@push.rocks/smartproxy 12.0.0 → 13.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/certificate/acme/acme-factory.d.ts +17 -0
- package/dist_ts/certificate/acme/acme-factory.js +40 -0
- package/dist_ts/certificate/acme/challenge-handler.d.ts +44 -0
- package/dist_ts/certificate/acme/challenge-handler.js +92 -0
- package/dist_ts/certificate/acme/index.d.ts +4 -0
- package/dist_ts/certificate/acme/index.js +5 -0
- package/dist_ts/certificate/events/certificate-events.d.ts +33 -0
- package/dist_ts/certificate/events/certificate-events.js +38 -0
- package/dist_ts/certificate/index.d.ts +24 -0
- package/dist_ts/certificate/index.js +39 -0
- package/dist_ts/certificate/models/certificate-types.d.ts +77 -0
- package/dist_ts/certificate/models/certificate-types.js +2 -0
- package/dist_ts/certificate/providers/cert-provisioner.d.ts +93 -0
- package/dist_ts/certificate/providers/cert-provisioner.js +262 -0
- package/dist_ts/certificate/providers/index.d.ts +4 -0
- package/dist_ts/certificate/providers/index.js +5 -0
- package/dist_ts/certificate/storage/file-storage.d.ts +66 -0
- package/dist_ts/certificate/storage/file-storage.js +194 -0
- package/dist_ts/certificate/storage/index.d.ts +4 -0
- package/dist_ts/certificate/storage/index.js +5 -0
- package/dist_ts/certificate/utils/certificate-helpers.d.ts +17 -0
- package/dist_ts/certificate/utils/certificate-helpers.js +45 -0
- package/dist_ts/common/eventUtils.d.ts +1 -1
- package/dist_ts/common/port80-adapter.d.ts +1 -1
- package/dist_ts/core/events/index.d.ts +4 -0
- package/dist_ts/core/events/index.js +5 -0
- package/dist_ts/core/index.d.ts +6 -0
- package/dist_ts/core/index.js +8 -0
- package/dist_ts/core/models/common-types.d.ts +82 -0
- package/dist_ts/core/models/common-types.js +15 -0
- package/dist_ts/core/models/index.d.ts +4 -0
- package/dist_ts/core/models/index.js +5 -0
- package/dist_ts/core/utils/event-utils.d.ts +15 -0
- package/dist_ts/core/utils/event-utils.js +19 -0
- package/dist_ts/core/utils/index.d.ts +6 -0
- package/dist_ts/core/utils/index.js +7 -0
- package/dist_ts/core/utils/ip-utils.d.ts +53 -0
- package/dist_ts/core/utils/ip-utils.js +153 -0
- package/dist_ts/core/utils/validation-utils.d.ts +61 -0
- package/dist_ts/core/utils/validation-utils.js +149 -0
- package/dist_ts/forwarding/config/domain-config.d.ts +12 -0
- package/dist_ts/forwarding/config/domain-config.js +12 -0
- package/dist_ts/forwarding/config/domain-manager.d.ts +86 -0
- package/dist_ts/forwarding/config/domain-manager.js +242 -0
- package/dist_ts/forwarding/config/forwarding-types.d.ts +104 -0
- package/dist_ts/forwarding/config/forwarding-types.js +50 -0
- package/dist_ts/forwarding/config/index.d.ts +6 -0
- package/dist_ts/forwarding/config/index.js +7 -0
- package/dist_ts/forwarding/factory/forwarding-factory.d.ts +25 -0
- package/dist_ts/forwarding/factory/forwarding-factory.js +138 -0
- package/dist_ts/forwarding/factory/index.d.ts +4 -0
- package/dist_ts/forwarding/factory/index.js +5 -0
- package/dist_ts/forwarding/handlers/base-handler.d.ts +55 -0
- package/dist_ts/forwarding/handlers/base-handler.js +94 -0
- package/dist_ts/forwarding/handlers/http-handler.d.ts +30 -0
- package/dist_ts/forwarding/handlers/http-handler.js +131 -0
- package/dist_ts/forwarding/handlers/https-passthrough-handler.d.ts +29 -0
- package/dist_ts/forwarding/handlers/https-passthrough-handler.js +162 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.d.ts +36 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.js +229 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.d.ts +35 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.js +254 -0
