efront 4.4.14 → 4.5.3

package/#/345/233/275/351/231/205/345/214/226.yml

@@ -1,3 +1,81 @@
+- zh-CN: 端口异常
+  en:    Port abnormality
+
+- zh-CN: 分配地址失败
+  en:    Address allocation failed
+
+- zh-CN: 电子邮箱地址应包含符号“@”
+  en:    "The email address should contain the symbol \"@\""
+
+- zh-CN: "@符号前应有内容"
+  en:    "There should be content before the symbol \"@\""
+
+- zh-CN: "@符号后应有内容"
+  en:    "There should be content after the symbol\"@\""
+
+- zh-CN: 私钥
+  en:    Private key
+
+- zh-CN: 证书
+  en:    certificate
+
+- zh-CN: 账户
+  en:    account
+
+- zh-CN: 当前服务器的域名
+  en:    The domain name of the current server
+
+- zh-CN: 订单失效时间
+  en:    Order expiration time
+
+- zh-CN: 请求无效!
+  en:    Request is invalid!
+
+- zh-CN: 已取消
+  en:    Canceled
+
+- zh-CN: 输入原密码：
+  en:    "Enter the original password:"
+
+- zh-CN: 数据过载..
+  en:    Data overload..
+
+- zh-CN: 服务器忙！
+  en:    Server busy!
+
+- zh-CN: 无权访问
+  en:    Unauthorized access
+
+- zh-CN: 清理完成
+  en:    Cleaning completed
+
+- zh-CN: 正在重启
+  en:    Restarting
+
+- zh-CN: 已存在相同标识的数据
+  en:    Data with the same identifier already exists
+
+- zh-CN: 禁止访问
+  en:    Prohibit access
+
+- zh-CN: 已关闭$1端口
+  en:    $1 port has been closed
+
+- zh-CN: <red>端口异常</red>
+  en:    <red>Port exception</red>
+
+- zh-CN: filelist
+  en:    filelist
+
+- zh-CN: pathlist
+  en:    pathlist
+
+- zh-CN: pathend
+  en:    pathend
+
+- zh-CN: 邮箱
+  en:    mailbox
+
 - zh-CN: 过滤空串
   en:    Filter empty strings
 
@@ -5,10 +83,10 @@
   en:    ","
 
 - zh-CN: ，
-  en:    "."
+  en:    .
 
 - zh-CN: ！
-  en:    ","
+  en:    !
 
 - zh-CN: https://letsencrypt.org/zh-cn/
   en:    
@@ -260,7 +338,7 @@
   en:    Server restart
 
 - zh-CN: 正在退出..
-  en:    Exiting
+  en:    Exiting..
 
 - zh-CN: 进程已退出
   en:    Process has exited
@@ -401,7 +479,7 @@
   en:    Not supported
 
 - zh-CN: 当前运行环境使用class extends Array会有难以解决的不兼容性问题，请更换代码的实现方式！
-  en:    
+  en:    The current operating environment using class extends Array may have compatibility issues that are difficult to solve. Please change the implementation method of the code!
 
 - zh-CN: 代码异常！
   en:    Code exception!
@@ -719,7 +797,7 @@
   en:    The path does not point to file $1
 
 - zh-CN: 文件过大!$1
-  en:    The file is too large$ one
+  en:    The file is too large! $1
 
 - zh-CN: 读取文件信息出错$1
   en:    Error reading file information $1

package/apps/pivot/api.yml

@@ -18,6 +18,10 @@
   room: options ::link-:id
   care: options ::care-:id
   cast: options ::cast-:id?:msg
+  setauth|: options ::setauth-/.well-known/acme-challenge/:token?:token.:thumb
+  unique: options ::unique
+  unique-save: options ::unique-:data
+  recert: options ::recert
   upload: put :path
 https://www.ip.cn/:
   iplocation: get https://www.ip.cn/api/index?ip=:ip&type=1

package/apps/pivot/cert/edit.js

@@ -0,0 +1 @@
+pedit.bind(null, "证书", "cert");

