@certd/plugin-cert 1.24.0 → 1.24.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,211 +1,219 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
11
- import { AcmeService } from "./acme.js";
12
- import _ from "lodash-es";
13
- import { dnsProviderRegistry } from "../../dns-provider/index.js";
14
- import { CertReader } from "./cert-reader.js";
15
- import { CertApplyBasePlugin } from "./base.js";
16
- export { CertReader };
17
- let CertApplyPlugin = class CertApplyPlugin extends CertApplyBasePlugin {
18
- sslProvider;
19
- privateKeyType;
20
- eabAccessId;
21
- dnsProviderType;
22
- dnsProviderAccess;
23
- useProxy = false;
24
- skipLocalVerify = false;
25
- acme;
26
- async onInit() {
27
- let eab = null;
28
- if (this.eabAccessId) {
29
- eab = await this.ctx.accessService.getById(this.eabAccessId);
30
- }
31
- this.acme = new AcmeService({
32
- userContext: this.userContext,
33
- logger: this.logger,
34
- sslProvider: this.sslProvider,
35
- eab,
36
- skipLocalVerify: this.skipLocalVerify,
37
- useMappingProxy: this.useProxy,
38
- privateKeyType: this.privateKeyType,
39
- });
40
- }
41
- async doCertApply() {
42
- const email = this["email"];
43
- const domains = this["domains"];
44
- const dnsProviderType = this["dnsProviderType"];
45
- const dnsProviderAccessId = this["dnsProviderAccess"];
46
- const csrInfo = _.merge({
47
- country: "CN",
48
- state: "GuangDong",
49
- locality: "ShengZhen",
50
- organization: "CertD Org.",
51
- organizationUnit: "IT Department",
52
- emailAddress: email,
53
- }, this.csrInfo ? JSON.parse(this.csrInfo) : {});
54
- this.logger.info("开始申请证书,", email, domains);
55
- const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
56
- const DnsProviderClass = dnsProviderPlugin.target;
57
- const dnsProviderDefine = dnsProviderPlugin.define;
58
- const access = await this.accessService.getById(dnsProviderAccessId);
59
- // @ts-ignore
60
- const dnsProvider = new DnsProviderClass();
61
- const context = { access, logger: this.logger, http: this.http };
62
- Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
63
- dnsProvider.setCtx(context);
64
- await dnsProvider.onInstance();
65
- try {
66
- const cert = await this.acme.order({
67
- email,
68
- domains,
69
- dnsProvider,
70
- csrInfo,
71
- isTest: false,
72
- privateKeyType: this.privateKeyType,
73
- });
74
- const certInfo = this.formatCerts(cert);
75
- return new CertReader(certInfo);
76
- }
77
- catch (e) {
78
- const message = e.message;
79
- if (message.indexOf("redundant with a wildcard domain in the same request") >= 0) {
80
- this.logger.error(e);
81
- throw new Error(`通配符域名已经包含了普通域名,请删除其中一个(${message})`);
82
- }
83
- throw e;
84
- }
85
- }
86
- };
87
- __decorate([
88
- TaskInput({
89
- title: "证书提供商",
90
- value: "letsencrypt",
91
- component: {
92
- name: "a-select",
93
- vModel: "value",
94
- options: [
95
- { value: "letsencrypt", label: "Let's Encrypt" },
96
- { value: "google", label: "Google" },
97
- { value: "zerossl", label: "ZeroSSL" },
98
- ],
99
- },
100
- helper: "如果letsencrypt.org或dv.acme-v02.api.pki.goog无法访问,请尝试开启代理选项\n如果使用ZeroSSL、google证书,需要提供EAB授权",
101
- required: true,
102
- }),
103
- __metadata("design:type", String)
104
- ], CertApplyPlugin.prototype, "sslProvider", void 0);
105
- __decorate([
