@push.rocks/smartproxy 12.0.0 → 13.1.3

package/dist_ts/00_commitinfo_data.js

@@ -3,7 +3,7 @@
  */
 export const commitinfo = {
     name: '@push.rocks/smartproxy',
-    version: '12.0.0',
+    version: '13.1.3',
     description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
 };
 //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSx3QkFBd0I7SUFDOUIsT0FBTyxFQUFFLFFBQVE7SUFDakIsV0FBVyxFQUFFLG1PQUFtTztDQUNqUCxDQUFBIn0=

package/dist_ts/certificate/acme/acme-factory.d.ts

@@ -0,0 +1,17 @@
+import type { IAcmeOptions } from '../models/certificate-types.js';
+import { Port80Handler } from '../../http/port80/port80-handler.js';
+/**
+ * Factory to create a Port80Handler with common setup.
+ * Ensures the certificate store directory exists and instantiates the handler.
+ * @param options Port80Handler configuration options
+ * @returns A new Port80Handler instance
+ */
+export declare function buildPort80Handler(options: IAcmeOptions): Port80Handler;
+/**
+ * Creates default ACME options with sensible defaults
+ * @param email Account email for ACME provider
+ * @param certificateStore Path to store certificates
+ * @param useProduction Whether to use production ACME servers
+ * @returns Configured ACME options
+ */
+export declare function createDefaultAcmeOptions(email: string, certificateStore: string, useProduction?: boolean): IAcmeOptions;

package/dist_ts/certificate/acme/acme-factory.js

@@ -0,0 +1,40 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import { ensureCertificateDirectory } from '../utils/certificate-helpers.js';
+// We'll need to update this import when we move the Port80Handler
+import { Port80Handler } from '../../http/port80/port80-handler.js';
+/**
+ * Factory to create a Port80Handler with common setup.
+ * Ensures the certificate store directory exists and instantiates the handler.
+ * @param options Port80Handler configuration options
+ * @returns A new Port80Handler instance
+ */
+export function buildPort80Handler(options) {
+    if (options.certificateStore) {
+        ensureCertificateDirectory(options.certificateStore);
+        console.log(`Ensured certificate store directory: ${options.certificateStore}`);
+    }
+    return new Port80Handler(options);
+}
+/**
+ * Creates default ACME options with sensible defaults
+ * @param email Account email for ACME provider
+ * @param certificateStore Path to store certificates
+ * @param useProduction Whether to use production ACME servers
+ * @returns Configured ACME options
+ */
+export function createDefaultAcmeOptions(email, certificateStore, useProduction = false) {
+    return {
+        accountEmail: email,
+        enabled: true,
+        port: 80,
+        useProduction,
+        httpsRedirectPort: 443,
+        renewThresholdDays: 30,
+        renewCheckIntervalHours: 24,
+        autoRenew: true,
+        certificateStore,
+        skipConfiguredCerts: false
+    };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNtZS1mYWN0b3J5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvY2VydGlmaWNhdGUvYWNtZS9hY21lLWZhY3RvcnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsTUFBTSxJQUFJLENBQUM7QUFDekIsT0FBTyxLQUFLLElBQUksTUFBTSxNQUFNLENBQUM7QUFFN0IsT0FBTyxFQUFFLDBCQUEwQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDN0Usa0VBQWtFO0FBQ2xFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxxQ0FBcUMsQ0FBQztBQUVwRTs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxrQkFBa0IsQ0FDaEMsT0FBcUI7SUFFckIsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztRQUM3QiwwQkFBMEIsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUNyRCxPQUFPLENBQUMsR0FBRyxDQUFDLHdDQUF3QyxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQyxDQUFDO0lBQ2xGLENBQUM7SUFDRCxPQUFPLElBQUksYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0FBQ3BDLENBQUM7QUFFRDs7Ozs7O0dBTUc7QUFDSCxNQUFNLFVBQVUsd0JBQXdCLENBQ3RDLEtBQWEsRUFDYixnQkFBd0IsRUFDeEIsZ0JBQXlCLEtBQUs7SUFFOUIsT0FBTztRQUNMLFlBQVksRUFBRSxLQUFLO1FBQ25CLE9BQU8sRUFBRSxJQUFJO1FBQ2IsSUFBSSxFQUFFLEVBQUU7UUFDUixhQUFhO1FBQ2IsaUJBQWlCLEVBQUUsR0FBRztRQUN0QixrQkFBa0IsRUFBRSxFQUFFO1FBQ3RCLHVCQUF1QixFQUFFLEVBQUU7UUFDM0IsU0FBUyxFQUFFLElBQUk7UUFDZixnQkFBZ0I7UUFDaEIsbUJBQW1CLEVBQUUsS0FBSztLQUMzQixDQUFDO0FBQ0osQ0FBQyJ9