package/apps/pivot/cert/list.js

@@ -0,0 +1,9 @@
+plist.bind(null, '接口管理', "cert", refilm`
+*域名/hostname input/253
+公钥/private gen/600 ${async function (data) {
+        var [private_key, public_key] = await acme2.createKeyPair();
+        data.private = private_key;
+        data.public = public_key;
+    }}
+-私钥/public text
+$证书/cert text`, '/cert/edit');

package/apps/pivot/cert/main.xht

@@ -0,0 +1,188 @@
+<style>
+    a {
+        text-decoration: none;
+    }
+
+    * {
+        box-sizing: border-box;
+    }
+
+
+    form {
+        display: block;
+        max-height: 100%;
+        width: 100%;
+
+        >[body] {
+            height: auto;
+            height: 100%;
+            overflow-x: hidden;
+            overflow-y: scroll;
+        }
+    }
+
+    :root {
+        height: 100%;
+        overflow: auto;
+    }
+
+    [type=function] {
+        display: -webkit-box;
+        -webkit-box-orient: vertical;
+        -webkit-line-clamp: 2;
+        text-overflow: ellipsis;
+        overflow: hidden;
+    }
+
+    [info] {
+        text-align: center;
+        background: #ffe;
+        padding: 2px 20px;
+        font-size: 14px;
+    }
+
+    [body] {
+        appearance: none;
+        border: none;
+    }
+</style>
+<div -if="!enabled"></div>
+<form on-submit="nosubmit" renderid=box>
+    <xmenu head #menubar -src="(m,i) in menus" @active="activeMenu(m,i)"></xmenu>
+    <div body #body>
+        <div info>${i18n`本页使用的证书服务来自`}<a target="_blank" href="${i18n`https://letsencrypt.org/zh-cn/`}">Let's
+                Encrypt</a>
+        </div>
+        <field -repeat="s in actived.fields" -src="[s,formdata]"></field>
+        <container -if="actived.src" _src="actived.src" _params="actived.params">
+        </container>
+    </div>
+    <scrollbar y #bar></scrollbar>
+    <div foot>
+        <span -bind="actived.message"></span>
+        <button -repeat="(f,k) in actived.actions" -click="f(actived)"><span -bind="k"></span></button>
+    </div>
+</form>
+<script>
+    var enabled = acme2.enabled;
+    if (!enabled) return ["请在支持window.crypto.subtle的浏览器上使用此页面的功能"];
+    var form = view;
+    var activeIndex = 0;
+    var nosubmit = e => e.preventDefault();
+    var directory;
+    var formdata = {};
+    var private_key, public_key;
+    var unique;
+    var loadUnique = async function () {
+        unique = await data.from("unique");
+        await acme2.makeUnique(unique);
+        if (menuIndex === 0) {
+            if (acme2.orders?.length) activeMenu(menus[2], 2);
+            else if (acme2.kid) activeMenu(menus[1], 1);
+        }
+        extend(formdata, acme2);
+    };
+
+    var publicKey, privateKey;
+    loadUnique().then(render.digest).then(lazy(async function () {
+        box.reshape();
+        bar.reshape();
+        var certlist = await plist.load('cert');
+        formdata.domain = certlist.map(c => c.hostname).join("\r\n");
+        render.digest();
+    }));
+    var a = button;
+    var xmenu = menu;
+    var that = this;
+
+    var saveUnique = async function (params) {
+        extendIfOccurs(acme2, params);
+        var extra = acme2.pickUnique();
+        await data.from("unique-save", { data: extra });
+    };
+    var openOrder = async function (event, href) {
+        event.preventDefault();
+    }
+    var menus = [
+        {
+            "name": "创建账户",
+            fields: refilm`
+            $公钥/public_key/单击生成 ${function (elem) {
+                    var { data, field } = elem;
+                    elem.innerHTML = `<a @click="gen()" -if="!data[field.key]">单击生成</a><span -else -bind="data[field.key]"></span>`;
+                    render(elem, {
+                        data, field, async gen() {
+                            await acme2.initUnique();
+                            formdata.public_key = acme2.public_key;
+                            await saveUnique();
+                        }
+                    })
+                }}
+            *邮箱/email email
+            /termsOfServiceAgreed/同意 checker ${{
+                    async"《服务条款》"(data) {
+                        var termsOfService = await acme2.getTermsOfService();
+                        if (termsOfService) window.open(termsOfService, "_blank", "popup,noopener,noreferer")
+                    },
+                }}
+            `,
+            get message() {
+                return formdata.kid ? "已创建账户" : '';
+            },
+            actions: {
+                async 创建账户(actived) {
+                    var params = submit(actived.fields, formdata);
+                    await saveUnique(params);
+                    formdata.kid = await acme2.newAccount(params);
+                    await saveUnique();
+                }
+            }
+        },
+        {
+            "name": "创建订单",
+            get disabled() {
+                return !!formdata.kid;
+            },
+            fields: refilm`
+            $账户/kid input
+            *当前服务器的域名/domain/每行一个 text
+            `,
+            actions: {
+                async 创建订单(actived) {
+                    var params = submit(actived.fields, formdata);
+                    var order = await acme2.newOrder(params);
+                    await saveUnique();
+                    activeMenu(menus[2], 2);
+                }
+            }
+        },
+        {
+            name: "订单信息",
+            src: '/cert/orders',
+            get params() {
+                return { orders: acme2.orders, saveUnique };
+            }
+        },
+        {
+            name: "证书列表",
+            src: "/cert/list",
+        },
+        {
+            name: "更新服务",
+            src: "/cert/update",
+        }
+    ];
+
+    var actived = null;
+    var activeMenu = function (m, i) {
+        if (actived === m) return;
+        if (actived) actived.actived = false;
+        m.actived = true;
+        actived = m;
+        activeIndex = i;
+        state({ index: i })
+    };
+    var menuIndex = state().index || 0;
+    activeMenu(menus[menuIndex], menuIndex);
+
+</script>

