@jsenv/https-local 3.0.6 → 3.1.0

package/src/hosts_file_verif.js

@@ -1,11 +1,10 @@
-import { createDetailedMessage, createLogger, UNICODE } from "@jsenv/log"
-
+import { createDetailedMessage, createLogger, UNICODE } from "@jsenv/humanize";
 import {
   HOSTS_FILE_PATH,
-  readHostsFile,
   parseHosts,
+  readHostsFile,
   writeLineInHostsFile,
-} from "./internal/hosts.js"
+} from "./internal/hosts.js";
 
 export const verifyHostsFile = async ({
   ipMappings,
@@ -15,38 +14,38 @@ export const verifyHostsFile = async ({
   // for unit test
   hostsFilePath = HOSTS_FILE_PATH,
 }) => {
-  logger.info(`Check hosts file content...`)
-  const hostsFileContent = await readHostsFile(hostsFilePath)
-  const hostnames = parseHosts(hostsFileContent)
+  logger.info(`Check hosts file content...`);
+  const hostsFileContent = await readHostsFile(hostsFilePath);
+  const hostnames = parseHosts(hostsFileContent);
 
-  const missingMappings = []
+  const missingMappings = [];
   Object.keys(ipMappings).forEach((ip) => {
-    const ipHostnames = ipMappings[ip]
+    const ipHostnames = ipMappings[ip];
     if (!Array.isArray(ipHostnames)) {
       throw new TypeError(
         `ipMappings values must be an array, found ${ipHostnames} for ${ip}`,
-      )
+      );
     }
-    const existingMappings = hostnames.getIpHostnames(ip)
+    const existingMappings = hostnames.getIpHostnames(ip);
     const missingHostnames = normalizeHostnames(ipHostnames).filter(
       (hostname) => !existingMappings.includes(hostname),
-    )
+    );
     if (missingHostnames.length) {
-      missingMappings.push({ ip, missingHostnames })
+      missingMappings.push({ ip, missingHostnames });
     }
-  })
-  const missingMappingCount = missingMappings.length
+  });
+  const missingMappingCount = missingMappings.length;
   if (missingMappingCount === 0) {
-    logger.info(`${UNICODE.OK} all ip mappings found in hosts file`)
-    return
+    logger.info(`${UNICODE.OK} all ip mappings found in hosts file`);
+    return;
   }
 
-  const EOL = process.platform === "win32" ? "\r\n" : "\n"
+  const EOL = process.platform === "win32" ? "\r\n" : "\n";
 
   if (!tryToUpdateHostsFile) {
     const linesToAdd = missingMappings
       .map(({ ip, missingHostnames }) => `${ip} ${missingHostnames.join(" ")}`)
-      .join(EOL)
+      .join(EOL);
     logger.warn(
       createDetailedMessage(
         `${UNICODE.WARNING} ${formatXMappingMissingMessage(
@@ -57,36 +56,36 @@ export const verifyHostsFile = async ({
           "line(s) to add": linesToAdd,
         },
       ),
-    )
-    return
+    );
+    return;
   }
 
   logger.info(
     `${UNICODE.INFO} ${formatXMappingMissingMessage(missingMappingCount)}`,
-  )
+  );
   await missingMappings.reduce(async (previous, { ip, missingHostnames }) => {
-    await previous
-    const mapping = `${ip} ${missingHostnames.join(" ")}`
-    logger.info(`Append "${mapping}" in host file...`)
+    await previous;
+    const mapping = `${ip} ${missingHostnames.join(" ")}`;
+    logger.info(`Append "${mapping}" in host file...`);
 
     await writeLineInHostsFile(mapping, {
       hostsFilePath,
       onBeforeExecCommand: (command) => {
-        logger.info(`${UNICODE.COMMAND} ${command}`)
+        logger.info(`${UNICODE.COMMAND} ${command}`);
       },
-    })
-    logger.info(`${UNICODE.OK} mapping added`)
-  }, Promise.resolve())
-}
+    });
+    logger.info(`${UNICODE.OK} mapping added`);
+  }, Promise.resolve());
+};
 
