coolaj86
/
acme-http-01-s3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

wip: initial commit

This commit is contained in:
nyaundi brian 2019-11-01 09:23:19 +03:00
commit 1acb20499b
11 changed files with 656 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
.env
*secret*
node_modules

17
.jshintrc Normal file
View File

@ -0,0 +1,17 @@
{ "node": true
, "browser": true
, "jquery": true
, "globals": { "Promise": true }
, "indent": 2
, "onevar": true
, "laxcomma": true
, "laxbreak": true
, "curly": true
, "nonbsp": true
, "eqeqeq": true
, "immed": true
, "undef": true
, "latedef": "nofunc"
}

8
.prettierrc Normal file
View File

@ -0,0 +1,8 @@
{
"bracketSpacing": true,
"printWidth": 80,
"singleQuote": true,
"tabWidth": 4,
"trailingComma": "none",
"useTabs": true
}

2
AUTHORS Normal file
View File

@ -0,0 +1,2 @@
AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)
Nyaundi Brian <danleyb2@gmail.com> (https://danleyb2.online/)

312
LICENSE Normal file
View File

@ -0,0 +1,312 @@
Mozilla Public License Version 2.0
1. Definitions
1.1. "Contributor" means each individual or legal entity that creates, contributes
to the creation of, or owns Covered Software.
1.2. "Contributor Version" means the combination of the Contributions of others
(if any) used by a Contributor and that particular Contributor's Contribution.
1.3. "Contribution" means Covered Software of a particular Contributor.
1.4. "Covered Software" means Source Code Form to which the initial Contributor
has attached the notice in Exhibit A, the Executable Form of such Source Code
Form, and Modifications of such Source Code Form, in each case including portions
thereof.
1.5. "Incompatible With Secondary Licenses" means
(a) that the initial Contributor has attached the notice described in Exhibit
B to the Covered Software; or
(b) that the Covered Software was made available under the terms of version
1.1 or earlier of the License, but not also under the terms of a Secondary
License.
1.6. "Executable Form" means any form of the work other than Source Code Form.
1.7. "Larger Work" means a work that combines Covered Software with other
material, in a separate file or files, that is not Covered Software.
1.8. "License" means this document.
1.9. "Licensable" means having the right to grant, to the maximum extent possible,
whether at the time of the initial grant or subsequently, any and all of the
rights conveyed by this License.
1.10. "Modifications" means any of the following:
(a) any file in Source Code Form that results from an addition to, deletion
from, or modification of the contents of Covered Software; or
(b) any new file in Source Code Form that contains any Covered Software.
1.11. "Patent Claims" of a Contributor means any patent claim(s), including
without limitation, method, process, and apparatus claims, in any patent Licensable
by such Contributor that would be infringed, but for the grant of the License,
by the making, using, selling, offering for sale, having made, import, or
transfer of either its Contributions or its Contributor Version.
1.12. "Secondary License" means either the GNU General Public License, Version
2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General
Public License, Version 3.0, or any later versions of those licenses.
1.13. "Source Code Form" means the form of the work preferred for making modifications.
1.14. "You" (or "Your") means an individual or a legal entity exercising rights
under this License. For legal entities, "You" includes any entity that controls,
is controlled by, or is under common control with You. For purposes of this
definition, "control" means (a) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or otherwise,
or (b) ownership of more than fifty percent (50%) of the outstanding shares
or beneficial ownership of such entity.
2. License Grants and Conditions
2.1. Grants
Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive
license:
(a) under intellectual property rights (other than patent or trademark) Licensable
by such Contributor to use, reproduce, make available, modify, display, perform,
distribute, and otherwise exploit its Contributions, either on an unmodified
basis, with Modifications, or as part of a Larger Work; and
(b) under Patent Claims of such Contributor to make, use, sell, offer for
sale, have made, import, and otherwise transfer either its Contributions or
its Contributor Version.
2.2. Effective Date
The licenses granted in Section 2.1 with respect to any Contribution become
effective for each Contribution on the date the Contributor first distributes
such Contribution.
2.3. Limitations on Grant Scope
The licenses granted in this Section 2 are the only rights granted under this
License. No additional rights or licenses will be implied from the distribution
or licensing of Covered Software under this License. Notwithstanding Section
2.1(b) above, no patent license is granted by a Contributor:
(a) for any code that a Contributor has removed from Covered Software; or
(b) for infringements caused by: (i) Your and any other third party's modifications
of Covered Software, or (ii) the combination of its Contributions with other