106
- TaskInput({
107
- title: "加密算法",
108
- value: "rsa_2048",
109
- component: {
110
- name: "a-select",
111
- vModel: "value",
112
- options: [
113
- { value: "rsa_1024", label: "RSA 1024" },
114
- { value: "rsa_2048", label: "RSA 2048" },
115
- { value: "rsa_3072", label: "RSA 3072" },
116
- { value: "rsa_4096", label: "RSA 4096" },
117
- { value: "ec_256", label: "EC 256" },
118
- { value: "ec_384", label: "EC 384" },
119
- // { value: "ec_521", label: "EC 521" },
120
- ],
121
- },
122
- required: true,
123
- }),
124
- __metadata("design:type", String)
125
- ], CertApplyPlugin.prototype, "privateKeyType", void 0);
126
- __decorate([
127
- TaskInput({
128
- title: "EAB授权",
129
- component: {
130
- name: "pi-access-selector",
131
- type: "eab",
132
- },
133
- maybeNeed: true,
134
- helper: "如果使用ZeroSSL或者google证书,需要提供EAB授权\nZeroSSL:请前往 https://app.zerossl.com/developer 生成 'EAB Credentials' \n Google:请前往https://github.com/certd/certd/blob/v2/doc/google/google.md",
135
- }),
136
- __metadata("design:type", Number)
137
- ], CertApplyPlugin.prototype, "eabAccessId", void 0);
138
- __decorate([
139
- TaskInput({
140
- title: "DNS提供商",
141
- component: {
142
- name: "pi-dns-provider-selector",
143
- },
144
- required: true,
145
- helper: "请选择dns解析提供商",
146
- }),
147
- __metadata("design:type", String)
148
- ], CertApplyPlugin.prototype, "dnsProviderType", void 0);
149
- __decorate([
150
- TaskInput({
151
- title: "DNS解析授权",
152
- component: {
153
- name: "pi-access-selector",
154
- },
155
- required: true,
156
- helper: "请选择dns解析提供商授权",
157
- reference: [
158
- {
159
- src: "form.dnsProviderType",
160
- dest: "component.type",
161
- type: "computed",
162
- },
163
- ],
164
- }),
165
- __metadata("design:type", String)
166
- ], CertApplyPlugin.prototype, "dnsProviderAccess", void 0);
167
- __decorate([
168
- TaskInput({
169
- title: "使用代理",
170
- value: false,
171
- component: {
172
- name: "a-switch",
173
- vModel: "checked",
174
- },
175
- maybeNeed: true,
176
- helper: "如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问,请尝试开启此选项",
177
- }),
178
- __metadata("design:type", Object)
179
- ], CertApplyPlugin.prototype, "useProxy", void 0);
180
- __decorate([
181
- TaskInput({
182
- title: "跳过本地校验DNS",
183
- value: false,
184
- component: {
185
- name: "a-switch",
186
- vModel: "checked",
187
- },
188
- helper: "如果重试多次出现Authorization not found TXT record,导致无法申请成功,请尝试开启此选项",
189
- }),
190
- __metadata("design:type", Object)
191
- ], CertApplyPlugin.prototype, "skipLocalVerify", void 0);
192
- CertApplyPlugin = __decorate([
193
- IsTaskPlugin({
194
- name: "CertApply",
195
- title: "证书申请(JS版)",
196
- group: pluginGroups.cert.key,
197
- desc: "免费通配符域名证书申请,支持多个域名打到同一个证书上",
198
- default: {
199
- input: {
200
- renewDays: 20,
201
- forceUpdate: false,
202
- },
203
- strategy: {
204
- runStrategy: RunStrategy.AlwaysRun,
205
- },
206
- },
207
- })
208
- ], CertApplyPlugin);
209
- export { CertApplyPlugin };
210
- new CertApplyPlugin();
211