 const normalizeHostnames = (hostnames) => {
-  return hostnames.map((hostname) => hostname.trim().replace(/[\s;]/g, ""))
-}
+  return hostnames.map((hostname) => hostname.trim().replace(/[\s;]/g, ""));
+};
 
 const formatXMappingMissingMessage = (missingMappingCount) => {
   if (missingMappingCount) {
-    return `1 mapping is missing in hosts file`
+    return `1 mapping is missing in hosts file`;
   }
 
-  return `${missingMappingCount} mappings are missing in hosts file`
-}
+  return `${missingMappingCount} mappings are missing in hosts file`;
+};

package/src/https_local_cli.mjs

@@ -0,0 +1,74 @@
+#!/usr/bin/env node
+
+import {
+  installCertificateAuthority,
+  uninstallCertificateAuthority,
+  verifyHostsFile,
+} from "@jsenv/https-local";
+import { parseArgs } from "node:util";
+
+const options = {
+  help: {
+    type: "boolean",
+  },
+  trust: {
+    type: "boolean",
+  },
+};
+const { values, positionals } = parseArgs({
+  options,
+  allowPositionals: true,
+});
+
+if (values.help || positionals.length === 0) {
+  console.log(`https-local: Generate https certificates to use on your machine.
+
+Usage: 
+
+npx @jsenv/https-local install --trust
+  Install root certificate on the filesystem
+  - trust: Try to add root certificate to os and browser trusted stores.
+
+npx @jsenv/https-local uninstall
+  Uninstall root certificate from the filesystem
+
+npx @jsenv/https-local localhost-mapping
+  Ensure localhost mapping to 127.0.0.1 is set on the filesystem
+
+https://github.com/jsenv/core/tree/main/packages/independent/https-local
+
+`);
+
+  process.exit(0);
+}
+
+const commandHandlers = {
+  install: async ({ tryToTrust }) => {
+    await installCertificateAuthority({
+      tryToTrust,
+      NSSDynamicInstall: tryToTrust,
+    });
+  },
+  uninstall: async () => {
+    await uninstallCertificateAuthority({
+      tryToUntrust: true,
+    });
+  },
+  ["localhost-mapping"]: async () => {
+    await verifyHostsFile({
+      ipMappings: {
+        "127.0.0.1": ["localhost"],
+      },
+      tryToUpdatesHostsFile: true,
+    });
+  },
+};
+
+const [command] = positionals;
+const commandHandler = commandHandlers[command];
+if (!commandHandler) {
+  console.error(`Error: unknown command ${command}.`);
+  process.exit(1);
+}
+
+await commandHandler(values);

package/src/internal/authority_file_infos.js

@@ -1,27 +1,26 @@
-import { existsSync } from "node:fs"
-import { fileURLToPath } from "node:url"
-
-import { getCertificateAuthorityFileUrls } from "./certificate_authority_file_urls.js"
+import { existsSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { getCertificateAuthorityFileUrls } from "./certificate_authority_file_urls.js";
 
 export const getAuthorityFileInfos = () => {
   const {
     certificateAuthorityJsonFileUrl,
     rootCertificateFileUrl,
     rootCertificatePrivateKeyFileUrl,
-  } = getCertificateAuthorityFileUrls()
+  } = getCertificateAuthorityFileUrls();
 
-  const authorityJsonFilePath = fileURLToPath(certificateAuthorityJsonFileUrl)
-  const authorityJsonFileDetected = existsSync(authorityJsonFilePath)
+  const authorityJsonFilePath = fileURLToPath(certificateAuthorityJsonFileUrl);
+  const authorityJsonFileDetected = existsSync(authorityJsonFilePath);
 