software (except as part of its Contributor Version); or
(c) under Patent Claims infringed by Covered Software in the absence of its
Contributions.
This License does not grant any rights in the trademarks, service marks, or
logos of any Contributor (except as may be necessary to comply with the notice
requirements in Section 3.4).
2.4. Subsequent Licenses
No Contributor makes additional grants as a result of Your choice to distribute
the Covered Software under a subsequent version of this License (see Section
10.2) or under the terms of a Secondary License (if permitted under the terms
of Section 3.3).
2.5. Representation
Each Contributor represents that the Contributor believes its Contributions
are its original creation(s) or it has sufficient rights to grant the rights
to its Contributions conveyed by this License.
2.6. Fair Use
This License is not intended to limit any rights You have under applicable
copyright doctrines of fair use, fair dealing, or other equivalents.
2.7. Conditions
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
Section 2.1.
3. Responsibilities
3.1. Distribution of Source Form
All distribution of Covered Software in Source Code Form, including any Modifications
that You create or to which You contribute, must be under the terms of this
License. You must inform recipients that the Source Code Form of the Covered
Software is governed by the terms of this License, and how they can obtain
a copy of this License. You may not attempt to alter or restrict the recipients'
rights in the Source Code Form.
3.2. Distribution of Executable Form
If You distribute Covered Software in Executable Form then:
(a) such Covered Software must also be made available in Source Code Form,
as described in Section 3.1, and You must inform recipients of the Executable
Form how they can obtain a copy of such Source Code Form by reasonable means
in a timely manner, at a charge no more than the cost of distribution to the
recipient; and
(b) You may distribute such Executable Form under the terms of this License,
or sublicense it under different terms, provided that the license for the
Executable Form does not attempt to limit or alter the recipients' rights
in the Source Code Form under this License.
3.3. Distribution of a Larger Work
You may create and distribute a Larger Work under terms of Your choice, provided
that You also comply with the requirements of this License for the Covered
Software. If the Larger Work is a combination of Covered Software with a work
governed by one or more Secondary Licenses, and the Covered Software is not
Incompatible With Secondary Licenses, this License permits You to additionally
distribute such Covered Software under the terms of such Secondary License(s),
so that the recipient of the Larger Work may, at their option, further distribute
the Covered Software under the terms of either this License or such Secondary
License(s).
3.4. Notices
You may not remove or alter the substance of any license notices (including
copyright notices, patent notices, disclaimers of warranty, or limitations
of liability) contained within the Source Code Form of the Covered Software,
except that You may alter any license notices to the extent required to remedy
known factual inaccuracies.
3.5. Application of Additional Terms
You may choose to offer, and to charge a fee for, warranty, support, indemnity
or liability obligations to one or more recipients of Covered Software. However,
You may do so only on Your own behalf, and not on behalf of any Contributor.
You must make it absolutely clear that any such warranty, support, indemnity,
or liability obligation is offered by You alone, and You hereby agree to indemnify
every Contributor for any liability incurred by such Contributor as a result
of warranty, support, indemnity or liability terms You offer. You may include
additional disclaimers of warranty and limitations of liability specific to
any jurisdiction.
4. Inability to Comply Due to Statute or Regulation
If it is impossible for You to comply with any of the terms of this License
with respect to some or all of the Covered Software due to statute, judicial
order, or regulation then You must: (a) comply with the terms of this License
to the maximum extent possible; and (b) describe the limitations and the code
they affect. Such description must be placed in a text file included with
all distributions of the Covered Software under this License. Except to the
extent prohibited by statute or regulation, such description must be sufficiently
detailed for a recipient of ordinary skill to be able to understand it.
5. Termination
5.1. The rights granted under this License will terminate automatically if
You fail to comply with any of its terms. However, if You become compliant,
then the rights granted under this License from a particular Contributor are
reinstated (a) provisionally, unless and until such Contributor explicitly
and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor
fails to notify You of the non-compliance by some reasonable means prior to
60 days after You have come back into compliance. Moreover, Your grants from
a particular Contributor are reinstated on an ongoing basis if such Contributor