- package/dist_ts/forwarding/handlers/index.d.ts +8 -0
- package/dist_ts/forwarding/handlers/index.js +9 -0
- package/dist_ts/forwarding/index.d.ts +19 -0
- package/dist_ts/forwarding/index.js +25 -0
- package/dist_ts/http/index.d.ts +15 -0
- package/dist_ts/http/index.js +20 -0
- package/dist_ts/http/models/http-types.d.ts +81 -0
- package/dist_ts/http/models/http-types.js +62 -0
- package/dist_ts/http/port80/acme-interfaces.d.ts +78 -0
- package/dist_ts/http/port80/acme-interfaces.js +6 -0
- package/dist_ts/http/port80/challenge-responder.d.ts +53 -0
- package/dist_ts/http/port80/challenge-responder.js +203 -0
- package/dist_ts/http/port80/index.d.ts +6 -0
- package/dist_ts/http/port80/index.js +9 -0
- package/dist_ts/http/port80/port80-handler.d.ts +121 -0
- package/dist_ts/http/port80/port80-handler.js +554 -0
- package/dist_ts/http/redirects/index.d.ts +4 -0
- package/dist_ts/http/redirects/index.js +5 -0
- package/dist_ts/http/router/index.d.ts +4 -0
- package/dist_ts/http/router/index.js +5 -0
- package/dist_ts/http/router/proxy-router.d.ts +115 -0
- package/dist_ts/http/router/proxy-router.js +325 -0
- package/dist_ts/index.d.ts +15 -8
- package/dist_ts/index.js +26 -10
- package/dist_ts/networkproxy/classes.np.certificatemanager.js +2 -2
- package/dist_ts/networkproxy/index.d.ts +1 -6
- package/dist_ts/networkproxy/index.js +4 -8
- package/dist_ts/plugins.d.ts +2 -1
- package/dist_ts/plugins.js +3 -2
- package/dist_ts/port80handler/classes.port80handler.d.ts +8 -136
- package/dist_ts/port80handler/classes.port80handler.js +14 -567
- package/dist_ts/proxies/index.d.ts +6 -0
- package/dist_ts/proxies/index.js +8 -0
- package/dist_ts/proxies/network-proxy/certificate-manager.d.ts +77 -0
- package/dist_ts/proxies/network-proxy/certificate-manager.js +373 -0
- package/dist_ts/proxies/network-proxy/connection-pool.d.ts +47 -0
- package/dist_ts/proxies/network-proxy/connection-pool.js +210 -0
- package/dist_ts/proxies/network-proxy/index.d.ts +10 -0
- package/dist_ts/proxies/network-proxy/index.js +12 -0
- package/dist_ts/proxies/network-proxy/models/index.d.ts +4 -0
- package/dist_ts/proxies/network-proxy/models/index.js +5 -0
- package/dist_ts/proxies/network-proxy/models/types.d.ts +80 -0
- package/dist_ts/proxies/network-proxy/models/types.js +35 -0
- package/dist_ts/proxies/network-proxy/network-proxy.d.ts +118 -0
- package/dist_ts/proxies/network-proxy/network-proxy.js +387 -0
- package/dist_ts/proxies/network-proxy/request-handler.d.ts +57 -0
- package/dist_ts/proxies/network-proxy/request-handler.js +394 -0
- package/dist_ts/proxies/network-proxy/websocket-handler.d.ts +38 -0
- package/dist_ts/proxies/network-proxy/websocket-handler.js +188 -0
- package/dist_ts/proxies/nftables-proxy/index.d.ts +5 -0
- package/dist_ts/proxies/nftables-proxy/index.js +6 -0
- package/dist_ts/proxies/nftables-proxy/models/errors.d.ts +15 -0
- package/dist_ts/proxies/nftables-proxy/models/errors.js +28 -0
- package/dist_ts/proxies/nftables-proxy/models/index.d.ts +5 -0
- package/dist_ts/proxies/nftables-proxy/models/index.js +6 -0
- package/dist_ts/proxies/nftables-proxy/models/interfaces.d.ts +75 -0
- package/dist_ts/proxies/nftables-proxy/models/interfaces.js +5 -0
- package/dist_ts/proxies/nftables-proxy/nftables-proxy.d.ts +136 -0
- package/dist_ts/proxies/nftables-proxy/nftables-proxy.js +1516 -0
- package/dist_ts/proxies/smart-proxy/connection-handler.d.ts +39 -0
- package/dist_ts/proxies/smart-proxy/connection-handler.js +894 -0
- package/dist_ts/proxies/smart-proxy/connection-manager.d.ts +78 -0