-  const rootCertificateFilePath = fileURLToPath(rootCertificateFileUrl)
-  const rootCertificateFileDetected = existsSync(rootCertificateFilePath)
+  const rootCertificateFilePath = fileURLToPath(rootCertificateFileUrl);
+  const rootCertificateFileDetected = existsSync(rootCertificateFilePath);
 
   const rootCertificatePrivateKeyFilePath = fileURLToPath(
     rootCertificatePrivateKeyFileUrl,
-  )
+  );
   const rootCertificatePrivateKeyFileDetected = existsSync(
     rootCertificatePrivateKeyFilePath,
-  )
+  );
 
   return {
     authorityJsonFileInfo: {
@@ -39,5 +38,5 @@ export const getAuthorityFileInfos = () => {
       path: rootCertificatePrivateKeyFilePath,
       exists: rootCertificatePrivateKeyFileDetected,
     },
-  }
-}
+  };
+};

package/src/internal/browser_detection.js

@@ -1,7 +1,7 @@
-import { existsSync } from "node:fs"
+import { existsSync } from "node:fs";
 
 export const detectBrowser = (pathCandidates) => {
   return pathCandidates.some((pathCandidate) => {
-    return existsSync(pathCandidate)
-  })
-}
+    return existsSync(pathCandidate);
+  });
+};

package/src/internal/certificate_authority_file_urls.js

@@ -1,33 +1,33 @@
-import { urlToFilename } from "@jsenv/urls"
-import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem"
+import { assertAndNormalizeDirectoryUrl } from "@jsenv/filesystem";
+import { urlToFilename } from "@jsenv/urls";
 
 export const getCertificateAuthorityFileUrls = () => {
   // we need a directory common to every instance of @jsenv/https-local
   // so that even if it's used multiple times, the certificate autority files
   // are reused
-  const applicationDirectoryUrl = getJsenvApplicationDirectoryUrl()
+  const applicationDirectoryUrl = getJsenvApplicationDirectoryUrl();
 
   const certificateAuthorityJsonFileUrl = new URL(
     "./https_local_certificate_authority.json",
     applicationDirectoryUrl,
-  )
+  );
 
   const rootCertificateFileUrl = new URL(
     "./https_local_root_certificate.crt",
     applicationDirectoryUrl,
-  )
+  );
 
   const rootCertificatePrivateKeyFileUrl = new URL(
     "./https_local_root_certificate.key",
     applicationDirectoryUrl,
-  ).href
+  ).href;
 
   return {
     certificateAuthorityJsonFileUrl,
     rootCertificateFileUrl,
     rootCertificatePrivateKeyFileUrl,
-  }
-}
+  };
+};
 
 export const getRootCertificateSymlinkUrls = ({
   rootCertificateFileUrl,
@@ -35,34 +35,34 @@ export const getRootCertificateSymlinkUrls = ({
   serverCertificateFileUrl,
 }) => {
   const serverCertificateDirectory = new URL("./", serverCertificateFileUrl)
-    .href
+    .href;
 
-  const rootCertificateFilename = urlToFilename(rootCertificateFileUrl)
+  const rootCertificateFilename = urlToFilename(rootCertificateFileUrl);
   const rootCertificateSymlinkUrl = new URL(
     rootCertificateFilename,
     serverCertificateDirectory,
-  ).href
-  const rootPrivateKeyFilename = urlToFilename(rootPrivateKeyFileUrl)
+  ).href;
+  const rootPrivateKeyFilename = urlToFilename(rootPrivateKeyFileUrl);
   const rootPrivateKeySymlinkUrl = new URL(
     rootPrivateKeyFilename,
     serverCertificateDirectory,
-  ).href
+  ).href;
 
   return {
     rootCertificateSymlinkUrl,
     rootPrivateKeySymlinkUrl,
-  }
-}
+  };
+};
 