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcGx1Z2luL2NlcnQtcGx1Z2luL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7OztBQUFBLE9BQU8sRUFBRSxTQUFTLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsU0FBUyxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFaEcsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUN4QyxPQUFPLENBQUMsTUFBTSxXQUFXLENBQUM7QUFDMUIsT0FBTyxFQUF5QyxtQkFBbUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ3pHLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsbUJBQW1CLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFFaEQsT0FBTyxFQUFFLFVBQVUsRUFBRSxDQUFDO0FBa0JmLElBQU0sZUFBZSxHQUFyQixNQUFNLGVBQWdCLFNBQVEsbUJBQW1CO0lBZ0J0RCxXQUFXLENBQWU7SUFvQjFCLGNBQWMsQ0FBa0I7SUFZaEMsV0FBVyxDQUFVO0lBVXJCLGVBQWUsQ0FBVTtJQWlCekIsaUJBQWlCLENBQVU7SUFZM0IsUUFBUSxHQUFHLEtBQUssQ0FBQztJQVdqQixlQUFlLEdBQUcsS0FBSyxDQUFDO0lBRXhCLElBQUksQ0FBZTtJQUVuQixLQUFLLENBQUMsTUFBTTtRQUNWLElBQUksR0FBRyxHQUFRLElBQUksQ0FBQztRQUNwQixJQUFJLElBQUksQ0FBQyxXQUFXLEVBQUU7WUFDcEIsR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztTQUM5RDtRQUNELElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxXQUFXLENBQUM7WUFDMUIsV0FBVyxFQUFFLElBQUksQ0FBQyxXQUFXO1lBQzdCLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtZQUNuQixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsR0FBRztZQUNILGVBQWUsRUFBRSxJQUFJLENBQUMsZUFBZTtZQUNyQyxlQUFlLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDOUIsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO1NBQ3BDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsV0FBVztRQUNmLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM1QixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDaEMsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDaEQsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQztRQUN0RCxNQUFNLE9BQU8sR0FBRyxDQUFDLENBQUMsS0FBSyxDQUNyQjtZQUNFLE9BQU8sRUFBRSxJQUFJO1lBQ2IsS0FBSyxFQUFFLFdBQVc7WUFDbEIsUUFBUSxFQUFFLFdBQVc7WUFDckIsWUFBWSxFQUFFLFlBQVk7WUFDMUIsZ0JBQWdCLEVBQUUsZUFBZTtZQUNqQyxZQUFZLEVBQUUsS0FBSztTQUNwQixFQUNELElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQzdDLENBQUM7UUFDRixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRTVDLE1BQU0saUJBQWlCLEdBQUcsbUJBQW1CLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sZ0JBQWdCLEdBQUcsaUJBQWlCLENBQUMsTUFBTSxDQUFDO1FBQ2xELE1BQU0saUJBQWlCLEdBQUcsaUJBQWlCLENBQUMsTUFBMkIsQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLG1CQUFtQixDQUFDLENBQUM7UUFFckUsYUFBYTtRQUNiLE1BQU0sV0FBVyxHQUFpQixJQUFJLGdCQUFnQixFQUFFLENBQUM7UUFDekQsTUFBTSxPQUFPLEdBQXVCLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDckYsU0FBUyxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLEVBQUUsV0FBVyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25FLFdBQVcsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDNUIsTUFBTSxXQUFXLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFL0IsSUFBSTtZQUNGLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUM7Z0JBQ2pDLEtBQUs7Z0JBQ0wsT0FBTztnQkFDUCxXQUFXO2dCQUNYLE9BQU87Z0JBQ1AsTUFBTSxFQUFFLEtBQUs7Z0JBQ2IsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO2FBQ3BDLENBQUMsQ0FBQztZQUVILE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDeEMsT0FBTyxJQUFJLFVBQVUsQ0FBQyxRQUFRLENBQUMsQ0FBQztTQUNqQztRQUFDLE9BQU8sQ0FBTSxFQUFFO1lBQ2YsTUFBTSxPQUFPLEdBQVcsQ0FBQyxDQUFDLE9BQU8sQ0FBQztZQUNsQyxJQUFJLE9BQU8sQ0FBQyxPQUFPLENBQUMsc0RBQXNELENBQUMsSUFBSSxDQUFDLEVBQUU7Z0JBQ2hGLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNyQixNQUFNLElBQUksS0FBSyxDQUFDLDBCQUEwQixPQUFPLEdBQUcsQ0FBQyxDQUFDO2FBQ3ZEO1lBQ0QsTUFBTSxDQUFDLENBQUM7U0FDVDtJQUNILENBQUM7Q0FDRixDQUFBO0