true,
+          declarationDir: "dist/d",
+          exclude: ["./node_modules/**", "./src/**/*.vue"],
+          allowSyntheticDefaultImports: true,
+        }),
+      ],
+      external: [
+        "vue",
+        "lodash",
+        "dayjs",
+        "@certd/acme-client",
+        "@certd/pipeline",
+        "@certd/plugin-cert",
+        "@certd/plugin-aliyun",
+        "@certd/plugin-tencent",
+        "@certd/plugin-huawei",
+        "@certd/plugin-host",
+        "@certd/plugin-tencent",
+        "@certd/plugin-util",
+      ],
       output: {
-        // Provide global variables to use in the UMD build
-        // for externalized deps
         globals: {
           vue: "Vue",
-          "lodash": "_",
+          lodash: "_",
           dayjs: "dayjs",
-          "@fast-crud/fast-crud": "FastCrud",
+          "@certd/plugin-cert": "CertdPluginCert",
+          "@certd/acme-client": "CertdAcmeClient",
+          "@certd/pipeline": "CertdPluginPipeline",
+          "@certd/plugin-aliyun": "CertdPluginAliyun",
+          "@certd/plugin-host": "CertdPluginHost",
+          "@certd/plugin-huawei": "CertdPluginHuawei",
+          "@certd/plugin-util": "CertdPluginUtil",
         },
       },
     },

package/src/dns-provider/api.ts

@@ -1,23 +0,0 @@
-import { Registrable } from "@certd/pipeline";
-
-export type DnsProviderDefine = Registrable & {
-  accessType: string;
-  autowire?: {
-    [key: string]: any;
-  };
-};
-
-export type CreateRecordOptions = {
-  fullRecord: string;
-  type: string;
-  value: any;
-};
-export type RemoveRecordOptions = CreateRecordOptions & {
-  record: any;
-};
-
-export interface IDnsProvider {
-  onInstance(): Promise<void>;
-  createRecord(options: CreateRecordOptions): Promise<any>;
-  removeRecord(options: RemoveRecordOptions): Promise<any>;
-}

package/src/dns-provider/decorator.ts

@@ -1,30 +0,0 @@
-import { dnsProviderRegistry } from "./registry";
-import { DnsProviderDefine } from "./api";
-import { Decorator, AUTOWIRE_KEY } from "@certd/pipeline";
-import _ from "lodash";
-
-// 提供一个唯一 key
-export const DNS_PROVIDER_CLASS_KEY = "pipeline:dns-provider";
-
-export function IsDnsProvider(define: DnsProviderDefine): ClassDecorator {
-  return (target: any) => {
-    target = Decorator.target(target);
-    const autowires: any = {};
-    const properties = Decorator.getClassProperties(target);
-    for (const property in properties) {
-      const autowire = Reflect.getMetadata(AUTOWIRE_KEY, target, property);
-      if (autowire) {
-        autowires[property] = autowire;
-      }
-    }
-    _.merge(define, { autowire: autowires });
-
-    Reflect.defineMetadata(DNS_PROVIDER_CLASS_KEY, define, target);
-
-    target.define = define;
-    dnsProviderRegistry.register(define.name, {
-      define,
-      target,
-    });
-  };
-}

package/src/dns-provider/index.ts

@@ -1,3 +0,0 @@
-export * from "./api";
-export * from "./registry";
-export * from "./decorator";

package/src/dns-provider/registry.ts

@@ -1,3 +0,0 @@
-import { Registry } from "@certd/pipeline";
-
-export const dnsProviderRegistry = new Registry();

package/src/index.ts

@@ -1,2 +0,0 @@
-export * from "./plugin";
-export * from "./dns-provider";