package/apps/pivot/cert/orders.xht

@@ -0,0 +1,232 @@
+<style>
+    &>list,
+    &>div {
+        display: inline-block;
+    }
+
+    & {
+        --border: 1px solid #0006;
+    }
+
+    &>xmenu[horizonal] {
+        width: 100%;
+        margin-bottom: -2px;
+        z-index: 1;
+        border-bottom: none;
+        box-shadow: none;
+
+        &:after {
+            content: "";
+            display: block;
+            position: absolute;
+            left: 0;
+            bottom: 0;
+            right: 0;
+            height: 0;
+            border-bottom: --border;
+            z-index: -1;
+        }
+
+        .actived {
+            background: #fff;
+            color: #333;
+            border: --border;
+            border-bottom: none;
+        }
+
+        +form {
+            border: --border;
+            background: #fff;
+        }
+    }
+
+    [actived] {
+        background: #fff;
+        /* border-bottom: 2px solid; */
+    }
+
+    [status]>s {
+        width: 0;
+        height: 0;
+        border-radius: 50%;
+        display: inline-block;
+        border: .3em solid;
+        margin-right: 6px;
+    }
+
+    @status(@s, @c) {
+        [status=@s] {
+            color: @c;
+        }
+    }
+
+    @status(pending, #777);
+    @status(processing, #f82);
+    @status(ready, #284);
+    @status(valid, #26c);
+    @status(invalid, #c24);
+</style>
+<xmenu -src="o of orders" @active="openOrder(o)"></xmenu>
+<div -if="!order">
+    暂无订单
+</div>
+<form -elseif="order.oid" onsubmit="event.preventDefault()">
+    <div body>
+        <field -repeat="f in fields" _src="[f,order]"></field>
+    </div>
+    <div foot>
+        <button -if="order?.removable" class="danger" confirm @click="dropOrder(order)">删除订单</button>
+        <button -if="order.status==='processing'" @click="openOrder(order)">刷新</button>
+        <button -if="order.status==='pending'" @click="auditOrder(order)">提交审核</button>
+        <button -if="order.status==='ready'" @click="finalize(order)">请求证书</button>
+        <button -if="order.status==='valid'" @click="see(order)">查看证书</button>
+        <button -if="order.shouldupload" @click="upload(order)">上传到服务器</button>
+    </div>
+</form>
+<div -else>
+    订单异常
+</div>
+<script>
+    var fields = refilm`
+    $状态/status radio [未审核/pending,审核通过/ready,生成中/processing,生效/valid,无效/invalid]
+    $证书/certificate/下载 anchor
+    $域名/identifiers ${function (elem) {
+            var { field, data } = elem;
+            var value = data[field.key];
+            if (value instanceof Array) elem.innerHTML = value.map(v => `${v.value} (${v.type})`).join("<br/>")
+            else elem.innerHTML = '';
+        }}
+    $订单失效时间/expires ${function (elem) {
+            var { field, data } = elem;
+            elem.innerHTML = filterTime(data[field.key]);
+        }}
+    `;
+    var order = {
+        authorizations: [],
+        expires: NaN,
+        finalize: '',
+        identifiers: [],
+        status: ''
+    };
+
+    function main(params) {
+        var { orders = [], saveUnique } = params;
+        orders = orders.map(acme2.parseOrder);
+        if (orders.length) orders[0].actived = true;
+        var page = document.createElement('orders');
+        page.innerHTML = template;
+        var scope = {
+            fields,
+            form: view,
+            xmenu: menu,
+            orders,
+            order: null,
+            async openOrder(o) {
+                o = this.order = shallowClone(o);
+                if (!o || !o.oid) return;
+                var order = await acme2.getOrder(o);
+                extend(o, order);
+                if (o !== this.order) return;
+                if (o.certificate && !o.shouldupload) {
+                    var identifiers = o.identifiers;
+                    var d = await pedit.query("cert", identifiers[identifiers.length - 1].value);
+                    if (d && d.oid === o.oid && !d.cert) {
+                        o.shouldupload = true;
+                    }
+                    else {
+                        o.removable = true;
+                    }
+                }