- package/dist_ts/proxies/smart-proxy/connection-manager.js +378 -0
- package/dist_ts/proxies/smart-proxy/domain-config-manager.d.ts +95 -0
- package/dist_ts/proxies/smart-proxy/domain-config-manager.js +255 -0
- package/dist_ts/proxies/smart-proxy/index.d.ts +13 -0
- package/dist_ts/proxies/smart-proxy/index.js +17 -0
- package/dist_ts/proxies/smart-proxy/models/index.d.ts +4 -0
- package/dist_ts/proxies/smart-proxy/models/index.js +5 -0
- package/dist_ts/proxies/smart-proxy/models/interfaces.d.ts +107 -0
- package/dist_ts/proxies/smart-proxy/models/interfaces.js +2 -0
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts +62 -0
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.js +316 -0
- package/dist_ts/proxies/smart-proxy/port-range-manager.d.ts +56 -0
- package/dist_ts/proxies/smart-proxy/port-range-manager.js +176 -0
- package/dist_ts/proxies/smart-proxy/security-manager.d.ts +64 -0
- package/dist_ts/proxies/smart-proxy/security-manager.js +149 -0
- package/dist_ts/proxies/smart-proxy/smart-proxy.d.ts +63 -0
- package/dist_ts/proxies/smart-proxy/smart-proxy.js +523 -0
- package/dist_ts/proxies/smart-proxy/timeout-manager.d.ts +47 -0
- package/dist_ts/proxies/smart-proxy/timeout-manager.js +154 -0
- package/dist_ts/proxies/smart-proxy/tls-manager.d.ts +57 -0
- package/dist_ts/proxies/smart-proxy/tls-manager.js +132 -0
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.d.ts +2 -2
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.js +1 -1
- package/dist_ts/smartproxy/classes.pp.tlsmanager.js +2 -2
- package/dist_ts/smartproxy/classes.smartproxy.js +3 -3
- package/dist_ts/tls/alerts/index.d.ts +4 -0
- package/dist_ts/tls/alerts/index.js +5 -0
- package/dist_ts/tls/alerts/tls-alert.d.ts +150 -0
- package/dist_ts/tls/alerts/tls-alert.js +226 -0
- package/dist_ts/tls/index.d.ts +18 -0
- package/dist_ts/tls/index.js +27 -0
- package/dist_ts/tls/sni/client-hello-parser.d.ts +100 -0
- package/dist_ts/tls/sni/client-hello-parser.js +463 -0
- package/dist_ts/tls/sni/index.d.ts +4 -0
- package/dist_ts/tls/sni/index.js +5 -0
- package/dist_ts/tls/sni/sni-extraction.d.ts +58 -0
- package/dist_ts/tls/sni/sni-extraction.js +275 -0
- package/dist_ts/tls/sni/sni-handler.d.ts +154 -0
- package/dist_ts/tls/sni/sni-handler.js +191 -0
- package/dist_ts/tls/utils/index.d.ts +4 -0
- package/dist_ts/tls/utils/index.js +5 -0
- package/dist_ts/tls/utils/tls-utils.d.ts +158 -0
- package/dist_ts/tls/utils/tls-utils.js +187 -0
- package/package.json +1 -1
- package/readme.md +89 -21
- package/readme.plan.md +253 -469
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/certificate/acme/acme-factory.ts +48 -0
- package/ts/certificate/acme/challenge-handler.ts +110 -0
- package/ts/certificate/acme/index.ts +3 -0
- package/ts/certificate/events/certificate-events.ts +36 -0
- package/ts/certificate/index.ts +67 -0
- package/ts/certificate/models/certificate-types.ts +88 -0
- package/ts/certificate/providers/cert-provisioner.ts +326 -0
- package/ts/certificate/providers/index.ts +3 -0
- package/ts/certificate/storage/file-storage.ts +234 -0
- package/ts/certificate/storage/index.ts +3 -0
- package/ts/certificate/utils/certificate-helpers.ts +50 -0
- package/ts/common/eventUtils.ts +1 -1
- package/ts/common/port80-adapter.ts +1 -1
- package/ts/core/events/index.ts +3 -0
- package/ts/core/index.ts +8 -0
- package/ts/core/models/common-types.ts +91 -0
- package/ts/core/models/index.ts +5 -0
- package/ts/core/utils/event-utils.ts +34 -0
- package/ts/core/utils/index.ts +7 -0
- package/ts/core/utils/ip-utils.ts +175 -0
- package/ts/core/utils/validation-utils.ts +177 -0