FBeEtDO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE9BQU87UUFDZCxLQUFLLEVBQUUsYUFBYTtRQUNwQixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsVUFBVTtZQUNoQixNQUFNLEVBQUUsT0FBTztZQUNmLE9BQU8sRUFBRTtnQkFDUCxFQUFFLEtBQUssRUFBRSxhQUFhLEVBQUUsS0FBSyxFQUFFLGVBQWUsRUFBRTtnQkFDaEQsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUU7Z0JBQ3BDLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFO2FBQ3ZDO1NBQ0Y7UUFDRCxNQUFNLEVBQUUsMEZBQTBGO1FBQ2xHLFFBQVEsRUFBRSxJQUFJO0tBQ2YsQ0FBQzs7b0RBQ3dCO0FBRTFCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE1BQU07UUFDYixLQUFLLEVBQUUsVUFBVTtRQUNqQixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsVUFBVTtZQUNoQixNQUFNLEVBQUUsT0FBTztZQUNmLE9BQU8sRUFBRTtnQkFDUCxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRTtnQkFDeEMsRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUU7Z0JBQ3hDLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFO2dCQUN4QyxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRTtnQkFDeEMsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUU7Z0JBQ3BDLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFO2dCQUNwQyx3Q0FBd0M7YUFDekM7U0FDRjtRQUNELFFBQVEsRUFBRSxJQUFJO0tBQ2YsQ0FBQzs7dURBQzhCO0FBRWhDO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE9BQU87UUFDZCxTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsb0JBQW9CO1lBQzFCLElBQUksRUFBRSxLQUFLO1NBQ1o7UUFDRCxTQUFTLEVBQUUsSUFBSTtRQUNmLE1BQU0sRUFDSiw4S0FBOEs7S0FDakwsQ0FBQzs7b0RBQ21CO0FBRXJCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLFFBQVE7UUFDZixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsMEJBQTBCO1NBQ2pDO1FBQ0QsUUFBUSxFQUFFLElBQUk7UUFDZCxNQUFNLEVBQUUsYUFBYTtLQUN0QixDQUFDOzt3REFDdUI7QUFFekI7SUFBQyxTQUFTLENBQUM7UUFDVCxLQUFLLEVBQUUsU0FBUztRQUNoQixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsb0JBQW9CO1NBQzNCO1FBQ0QsUUFBUSxFQUFFLElBQUk7UUFDZCxNQUFNLEVBQUUsZUFBZTtRQUN2QixTQUFTLEVBQUU7WUFDVDtnQkFDRSxHQUFHLEVBQUUsc0JBQXNCO2dCQUMzQixJQUFJLEVBQUUsZ0JBQWdCO2dCQUN0QixJQUFJLEVBQUUsVUFBVTthQUNqQjtTQUNGO0tBQ0YsQ0FBQzs7MERBQ3lCO0FBRTNCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE1BQU07UUFDYixLQUFLLEVBQUUsS0FBSztRQUNaLFNBQVMsRUFBRTtZQUNULElBQUksRUFBRSxVQUFVO1lBQ2hCLE1BQU0sRUFBRSxTQUFTO1NBQ2xCO1FBQ0QsU0FBUyxFQUFFLElBQUk7UUFDZixNQUFNLEVBQUUsd0VBQXdFO0tBQ2pGLENBQUM7O2lEQUNlO0FBRWpCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLFdBQVc7UUFDbEIsS0FBSyxFQUFFLEtBQUs7UUFDWixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsVUFBVTtZQUNoQixNQUFNLEVBQUUsU0FBUztTQUNsQjtRQUNELE1BQU0sRUFBRSw4REFBOEQ7S0FDdkUsQ0FBQzs7d0RBQ3NCO0FBbEdiLGVBQWU7SUFmM0IsWUFBWSxDQUFDO1FBQ1osSUFBSSxFQUFFLFdBQVc7UUFDakIsS0FBSyxFQUFFLFdBQVc7UUFDbEIsS0FBSyxFQUFFLFlBQVksQ0FBQyxJQUFJLENBQUMsR0FBRztRQUM1QixJQUFJLEVBQUUsNEJBQTRCO1FBQ2xDLE9BQU8sRUFBRTtZQUNQLEtBQUssRUFBRTtnQkFDTCxTQUFTLEVBQUUsRUFBRTtnQkFDYixXQUFXLEVBQUUsS0FBSzthQUNuQjtZQUNELFFBQVEsRUFBRTtnQkFDUixXQUFXLEVBQUUsV0FBVyxDQUFDLFNBQVM7YUFDbkM7U0FDRjtLQUNGLENBQUM7R0FDVyxlQUFlLENBeUszQjtTQXpLWSxlQUFlO0FBMks1QixJQUFJLGVBQWUsRUFBRSxDQUFDIn0=
1
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
6
+ };
7
+ var __metadata = (this && this.__metadata) || function (k, v) {
8
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
+ };
10
+ import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
11
+ import { AcmeService } from "./acme.js";