package/dist_ts/certificate/acme/challenge-handler.d.ts

@@ -0,0 +1,44 @@
+import * as plugins from '../../plugins.js';
+import type { IAcmeOptions } from '../models/certificate-types.js';
+/**
+ * Manages ACME challenges and certificate validation
+ */
+export declare class AcmeChallengeHandler extends plugins.EventEmitter {
+    private options;
+    private client;
+    private pendingChallenges;
+    /**
+     * Creates a new ACME challenge handler
+     * @param options ACME configuration options
+     */
+    constructor(options: IAcmeOptions);
+    /**
+     * Gets or creates the ACME account key
+     */
+    private getAccountKey;
+    /**
+     * Validates a domain using HTTP-01 challenge
+     * @param domain Domain to validate
+     * @param challengeToken ACME challenge token
+     * @param keyAuthorization Key authorization for the challenge
+     */
+    handleHttpChallenge(domain: string, challengeToken: string, keyAuthorization: string): Promise<void>;
+    /**
+     * Responds to an HTTP-01 challenge request
+     * @param token Challenge token from the request path
+     * @returns The key authorization if found
+     */
+    getChallengeResponse(token: string): string | null;
+    /**
+     * Checks if a request path is an ACME challenge
+     * @param path Request path
+     * @returns True if this is an ACME challenge request
+     */
+    isAcmeChallenge(path: string): boolean;
+    /**
+     * Extracts the challenge token from an ACME challenge path
+     * @param path Request path
+     * @returns The challenge token if valid
+     */
+    extractChallengeToken(path: string): string | null;
+}