- package/ts/{smartproxy/forwarding → forwarding/config}/domain-config.ts +1 -1
- package/ts/{smartproxy/forwarding → forwarding/config}/domain-manager.ts +8 -8
- package/ts/{smartproxy/types/forwarding.types.ts → forwarding/config/forwarding-types.ts} +6 -6
- package/ts/forwarding/config/index.ts +7 -0
- package/ts/{smartproxy/forwarding/forwarding.factory.ts → forwarding/factory/forwarding-factory.ts} +12 -11
- package/ts/forwarding/factory/index.ts +5 -0
- package/ts/{smartproxy/forwarding/forwarding.handler.ts → forwarding/handlers/base-handler.ts} +2 -2
- package/ts/{smartproxy/forwarding/http.handler.ts → forwarding/handlers/http-handler.ts} +13 -4
- package/ts/{smartproxy/forwarding/https-passthrough.handler.ts → forwarding/handlers/https-passthrough-handler.ts} +13 -4
- package/ts/{smartproxy/forwarding/https-terminate-to-http.handler.ts → forwarding/handlers/https-terminate-to-http-handler.ts} +3 -3
- package/ts/{smartproxy/forwarding/https-terminate-to-https.handler.ts → forwarding/handlers/https-terminate-to-https-handler.ts} +3 -3
- package/ts/forwarding/handlers/index.ts +9 -0
- package/ts/forwarding/index.ts +34 -0
- package/ts/http/index.ts +23 -0
- package/ts/http/models/http-types.ts +105 -0
- package/ts/http/port80/acme-interfaces.ts +85 -0
- package/ts/http/port80/challenge-responder.ts +246 -0
- package/ts/http/port80/index.ts +13 -0
- package/ts/{port80handler/classes.port80handler.ts → http/port80/port80-handler.ts} +164 -161
- package/ts/http/redirects/index.ts +3 -0
- package/ts/http/router/index.ts +5 -0
- package/ts/{classes.router.ts → http/router/proxy-router.ts} +27 -20
- package/ts/index.ts +32 -9
- package/ts/plugins.ts +2 -1
- package/ts/proxies/index.ts +8 -0
- package/ts/{networkproxy/classes.np.certificatemanager.ts → proxies/network-proxy/certificate-manager.ts} +17 -16
- package/ts/{networkproxy/classes.np.connectionpool.ts → proxies/network-proxy/connection-pool.ts} +3 -3
- package/ts/proxies/network-proxy/index.ts +13 -0
- package/ts/proxies/network-proxy/models/index.ts +4 -0
- package/ts/{networkproxy/classes.np.types.ts → proxies/network-proxy/models/types.ts} +7 -11
- package/ts/{networkproxy/classes.np.networkproxy.ts → proxies/network-proxy/network-proxy.ts} +31 -24
- package/ts/{networkproxy/classes.np.requesthandler.ts → proxies/network-proxy/request-handler.ts} +12 -7
- package/ts/{networkproxy/classes.np.websockethandler.ts → proxies/network-proxy/websocket-handler.ts} +6 -6
- package/ts/proxies/nftables-proxy/index.ts +5 -0
- package/ts/proxies/nftables-proxy/models/errors.ts +30 -0
- package/ts/proxies/nftables-proxy/models/index.ts +5 -0
- package/ts/proxies/nftables-proxy/models/interfaces.ts +94 -0
- package/ts/{nfttablesproxy/classes.nftablesproxy.ts → proxies/nftables-proxy/nftables-proxy.ts} +24 -126
- package/ts/{smartproxy/classes.pp.connectionhandler.ts → proxies/smart-proxy/connection-handler.ts} +12 -12
- package/ts/{smartproxy/classes.pp.connectionmanager.ts → proxies/smart-proxy/connection-manager.ts} +8 -8
- package/ts/{smartproxy/classes.pp.domainconfigmanager.ts → proxies/smart-proxy/domain-config-manager.ts} +15 -14
- package/ts/proxies/smart-proxy/index.ts +18 -0
- package/ts/proxies/smart-proxy/models/index.ts +4 -0
- package/ts/{smartproxy/classes.pp.interfaces.ts → proxies/smart-proxy/models/interfaces.ts} +12 -8
- package/ts/{smartproxy/classes.pp.networkproxybridge.ts → proxies/smart-proxy/network-proxy-bridge.ts} +14 -14
- package/ts/{smartproxy/classes.pp.portrangemanager.ts → proxies/smart-proxy/port-range-manager.ts} +1 -1
- package/ts/{smartproxy/classes.pp.securitymanager.ts → proxies/smart-proxy/security-manager.ts} +3 -3
