greenlock.js/accounts.js

'use strict';

var A = module.exports;
var U = require('./utils.js');
var E = require('./errors.js');

var pending = {};

A._getOrCreate = function(gnlck, mconf, db, acme, args) {
	var email =
		args.subscriberEmail ||
		mconf.subscriberEmail ||
		gnlck._defaults.subscriberEmail;

	if (!email) {
		throw E.NO_SUBSCRIBER('get account', args.subject);
	}

	// TODO send welcome message with benefit info
	return U._validMx(email)
		.catch(function() {
			throw E.NO_SUBSCRIBER('get account', args.subcriberEmail);
		})
		.then(function() {
			if (pending[email]) {
				return pending[email];
			}

			pending[email] = A._rawGetOrCreate(
				gnlck,
				mconf,
				db,
				acme,
				args,
				email
			)
				.catch(function(e) {
					delete pending[email];
					throw e;
				})
				.then(function(result) {
					delete pending[email];
					return result;
				});

			return pending[email];
		});
};

// What we really need out of this is the private key and the ACME "key" id
A._rawGetOrCreate = function(gnlck, mconf, db, acme, args, email) {
	var p;
	if (db.check) {
		p = A._checkStore(gnlck, mconf, db, acme, args, email);
	} else {
		p = Promise.resolve(null);
	}

	return p.then(function(fullAccount) {
		if (!fullAccount) {
			return A._newAccount(gnlck, mconf, db, acme, args, email, null);
		}

		if (fullAccount.keypair && fullAccount.key && fullAccount.key.kid) {
			return fullAccount;
		}

		return A._newAccount(gnlck, mconf, db, acme, args, email, fullAccount);
	});
};

A._newAccount = function(gnlck, mconf, db, acme, args, email, fullAccount) {
	var keyType =
		args.accountKeyType ||
		mconf.accountKeyType ||
		gnlck._defaults.accountKeyType;
	var query = {
		subject: args.subject,
		email: email,
		subscriberEmail: email,
		customerEmail: args.customerEmail,
		account: fullAccount || {},
		directoryUrl:
			args.directoryUrl ||
			mconf.directoryUrl ||
			gnlck._defaults.directoryUrl
	};

	return U._getOrCreateKeypair(db, args.subject, query, keyType).then(
		function(kresult) {
			var keypair = kresult.keypair;
			var accReg = {
				subscriberEmail: email,
				agreeToTerms:
					args.agreeToTerms ||
					mconf.agreeToTerms ||
					gnlck._defaults.agreeToTerms,
				accountKey: keypair.privateKeyJwk || keypair.private,
				debug: args.debug
			};
			return acme.accounts.create(accReg).then(function(receipt) {
				var reg = {
					keypair: keypair,
					receipt: receipt,
					// shudder... not actually a KeyID... but so it is called anyway...
					kid:
						receipt &&
						receipt.key &&
						(receipt.key.kid || receipt.kid),
					email: args.email,
					subscriberEmail: email,
					customerEmail: args.customerEmail
				};

				var keyP;
				if (kresult.exists) {
					keyP = Promise.resolve();
				} else {
					query.keypair = keypair;
					query.receipt = receipt;
					/*
					query.server = gnlck._defaults.directoryUrl.replace(
						/^https?:\/\//i,
						''
					);
          */
					keyP = db.setKeypair(query, keypair);
				}

				return keyP
					.then(function() {
						if (!db.set) {
							return Promise.resolve({
								keypair: keypair
							});
						}
						return db.set(
							{
								// id to be set by Store
								email: email,
								subscriberEmail: email,
								customerEmail: args.customerEmail,
								agreeTos: true,
								agreeToTerms: true,
								directoryUrl:
									args.directoryUrl ||
									mconf.directoryUrl ||
									gnlck._defaults.directoryUrl
								/*
								server: gnlck._defaults.directoryUrl.replace(
									/^https?:\/\//i,
									''
								)
                */
							},
							reg
						);
					})
					.then(function(fullAccount) {
						if (fullAccount && 'object' !== typeof fullAccount) {
							throw new Error(
								"accounts.set should either return 'null' or an object with an 'id' string"
							);
						}

						if (!fullAccount) {
							fullAccount = {};
						}
						fullAccount.keypair = keypair;
						if (!fullAccount.key) {
							fullAccount.key = {};
						}
						fullAccount.key.kid = reg.kid;

						return fullAccount;
					});
			});
		}
	);
};