package/dist_ts/certificate/acme/challenge-handler.js

@@ -0,0 +1,92 @@
+import * as plugins from '../../plugins.js';
+import { CertificateEvents } from '../events/certificate-events.js';
+/**
+ * Manages ACME challenges and certificate validation
+ */
+export class AcmeChallengeHandler extends plugins.EventEmitter {
+    /**
+     * Creates a new ACME challenge handler
+     * @param options ACME configuration options
+     */
+    constructor(options) {
+        super();
+        this.options = options;
+        this.pendingChallenges = new Map();
+        // Initialize ACME client if needed
+        // This is just a placeholder implementation since we don't use the actual
+        // client directly in this implementation - it's handled by Port80Handler
+        this.client = null;
+        console.log('Created challenge handler with options:', options.accountEmail, options.useProduction ? 'production' : 'staging');
+    }
+    /**
+     * Gets or creates the ACME account key
+     */
+    getAccountKey() {
+        // Implementation details would depend on plugin requirements
+        // This is a simplified version
+        if (!this.options.certificateStore) {
+            throw new Error('Certificate store is required for ACME challenges');
+        }
+        // This is just a placeholder - actual implementation would check for
+        // existing account key and create one if needed
+        return Buffer.from('account-key-placeholder');
+    }
+    /**
+     * Validates a domain using HTTP-01 challenge
+     * @param domain Domain to validate
+     * @param challengeToken ACME challenge token
+     * @param keyAuthorization Key authorization for the challenge
+     */
+    async handleHttpChallenge(domain, challengeToken, keyAuthorization) {
+        // Store challenge for response
+        this.pendingChallenges.set(challengeToken, keyAuthorization);
+        try {
+            // Wait for challenge validation - this would normally be handled by the ACME client
+            await new Promise(resolve => setTimeout(resolve, 1000));
+            this.emit(CertificateEvents.CERTIFICATE_ISSUED, {
+                domain,
+                success: true
+            });
+        }
+        catch (error) {
+            this.emit(CertificateEvents.CERTIFICATE_FAILED, {
+                domain,
+                error: error instanceof Error ? error.message : String(error),
+                isRenewal: false
+            });
+            throw error;
+        }
+        finally {
+            // Clean up the challenge
+            this.pendingChallenges.delete(challengeToken);
+        }
+    }
+    /**
+     * Responds to an HTTP-01 challenge request
+     * @param token Challenge token from the request path
+     * @returns The key authorization if found
+     */
+    getChallengeResponse(token) {
+        return this.pendingChallenges.get(token) || null;
+    }
+    /**
+     * Checks if a request path is an ACME challenge
+     * @param path Request path
+     * @returns True if this is an ACME challenge request
+     */
+    isAcmeChallenge(path) {
+        return path.startsWith('/.well-known/acme-challenge/');
+    }
+    /**
+     * Extracts the challenge token from an ACME challenge path
+     * @param path Request path
+     * @returns The challenge token if valid
+     */
+    extractChallengeToken(path) {
+        if (!this.isAcmeChallenge(path))
+            return null;
+        const parts = path.split('/');
+        return parts[parts.length - 1] || null;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlLWhhbmRsZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9jZXJ0aWZpY2F0ZS9hY21lL2NoYWxsZW5nZS1oYW5kbGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFFNUMsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFFcEU7O0dBRUc7QUFDSCxNQUFNLE9BQU8sb0JBQXFCLFNBQVEsT0FBTyxDQUFDLFlBQVk7SUFLNUQ7OztPQUdHO0lBQ0gsWUFBWSxPQUFxQjtRQUMvQixLQUFLLEVBQUUsQ0FBQztRQUNSLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLEdBQUcsRUFBRSxDQUFDO1FBRW5DLG1DQUFtQztRQUNuQywwRUFBMEU7UUFDMUUseUVBQXlFO1FBQ3pFLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDO1FBQ25CLE9BQU8sQ0FBQyxHQUFHLENBQUMseUNBQXlDLEVBQ25ELE9BQU8sQ0FBQyxZQUFZLEVBQ3BCLE9BQU8sQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUNqRCxDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0ssYUFBYTtRQUNuQiw2REFBNkQ7UUFDN0QsK0JBQStCO1FBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDbkMsTUFBTSxJQUFJLEtBQUssQ0FBQyxtREFBbUQsQ0FBQyxDQUFDO1FBQ3ZFLENBQUM7UUFFRCxxRUFBcUU7UUFDckUsZ0RBQWdEO1FBQ2hELE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRDs7Ozs7T0FLRztJQUNJLEtBQUssQ0FBQyxtQkFBbUIsQ0FDOUIsTUFBYyxFQUNkLGNBQXNCLEVBQ3RCLGdCQUF3QjtRQUV4QiwrQkFBK0I7UUFDL0IsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxjQUFjLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztRQUU3RCxJQUFJLENBQUM7WUFDSCxvRkFBb0Y7WUFDcEYsTUFBTSxJQUFJLE9BQU8sQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQztZQUN4RCxJQUFJLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGtCQUFrQixFQUFFO2dCQUM5QyxNQUFNO2dCQUNOLE9BQU8sRUFBRSxJQUFJO2FBQ2QsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixJQUFJLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGtCQUFrQixFQUFFO2dCQUM5QyxNQUFNO2dCQUNOLEtBQUssRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDO2dCQUM3RCxTQUFTLEVBQUUsS0FBSzthQUNqQixDQUFDLENBQUM7WUFDSCxNQUFNLEtBQUssQ0FBQztRQUNkLENBQUM7Z0JBQVMsQ0FBQztZQUNULHlCQUF5QjtZQUN6QixJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQ2hELENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLG9CQUFvQixDQUFDLEtBQWE7UUFDdkMsT0FBTyxJQUFJLENBQUMsaUJBQWlCLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxJQUFJLElBQUksQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGVBQWUsQ0FBQyxJQUFZO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0lBQ3pELENBQUM7SUFFRDs7OztPQUlHO0lBQ0kscUJBQXFCLENBQUMsSUFBWTtRQUN2QyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUM7WUFBRSxPQUFPLElBQUksQ0FBQztRQUU3QyxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzlCLE9BQU8sS0FBSyxDQUFDLEtBQUssQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLElBQUksSUFBSSxDQUFDO0lBQ3pDLENBQUM7Q0FDRiJ9

package/dist_ts/certificate/acme/index.d.ts

@@ -0,0 +1,4 @@
+export {};
+/**
+ * ACME certificate provisioning
+ */

package/dist_ts/certificate/acme/index.js

@@ -0,0 +1,5 @@
+export {};
+/**
+ * ACME certificate provisioning
+ */
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9jZXJ0aWZpY2F0ZS9hY21lL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7R0FFRyJ9

package/dist_ts/certificate/events/certificate-events.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Certificate-related events emitted by certificate management components
+ */
+export declare enum CertificateEvents {
+    CERTIFICATE_ISSUED = "certificate-issued",
+    CERTIFICATE_RENEWED = "certificate-renewed",
+    CERTIFICATE_FAILED = "certificate-failed",
+    CERTIFICATE_EXPIRING = "certificate-expiring",
+    CERTIFICATE_APPLIED = "certificate-applied",
+    MANAGER_STARTED = "manager-started",
+    MANAGER_STOPPED = "manager-stopped"
+}
+/**
+ * Port80Handler-specific events including certificate-related ones
+ * @deprecated Use CertificateEvents and HttpEvents instead
+ */
+export declare enum Port80HandlerEvents {
+    CERTIFICATE_ISSUED = "certificate-issued",
+    CERTIFICATE_RENEWED = "certificate-renewed",
+    CERTIFICATE_FAILED = "certificate-failed",
+    CERTIFICATE_EXPIRING = "certificate-expiring",
+    MANAGER_STARTED = "manager-started",
+    MANAGER_STOPPED = "manager-stopped",
+    REQUEST_FORWARDED = "request-forwarded"
+}
+/**
+ * Certificate provider events
+ */
+export declare enum CertProvisionerEvents {
+    CERTIFICATE_ISSUED = "certificate",
+    CERTIFICATE_RENEWED = "certificate",
+    CERTIFICATE_FAILED = "certificate-failed"
+}

package/dist_ts/certificate/events/certificate-events.js

@@ -0,0 +1,38 @@
+/**
+ * Certificate-related events emitted by certificate management components
+ */
+export var CertificateEvents;
+(function (CertificateEvents) {
+    CertificateEvents["CERTIFICATE_ISSUED"] = "certificate-issued";
+    CertificateEvents["CERTIFICATE_RENEWED"] = "certificate-renewed";
+    CertificateEvents["CERTIFICATE_FAILED"] = "certificate-failed";
+    CertificateEvents["CERTIFICATE_EXPIRING"] = "certificate-expiring";
+    CertificateEvents["CERTIFICATE_APPLIED"] = "certificate-applied";
+    // Events moved from Port80Handler for compatibility
+    CertificateEvents["MANAGER_STARTED"] = "manager-started";
+    CertificateEvents["MANAGER_STOPPED"] = "manager-stopped";
+})(CertificateEvents || (CertificateEvents = {}));
+/**
+ * Port80Handler-specific events including certificate-related ones
+ * @deprecated Use CertificateEvents and HttpEvents instead
+ */
+export var Port80HandlerEvents;
+(function (Port80HandlerEvents) {
+    Port80HandlerEvents["CERTIFICATE_ISSUED"] = "certificate-issued";
+    Port80HandlerEvents["CERTIFICATE_RENEWED"] = "certificate-renewed";
+    Port80HandlerEvents["CERTIFICATE_FAILED"] = "certificate-failed";
+    Port80HandlerEvents["CERTIFICATE_EXPIRING"] = "certificate-expiring";
+    Port80HandlerEvents["MANAGER_STARTED"] = "manager-started";
+    Port80HandlerEvents["MANAGER_STOPPED"] = "manager-stopped";
+    Port80HandlerEvents["REQUEST_FORWARDED"] = "request-forwarded";
+})(Port80HandlerEvents || (Port80HandlerEvents = {}));
+/**
+ * Certificate provider events
+ */
+export var CertProvisionerEvents;
+(function (CertProvisionerEvents) {
+    CertProvisionerEvents["CERTIFICATE_ISSUED"] = "certificate";
+    CertProvisionerEvents["CERTIFICATE_RENEWED"] = "certificate";
+    CertProvisionerEvents["CERTIFICATE_FAILED"] = "certificate-failed";
+})(CertProvisionerEvents || (CertProvisionerEvents = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUtZXZlbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvY2VydGlmaWNhdGUvZXZlbnRzL2NlcnRpZmljYXRlLWV2ZW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLGlCQVNYO0FBVEQsV0FBWSxpQkFBaUI7SUFDM0IsOERBQXlDLENBQUE7SUFDekMsZ0VBQTJDLENBQUE7SUFDM0MsOERBQXlDLENBQUE7SUFDekMsa0VBQTZDLENBQUE7SUFDN0MsZ0VBQTJDLENBQUE7SUFDM0Msb0RBQW9EO0lBQ3BELHdEQUFtQyxDQUFBO0lBQ25DLHdEQUFtQyxDQUFBO0FBQ3JDLENBQUMsRUFUVyxpQkFBaUIsS0FBakIsaUJBQWlCLFFBUzVCO0FBRUQ7OztHQUdHO0FBQ0gsTUFBTSxDQUFOLElBQVksbUJBUVg7QUFSRCxXQUFZLG1CQUFtQjtJQUM3QixnRUFBeUMsQ0FBQTtJQUN6QyxrRUFBMkMsQ0FBQTtJQUMzQyxnRUFBeUMsQ0FBQTtJQUN6QyxvRUFBNkMsQ0FBQTtJQUM3QywwREFBbUMsQ0FBQTtJQUNuQywwREFBbUMsQ0FBQTtJQUNuQyw4REFBdUMsQ0FBQTtBQUN6QyxDQUFDLEVBUlcsbUJBQW1CLEtBQW5CLG1CQUFtQixRQVE5QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVkscUJBSVg7QUFKRCxXQUFZLHFCQUFxQjtJQUMvQiwyREFBa0MsQ0FBQTtJQUNsQyw0REFBbUMsQ0FBQTtJQUNuQyxrRUFBeUMsQ0FBQTtBQUMzQyxDQUFDLEVBSlcscUJBQXFCLEtBQXJCLHFCQUFxQixRQUloQyJ9