- package/ts/{smartproxy/classes.smartproxy.ts → proxies/smart-proxy/smart-proxy.ts} +29 -24
- package/ts/{smartproxy/classes.pp.timeoutmanager.ts → proxies/smart-proxy/timeout-manager.ts} +3 -3
- package/ts/{smartproxy/classes.pp.tlsmanager.ts → proxies/smart-proxy/tls-manager.ts} +3 -3
- package/ts/tls/alerts/index.ts +3 -0
- package/ts/{smartproxy/classes.pp.tlsalert.ts → tls/alerts/tls-alert.ts} +44 -43
- package/ts/tls/index.ts +33 -0
- package/ts/tls/sni/client-hello-parser.ts +629 -0
- package/ts/tls/sni/index.ts +3 -0
- package/ts/tls/sni/sni-extraction.ts +353 -0
- package/ts/tls/sni/sni-handler.ts +264 -0
- package/ts/tls/utils/index.ts +3 -0
- package/ts/tls/utils/tls-utils.ts +201 -0
- package/ts/common/acmeFactory.ts +0 -23
- package/ts/helpers.certificates.ts +0 -30
- package/ts/networkproxy/index.ts +0 -7
- package/ts/smartproxy/classes.pp.certprovisioner.ts +0 -200
- package/ts/smartproxy/classes.pp.snihandler.ts +0 -1281
- package/ts/smartproxy/forwarding/index.ts +0 -52
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Type definitions for SmartAcme interfaces used by ChallengeResponder
|
|
3
|
+
* These reflect the actual SmartAcme API based on the documentation
|
|
4
|
+
*/
|
|
5
|
+
import * as plugins from '../../plugins.js';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* Structure for SmartAcme certificate result
|
|
9
|
+
*/
|
|
10
|
+
export interface ISmartAcmeCert {
|
|
11
|
+
id?: string;
|
|
12
|
+
domainName: string;
|
|
13
|
+
created?: number | Date | string;
|
|
14
|
+
privateKey: string;
|
|
15
|
+
publicKey: string;
|
|
16
|
+
csr?: string;
|
|
17
|
+
validUntil: number | Date | string;
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
/**
|
|
21
|
+
* Structure for SmartAcme options
|
|
22
|
+
*/
|
|
23
|
+
export interface ISmartAcmeOptions {
|
|
24
|
+
accountEmail: string;
|
|
25
|
+
certManager: ICertManager;
|
|
26
|
+
environment: 'production' | 'integration';
|
|
27
|
+
challengeHandlers: IChallengeHandler<any>[];
|
|
28
|
+
challengePriority?: string[];
|
|
29
|
+
retryOptions?: {
|
|
30
|
+
retries?: number;
|
|
31
|
+
factor?: number;
|
|
32
|
+
minTimeoutMs?: number;
|
|
33
|
+
maxTimeoutMs?: number;
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
/**
|
|
38
|
+
* Interface for certificate manager
|
|
39
|
+
*/
|
|
40
|
+
export interface ICertManager {
|
|
41
|
+
init(): Promise<void>;
|
|
42
|
+
get(domainName: string): Promise<ISmartAcmeCert | null>;
|
|
43
|
+
put(cert: ISmartAcmeCert): Promise<ISmartAcmeCert>;
|
|
44
|
+
delete(domainName: string): Promise<void>;
|
|
45
|
+
close?(): Promise<void>;
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Interface for challenge handler
|
|
50
|
+
*/
|
|
51
|
+
export interface IChallengeHandler<T> {
|
|
52
|
+
getSupportedTypes(): string[];
|
|
53
|
+
prepare(ch: T): Promise<void>;
|
|
54
|
+
verify?(ch: T): Promise<void>;
|
|
55
|
+
cleanup(ch: T): Promise<void>;
|
|
56
|
+
checkWetherDomainIsSupported(domain: string): Promise<boolean>;
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* HTTP-01 challenge type
|
|
61
|
+
*/
|
|
62
|
+
export interface IHttp01Challenge {
|
|
63
|
+
type: string; // 'http-01'
|
|
64
|
+
token: string;
|
|
65
|
+
keyAuthorization: string;
|
|
66
|
+
webPath: string;
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* HTTP-01 Memory Handler Interface
|
|
71
|
+
*/
|
|
72
|
+
export interface IHttp01MemoryHandler extends IChallengeHandler<IHttp01Challenge> {
|
|
73
|
+
handleRequest(req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse, next?: () => void): void;