+                if (o.status === 'invalid') {
+                    o.removable = true;
+                }
+                else {
+                    if (o.certificate && +o.expires < Date.now()) {
+                        o.removable = true;
+                    }
+                }
+                this.order = shallowClone(o);
+            },
+            async auditOrder(o) {
+                a: for (var a of o.authorizations) {
+                    var b = await acme2.audit(a);
+                    if (b.challenges) {
+                        for (var c of b.challenges) {
+                            if (c.type === 'http-01') {
+                                if (c.status !== 'pending') continue a;
+                                await data.from("setauth", { token: c.token, thumb: await acme2.thumbprint() });
+                                await acme2.requestURL(c.url, {});
+                                continue a;
+                            }
+                        }
+                    }
+                    alert("无法找到可用的提审方案" + b.identifier?.value, 'warn');
+                }
+                await wait(600);
+                if (this.order === o) await this.openOrder(this.order);
+            },
+            async finalize(o) {
+                var domains = o.identifiers.map(d => d.value);
+                var kp = await acme2.createKeyPair();
+                var csr = await acme2.createCSR(domains, kp[0]);
+                var order = await acme2.requestURL(o.finalize, { csr });
+                order = extend({}, o, order);
+                if (o === this.order) o = this.order = order;
+                render.digest();
+                await wait(600);
+                var order = await acme2.getOrder(o);
+                var cert = order.certificate;
+                if (!cert) {
+                    order.shouldupload = true;
+                }
+                else {
+                    cert = await data.fromURL(cert);
+                }
+                for (var d of domains) {
+                    pedit.update("cert", d, { hostname: d, private: kp[0], public: kp[1], cert, oid: o.oid })
+                }
+                if (this.order === o) this.order = extend({}, o, order);
+            },
+            async dropOrder(o) {
+                for (var cx = 0, dx = orders.length; cx < dx; cx++) {
+                    if (orders[cx].oid === o.oid) break;
+                };
+                if (cx < 0) return;
+                orders.splice(cx, 1);
+                acme2.orders.splice(cx, 1);
+                if (cx >= orders.length) cx = orders.length - 1;
+                await saveUnique();
+                this.openOrder(orders[cx]);
+            },
+            async see(o) {
+                var content = `<div head>${o.identifiers.map(d => d.value).join(', ')}<close @click=remove()></close></div><loading -if='cert.loading'></loading><div body style='font-size:10px;font-family:Consolas, "Courier New", monospace;white-space:pre;' -bind='cert.data'></div><scrollbar y></scrollbar>`;
+                var e = view();
+                css(e, 'position:absolute;width:366px;');
+                e.innerHTML = content;
+                drag.on(e.firstElementChild, e);
+                resize.on(e);
+                renderWithDefaults(e, {
+                    cert: data.fromURL(o.certificate),
+                    scrollbar,
+                    remove() {
+                        remove(e);
+                    }
+                })
+                popup(e);
+                move.setPosition(e, [.5, .5]);
+            },
+            async upload(o) {
+                var cert = await data.fromURL(o.certificate);
+                for (var d of o.identifiers) {
+                    await pedit.merge("cert", d.value, { cert });
+                }
+                o.shouldupload = false;
+                o.removable = true;
+            }
+        }
+        renderWithDefaults(page, scope);
+        if (orders.length) scope.openOrder(orders[0]).then(render.digest);
+
+        return page;
+    }
+</script>