package/dist_ts/certificate/index.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Certificate management module for SmartProxy
+ * Provides certificate provisioning, storage, and management capabilities
+ */
+export * from './models/certificate-types.js';
+export * from './events/certificate-events.js';
+export * from './providers/cert-provisioner.js';
+export * from './acme/acme-factory.js';
+export * from './acme/challenge-handler.js';
+export * from './utils/certificate-helpers.js';
+export * from './storage/file-storage.js';
+import { CertProvisioner } from './providers/cert-provisioner.js';
+import type { IAcmeOptions } from './models/certificate-types.js';
+import type { IDomainConfig } from '../forwarding/config/domain-config.js';
+/**
+ * Creates a complete certificate provisioning system with default settings
+ * @param domainConfigs Domain configurations
+ * @param acmeOptions ACME options for certificate provisioning
+ * @param networkProxyBridge Bridge to apply certificates to network proxy
+ * @param certProvider Optional custom certificate provider
+ * @returns Configured CertProvisioner
+ */
+export declare function createCertificateProvisioner(domainConfigs: IDomainConfig[], acmeOptions: IAcmeOptions, networkProxyBridge: any, // Placeholder until NetworkProxyBridge is migrated
+certProvider?: any): CertProvisioner;

package/dist_ts/certificate/index.js

@@ -0,0 +1,39 @@
+/**
+ * Certificate management module for SmartProxy
+ * Provides certificate provisioning, storage, and management capabilities
+ */
+// Certificate types and models
+export * from './models/certificate-types.js';
+// Certificate events
+export * from './events/certificate-events.js';
+// Certificate providers
+export * from './providers/cert-provisioner.js';
+// ACME related exports
+export * from './acme/acme-factory.js';
+export * from './acme/challenge-handler.js';
+// Certificate utilities
+export * from './utils/certificate-helpers.js';
+// Certificate storage
+export * from './storage/file-storage.js';
+// Convenience function to create a certificate provisioner with common settings
+import { CertProvisioner } from './providers/cert-provisioner.js';
+import { buildPort80Handler } from './acme/acme-factory.js';
+/**
+ * Creates a complete certificate provisioning system with default settings
+ * @param domainConfigs Domain configurations
+ * @param acmeOptions ACME options for certificate provisioning
+ * @param networkProxyBridge Bridge to apply certificates to network proxy
+ * @param certProvider Optional custom certificate provider
+ * @returns Configured CertProvisioner
+ */
+export function createCertificateProvisioner(domainConfigs, acmeOptions, networkProxyBridge, // Placeholder until NetworkProxyBridge is migrated
+certProvider // Placeholder until cert provider type is properly defined
+) {
+    // Build the Port80Handler for ACME challenges
+    const port80Handler = buildPort80Handler(acmeOptions);
+    // Extract ACME-specific configuration
+    const { renewThresholdDays = 30, renewCheckIntervalHours = 24, autoRenew = true, domainForwards = [] } = acmeOptions;
+    // Create and return the certificate provisioner