notifies You of the non-compliance by some reasonable means, this is the first
time You have received notice of non-compliance with this License from such
Contributor, and You become compliant prior to 30 days after Your receipt
of the notice.
5.2. If You initiate litigation against any entity by asserting a patent infringement
claim (excluding declaratory judgment actions, counter-claims, and cross-claims)
alleging that a Contributor Version directly or indirectly infringes any patent,
then the rights granted to You by any and all Contributors for the Covered
Software under Section 2.1 of this License shall terminate.
5.3. In the event of termination under Sections 5.1 or 5.2 above, all end
user license agreements (excluding distributors and resellers) which have
been validly granted by You or Your distributors under this License prior
to termination shall survive termination.
6. Disclaimer of Warranty
Covered Software is provided under this License on an "as is" basis, without
warranty of any kind, either expressed, implied, or statutory, including,
without limitation, warranties that the Covered Software is free of defects,
merchantable, fit for a particular purpose or non-infringing. The entire risk
as to the quality and performance of the Covered Software is with You. Should
any Covered Software prove defective in any respect, You (not any Contributor)
assume the cost of any necessary servicing, repair, or correction. This disclaimer
of warranty constitutes an essential part of this License. No use of any Covered
Software is authorized under this License except under this disclaimer.
7. Limitation of Liability
Under no circumstances and under no legal theory, whether tort (including
negligence), contract, or otherwise, shall any Contributor, or anyone who
distributes Covered Software as permitted above, be liable to You for any
direct, indirect, special, incidental, or consequential damages of any character
including, without limitation, damages for lost profits, loss of goodwill,
work stoppage, computer failure or malfunction, or any and all other commercial
damages or losses, even if such party shall have been informed of the possibility
of such damages. This limitation of liability shall not apply to liability
for death or personal injury resulting from such party's negligence to the
extent applicable law prohibits such limitation. Some jurisdictions do not
allow the exclusion or limitation of incidental or consequential damages,
so this exclusion and limitation may not apply to You.
8. Litigation
Any litigation relating to this License may be brought only in the courts
of a jurisdiction where the defendant maintains its principal place of business
and such litigation shall be governed by laws of that jurisdiction, without
reference to its conflict-of-law provisions. Nothing in this Section shall
prevent a party's ability to bring cross-claims or counter-claims.
9. Miscellaneous
This License represents the complete agreement concerning the subject matter
hereof. If any provision of this License is held to be unenforceable, such
provision shall be reformed only to the extent necessary to make it enforceable.
Any law or regulation which provides that the language of a contract shall
be construed against the drafter shall not be used to construe this License
against a Contributor.
10. Versions of the License
10.1. New Versions
Mozilla Foundation is the license steward. Except as provided in Section 10.3,
no one other than the license steward has the right to modify or publish new
versions of this License. Each version will be given a distinguishing version
number.
10.2. Effect of New Versions
You may distribute the Covered Software under the terms of the version of
the License under which You originally received the Covered Software, or under
the terms of any subsequent version published by the license steward.
10.3. Modified Versions
If you create software not governed by this License, and you want to create
a new license for such software, you may create and use a modified version
of this License if you rename the license and remove any references to the
name of the license steward (except to note that such modified license differs
from this License).
10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses
If You choose to distribute Source Code Form that is Incompatible With Secondary
Licenses under the terms of this version of the License, the notice described
in Exhibit B of this License must be attached. Exhibit A - Source Code Form
License Notice
This Source Code Form is subject to the terms of the Mozilla Public License,
v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain
one at http://mozilla.org/MPL/2.0/.
If it is not possible or desirable to put the notice in a particular file,
then You may include the notice in a location (such as a LICENSE file in a
relevant directory) where a recipient would be likely to look for such a notice.
You may add additional accurate notices of copyright ownership.
Exhibit B - "Incompatible With Secondary Licenses" Notice
This Source Code Form is "Incompatible With Secondary Licenses", as defined
by the Mozilla Public License, v. 2.0.