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
/**
|
|
77
|
+
* SmartAcme main class interface
|
|
78
|
+
*/
|
|
79
|
+
export interface ISmartAcme {
|
|
80
|
+
start(): Promise<void>;
|
|
81
|
+
stop(): Promise<void>;
|
|
82
|
+
getCertificateForDomain(domain: string): Promise<ISmartAcmeCert>;
|
|
83
|
+
on?(event: string, listener: (data: any) => void): void;
|
|
84
|
+
eventEmitter?: plugins.EventEmitter;
|
|
85
|
+
}
|
|
@@ -0,0 +1,246 @@
|
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import { IncomingMessage, ServerResponse } from 'http';
|
|
3
|
+
import {
|
|
4
|
+
CertificateEvents
|
|
5
|
+
} from '../../certificate/events/certificate-events.js';
|
|
6
|
+
import type {
|
|
7
|
+
ICertificateData,
|
|
8
|
+
ICertificateFailure,
|
|
9
|
+
ICertificateExpiring
|
|
10
|
+
} from '../../certificate/models/certificate-types.js';
|
|
11
|
+
import type {
|
|
12
|
+
ISmartAcme,
|
|
13
|
+
ISmartAcmeCert,
|
|
14
|
+
ISmartAcmeOptions,
|
|
15
|
+
IHttp01MemoryHandler
|
|
16
|
+
} from './acme-interfaces.js';
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* ChallengeResponder handles ACME HTTP-01 challenges by leveraging SmartAcme
|
|
20
|
+
* It acts as a bridge between the HTTP server and the ACME challenge verification process
|
|
21
|
+
*/
|
|
22
|
+
export class ChallengeResponder extends plugins.EventEmitter {
|
|
23
|
+
private smartAcme: ISmartAcme | null = null;
|
|
24
|
+
private http01Handler: IHttp01MemoryHandler | null = null;
|
|
25
|
+
|
|
26
|
+
/**
|
|
27
|
+
* Creates a new challenge responder
|
|
28
|
+
* @param useProduction Whether to use production ACME servers
|
|
29
|
+
* @param email Account email for ACME
|
|
30
|
+
* @param certificateStore Directory to store certificates
|
|
31
|
+
*/
|
|
32
|
+
constructor(
|
|
33
|
+
private readonly useProduction: boolean = false,
|
|
34
|
+
private readonly email: string = 'admin@example.com',
|
|
35
|
+
private readonly certificateStore: string = './certs'
|
|
36
|
+
) {
|
|
37
|
+
super();
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
/**
|
|
41
|
+
* Initialize the ACME client
|
|
42
|
+
*/
|
|
43
|
+
public async initialize(): Promise<void> {
|
|
44
|
+
try {
|
|
45
|
+
// Create the HTTP-01 memory handler from SmartACME
|
|
46
|
+
this.http01Handler = new plugins.smartacme.handlers.Http01MemoryHandler();
|
|
47
|
+
|
|
48
|
+
// Ensure certificate store directory exists
|
|
49
|
+
await this.ensureCertificateStore();
|
|
50
|
+
|
|
51
|
+
// Create a MemoryCertManager for certificate storage
|
|
52
|
+
const certManager = new plugins.smartacme.certmanagers.MemoryCertManager();
|
|
53
|
+
|
|
54
|
+
// Initialize the SmartACME client with appropriate options
|
|
55
|
+
this.smartAcme = new plugins.smartacme.SmartAcme({
|
|
56
|
+
accountEmail: this.email,
|
|
57
|
+
certManager: certManager,
|
|
58
|
+
environment: this.useProduction ? 'production' : 'integration',
|
|
59
|
+
challengeHandlers: [this.http01Handler],
|
|
60
|
+
challengePriority: ['http-01']
|
|
61
|
+
});
|
|
62
|
+
|
|
63
|
+
// Set up event forwarding from SmartAcme
|
|
64
|
+
this.setupEventListeners();
|
|
65
|
+
|
|
66
|
+
// Start the SmartACME client
|
|
67
|
+
await this.smartAcme.start();
|
|
68
|
+
console.log('ACME client initialized successfully');
|
|
69
|
+
} catch (error) {
|
|
70
|
+
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
71
|
+
throw new Error(`Failed to initialize ACME client: ${errorMessage}`);
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
/**
|
|
76
|
+
* Ensure the certificate store directory exists
|
|
77
|
+
*/