+    return new CertProvisioner(domainConfigs, port80Handler, networkProxyBridge, certProvider, renewThresholdDays, renewCheckIntervalHours, autoRenew, domainForwards);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9jZXJ0aWZpY2F0ZS9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7O0dBR0c7QUFFSCwrQkFBK0I7QUFDL0IsY0FBYywrQkFBK0IsQ0FBQztBQUU5QyxxQkFBcUI7QUFDckIsY0FBYyxnQ0FBZ0MsQ0FBQztBQUUvQyx3QkFBd0I7QUFDeEIsY0FBYyxpQ0FBaUMsQ0FBQztBQUVoRCx1QkFBdUI7QUFDdkIsY0FBYyx3QkFBd0IsQ0FBQztBQUN2QyxjQUFjLDZCQUE2QixDQUFDO0FBRTVDLHdCQUF3QjtBQUN4QixjQUFjLGdDQUFnQyxDQUFDO0FBRS9DLHNCQUFzQjtBQUN0QixjQUFjLDJCQUEyQixDQUFDO0FBRTFDLGdGQUFnRjtBQUNoRixPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDbEUsT0FBTyxFQUFFLGtCQUFrQixFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFJNUQ7Ozs7Ozs7R0FPRztBQUNILE1BQU0sVUFBVSw0QkFBNEIsQ0FDMUMsYUFBOEIsRUFDOUIsV0FBeUIsRUFDekIsa0JBQXVCLEVBQUUsbURBQW1EO0FBQzVFLFlBQWtCLENBQUMsMkRBQTJEOztJQUU5RSw4Q0FBOEM7SUFDOUMsTUFBTSxhQUFhLEdBQUcsa0JBQWtCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFFdEQsc0NBQXNDO0lBQ3RDLE1BQU0sRUFDSixrQkFBa0IsR0FBRyxFQUFFLEVBQ3ZCLHVCQUF1QixHQUFHLEVBQUUsRUFDNUIsU0FBUyxHQUFHLElBQUksRUFDaEIsY0FBYyxHQUFHLEVBQUUsRUFDcEIsR0FBRyxXQUFXLENBQUM7SUFFaEIsZ0RBQWdEO0lBQ2hELE9BQU8sSUFBSSxlQUFlLENBQ3hCLGFBQWEsRUFDYixhQUFhLEVBQ2Isa0JBQWtCLEVBQ2xCLFlBQVksRUFDWixrQkFBa0IsRUFDbEIsdUJBQXVCLEVBQ3ZCLFNBQVMsRUFDVCxjQUFjLENBQ2YsQ0FBQztBQUNKLENBQUMifQ==

package/dist_ts/certificate/models/certificate-types.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Certificate data structure containing all necessary information
+ * about a certificate
+ */
+export interface ICertificateData {
+    domain: string;
+    certificate: string;
+    privateKey: string;
+    expiryDate: Date;
+    source?: 'static' | 'http01' | 'dns01';
+    isRenewal?: boolean;
+}
+/**
+ * Certificates pair (private and public keys)
+ */
+export interface ICertificates {
+    privateKey: string;
+    publicKey: string;
+}
+/**
+ * Certificate failure payload type
+ */
+export interface ICertificateFailure {
+    domain: string;
+    error: string;
+    isRenewal: boolean;
+}
+/**
+ * Certificate expiry payload type
+ */
+export interface ICertificateExpiring {
+    domain: string;
+    expiryDate: Date;
+    daysRemaining: number;
+}
+/**
+ * Domain forwarding configuration
+ */
+export interface IForwardConfig {
+    ip: string;
+    port: number;
+}
+/**
+ * Domain-specific forwarding configuration for ACME challenges
+ */
+export interface IDomainForwardConfig {
+    domain: string;
+    forwardConfig?: IForwardConfig;
+    acmeForwardConfig?: IForwardConfig;
+    sslRedirect?: boolean;
+}
+/**
+ * Domain configuration options
+ */
+export interface IDomainOptions {
+    domainName: string;
+    sslRedirect: boolean;
+    acmeMaintenance: boolean;
+    forward?: IForwardConfig;
+    acmeForward?: IForwardConfig;
+}
+/**
+ * Unified ACME configuration options used across proxies and handlers
+ */
+export interface IAcmeOptions {
+    accountEmail?: string;
+    enabled?: boolean;
+    port?: number;
+    useProduction?: boolean;
+    httpsRedirectPort?: number;
+    renewThresholdDays?: number;
+    renewCheckIntervalHours?: number;
+    autoRenew?: boolean;
+    certificateStore?: string;
+    skipConfiguredCerts?: boolean;
+    domainForwards?: IDomainForwardConfig[];
+}

