@push.rocks/smartproxy 18.0.2 → 18.2.0

package/dist_ts/certificate/models/certificate-errors.js

@@ -0,0 +1,141 @@
+/**
+ * Structured error types for certificate management
+ */
+/**
+ * Certificate-specific error class with structured information
+ */
+export class CertificateError extends Error {
+    constructor(details) {
+        super(details.message);
+        this.name = 'CertificateError';
+        this.code = details.code;
+        this.solution = details.solution;
+        this.domain = details.domain;
+        this.challengeType = details.challengeType;
+        this.details = details.details;
+        this.cause = details.cause;
+    }
+    /**
+     * Convert error to JSON for logging
+     */
+    toJSON() {
+        return {
+            name: this.name,
+            code: this.code,
+            message: this.message,
+            solution: this.solution,
+            domain: this.domain,
+            challengeType: this.challengeType,
+            details: this.details,
+            cause: this.cause?.message,
+            stack: this.stack
+        };
+    }
+}
+/**
+ * Common certificate error codes
+ */
+export const CertificateErrorCodes = {
+    // Configuration errors
+    NO_CERT_PROVIDER: 'NO_CERT_PROVIDER',
+    INVALID_CERT_PROVIDER: 'INVALID_CERT_PROVIDER',
+    MISSING_ACME_EMAIL: 'MISSING_ACME_EMAIL',
+    // ACME errors
+    ACME_HTTP_CHALLENGE_FAILED: 'ACME_HTTP_CHALLENGE_FAILED',
+    ACME_DNS_CHALLENGE_FAILED: 'ACME_DNS_CHALLENGE_FAILED',
+    ACME_RATE_LIMITED: 'ACME_RATE_LIMITED',
+    ACME_ACCOUNT_ERROR: 'ACME_ACCOUNT_ERROR',
+    ACME_VALIDATION_ERROR: 'ACME_VALIDATION_ERROR',
+    // Certificate errors
+    CERTIFICATE_EXPIRED: 'CERTIFICATE_EXPIRED',
+    CERTIFICATE_INVALID: 'CERTIFICATE_INVALID',
+    CERTIFICATE_NOT_FOUND: 'CERTIFICATE_NOT_FOUND',
+    CERTIFICATE_PARSE_ERROR: 'CERTIFICATE_PARSE_ERROR',
+    // Storage errors
+    STORAGE_READ_ERROR: 'STORAGE_READ_ERROR',
+    STORAGE_WRITE_ERROR: 'STORAGE_WRITE_ERROR',
+    STORAGE_PERMISSION_ERROR: 'STORAGE_PERMISSION_ERROR',
+    // Network errors
+    NETWORK_TIMEOUT: 'NETWORK_TIMEOUT',
+    NETWORK_UNREACHABLE: 'NETWORK_UNREACHABLE',
+    DNS_RESOLUTION_FAILED: 'DNS_RESOLUTION_FAILED',
+    // Domain errors
+    INVALID_DOMAIN: 'INVALID_DOMAIN',
+    WILDCARD_NOT_SUPPORTED: 'WILDCARD_NOT_SUPPORTED',
+    DOMAIN_NOT_CONFIGURED: 'DOMAIN_NOT_CONFIGURED'
+};
+/**
+ * Helper functions for creating common certificate errors
+ */
+export const CertificateErrors = {
+    noCertProvider: () => new CertificateError({
+        code: CertificateErrorCodes.NO_CERT_PROVIDER,
+        message: 'Certificate provider is required when ACME is enabled',
+        solution: 'Configure a certProvider in your SmartProxy options'
+    }),
+    invalidCertProvider: (error) => new CertificateError({
+        code: CertificateErrorCodes.INVALID_CERT_PROVIDER,
+        message: 'Certificate provider returned invalid response',
+        solution: 'Ensure your certProvider returns a valid CertificateStrategy',
+        cause: error