|
|
78
|
+
private async ensureCertificateStore(): Promise<void> {
|
|
79
|
+
try {
|
|
80
|
+
await plugins.fs.promises.mkdir(this.certificateStore, { recursive: true });
|
|
81
|
+
} catch (error) {
|
|
82
|
+
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
83
|
+
throw new Error(`Failed to create certificate store: ${errorMessage}`);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
/**
|
|
88
|
+
* Setup event listeners to forward SmartACME events to our own event emitter
|
|
89
|
+
*/
|
|
90
|
+
private setupEventListeners(): void {
|
|
91
|
+
if (!this.smartAcme) return;
|
|
92
|
+
|
|
93
|
+
const setupEvents = (emitter: { on: (event: string, listener: (data: any) => void) => void }) => {
|
|
94
|
+
// Forward certificate events
|
|
95
|
+
emitter.on('certificate', (data: any) => {
|
|
96
|
+
const isRenewal = !!data.isRenewal;
|
|
97
|
+
|
|
98
|
+
const certData: ICertificateData = {
|
|
99
|
+
domain: data.domainName || data.domain,
|
|
100
|
+
certificate: data.publicKey || data.cert,
|
|
101
|
+
privateKey: data.privateKey || data.key,
|
|
102
|
+
expiryDate: new Date(data.validUntil || data.expiryDate || Date.now()),
|
|
103
|
+
source: 'http01',
|
|
104
|
+
isRenewal
|
|
105
|
+
};
|
|
106
|
+
|
|
107
|
+
const eventType = isRenewal
|
|
108
|
+
? CertificateEvents.CERTIFICATE_RENEWED
|
|
109
|
+
: CertificateEvents.CERTIFICATE_ISSUED;
|
|
110
|
+
|
|
111
|
+
this.emit(eventType, certData);
|
|
112
|
+
});
|
|
113
|
+
|
|
114
|
+
// Forward error events
|
|
115
|
+
emitter.on('error', (error: any) => {
|
|
116
|
+
const domain = error.domainName || error.domain || 'unknown';
|
|
117
|
+
const failureData: ICertificateFailure = {
|
|
118
|
+
domain,
|
|
119
|
+
error: error.message || String(error),
|
|
120
|
+
isRenewal: !!error.isRenewal
|
|
121
|
+
};
|
|
122
|
+
|
|
123
|
+
this.emit(CertificateEvents.CERTIFICATE_FAILED, failureData);
|
|
124
|
+
});
|
|
125
|
+
};
|
|
126
|
+
|
|
127
|
+
// Check for direct event methods on SmartAcme
|
|
128
|
+
if (typeof this.smartAcme.on === 'function') {
|
|
129
|
+
setupEvents(this.smartAcme as any);
|
|
130
|
+
}
|
|
131
|
+
// Check for eventEmitter property
|
|
132
|
+
else if (this.smartAcme.eventEmitter) {
|
|
133
|
+
setupEvents(this.smartAcme.eventEmitter);
|
|
134
|
+
}
|
|
135
|
+
// If no proper event handling, log a warning
|
|
136
|
+
else {
|
|
137
|
+
console.warn('SmartAcme instance does not support expected event interface - events may not be forwarded');
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
/**
|
|
142
|
+
* Handle HTTP request by checking if it's an ACME challenge
|
|
143
|
+
* @param req HTTP request object
|
|
144
|
+
* @param res HTTP response object
|
|
145
|
+
* @returns true if the request was handled, false otherwise
|
|
146
|
+
*/
|
|
147
|
+
public handleRequest(req: IncomingMessage, res: ServerResponse): boolean {
|
|
148
|
+
if (!this.http01Handler) return false;
|
|
149
|
+
|
|
150
|
+
// Check if this is an ACME challenge request (/.well-known/acme-challenge/*)
|
|
151
|
+
const url = req.url || '';
|
|
152
|
+
if (url.startsWith('/.well-known/acme-challenge/')) {
|
|
153
|
+
try {
|
|
154
|
+
// Delegate to the HTTP-01 memory handler, which knows how to serve challenges
|
|
155
|
+
this.http01Handler.handleRequest(req, res);
|
|
156
|
+
return true;
|
|
157
|
+
} catch (error) {
|
|
158
|
+
console.error('Error handling ACME challenge:', error);
|
|
159
|
+
// If there was an error, send a 404 response
|
|
160
|
+
res.writeHead(404);
|
|
161
|
+
res.end('Not found');
|
|
162
|
+
return true;
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