 // https://github.com/LinusU/node-application-config-path/blob/master/index.js
 const getJsenvApplicationDirectoryUrl = () => {
-  const { platform } = process
+  const { platform } = process;
 
   if (platform === "darwin") {
     return new URL(
       `./Library/Application Support/https_local/`,
       assertAndNormalizeDirectoryUrl(process.env.HOME),
-    ).href
+    ).href;
   }
 
   if (platform === "linux") {
@@ -70,12 +70,12 @@ const getJsenvApplicationDirectoryUrl = () => {
       return new URL(
         `./https_local/`,
         assertAndNormalizeDirectoryUrl(process.env.XDG_CONFIG_HOME),
-      ).href
+      ).href;
     }
     return new URL(
       `./.config/https_local/`,
       assertAndNormalizeDirectoryUrl(process.env.HOME),
-    ).href
+    ).href;
   }
 
   if (platform === "win32") {
@@ -83,14 +83,14 @@ const getJsenvApplicationDirectoryUrl = () => {
       return new URL(
         `./https_local/`,
         assertAndNormalizeDirectoryUrl(process.env.LOCALAPPDATA),
-      ).href
+      ).href;
     }
 
     return new URL(
       `./Local Settings/Application Data/https_local/`,
       assertAndNormalizeDirectoryUrl(process.env.USERPROFILE),
-    ).href
+    ).href;
   }
 
-  throw new Error(`platform not supported`)
-}
+  throw new Error(`platform not supported`);
+};

package/src/internal/certificate_data_converter.js

@@ -1,4 +1,4 @@
-import { isIP } from "node:net"
+import { isIP } from "node:net";
 
 export const subjectAltNamesFromAltNames = (altNames) => {
   const altNamesArray = altNames.map((altName) => {
@@ -6,86 +6,86 @@ export const subjectAltNamesFromAltNames = (altNames) => {
       return {
         type: 7,
         ip: altName,
-      }
+      };
     }
     if (isUrl(altName)) {
       return {
         type: 6,
         value: altName,
-      }
+      };
     }
     // 2 is DNS (Domain Name Server)
     return {
       type: 2,
       value: altName,
-    }
-  })
+    };
+  });
 
-  return altNamesArray
-}
+  return altNamesArray;
+};
 
 const isUrl = (value) => {
   try {
     // eslint-disable-next-line no-new
-    new URL(value)
-    return true
-  } catch (e) {
-    return false
+    new URL(value);
+    return true;
+  } catch {
+    return false;
   }
-}
+};
 
 export const extensionArrayFromExtensionDescription = (
   extensionDescription,
 ) => {
-  const extensionArray = []
+  const extensionArray = [];
   Object.keys(extensionDescription).forEach((key) => {
-    const value = extensionDescription[key]
+    const value = extensionDescription[key];
     if (value) {
       extensionArray.push({
         name: key,
         ...value,
-      })
+      });
     }
-  })
-  return extensionArray
-}
+  });
+  return extensionArray;
+};
 
 export const extensionDescriptionFromExtensionArray = (extensionArray) => {
-  const extensionDescription = {}
+  const extensionDescription = {};
   extensionArray.forEach((extension) => {
-    const { name, ...rest } = extension
-    extensionDescription[name] = rest
-  })
-  return extensionDescription
-}
+    const { name, ...rest } = extension;
+    extensionDescription[name] = rest;
+  });
+  return extensionDescription;
+};
 
 export const attributeDescriptionFromAttributeArray = (attributeArray) => {
-  const attributeObject = {}
+  const attributeObject = {};
   attributeArray.forEach((attribute) => {
-    attributeObject[attribute.name] = attribute.value
-  })
-  return attributeObject
-}
+    attributeObject[attribute.name] = attribute.value;
+  });
+  return attributeObject;
+};
 