+    }),
+    missingAcmeEmail: () => new CertificateError({
+        code: CertificateErrorCodes.MISSING_ACME_EMAIL,
+        message: 'ACME email is required for certificate provisioning',
+        solution: 'Configure acme.email in your SmartProxy options'
+    }),
+    acmeHttpChallengeFailed: (domain, details) => new CertificateError({
+        code: CertificateErrorCodes.ACME_HTTP_CHALLENGE_FAILED,
+        message: `HTTP-01 challenge failed for ${domain}`,
+        solution: 'Ensure port 80 is accessible and DNS points to this server',
+        domain,
+        challengeType: 'http',
+        details
+    }),
+    acmeDnsChallengeFailed: (domain, details) => new CertificateError({
+        code: CertificateErrorCodes.ACME_DNS_CHALLENGE_FAILED,
+        message: `DNS-01 challenge failed for ${domain}`,
+        solution: 'Verify DNS TXT record is correctly set for the domain',
+        domain,
+        challengeType: 'dns',
+        details
+    }),
+    acmeRateLimited: (domain, resetTime) => new CertificateError({
+        code: CertificateErrorCodes.ACME_RATE_LIMITED,
+        message: `ACME rate limit exceeded for ${domain}`,
+        solution: resetTime
+            ? `Wait until ${resetTime.toISOString()} before retrying`
+            : 'Wait before retrying or use staging environment for testing',
+        domain,
+        details: { resetTime }
+    }),
+    certificateExpired: (domain, expiredAt) => new CertificateError({
+        code: CertificateErrorCodes.CERTIFICATE_EXPIRED,
+        message: `Certificate for ${domain} expired at ${expiredAt.toISOString()}`,
+        solution: 'Renew the certificate or configure automatic renewal',
+        domain,
+        details: { expiredAt }
+    }),
+    certificateNotFound: (domain) => new CertificateError({
+        code: CertificateErrorCodes.CERTIFICATE_NOT_FOUND,
+        message: `No certificate found for ${domain}`,
+        solution: 'Request a new certificate or provide a static certificate',
+        domain
+    }),
+    wildcardNotSupported: (domain) => new CertificateError({
+        code: CertificateErrorCodes.WILDCARD_NOT_SUPPORTED,
+        message: `Wildcard domain ${domain} requires DNS-01 challenge`,
+        solution: 'Configure your certProvider to return acme-dns strategy for wildcards',
+        domain
+    }),
+    storageError: (operation, path, error) => new CertificateError({
+        code: operation === 'read'
+            ? CertificateErrorCodes.STORAGE_READ_ERROR
+            : CertificateErrorCodes.STORAGE_WRITE_ERROR,
+        message: `Failed to ${operation} certificate at ${path}`,
+        solution: `Check file permissions and ensure directory exists`,
+        details: { path },
+        cause: error
+    })