12
+ import _ from "lodash-es";
13
+ import { dnsProviderRegistry } from "../../dns-provider/index.js";
14
+ import { CertReader } from "./cert-reader.js";
15
+ import { CertApplyBasePlugin } from "./base.js";
16
+ export * from "./cert-reader.js";
17
+ let CertApplyPlugin = class CertApplyPlugin extends CertApplyBasePlugin {
18
+ sslProvider;
19
+ eabAccessId;
20
+ privateKeyType;
21
+ dnsProviderType;
22
+ dnsProviderAccess;
23
+ useProxy = false;
24
+ skipLocalVerify = false;
25
+ acme;
26
+ async onInit() {
27
+ let eab = null;
28
+ if (this.eabAccessId) {
29
+ eab = await this.ctx.accessService.getById(this.eabAccessId);
30
+ }
31
+ this.acme = new AcmeService({
32
+ userContext: this.userContext,
33
+ logger: this.logger,
34
+ sslProvider: this.sslProvider,
35
+ eab,
36
+ skipLocalVerify: this.skipLocalVerify,
37
+ useMappingProxy: this.useProxy,
38
+ privateKeyType: this.privateKeyType,
39
+ });
40
+ }
41
+ async doCertApply() {
42
+ const email = this["email"];
43
+ const domains = this["domains"];
44
+ const dnsProviderType = this["dnsProviderType"];
45
+ const dnsProviderAccessId = this["dnsProviderAccess"];
46
+ const csrInfo = _.merge({
47
+ country: "CN",
48
+ state: "GuangDong",
49
+ locality: "ShengZhen",
50
+ organization: "CertD Org.",
51
+ organizationUnit: "IT Department",
52
+ emailAddress: email,
53
+ }, this.csrInfo ? JSON.parse(this.csrInfo) : {});
54
+ this.logger.info("开始申请证书,", email, domains);
55
+ const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
56
+ const DnsProviderClass = dnsProviderPlugin.target;
57
+ const dnsProviderDefine = dnsProviderPlugin.define;
58
+ const access = await this.accessService.getById(dnsProviderAccessId);
59
+ // @ts-ignore
60
+ const dnsProvider = new DnsProviderClass();
61
+ const context = { access, logger: this.logger, http: this.http };
62
+ Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
63
+ dnsProvider.setCtx(context);
64
+ await dnsProvider.onInstance();
65
+ try {
66
+ const cert = await this.acme.order({
67
+ email,
68
+ domains,
69
+ dnsProvider,
70
+ csrInfo,
71
+ isTest: false,
72
+ privateKeyType: this.privateKeyType,
73
+ });
74
+ const certInfo = this.formatCerts(cert);
75
+ return new CertReader(certInfo);
76
+ }
77
+ catch (e) {
78
+ const message = e.message;
79
+ if (message.indexOf("redundant with a wildcard domain in the same request") >= 0) {
80
+ this.logger.error(e);
81
+ throw new Error(`通配符域名已经包含了普通域名,请删除其中一个(${message})`);
82
+ }
83
+ throw e;
84
+ }
85
+ }
86
+ };
87
+ __decorate([
88
+ TaskInput({
89
+ title: "证书提供商",
90
+ value: "letsencrypt",
91
+ component: {
92
+ name: "a-select",
93
+ vModel: "value",
94
+ options: [
95
+ { value: "letsencrypt", label: "Let's Encrypt" },
96
+ { value: "google", label: "Google" },
97
+ { value: "zerossl", label: "ZeroSSL" },
98
+ ],
99
+ },
100
+ helper: "Let's Encrypt最简单,如果使用ZeroSSL、google证书,需要提供EAB授权",
101
+ required: true,
102
+ }),
103
+ __metadata("design:type", String)
104
+ ], CertApplyPlugin.prototype, "sslProvider", void 0);
105
+ __decorate([
106
+ TaskInput({
107
+ title: "EAB授权",
108
+ component: {
109
+ name: "pi-access-selector",
110
+ type: "eab",
111
+ },
112
+ maybeNeed: true,
113
+ required: true,
114