|
|
166
|
+
return false;
|
|
167
|
+
}
|
|
168
|
+
|
|
169
|
+
/**
|
|
170
|
+
* Request a certificate for a domain
|
|
171
|
+
* @param domain Domain name to request a certificate for
|
|
172
|
+
* @param isRenewal Whether this is a renewal request
|
|
173
|
+
*/
|
|
174
|
+
public async requestCertificate(domain: string, isRenewal: boolean = false): Promise<ICertificateData> {
|
|
175
|
+
if (!this.smartAcme) {
|
|
176
|
+
throw new Error('ACME client not initialized');
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
try {
|
|
180
|
+
// Request certificate using SmartACME
|
|
181
|
+
const certObj = await this.smartAcme.getCertificateForDomain(domain);
|
|
182
|
+
|
|
183
|
+
// Convert the certificate object to our CertificateData format
|
|
184
|
+
const certData: ICertificateData = {
|
|
185
|
+
domain,
|
|
186
|
+
certificate: certObj.publicKey,
|
|
187
|
+
privateKey: certObj.privateKey,
|
|
188
|
+
expiryDate: new Date(certObj.validUntil),
|
|
189
|
+
source: 'http01',
|
|
190
|
+
isRenewal
|
|
191
|
+
};
|
|
192
|
+
|
|
193
|
+
return certData;
|
|
194
|
+
} catch (error) {
|
|
195
|
+
// Create failure object
|
|
196
|
+
const failure: ICertificateFailure = {
|
|
197
|
+
domain,
|
|
198
|
+
error: error instanceof Error ? error.message : String(error),
|
|
199
|
+
isRenewal
|
|
200
|
+
};
|
|
201
|
+
|
|
202
|
+
// Emit failure event
|
|
203
|
+
this.emit(CertificateEvents.CERTIFICATE_FAILED, failure);
|
|
204
|
+
|
|
205
|
+
// Rethrow with more context
|
|
206
|
+
throw new Error(`Failed to ${isRenewal ? 'renew' : 'obtain'} certificate for ${domain}: ${
|
|
207
|
+
error instanceof Error ? error.message : String(error)
|
|
208
|
+
}`);
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
|
|
212
|
+
/**
|
|
213
|
+
* Check if a certificate is expiring soon and trigger renewal if needed
|
|
214
|
+
* @param domain Domain name
|
|
215
|
+
* @param certificate Certificate data
|
|
216
|
+
* @param thresholdDays Days before expiry to trigger renewal
|
|
217
|
+
*/
|
|
218
|
+
public checkCertificateExpiry(
|
|
219
|
+
domain: string,
|
|
220
|
+
certificate: ICertificateData,
|
|
221
|
+
thresholdDays: number = 30
|
|
222
|
+
): void {
|
|
223
|
+
if (!certificate.expiryDate) return;
|
|
224
|
+
|
|
225
|
+
const now = new Date();
|
|
226
|
+
const expiryDate = certificate.expiryDate;
|
|
227
|
+
const daysDifference = Math.floor((expiryDate.getTime() - now.getTime()) / (1000 * 60 * 60 * 24));
|
|
228
|
+
|
|
229
|
+
if (daysDifference <= thresholdDays) {
|
|
230
|
+
const expiryInfo: ICertificateExpiring = {
|
|
231
|
+
domain,
|
|
232
|
+
expiryDate,
|
|
233
|
+
daysRemaining: daysDifference
|
|
234
|
+
};
|
|
235
|
+
|
|
236
|
+
this.emit(CertificateEvents.CERTIFICATE_EXPIRING, expiryInfo);
|
|
237
|
+
|
|
238
|
+
// Automatically attempt renewal if expiring
|
|
239
|
+
if (this.smartAcme) {
|
|
240
|
+
this.requestCertificate(domain, true).catch(error => {
|
|
241
|
+
console.error(`Failed to auto-renew certificate for ${domain}:`, error);
|
|
242
|
+
});
|
|
243
|
+
}
|
|
244
|
+
}
|
|
245
|
+
}
|
|
246
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Port 80 handling
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
// Export the main components
|
|
6
|
+
export { Port80Handler } from './port80-handler.js';
|
|
7
|
+
export { ChallengeResponder } from './challenge-responder.js';
|
|
8
|
+
|
|
9
|
+
// Export backward compatibility interfaces and types
|
|
10
|
+
export {
|
|
11
|
+
HttpError as Port80HandlerError,
|
|
12
|
+
CertificateError as CertError
|
|
13
|
+
} from '../models/http-types.js';
|