 export const attributeArrayFromAttributeDescription = (
   attributeDescription,
 ) => {
-  const attributeArray = []
+  const attributeArray = [];
   Object.keys(attributeDescription).forEach((key) => {
-    const value = attributeDescription[key]
+    const value = attributeDescription[key];
     if (typeof value === "undefined") {
-      return
+      return;
     }
     attributeArray.push({
       name: key,
       value,
-    })
-  })
-  return attributeArray
-}
+    });
+  });
+  return attributeArray;
+};
 
 export const normalizeForgeAltNames = (forgeAltNames) => {
   return forgeAltNames.map((forgeAltName) => {
-    return forgeAltName.ip || forgeAltName.value
-  })
-}
+    return forgeAltName.ip || forgeAltName.value;
+  });
+};

package/src/internal/certificate_generator.js

@@ -1,13 +1,13 @@
 // https://github.com/digitalbazaar/forge/blob/master/examples/create-cert.js
 // https://github.com/digitalbazaar/forge/issues/660#issuecomment-467145103
 
-import { forge } from "./forge.js"
 import {
   attributeArrayFromAttributeDescription,
   attributeDescriptionFromAttributeArray,
-  subjectAltNamesFromAltNames,
   extensionArrayFromExtensionDescription,
-} from "./certificate_data_converter.js"
+  subjectAltNamesFromAltNames,
+} from "./certificate_data_converter.js";
+import { forge } from "./forge.js";
 
 export const createAuthorityRootCertificate = async ({
   commonName,
@@ -20,21 +20,21 @@ export const createAuthorityRootCertificate = async ({
   serialNumber,
 } = {}) => {
   if (typeof serialNumber !== "number") {
-    throw new TypeError(`serial must be a number but received ${serialNumber}`)
+    throw new TypeError(`serial must be a number but received ${serialNumber}`);
   }
 
-  const { pki } = forge
-  const rootCertificateForgeObject = pki.createCertificate()
-  const keyPair = pki.rsa.generateKeyPair(2048) // TODO: use async version https://github.com/digitalbazaar/forge#rsa
-  const rootCertificatePublicKeyForgeObject = keyPair.publicKey
-  const rootCertificatePrivateKeyForgeObject = keyPair.privateKey
+  const { pki } = forge;
+  const rootCertificateForgeObject = pki.createCertificate();
+  const keyPair = pki.rsa.generateKeyPair(2048); // TODO: use async version https://github.com/digitalbazaar/forge#rsa
+  const rootCertificatePublicKeyForgeObject = keyPair.publicKey;
+  const rootCertificatePrivateKeyForgeObject = keyPair.privateKey;
 
-  rootCertificateForgeObject.publicKey = rootCertificatePublicKeyForgeObject
-  rootCertificateForgeObject.serialNumber = serialNumber.toString(16)
-  rootCertificateForgeObject.validity.notBefore = new Date()
+  rootCertificateForgeObject.publicKey = rootCertificatePublicKeyForgeObject;
+  rootCertificateForgeObject.serialNumber = serialNumber.toString(16);
+  rootCertificateForgeObject.validity.notBefore = new Date();
   rootCertificateForgeObject.validity.notAfter = new Date(
     Date.now() + validityDurationInMs,
-  )
+  );
   rootCertificateForgeObject.setSubject(
     attributeArrayFromAttributeDescription({
       commonName,
@@ -44,7 +44,7 @@ export const createAuthorityRootCertificate = async ({
       organizationName,
       organizationalUnitName,
     }),
-  )
+  );
   rootCertificateForgeObject.setIssuer(
     attributeArrayFromAttributeDescription({
       commonName,
@@ -54,7 +54,7 @@ export const createAuthorityRootCertificate = async ({
       organizationName,
       organizationalUnitName,
     }),
-  )
+  );
   rootCertificateForgeObject.setExtensions(
     extensionArrayFromExtensionDescription({
       basicConstraints: {
@@ -73,17 +73,17 @@ export const createAuthorityRootCertificate = async ({
       // },
       // subjectKeyIdentifier: {},
     }),
-  )
+  );
 