package/dist_ts/certificate/models/certificate-types.js

@@ -0,0 +1,2 @@
+import * as plugins from '../../plugins.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9jZXJ0aWZpY2F0ZS9tb2RlbHMvY2VydGlmaWNhdGUtdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxrQkFBa0IsQ0FBQyJ9

package/dist_ts/certificate/providers/cert-provisioner.d.ts

@@ -0,0 +1,93 @@
+import * as plugins from '../../plugins.js';
+import type { IDomainConfig } from '../../forwarding/config/domain-config.js';
+import type { ICertificateData, IDomainForwardConfig } from '../models/certificate-types.js';
+import { Port80Handler } from '../../http/port80/port80-handler.js';
+interface INetworkProxyBridge {
+    applyExternalCertificate(certData: ICertificateData): void;
+}
+export type TSmartProxyCertProvisionObject = plugins.tsclass.network.ICert | 'http01';
+/**
+ * Type for static certificate provisioning
+ */
+export type TCertProvisionObject = plugins.tsclass.network.ICert | 'http01' | 'dns01';
+/**
+ * CertProvisioner manages certificate provisioning and renewal workflows,
+ * unifying static certificates and HTTP-01 challenges via Port80Handler.
+ */
+export declare class CertProvisioner extends plugins.EventEmitter {
+    private domainConfigs;
+    private port80Handler;
+    private networkProxyBridge;
+    private certProvisionFunction?;
+    private forwardConfigs;
+    private renewThresholdDays;
+    private renewCheckIntervalHours;
+    private autoRenew;
+    private renewManager?;
+    private provisionMap;
+    /**
+     * @param domainConfigs Array of domain configuration objects
+     * @param port80Handler HTTP-01 challenge handler instance
+     * @param networkProxyBridge Bridge for applying external certificates
+     * @param certProvider Optional callback returning a static cert or 'http01'
+     * @param renewThresholdDays Days before expiry to trigger renewals
+     * @param renewCheckIntervalHours Interval in hours to check for renewals
+     * @param autoRenew Whether to automatically schedule renewals
+     * @param forwardConfigs Domain forwarding configurations for ACME challenges
+     */
+    constructor(domainConfigs: IDomainConfig[], port80Handler: Port80Handler, networkProxyBridge: INetworkProxyBridge, certProvider?: (domain: string) => Promise<TCertProvisionObject>, renewThresholdDays?: number, renewCheckIntervalHours?: number, autoRenew?: boolean, forwardConfigs?: IDomainForwardConfig[]);
+    /**
+     * Start initial provisioning and schedule renewals.
+     */
+    start(): Promise<void>;
+    /**
+     * Set up event subscriptions for certificate events
+     */
+    private setupEventSubscriptions;
+    /**
+     * Set up forwarding configurations for the Port80Handler
+     */
+    private setupForwardingConfigs;
+    /**
+     * Provision certificates for all configured domains
+     */
+    private provisionAllDomains;
+    /**
+     * Provision a certificate for a single domain
+     * @param domain Domain to provision
+     */
+    private provisionDomain;
+    /**
+     * Schedule certificate renewals using a task manager
+     */
+    private scheduleRenewals;
+    /**
+     * Perform renewals for all domains that need it
+     */
+    private performRenewals;
+    /**
+     * Renew a certificate for a specific domain
+     * @param domain Domain to renew
+     * @param provisionType Type of provisioning for this domain
+     */
+    private renewDomain;
+    /**
+     * Stop all scheduled renewal tasks.
+     */
+    stop(): Promise<void>;
+    /**
+     * Request a certificate on-demand for the given domain.
+     * @param domain Domain name to provision
+     */
+    requestCertificate(domain: string): Promise<void>;
+    /**
+     * Add a new domain for certificate provisioning
+     * @param domain Domain to add
+     * @param options Domain configuration options
+     */
+    addDomain(domain: string, options?: {
+        sslRedirect?: boolean;
+        acmeMaintenance?: boolean;
+    }): Promise<void>;
+}
+export { CertProvisioner as CertificateProvisioner };