111
README.md Normal file
View File

@ -0,0 +1,111 @@
# [acme-http-01-s3.js](https://git.rootprojects.org/root/acme-http-01-s3.js) | a [Root](https://rootprojects.org/) project
S3 Authentication + Let's Encrypt for Node.js - ACME http-01 challenges w/ ACME.js and Greenlock.js
Handles ACME http-01 challenges. Compatible with ACME.js and Greenlock.js. Passes acme-http-01-test.
# Features
- Compatible
- Lets Encrypt v2.1 / ACME draft 18 (2019)
- Works with your web root
- Apache
- Nginx
- Lighttpd
- ACME.js, Greenlock.js, and others
- Quality
- node v6 compatible VanillaJS
- < 150 lines of code
- Zero Dependencies
# Install
```js
npm install --save acme-http-01-s3
```
# Usage
First you create an instance with your credentials:
```js
var http01 = require('acme-http-01-s3').create({
awsAccessKey: process.env.,
awsSecretAccessKey: process.env.,
awsRegion: process.env.,
awsBucket: process.env.,
awsHost:process.env.
});
```
Then you can use it with any compatible ACME library, such as Greenlock.js or ACME.js.
## Greenlock.js
```js
var Greenlock = require('greenlock-express');
var greenlock = Greenlock.create({
challenges: {
'http-01': http01
}
// ...
});
```
See [Greenlock Express](https://git.rootprojects.org/root/greenlock-express.js) and/or [Greenlock.js](https://git.rootprojects.org/root/greenlock.js) documentation for more details.
## ACME.js
```js
// TODO
```
See the [ACME.js](https://git.rootprojects.org/root/acme-v2.js) for more details.
## Build your own
There are only 4 methods:
- `init(config)`
- `set(opts)`
- `get(opts)`
- `remove(opts)`
```js
http01
.set({
identifier: { value: 'foo.example.co.uk' },
token: 'xxxx'
keyAuthorization: 'xxxx.yyyy'
})
.then(function() {
console.log('Saved ACME key authorization file');
})
.catch(function(err) {
console.error('Failed to save ACME key authorization file');
console.error(err);
});
```
See acme-http-01-test for more implementation details.
# Tests
```bash
# node ./test.js domain-zone api-token
node ./test.js example.com xxxxxx
```
# Authors
- AJ ONeal
See AUTHORS for contact info.
# Legal
[acme-http-01-s3.js](https://git.coolaj86.com/coolaj86/acme-http-01-s3.js) | MPL-2.0 | [Terms of Use](https://therootcompany.com/legal/#terms) | [Privacy Policy](https://therootcompany.com/legal/#privacy)
Copyright 2019 AJ ONeal
Copyright 2019 The Root Group LLC

9
example.env Normal file
View File

@ -0,0 +1,9 @@
RECORD=example.co.uk
awsAccessKey=''
awsSecretAccessKey=''
awsRegion=''
awsBucket=''
awsHost=''

3
index.js Normal file
View File

@ -0,0 +1,3 @@
'use strict';
module.exports = require('./lib/index.js');