package/apps/pivot/cert/update.xht

@@ -0,0 +1,7 @@
+<div><button @click="updateCert()">更新证书</button></div>
+<script>
+    var updateCert = async function () {
+        await data.from("recert");
+        alert("更新完成！", 'success');
+    };
+</script>

package/apps/pivot/menu.yml

@@ -4,6 +4,7 @@ WEB:
   文件管理: /wow/root
   长连接管理: /link/index
   字典: /dict/list
+  证书管理: /cert/main
   共享目录: /share/list
 服务:
   密钥管理: /token/list

package/coms/basic/assert.js

@@ -1,18 +1,42 @@
 var mark = require("./mark");
-if (console.format) {
-    var gray = console.format('<gray>;</gray>').split(';');
-    var green = console.format('<green>;</green>').split(';');
-    var crack = console.format('<red2>;</red2>').split(';');
-}
-else {
-    var gray = [, ,];
-    var green = [, ,];
-    var crack = [, ,];
-}
+var format = console.format, clog = console.log;
+if (!format) format = a => a, clog = function () {
+    var args = [];
+    var colors = {
+        green: 'color:green;',
+        gray: "color:gray;",
+        red2: "color:red;",
+        bgblue: 'background-color:blue;',
+        bgred: 'background-color:red;',
+        cyan: 'color:#29c;',
+        reset: 'color:;background-color:;',
+    }
+    for (var a of arguments) {
+        if (typeof a === "string") {
+            var tags = [];
+            a = renderTags(a, function (tag, e) {
+                var c = tag ? colors[tag] : colors.reset;
+                if (c) {
+                    if (e !== false) tags.push(c);
+                    return '%c'
+                }
+                return '';
+            });
+            args.push(a, ...tags);
+        }
+        else args.push(a);
+    }
+    console.log(...args);
+};
+
+
+var gray = format('<gray>;</gray>').split(';');
+var green = format('<green>;</green>').split(';');
+var crack = format('<red2>;</red2>').split(';');
 var dump = function (a, msg) {
-    if (a instanceof Object) console.error(i18n`属性错误`), console.log(msg ? msg + " " : "  {\r\n", Object.keys(a).map(k => `  ${k}${gray.join(':')}\r\n      ${a[k]}`).join('\r\n') + "\r\n }");
-    else if (msg) console.log(msg + ":", a);
-    else console.log(a);
+    if (a instanceof Object) console.error(i18n`属性错误`), clog(msg ? msg + " " : "  {\r\n", Object.keys(a).map(k => `  ${k}${gray.join(':')}\r\n      ${a[k]}`).join('\r\n') + "\r\n }");
+    else if (msg) clog(msg + ":", a);
+    else clog(a);
 };
 var colorString = function (s, color1, e, color2) {
     s = String(s);
@@ -35,9 +59,9 @@ var assert = function (result, expect, log = dump) {
             errors = `结果 (${args}) 应为 ${JSON.stringify(k)}`;
         }
         if (k === undefined) return function () {
-            var color1 = console.format("<bgred>; </bgred>").split(";");
-            var color2 = console.format("<bgblue>; </bgblue>").split(";");
-            var color3 = console.format("<cyan>;</cyan>").split(";");
+            var color1 = format("<bgred>; </bgred>").split(";");
+            var color2 = format("<bgblue>; </bgblue>").split(";");
+            var color3 = format("<cyan>;</cyan>").split(";");
             mark.setTag1(color1[1], color1[0]);
             mark.setTag2(color2[1], color2[0]);
             var [r, e] = mark.pair(result, expect);