+ helper: "需要提供EAB授权\nZeroSSL:请前往[zerossl开发者中心](https://app.zerossl.com/developer),生成 'EAB Credentials' \n Google:请查看[google获取eab帮助文档](https://github.com/certd/certd/blob/v2/doc/google/google.md)",
115
+ mergeScript: `
116
+ return {
117
+ show: ctx.compute(({form})=>{
118
+ return form.sslProvider === 'zerossl' || form.sslProvider === 'google'
119
+ })
120
+ }
121
+ `,
122
+ }),
123
+ __metadata("design:type", Number)
124
+ ], CertApplyPlugin.prototype, "eabAccessId", void 0);
125
+ __decorate([
126
+ TaskInput({
127
+ title: "加密算法",
128
+ value: "rsa_2048",
129
+ component: {
130
+ name: "a-select",
131
+ vModel: "value",
132
+ options: [
133
+ { value: "rsa_1024", label: "RSA 1024" },
134
+ { value: "rsa_2048", label: "RSA 2048" },
135
+ { value: "rsa_3072", label: "RSA 3072" },
136
+ { value: "rsa_4096", label: "RSA 4096" },
137
+ { value: "ec_256", label: "EC 256" },
138
+ { value: "ec_384", label: "EC 384" },
139
+ // { value: "ec_521", label: "EC 521" },
140
+ ],
141
+ },
142
+ required: true,
143
+ }),
144
+ __metadata("design:type", String)
145
+ ], CertApplyPlugin.prototype, "privateKeyType", void 0);
146
+ __decorate([
147
+ TaskInput({
148
+ title: "DNS提供商",
149
+ component: {
150
+ name: "pi-dns-provider-selector",
151
+ },
152
+ required: true,
153
+ helper: "请选择dns解析提供商,您的域名是在哪里注册的,或者域名的dns解析服务器属于哪个平台\n如果这里没有您需要的dns解析提供商,您需要将域名解析服务器设置成上面的任意一个提供商",
154
+ }),
155
+ __metadata("design:type", String)
156
+ ], CertApplyPlugin.prototype, "dnsProviderType", void 0);
157
+ __decorate([
158
+ TaskInput({
159
+ title: "DNS解析授权",
160
+ component: {
161
+ name: "pi-access-selector",
162
+ },
163
+ required: true,
164
+ helper: "请选择dns解析提供商授权",
165
+ mergeScript: `return {
166
+ component:{
167
+ type: ctx.compute(({form})=>{
168
+ return form.dnsProviderType
169
+ })
170
+ }
171
+ }
172
+ `,
173
+ }),
174
+ __metadata("design:type", String)
175
+ ], CertApplyPlugin.prototype, "dnsProviderAccess", void 0);
176
+ __decorate([
177
+ TaskInput({
178
+ title: "使用代理",
179
+ value: false,
180
+ component: {
181
+ name: "a-switch",
182
+ vModel: "checked",
183
+ },
184
+ helper: "如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问,请尝试开启此选项",
185
+ }),
186
+ __metadata("design:type", Object)
187
+ ], CertApplyPlugin.prototype, "useProxy", void 0);
188
+ __decorate([
189
+ TaskInput({
190
+ title: "跳过本地校验DNS",
191
+ value: false,
192
+ component: {
193
+ name: "a-switch",
194
+ vModel: "checked",
195
+ },
196
+ helper: "如果重试多次出现Authorization not found TXT record,导致无法申请成功,请尝试开启此选项",
197
+ }),
198
+ __metadata("design:type", Object)
199
+ ], CertApplyPlugin.prototype, "skipLocalVerify", void 0);
200
+ CertApplyPlugin = __decorate([
201
+ IsTaskPlugin({
202
+ name: "CertApply",
203
+ title: "证书申请(JS版)",
204
+ group: pluginGroups.cert.key,
205
+ desc: "免费通配符域名证书申请,支持多个域名打到同一个证书上",
206
+ default: {
207
+ input: {
208
+ renewDays: 20,
209
+ forceUpdate: false,
210
+ },
211
+ strategy: {
212
+ runStrategy: RunStrategy.AlwaysRun,
213
+ },
214
+ },
215
+ })
216
+ ], CertApplyPlugin);
217
+ export { CertApplyPlugin };
218
+ new CertApplyPlugin();
219