package/src/plugin/cert-plugin/acme.ts

@@ -1,205 +0,0 @@
-// @ts-ignore
-import * as acme from "@certd/acme-client";
-import _ from "lodash";
-import { Challenge } from "@certd/acme-client/types/rfc8555";
-import { Logger } from "log4js";
-import { IContext } from "@certd/pipeline/src/core/context";
-import { IDnsProvider } from "../../dns-provider";
-export type CertInfo = {
-  crt: string;
-  key: string;
-  csr: string;
-};
-export class AcmeService {
-  userContext: IContext;
-  logger: Logger;
-  constructor(options: { userContext: IContext; logger: Logger }) {
-    this.userContext = options.userContext;
-    this.logger = options.logger;
-    acme.setLogger((text: string) => {
-      this.logger.info(text);
-    });
-  }
-
-  async getAccountConfig(email: string): Promise<any> {
-    return (await this.userContext.getObj(this.buildAccountKey(email))) || {};
-  }
-
-  buildAccountKey(email: string) {
-    return "acme.config." + email;
-  }
-
-  async saveAccountConfig(email: string, conf: any) {
-    await this.userContext.setObj(this.buildAccountKey(email), conf);
-  }
-
-  async getAcmeClient(email: string, isTest = false): Promise<acme.Client> {
-    const conf = await this.getAccountConfig(email);
-    if (conf.key == null) {
-      conf.key = await this.createNewKey();
-      await this.saveAccountConfig(email, conf);
-    }
-    const client = new acme.Client({
-      directoryUrl: isTest ? acme.directory.letsencrypt.staging : acme.directory.letsencrypt.production,
-      accountKey: conf.key,
-      accountUrl: conf.accountUrl,
-      backoffAttempts: 20,
-      backoffMin: 5000,
-      backoffMax: 10000,
-    });
-
-    if (conf.accountUrl == null) {
-      const accountPayload = {
-        termsOfServiceAgreed: true,
-        contact: [`mailto:${email}`],
-      };
-      await client.createAccount(accountPayload);
-      conf.accountUrl = client.getAccountUrl();
-      await this.saveAccountConfig(email, conf);
-    }
-    return client;
-  }
-
-  async createNewKey() {
-    const key = await acme.forge.createPrivateKey();
-    return key.toString();
-  }
-
-  async challengeCreateFn(authz: any, challenge: any, keyAuthorization: string, dnsProvider: IDnsProvider) {
-    this.logger.info("Triggered challengeCreateFn()");
-
-    /* http-01 */
-    if (challenge.type === "http-01") {
-      const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
-      const fileContents = keyAuthorization;
-
-      this.logger.info(`Creating challenge response for ${authz.identifier.value} at path: ${filePath}`);
-
-      /* Replace this */
-      this.logger.info(`Would write "${fileContents}" to path "${filePath}"`);
-      // await fs.writeFileAsync(filePath, fileContents);
-    } else if (challenge.type === "dns-01") {
-      /* dns-01 */
-      const dnsRecord = `_acme-challenge.${authz.identifier.value}`;
-      const recordValue = keyAuthorization;
-
-      this.logger.info(`Creating TXT record for ${authz.identifier.value}: ${dnsRecord}`);
-
-      /* Replace this */
-      this.logger.info(`Would create TXT record "${dnsRecord}" with value "${recordValue}"`);
-
-      return await dnsProvider.createRecord({
-        fullRecord: dnsRecord,
-        type: "TXT",
-        value: recordValue,
-      });
-    }
-  }
-
-  /**
-   * Function used to remove an ACME challenge response
-   *
-   * @param {object} authz Authorization object
-   * @param {object} challenge Selected challenge
-   * @param {string} keyAuthorization Authorization key
-   * @param recordItem  challengeCreateFn create record item
-   * @param dnsProvider dnsProvider
-   * @returns {Promise}
-   */
-
-  async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordItem: any, dnsProvider: IDnsProvider) {
-    this.logger.info("Triggered challengeRemoveFn()");
-
-    /* http-01 */
-    if (challenge.type === "http-01") {
-      const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
-
-      this.logger.info(`Removing challenge response for ${authz.identifier.value} at path: ${filePath}`);
-
-      /* Replace this */
-      this.logger.info(`Would remove file on path "${filePath}"`);
-      // await fs.unlinkAsync(filePath);
-    } else if (challenge.type === "dns-01") {
-      const dnsRecord = `_acme-challenge.${authz.identifier.value}`;
-      const recordValue = keyAuthorization;
-
-      this.logger.info(`Removing TXT record for ${authz.identifier.value}: ${dnsRecord}`);
-
-      /* Replace this */
-      this.logger.info(`Would remove TXT record "${dnsRecord}" with value "${recordValue}"`);
-      try {
-        await dnsProvider.removeRecord({
-          fullRecord: dnsRecord,
-          type: "TXT",
-          value: keyAuthorization,
-          record: recordItem,
-        });
-      } catch (e) {
-        this.logger.error("删除解析记录出错：", e);
-        throw e;
-      }
-    }
-  }
-
-  async order(options: { email: string; domains: string | string[]; dnsProvider: any; csrInfo: any; isTest?: boolean }) {
-    const { email, isTest, domains, csrInfo, dnsProvider } = options;
-    const client: acme.Client = await this.getAcmeClient(email, isTest);
-
-    /* Create CSR */
-    const { commonName, altNames } = this.buildCommonNameByDomains(domains);
-
-    const [key, csr] = await acme.forge.createCsr({
-      commonName,
-      ...csrInfo,
-      altNames,
-    });
-    if (dnsProvider == null) {
-      throw new Error("dnsProvider 不能为空");
-    }
-    /* 自动申请证书 */
-    const crt = await client.auto({
-      csr,
-      email: email,
-      termsOfServiceAgreed: true,
-      challengePriority: ["dns-01"],
-      challengeCreateFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string): Promise<any> => {
-        return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider);
-      },
-      challengeRemoveFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string, recordItem: any): Promise<any> => {
-        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem, dnsProvider);
-      },
-    });
-
-    const cert: CertInfo = {
-      crt: crt.toString(),
-      key: key.toString(),
-      csr: csr.toString(),
-    };
-    /* Done */
-    this.logger.debug(`CSR:\n${cert.csr}`);
-    this.logger.debug(`Certificate:\n${cert.crt}`);
-    this.logger.info("证书申请成功");
-    return cert;
-  }
-
-  buildCommonNameByDomains(domains: string | string[]): {
-    commonName: string;
-    altNames: string[] | undefined;
-  } {
-    if (typeof domains === "string") {
-      domains = domains.split(",");
-    }
-    if (domains.length === 0) {
-      throw new Error("domain can not be empty");
-    }
-    const commonName = domains[0];
-    let altNames: undefined | string[] = undefined;
-    if (domains.length > 1) {
-      altNames = _.slice(domains, 1);
-    }
-    return {
-      commonName,
-      altNames,
-    };
-  }
-}