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUtZXJyb3JzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvY2VydGlmaWNhdGUvbW9kZWxzL2NlcnRpZmljYXRlLWVycm9ycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQVlIOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGdCQUFpQixTQUFRLEtBQUs7SUFRekMsWUFBWSxPQUFnQztRQUMxQyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxJQUFJLEdBQUcsa0JBQWtCLENBQUM7UUFDL0IsSUFBSSxDQUFDLElBQUksR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBQ3pCLElBQUksQ0FBQyxRQUFRLEdBQUcsT0FBTyxDQUFDLFFBQVEsQ0FBQztRQUNqQyxJQUFJLENBQUMsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUM7UUFDN0IsSUFBSSxDQUFDLGFBQWEsR0FBRyxPQUFPLENBQUMsYUFBYSxDQUFDO1FBQzNDLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUMvQixJQUFJLENBQUMsS0FBSyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUM7SUFDN0IsQ0FBQztJQUVEOztPQUVHO0lBQ0ksTUFBTTtRQUNYLE9BQU87WUFDTCxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDZixJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDZixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3ZCLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtZQUNuQixhQUFhLEVBQUUsSUFBSSxDQUFDLGFBQWE7WUFDakMsT0FBTyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ3JCLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxFQUFFLE9BQU87WUFDMUIsS0FBSyxFQUFFLElBQUksQ0FBQyxLQUFLO1NBQ2xCLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLHFCQUFxQixHQUFHO0lBQ25DLHVCQUF1QjtJQUN2QixnQkFBZ0IsRUFBRSxrQkFBa0I7SUFDcEMscUJBQXFCLEVBQUUsdUJBQXVCO0lBQzlDLGtCQUFrQixFQUFFLG9CQUFvQjtJQUV4QyxjQUFjO0lBQ2QsMEJBQTBCLEVBQUUsNEJBQTRCO0lBQ3hELHlCQUF5QixFQUFFLDJCQUEyQjtJQUN0RCxpQkFBaUIsRUFBRSxtQkFBbUI7SUFDdEMsa0JBQWtCLEVBQUUsb0JBQW9CO0lBQ3hDLHFCQUFxQixFQUFFLHVCQUF1QjtJQUU5QyxxQkFBcUI7SUFDckIsbUJBQW1CLEVBQUUscUJBQXFCO0lBQzFDLG1CQUFtQixFQUFFLHFCQUFxQjtJQUMxQyxxQkFBcUIsRUFBRSx1QkFBdUI7SUFDOUMsdUJBQXVCLEVBQUUseUJBQXlCO0lBRWxELGlCQUFpQjtJQUNqQixrQkFBa0IsRUFBRSxvQkFBb0I7SUFDeEMsbUJBQW1CLEVBQUUscUJBQXFCO0lBQzFDLHdCQUF3QixFQUFFLDBCQUEwQjtJQUVwRCxpQkFBaUI7SUFDakIsZUFBZSxFQUFFLGlCQUFpQjtJQUNsQyxtQkFBbUIsRUFBRSxxQkFBcUI7SUFDMUMscUJBQXFCLEVBQUUsdUJBQXVCO0lBRTlDLGdCQUFnQjtJQUNoQixjQUFjLEVBQUUsZ0JBQWdCO0lBQ2hDLHNCQUFzQixFQUFFLHdCQUF3QjtJQUNoRCxxQkFBcUIsRUFBRSx1QkFBdUI7Q0FDdEMsQ0FBQztBQUVYOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0saUJBQWlCLEdBQUc7SUFDL0IsY0FBYyxFQUFFLEdBQUcsRUFBRSxDQUFDLElBQUksZ0JBQWdCLENBQUM7UUFDekMsSUFBSSxFQUFFLHFCQUFxQixDQUFDLGdCQUFnQjtRQUM1QyxPQUFPLEVBQUUsdURBQXVEO1FBQ2hFLFFBQVEsRUFBRSxxREFBcUQ7S0FDaEUsQ0FBQztJQUVGLG1CQUFtQixFQUFFLENBQUMsS0FBWSxFQUFFLEVBQUUsQ0FBQyxJQUFJLGdCQUFnQixDQUFDO1FBQzFELElBQUksRUFBRSxxQkFBcUIsQ0FBQyxxQkFBcUI7UUFDakQsT0FBTyxFQUFFLGdEQUFnRDtRQUN6RCxRQUFRLEVBQUUsOERBQThEO1FBQ3hFLEtBQUssRUFBRSxLQUFLO0tBQ2IsQ0FBQztJQUVGLGdCQUFnQixFQUFFLEdBQUcsRUFBRSxDQUFDLElBQUksZ0JBQWdCLENBQUM7UUFDM0MsSUFBSSxFQUFFLHFCQUFxQixDQUFDLGtCQUFrQjtRQUM5QyxPQUFPLEVBQUUscURBQXFEO1FBQzlELFFBQVEsRUFBRSxpREFBaUQ7S0FDNUQsQ0FBQztJQUVGLHVCQUF1QixFQUFFLENBQUMsTUFBYyxFQUFFLE9BQWEsRUFBRSxFQUFFLENBQUMsSUFBSSxnQkFBZ0IsQ0FBQztRQUMvRSxJQUFJLEVBQUUscUJBQXFCLENBQUMsMEJBQTBCO1FBQ3RELE9BQU8sRUFBRSxnQ0FBZ0MsTUFBTSxFQUFFO1FBQ2pELFFBQVEsRUFBRSw0REFBNEQ7UUFDdEUsTUFBTTtRQUNOLGFBQWEsRUFBRSxNQUFNO1FBQ3JCLE9BQU87S0FDUixDQUFDO0lBRUYsc0JBQXNCLEVBQUUsQ0FBQyxNQUFjLEVBQUUsT0FBYSxFQUFFLEVBQUUsQ0FBQyxJQUFJLGdCQUFnQixDQUFDO1FBQzlFLElBQUksRUFBRSxxQkFBcUIsQ0FBQyx5QkFBeUI7UUFDckQsT0FBTyxFQUFFLCtCQUErQixNQUFNLEVBQUU7UUFDaEQsUUFBUSxFQUFFLHVEQUF1RDtRQUNqRSxNQUFNO1FBQ04sYUFBYSxFQUFFLEtBQUs7UUFDcEIsT0FBTztLQUNSLENBQUM7SUFFRixlQUFlLEVBQUUsQ0FBQyxNQUFjLEVBQUUsU0FBZ0IsRUFBRSxFQUFFLENBQUMsSUFBSSxnQkFBZ0IsQ0FBQztRQUMxRSxJQUFJLEVBQUUscUJBQXFCLENBQUMsaUJBQWlCO1FBQzdDLE9BQU8sRUFBRSxnQ0FBZ0MsTUFBTSxFQUFFO1FBQ2pELFFBQVEsRUFBRSxTQUFTO1lBQ2pCLENBQUMsQ0FBQyxjQUFjLFNBQVMsQ0FBQyxXQUFXLEVBQUUsa0JBQWtCO1lBQ3pELENBQUMsQ0FBQyw2REFBNkQ7UUFDakUsTUFBTTtRQUNOLE9BQU8sRUFBRSxFQUFFLFNBQVMsRUFBRTtLQUN2QixDQUFDO0lBRUYsa0JBQWtCLEVBQUUsQ0FBQyxNQUFjLEVBQUUsU0FBZSxFQUFFLEVBQUUsQ0FBQyxJQUFJLGdCQUFnQixDQUFDO1FBQzVFLElBQUksRUFBRSxxQkFBcUIsQ0FBQyxtQkFBbUI7UUFDL0MsT0FBTyxFQUFFLG1CQUFtQixNQUFNLGVBQWUsU0FBUyxDQUFDLFdBQVcsRUFBRSxFQUFFO1FBQzFFLFFBQVEsRUFBRSxzREFBc0Q7UUFDaEUsTUFBTTtRQUNOLE9BQU8sRUFBRSxFQUFFLFNBQVMsRUFBRTtLQUN2QixDQUFDO0lBRUYsbUJBQW1CLEVBQUUsQ0FBQyxNQUFjLEVBQUUsRUFBRSxDQUFDLElBQUksZ0JBQWdCLENBQUM7UUFDNUQsSUFBSSxFQUFFLHFCQUFxQixDQUFDLHFCQUFxQjtRQUNqRCxPQUFPLEVBQUUsNEJBQTRCLE1BQU0sRUFBRTtRQUM3QyxRQUFRLEVBQUUsMkRBQTJEO1FBQ3JFLE1BQU07S0FDUCxDQUFDO0lBRUYsb0JBQW9CLEVBQUUsQ0FBQyxNQUFjLEVBQUUsRUFBRSxDQUFDLElBQUksZ0JBQWdCLENBQUM7UUFDN0QsSUFBSSxFQUFFLHFCQUFxQixDQUFDLHNCQUFzQjtRQUNsRCxPQUFPLEVBQUUsbUJBQW1CLE1BQU0sNEJBQTRCO1FBQzlELFFBQVEsRUFBRSx1RUFBdUU7UUFDakYsTUFBTTtLQUNQLENBQUM7SUFFRixZQUFZLEVBQUUsQ0FBQyxTQUEyQixFQUFFLElBQVksRUFBRSxLQUFZLEVBQUUsRUFBRSxDQUFDLElBQUksZ0JBQWdCLENBQUM7UUFDOUYsSUFBSSxFQUFFLFNBQVMsS0FBSyxNQUFNO1lBQ3hCLENBQUMsQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0I7WUFDMUMsQ0FBQyxDQUFDLHFCQUFxQixDQUFDLG1CQUFtQjtRQUM3QyxPQUFPLEVBQUUsYUFBYSxTQUFTLG1CQUFtQixJQUFJLEVBQUU7UUFDeEQsUUFBUSxFQUFFLG9EQUFvRDtRQUM5RCxPQUFPLEVBQUUsRUFBRSxJQUFJLEVBQUU7UUFDakIsS0FBSyxFQUFFLEtBQUs7S0FDYixDQUFDO0NBQ0gsQ0FBQyJ9

package/dist_ts/certificate/models/certificate-strategy.d.ts

@@ -0,0 +1,60 @@
+/**
+ * Certificate strategy types for SmartProxy
+ */
+/**
+ * Certificate strategy types
+ */
+export type CertificateStrategy = {
+    type: 'acme-http';
+} | {
+    type: 'acme-dns';
+} | {
+    type: 'static';
+    cert: string;
+    key: string;
+    expiresAt?: Date;
+} | {
+    type: 'skip';
+};
+/**
+ * Certificate provider function type
+ */
+export type CertProvider = (domain: string) => Promise<CertificateStrategy>;
+/**
+ * Helper functions for creating certificate strategies
+ */
+export declare const CertStrategies: {
+    /**
+     * Use ACME HTTP-01 challenge
+     */
+    acmeHttp: () => CertificateStrategy;
+    /**
+     * Use ACME DNS-01 challenge (required for wildcards)
+     */
+    acmeDns: () => CertificateStrategy;
+    /**
+     * Use static certificate
+     */
+    static: (cert: string, key: string, expiresAt?: Date) => CertificateStrategy;
+    /**
+     * Skip certificate provisioning for this domain
+     */
+    skip: () => CertificateStrategy;
+};
+/**
+ * Built-in certificate providers
+ */
+export declare const defaultCertProviders: {
+    /**
+     * Standard ACME provider: HTTP-01 for regular domains, DNS-01 for wildcards
+     */
+    standard: (domain: string) => Promise<CertificateStrategy>;
+    /**