   // self-sign certificate
-  rootCertificateForgeObject.sign(rootCertificatePrivateKeyForgeObject) // , forge.sha256.create())
+  rootCertificateForgeObject.sign(rootCertificatePrivateKeyForgeObject); // , forge.sha256.create())
 
   return {
     rootCertificateForgeObject,
     rootCertificatePublicKeyForgeObject,
     rootCertificatePrivateKeyForgeObject,
-  }
-}
+  };
+};
 
 export const requestCertificateFromAuthority = ({
   authorityCertificateForgeObject, // could be intermediate or root certificate authority
@@ -99,7 +99,7 @@ export const requestCertificateFromAuthority = ({
   ) {
     throw new TypeError(
       `authorityCertificateForgeObject must be an object but received ${authorityCertificateForgeObject}`,
-    )
+    );
   }
   if (
     typeof auhtorityCertificatePrivateKeyForgeObject !== "object" ||
@@ -107,26 +107,26 @@ export const requestCertificateFromAuthority = ({
   ) {
     throw new TypeError(
       `auhtorityCertificatePrivateKeyForgeObject must be an object but received ${auhtorityCertificatePrivateKeyForgeObject}`,
-    )
+    );
   }
   if (typeof serialNumber !== "number") {
     throw new TypeError(
       `serialNumber must be a number but received ${serialNumber}`,
-    )
+    );
   }
 
-  const { pki } = forge
-  const certificateForgeObject = pki.createCertificate()
-  const keyPair = pki.rsa.generateKeyPair(2048) // TODO: use async version https://github.com/digitalbazaar/forge#rsa
-  const certificatePublicKeyForgeObject = keyPair.publicKey
-  const certificatePrivateKeyForgeObject = keyPair.privateKey
+  const { pki } = forge;
+  const certificateForgeObject = pki.createCertificate();
+  const keyPair = pki.rsa.generateKeyPair(2048); // TODO: use async version https://github.com/digitalbazaar/forge#rsa
+  const certificatePublicKeyForgeObject = keyPair.publicKey;
+  const certificatePrivateKeyForgeObject = keyPair.privateKey;
 
-  certificateForgeObject.publicKey = certificatePublicKeyForgeObject
-  certificateForgeObject.serialNumber = serialNumber.toString(16)
-  certificateForgeObject.validity.notBefore = new Date()
+  certificateForgeObject.publicKey = certificatePublicKeyForgeObject;
+  certificateForgeObject.serialNumber = serialNumber.toString(16);
+  certificateForgeObject.validity.notBefore = new Date();
   certificateForgeObject.validity.notAfter = new Date(
     Date.now() + validityDurationInMs,
-  )
+  );
 
   const attributeDescription = {
     ...attributeDescriptionFromAttributeArray(
@@ -134,13 +134,13 @@ export const requestCertificateFromAuthority = ({
     ),
     commonName,
     // organizationName: serverCertificateOrganizationName
-  }
+  };
   const attributeArray =
-    attributeArrayFromAttributeDescription(attributeDescription)
-  certificateForgeObject.setSubject(attributeArray)
+    attributeArrayFromAttributeDescription(attributeDescription);
+  certificateForgeObject.setSubject(attributeArray);
   certificateForgeObject.setIssuer(
     authorityCertificateForgeObject.subject.attributes,
-  )
+  );
   certificateForgeObject.setExtensions(
     extensionArrayFromExtensionDescription({
       basicConstraints: {
@@ -167,15 +167,15 @@ export const requestCertificateFromAuthority = ({
         altNames: subjectAltNamesFromAltNames(altNames),
       },
     }),
-  )
+  );
   certificateForgeObject.sign(
     auhtorityCertificatePrivateKeyForgeObject,
     forge.sha256.create(),
-  )
+  );
 
   return {
     certificateForgeObject,
     certificatePublicKeyForgeObject,
     certificatePrivateKeyForgeObject,
-  }
-}
+  };
+};