126
lib/index.js Normal file
View File

@ -0,0 +1,126 @@
'use strict';
var promisify = require('util').promisify;
var request = require('@root/request');
request = promisify(request);
var aws4 = require('aws4');
var defaults = {
awsAccessKey: 'TQ6UOPROD626SWV5KIP5',
awsSecretAccessKey: 'Tm3dNht5QMKxu7EU44ZLflDeE7sFbqQy3Q+XE+MY',
awsRegion: 'us-east-1',
awsBucket: 'hy8',
awsHost:'s3.switch.lxc'
};
module.exports.create = function(config) {
var awsAccessKey = config.awsAccessKey || defaults.awsAccessKey;
var awsSecretAccessKey = config.awsSecretAccessKey || defaults.awsSecretAccessKey;
var awsRegion = config.awsRegion || defaults.awsRegion;
var awsBucket = config.awsBucket || defaults.awsBucket;
var awsHost = config.awsHost || defaults.awsHost;
var AWSCredentials = {
accessKeyId: awsAccessKey,
secretAccessKey: awsSecretAccessKey
};
return {
init: function(opts) {
console.log('init');
return null;
},
set: function(data) {
// console.log('Add Key Auth URL', data);
var ch = data.challenge;
var signed = aws4.sign({
host: awsHost,
service: 's3',
region: awsRegion,
path: '/' + awsBucket + '/' + ch.identifier.value +'/'+ ch.token,
headers: {
'Content-Type': 'text/plain;charset=UTF-8'
},
method: 'PUT',
body: ch.keyAuthorization,
signQuery: true
},
AWSCredentials
);
console.log(signed);
return request({
// debug: true,
method: 'PUT',
url: 'http://' +signed.host+ signed.path,
headers: { 'Content-Type': 'text/plain;charset=UTF-8' },
body: ch.keyAuthorization
}).then(function(resp) {
// console.log(resp.statusCode);
if (200 !== resp.statusCode) {
console.error(resp.statusCode);
console.error(resp.body);
throw new Error('Could not PUT.');
}
return true;
})
.catch(function(err) {
throw err;
// return null;
});
},
get: function(data) {
// console.log('List Key Auth URL', data);
var ch = data.challenge;
var signed = aws4.sign({
host: awsHost,
service: 's3',
region: awsRegion,
path: '/' + awsBucket + '/' + ch.identifier.value +'/'+ ch.token,
headers: {
'Content-Type': 'text/plain;charset=UTF-8'
},
method: 'GET',
signQuery: true
},
AWSCredentials
);
console.log(signed);
return request({
// debug: true,
method: 'GET',
url: 'http://' +signed.host+ signed.path,
headers: { 'Content-Type': 'text/plain;charset=UTF-8' }
}).then(function(resp) {
// console.log(resp.statusCode);
if (200 !== resp.statusCode) {
console.error(resp.statusCode);
console.error(resp.body);
throw new Error('Could not GET');
}
return {
keyAuthorization: resp.body
};
})
.catch(function(err) {
throw err;
// return null;
});
},
remove: function(data) {
// console.log('Remove Key Auth URL', data);
var ch = data.challenge;
}
};
};

38
package.json Normal file
View File

@ -0,0 +1,38 @@
{
"name": "acme-http-01-s3",
"version": "3.0.0",
"description": "S3 Authentication + Let's Encrypt for Node.js - ACME http-01 challenges w/ ACME.js and Greenlock.js",
"main": "index.js",
"files": [
"lib",
"test.js"
],
"scripts": {
"test": "node test.js"
},
"repository": {
"type": "git",
"url": "https://git.coolaj86.com/coolaj86/acme-http-01-s3.js.git"
},
"keywords": [
"s3",
"storage",
"http-01",
"letsencrypt",
"acme",
"greenlock"
],
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
"contributors": [
"AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)"
],
"license": "MPL-2.0",
"dependencies": {
"@root/request": "^1.3.11",
"aws4": "^1.8.0"
},
"devDependencies": {
"acme-challenge-test": "^3.3.2",
"dotenv": "^8.0.0"
}
}

27
test.js Executable file
View File

@ -0,0 +1,27 @@
#!/usr/bin/env node
'use strict';
// See https://git.coolaj86.com/coolaj86/acme-challenge-test.js
var tester = require('acme-challenge-test');
require('dotenv').config();
// Usage: node ./test.js example.com username xxxxxxxxx
var record = process.argv[2] || process.env.RECORD;
var challenger = require('./index.js').create({
databaseUrl: process.env.DATABASE_URL,
tableName: process.env.TABLE_NAME,
dialect: process.env.DIALECT,
storage: process.env.STORAGE
});
// The dry-run tests can pass on, literally, 'example.com'
// but the integration tests require that you have control over the domain
tester
.testRecord('http-01', record, challenger)
.then(function() {
console.info('PASS', record);
})
.catch(function(e) {
console.error(e.message);
console.error(e.stack);
});