+     * Use static certificates from disk if available, fallback to ACME
+     */
+    withStaticFallback: (certDir: string) => (domain: string) => Promise<CertificateStrategy>;
+    /**
+     * Always skip certificate provisioning
+     */
+    skip: () => Promise<CertificateStrategy>;
+};

package/dist_ts/certificate/models/certificate-strategy.js

@@ -0,0 +1,73 @@
+/**
+ * Certificate strategy types for SmartProxy
+ */
+/**
+ * Helper functions for creating certificate strategies
+ */
+export const CertStrategies = {
+    /**
+     * Use ACME HTTP-01 challenge
+     */
+    acmeHttp: () => ({ type: 'acme-http' }),
+    /**
+     * Use ACME DNS-01 challenge (required for wildcards)
+     */
+    acmeDns: () => ({ type: 'acme-dns' }),
+    /**
+     * Use static certificate
+     */
+    static: (cert, key, expiresAt) => ({
+        type: 'static',
+        cert,
+        key,
+        expiresAt
+    }),
+    /**
+     * Skip certificate provisioning for this domain
+     */
+    skip: () => ({ type: 'skip' })
+};
+/**
+ * Built-in certificate providers
+ */
+export const defaultCertProviders = {
+    /**
+     * Standard ACME provider: HTTP-01 for regular domains, DNS-01 for wildcards
+     */
+    standard: (domain) => {
+        return Promise.resolve(domain.includes('*')
+            ? CertStrategies.acmeDns()
+            : CertStrategies.acmeHttp());
+    },
+    /**
+     * Use static certificates from disk if available, fallback to ACME
+     */
+    withStaticFallback: (certDir) => {
+        return async (domain) => {
+            const fs = await import('fs/promises');
+            const path = await import('path');
+            const certPath = path.join(certDir, `${domain}.crt`);
+            const keyPath = path.join(certDir, `${domain}.key`);
+            try {
+                const [cert, key] = await Promise.all([
+                    fs.readFile(certPath, 'utf-8'),
+                    fs.readFile(keyPath, 'utf-8')
+                ]);
+                return CertStrategies.static(cert, key);
+            }
+            catch {
+                // File not found, fallback to ACME
+                return domain.includes('*')
+                    ? CertStrategies.acmeDns()
+                    : CertStrategies.acmeHttp();
+            }
+        };
+    },
+    /**
+     * Always skip certificate provisioning
+     */
+    skip: () => {
+        return Promise.resolve(CertStrategies.skip());
+    }
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUtc3RyYXRlZ3kuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9jZXJ0aWZpY2F0ZS9tb2RlbHMvY2VydGlmaWNhdGUtc3RyYXRlZ3kudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7O0dBRUc7QUFnQkg7O0dBRUc7QUFDSCxNQUFNLENBQUMsTUFBTSxjQUFjLEdBQUc7SUFDNUI7O09BRUc7SUFDSCxRQUFRLEVBQUUsR0FBd0IsRUFBRSxDQUFDLENBQUMsRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLENBQUM7SUFFNUQ7O09BRUc7SUFDSCxPQUFPLEVBQUUsR0FBd0IsRUFBRSxDQUFDLENBQUMsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLENBQUM7SUFFMUQ7O09BRUc7SUFDSCxNQUFNLEVBQUUsQ0FBQyxJQUFZLEVBQUUsR0FBVyxFQUFFLFNBQWdCLEVBQXVCLEVBQUUsQ0FBQyxDQUFDO1FBQzdFLElBQUksRUFBRSxRQUFRO1FBQ2QsSUFBSTtRQUNKLEdBQUc7UUFDSCxTQUFTO0tBQ1YsQ0FBQztJQUVGOztPQUVHO0lBQ0gsSUFBSSxFQUFFLEdBQXdCLEVBQUUsQ0FBQyxDQUFDLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxDQUFDO0NBQ3BELENBQUM7QUFFRjs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLG9CQUFvQixHQUFHO0lBQ2xDOztPQUVHO0lBQ0gsUUFBUSxFQUFFLENBQUMsTUFBYyxFQUFnQyxFQUFFO1FBQ3pELE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FDcEIsTUFBTSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUM7WUFDbEIsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxPQUFPLEVBQUU7WUFDMUIsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsQ0FDOUIsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNILGtCQUFrQixFQUFFLENBQUMsT0FBZSxFQUFFLEVBQUU7UUFDdEMsT0FBTyxLQUFLLEVBQUUsTUFBYyxFQUFnQyxFQUFFO1lBQzVELE1BQU0sRUFBRSxHQUFHLE1BQU0sTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDO1lBQ3ZDLE1BQU0sSUFBSSxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBRWxDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLEdBQUcsTUFBTSxNQUFNLENBQUMsQ0FBQztZQUNyRCxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxHQUFHLE1BQU0sTUFBTSxDQUFDLENBQUM7WUFFcEQsSUFBSSxDQUFDO2dCQUNILE1BQU0sQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDO29CQUNwQyxFQUFFLENBQUMsUUFBUSxDQUFDLFFBQVEsRUFBRSxPQUFPLENBQUM7b0JBQzlCLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQztpQkFDOUIsQ0FBQyxDQUFDO2dCQUVILE9BQU8sY0FBYyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDMUMsQ0FBQztZQUFDLE1BQU0sQ0FBQztnQkFDUCxtQ0FBbUM7Z0JBQ25DLE9BQU8sTUFBTSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUM7b0JBQ3pCLENBQUMsQ0FBQyxjQUFjLENBQUMsT0FBTyxFQUFFO29CQUMxQixDQUFDLENBQUMsY0FBYyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hDLENBQUM7UUFDSCxDQUFDLENBQUM7SUFDSixDQUFDO0lBRUQ7O09BRUc7SUFDSCxJQUFJLEVBQUUsR0FBaUMsRUFBRTtRQUN2QyxPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7SUFDaEQsQ0FBQztDQUNGLENBQUMifQ==

package/dist_ts/certificate/simplified-certificate-manager.d.ts

@@ -0,0 +1,150 @@
+/**
+ * Simplified, unified certificate manager for SmartProxy
+ */
+import * as plugins from '../plugins.js';
+import type { CertProvider } from './models/certificate-strategy.js';
+import type { CertificateEventMap, ICertificateEventEmitter } from './events/simplified-events.js';
+import type { IRouteConfig } from '../proxies/smart-proxy/models/route-types.js';
+/**
+ * Certificate storage format
+ */
+interface StoredCertificate {
+    domain: string;
+    certificate: string;
+    privateKey: string;
+    expiresAt: Date;
+    source: 'acme-http' | 'acme-dns' | 'static';
+}
+/**
+ * Certificate manager configuration
+ */
+export interface CertificateManagerConfig {
+    certProvider: CertProvider;
+    acmeEmail: string;
+    acmeServer: 'production' | 'staging';
+    storageDir?: string;
+    renewBeforeDays?: number;
+    defaultCertPath?: string;
+    defaultKeyPath?: string;
+}
+/**
+ * Unified certificate manager
+ */
+export declare class SimplifiedCertificateManager extends plugins.EventEmitter implements ICertificateEventEmitter {