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcGx1Z2luL2NlcnQtcGx1Z2luL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7OztBQUFBLE9BQU8sRUFBRSxTQUFTLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsU0FBUyxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFaEcsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUN4QyxPQUFPLENBQUMsTUFBTSxXQUFXLENBQUM7QUFDMUIsT0FBTyxFQUF5QyxtQkFBbUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ3pHLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsbUJBQW1CLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFHaEQsY0FBYyxrQkFBa0IsQ0FBQztBQWlCakMsSUFBYSxlQUFlLEdBQTVCLE1BQWEsZUFBZ0IsU0FBUSxtQkFBbUI7SUFnQnRELFdBQVcsQ0FBZTtJQW9CMUIsV0FBVyxDQUFVO0lBb0JyQixjQUFjLENBQWtCO0lBV2hDLGVBQWUsQ0FBVTtJQWtCekIsaUJBQWlCLENBQVU7SUFXM0IsUUFBUSxHQUFHLEtBQUssQ0FBQztJQVdqQixlQUFlLEdBQUcsS0FBSyxDQUFDO0lBRXhCLElBQUksQ0FBZTtJQUVuQixLQUFLLENBQUMsTUFBTTtRQUNWLElBQUksR0FBRyxHQUFRLElBQUksQ0FBQztRQUNwQixJQUFJLElBQUksQ0FBQyxXQUFXLEVBQUU7WUFDcEIsR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztTQUM5RDtRQUNELElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxXQUFXLENBQUM7WUFDMUIsV0FBVyxFQUFFLElBQUksQ0FBQyxXQUFXO1lBQzdCLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtZQUNuQixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsR0FBRztZQUNILGVBQWUsRUFBRSxJQUFJLENBQUMsZUFBZTtZQUNyQyxlQUFlLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDOUIsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO1NBQ3BDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsV0FBVztRQUNmLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM1QixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDaEMsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDaEQsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQztRQUN0RCxNQUFNLE9BQU8sR0FBRyxDQUFDLENBQUMsS0FBSyxDQUNyQjtZQUNFLE9BQU8sRUFBRSxJQUFJO1lBQ2IsS0FBSyxFQUFFLFdBQVc7WUFDbEIsUUFBUSxFQUFFLFdBQVc7WUFDckIsWUFBWSxFQUFFLFlBQVk7WUFDMUIsZ0JBQWdCLEVBQUUsZUFBZTtZQUNqQyxZQUFZLEVBQUUsS0FBSztTQUNwQixFQUNELElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQzdDLENBQUM7UUFDRixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRTVDLE1BQU0saUJBQWlCLEdBQUcsbUJBQW1CLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sZ0JBQWdCLEdBQUcsaUJBQWlCLENBQUMsTUFBTSxDQUFDO1FBQ2xELE1BQU0saUJBQWlCLEdBQUcsaUJBQWlCLENBQUMsTUFBMkIsQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLG1CQUFtQixDQUFDLENBQUM7UUFFckUsYUFBYTtRQUNiLE1BQU0sV0FBVyxHQUFpQixJQUFJLGdCQUFnQixFQUFFLENBQUM7UUFDekQsTUFBTSxPQUFPLEdBQXVCLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDckYsU0FBUyxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLEVBQUUsV0FBVyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25FLFdBQVcsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDNUIsTUFBTSxXQUFXLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFL0IsSUFBSTtZQUNGLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUM7Z0JBQ2pDLEtBQUs7Z0JBQ0wsT0FBTztnQkFDUCxXQUFXO2dCQUNYLE9BQU87Z0JBQ1AsTUFBTSxFQUFFLEtBQUs7Z0JBQ2IsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO2FBQ3BDLENBQUMsQ0FBQztZQUVILE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDeEMsT0FBTyxJQUFJLFVBQVUsQ0FBQyxRQUFRLENBQUMsQ0FBQztTQUNqQztRQUFDLE9BQU8sQ0FBTSxFQUFFO1lBQ2YsTUFBTSxPQUFPLEdBQVcsQ0FBQyxDQUFDLE9BQU8sQ0FBQztZQUNsQyxJQUFJLE9BQU8sQ0FBQyxPQUFPLENBQUMsc0RBQXNELENBQUMsSUFBSSxDQUFDLEVBQUU7Z0JBQ2hGLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNyQixNQUFNLElBQUksS0FBSyxDQUFDLDBCQUEwQixPQUFPLEdBQUcsQ0FBQyxDQUFDO2FBQ3ZEO1lBQ0QsTUFBTSxDQUFDLENBQUM7U0FDVDtJQUNILENBQUM7Q0FDRixDQUFBO0FBbEtDO0lBZkMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE9BQU87UUFDZCxLQUFLLEVBQUUsYUFBYTtRQUNwQixTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsVUFBVTtZQUNoQixNQUFNLEVBQUUsT0FBTztZQUNmLE9BQU8sRUFBRTtnQkFDUCxFQUFFLEtBQUssRUFBRSxhQUFhLEVBQUUsS0FBSyxFQUFFLGVBQWUsRUFBRTtnQkFDaEQsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUU7Z0JBQ3BDLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFO2FBQ3ZDO1NBQ0Y7UUFDRCxNQUFNLEVBQUUsaURBQWlEO1FBQ3pELFFBQVEsRUFBRSxJQUFJO0tBQ2YsQ0FBQzs7b0RBQ3dCO0FBb0IxQjtJQWxCQyxTQUFTLENBQUM7UUFDVCxLQUFLLEVBQUUsT0FBTztRQUNkLFNBQVMsRUFBRTtZQUNULElBQUksRUFBRSxvQkFBb0I7WUFDMUIsSUFBSSxFQUFFLEtBQUs7U0FDWjtRQUNELFNBQVMsRUFBRSxJQUFJO1FBQ2YsUUFBUSxFQUFFLElBQUk7UUFDZCxNQUFNLEVBQ0osMExBQTBMO1FBQzVMLFdBQVcsRUFBRTs7Ozs7O0tBTVo7S0FDRixDQUFDOztvREFDbUI7QUFvQnJCO0lBbEJDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxNQUFNO1FBQ2IsS0FBSyxFQUFFLFVBQVU7UUFDakIsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLE9BQU87WUFDZixPQUFPLEVBQUU7Z0JBQ1AsRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUU7Z0JBQ3hDLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFO2dCQUN4QyxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRTtnQkFDeEMsRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUU7Z0JBQ3hDLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFO2dCQUNwQyxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRTtnQkFDcEMsd0NBQXdDO2FBQ3pDO1NBQ0Y7UUFDRCxRQUFRLEVBQUUsSUFBSTtLQUNmLENBQUM7O3VEQUM4QjtBQVdoQztJQVRDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxRQUFRO1FBQ2YsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLDBCQUEwQjtTQUNqQztRQUNELFFBQVEsRUFBRSxJQUFJO1FBQ2QsTUFBTSxFQUNKLDBGQUEwRjtLQUM3RixDQUFDOzt3REFDdUI7QUFrQnpCO0lBaEJDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxTQUFTO1FBQ2hCLFNBQVMsRUFBRTtZQUNULElBQUksRUFBRSxvQkFBb0I7U0FDM0I7UUFDRCxRQUFRLEVBQUUsSUFBSTtRQUNkLE1BQU0sRUFBRSxlQUFlO1FBQ3ZCLFdBQVcsRUFBRTs7Ozs7OztLQU9aO0tBQ0YsQ0FBQzs7MERBQ3lCO0FBVzNCO0lBVEMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE1BQU07UUFDYixLQUFLLEVBQUUsS0FBSztRQUNaLFNBQVMsRUFBRTtZQUNULElBQUksRUFBRSxVQUFVO1lBQ2hCLE1BQU0sRUFBRSxTQUFTO1NBQ2xCO1FBQ0QsTUFBTSxFQUFFLHdFQUF3RTtLQUNqRixDQUFDOztpREFDZTtBQVdqQjtJQVRDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxXQUFXO1FBQ2xCLEtBQUssRUFBRSxLQUFLO1FBQ1osU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLFNBQVM7U0FDbEI7UUFDRCxNQUFNLEVBQUUsOERBQThEO0tBQ3ZFLENBQUM7O3dEQUNzQjtBQTNHYixlQUFlO0lBZjNCLFlBQVksQ0FBQztRQUNaLElBQUksRUFBRSxXQUFXO1FBQ2pCLEtBQUssRUFBRSxXQUFXO1FBQ2xCLEtBQUssRUFBRSxZQUFZLENBQUMsSUFBSSxDQUFDLEdBQUc7UUFDNUIsSUFBSSxFQUFFLDRCQUE0QjtRQUNsQyxPQUFPLEVBQUU7WUFDUCxLQUFLLEVBQUU7Z0JBQ0wsU0FBUyxFQUFFLEVBQUU7Z0JBQ2IsV0FBVyxFQUFFLEtBQUs7YUFDbkI7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsV0FBVyxFQUFFLFdBQVcsQ0FBQyxTQUFTO2FBQ25DO1NBQ0Y7S0FDRixDQUFDO0dBQ1csZUFBZSxDQWtMM0I7U0FsTFksZUFBZTtBQW9MNUIsSUFBSSxlQUFlLEVBQUUsQ0FBQyJ9
@@ -1,2 +1,2 @@
1
- export const dnsList = [];
1
+ export const dnsList = [];
2
2
  //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZG5zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3BsdWdpbi9jZXJ0LXBsdWdpbi9sZWdvL2Rucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxNQUFNLENBQUMsTUFBTSxPQUFPLEdBQUcsRUFBRSxDQUFDIn0=