package/src/plugin/cert-plugin/cert-reader.ts

@@ -1,52 +0,0 @@
-import { CertInfo } from "./acme";
-import fs from "fs";
-import os from "os";
-import forge from "node-forge";
-import path from "path";
-export class CertReader implements CertInfo {
-  crt: string;
-  key: string;
-  csr: string;
-
-  detail: any;
-  expires: number;
-  constructor(certInfo: CertInfo) {
-    this.crt = certInfo.crt;
-    this.key = certInfo.key;
-    this.csr = certInfo.csr;
-
-    const { detail, expires } = this.getCrtDetail(this.crt);
-    this.detail = detail;
-    this.expires = expires.getTime();
-  }
-
-  toCertInfo(): CertInfo {
-    return {
-      crt: this.crt,
-      key: this.key,
-      csr: this.csr,
-    };
-  }
-
-  getCrtDetail(crt: string) {
-    const pki = forge.pki;
-    const detail = pki.certificateFromPem(crt.toString());
-    const expires = detail.validity.notAfter;
-    return { detail, expires };
-  }
-
-  saveToFile(type: "crt" | "key", filepath?: string) {
-    if (filepath == null) {
-      //写入临时目录
-      filepath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", `cert.${type}`);
-    }
-
-    const dir = path.dirname(filepath);
-    if (!fs.existsSync(dir)) {
-      fs.mkdirSync(dir, { recursive: true });
-    }
-
-    fs.writeFileSync(filepath, this[type]);
-    return filepath;
-  }
-}