+    private config;
+    private certificateCache;
+    private acmeClient;
+    private renewalTimer?;
+    private pendingRequests;
+    constructor(config: CertificateManagerConfig);
+    /**
+     * Initialize the certificate manager
+     */
+    start(): Promise<void>;
+    /**
+     * Stop the certificate manager
+     */
+    stop(): Promise<void>;
+    /**
+     * Get a certificate for a domain (main entry point)
+     */
+    getCertificate(domain: string): Promise<StoredCertificate>;
+    /**
+     * Request a new certificate
+     */
+    private requestCertificate;
+    /**
+     * Request certificate via ACME HTTP-01
+     */
+    private requestAcmeHttpCertificate;
+    /**
+     * Request certificate via ACME DNS-01
+     */
+    private requestAcmeDnsCertificate;
+    /**
+     * Renew a certificate
+     */
+    renewCertificate(domain: string): Promise<StoredCertificate>;
+    /**
+     * Check certificates for renewal
+     */
+    private checkForRenewals;
+    /**
+     * Initialize ACME client
+     */
+    private initializeAcmeClient;
+    /**
+     * Load stored certificates from disk
+     */
+    private loadStoredCertificates;
+    /**
+     * Store certificate to disk
+     */
+    private storeCertificate;
+    /**
+     * Ensure storage directory exists
+     */
+    private ensureStorageDir;
+    /**
+     * Get or create ACME account key
+     */
+    private getOrCreateAccountKey;
+    /**
+     * Generate keypair for certificate
+     */
+    private generateKeypair;
+    /**
+     * Generate CSR for domain
+     */
+    private generateCsr;
+    /**
+     * Extract expiry date from certificate
+     */
+    private extractExpiryDate;
+    /**
+     * Check if certificate is valid
+     */
+    private isCertificateValid;
+    /**
+     * Check if certificate should be renewed
+     */
+    private shouldRenew;
+    /**
+     * Check if certificate is expiring soon
+     */
+    private isExpiringSoon;
+    /**
+     * Get days remaining until expiry
+     */
+    private getDaysRemaining;
+    /**
+     * Start renewal timer
+     */
+    private startRenewalTimer;
+    /**
+     * Get default certificate for SNI fallback
+     */
+    getDefaultCertificate(): Promise<{
+        cert: string;
+        key: string;
+    }>;
+    /**
+     * Set up HTTP challenge responder
+     */
+    private setupHttpChallenge;
+    /**
+     * Clean up HTTP challenge
+     */
+    private cleanupHttpChallenge;
+    /**
+     * Type assertion for event emitter
+     */
+    on<K extends keyof CertificateEventMap>(event: K, listener: (data: CertificateEventMap[K]) => void): this;
+    off<K extends keyof CertificateEventMap>(event: K, listener: (data: CertificateEventMap[K]) => void): this;
+    emit<K extends keyof CertificateEventMap>(event: K, data: CertificateEventMap[K]): boolean;
+    /**
+     * Update routes (placeholder for future implementation)
+     */
+    updateRoutes(routes: IRouteConfig[]): Promise<void>;
+}
+export {};