A._checkStore = function(gnlck, mconf, db, acme, args, email) {
	if ((args.domain || args.domains) && !args.subject) {
		console.warn("use 'subject' instead of 'domain'");
		args.subject = args.domain;
	}

	var account = args.account;
	if (!account) {
		account = {};
	}

	if (args.accountKey) {
		console.warn(
			'rather than passing accountKey, put it directly into your account key store'
		);
		// TODO we probably don't need this
		return U._importKeypair(args.accountKey);
	}

	if (!db.check) {
		return Promise.resolve(null);
	}

	return db
		.check({
			//keypair: undefined,
			//receipt: undefined,
			email: email,
			subscriberEmail: email,
			customerEmail: args.customerEmail || mconf.customerEmail,
			account: account,
			directoryUrl:
				args.directoryUrl ||
				mconf.directoryUrl ||
				gnlck._defaults.directoryUrl
		})
		.then(function(fullAccount) {
			if (!fullAccount) {
				return null;
			}

			return fullAccount;
		});
};
wip: yeah! 5 years ago			`'use strict';`

			`var A = module.exports;`
			`var U = require('./utils.js');`
			`var E = require('./errors.js');`

			`var pending = {};`

updates for greenlock-express 5 years ago			`A._getOrCreate = function(gnlck, mconf, db, acme, args) {`
			`var email =`
			`args.subscriberEmail \|\|`
			`mconf.subscriberEmail \|\|`
			`gnlck._defaults.subscriberEmail;`
wip: yeah! 5 years ago
			`if (!email) {`
			`throw E.NO_SUBSCRIBER('get account', args.subject);`
			`}`

			`// TODO send welcome message with benefit info`
			`return U._validMx(email)`
			`.catch(function() {`
			`throw E.NO_SUBSCRIBER('get account', args.subcriberEmail);`
			`})`
			`.then(function() {`
			`if (pending[email]) {`
			`return pending[email];`
			`}`

updates for greenlock-express 5 years ago			`pending[email] = A._rawGetOrCreate(`
			`gnlck,`
			`mconf,`
			`db,`
			`acme,`
			`args,`
			`email`
			`)`
wip: yeah! 5 years ago			`.catch(function(e) {`
			`delete pending[email];`
			`throw e;`
			`})`
			`.then(function(result) {`
			`delete pending[email];`
			`return result;`
			`});`

			`return pending[email];`
			`});`
			`};`

			`// What we really need out of this is the private key and the ACME "key" id`
updates for greenlock-express 5 years ago			`A._rawGetOrCreate = function(gnlck, mconf, db, acme, args, email) {`
wip: yeah! 5 years ago			`var p;`
			`if (db.check) {`
updates for greenlock-express 5 years ago			`p = A._checkStore(gnlck, mconf, db, acme, args, email);`
wip: yeah! 5 years ago			`} else {`
			`p = Promise.resolve(null);`
			`}`

			`return p.then(function(fullAccount) {`
			`if (!fullAccount) {`
updates for greenlock-express 5 years ago			`return A._newAccount(gnlck, mconf, db, acme, args, email, null);`
wip: yeah! 5 years ago			`}`

			`if (fullAccount.keypair && fullAccount.key && fullAccount.key.kid) {`
			`return fullAccount;`
			`}`

updates for greenlock-express 5 years ago			`return A._newAccount(gnlck, mconf, db, acme, args, email, fullAccount);`
wip: yeah! 5 years ago			`});`
			`};`

updates for greenlock-express 5 years ago			`A._newAccount = function(gnlck, mconf, db, acme, args, email, fullAccount) {`
			`var keyType =`
			`args.accountKeyType \|\|`
			`mconf.accountKeyType \|\|`
			`gnlck._defaults.accountKeyType;`
wip: yeah! 5 years ago			`var query = {`
			`subject: args.subject,`
			`email: email,`
updates for greenlock-express 5 years ago			`subscriberEmail: email,`
			`customerEmail: args.customerEmail,`
v3.0.9: use directoryUrl consistently 5 years ago			`account: fullAccount \|\| {},`
			`directoryUrl:`
			`args.directoryUrl \|\|`
			`mconf.directoryUrl \|\|`
			`gnlck._defaults.directoryUrl`
wip: yeah! 5 years ago			`};`

			`return U._getOrCreateKeypair(db, args.subject, query, keyType).then(`
			`function(kresult) {`
			`var keypair = kresult.keypair;`
			`var accReg = {`
			`subscriberEmail: email,`
			`agreeToTerms:`
updates for greenlock-express 5 years ago			`args.agreeToTerms \|\|`
			`mconf.agreeToTerms \|\|`
			`gnlck._defaults.agreeToTerms,`
			`accountKey: keypair.privateKeyJwk \|\| keypair.private,`
wip: yeah! 5 years ago			`debug: args.debug`
			`};`
			`return acme.accounts.create(accReg).then(function(receipt) {`
			`var reg = {`
			`keypair: keypair,`
			`receipt: receipt,`
			`// shudder... not actually a KeyID... but so it is called anyway...`
			`kid:`
			`receipt &&`
			`receipt.key &&`
			`(receipt.key.kid \|\| receipt.kid),`
updates for greenlock-express 5 years ago			`email: args.email,`
			`subscriberEmail: email,`
			`customerEmail: args.customerEmail`
wip: yeah! 5 years ago			`};`

			`var keyP;`
			`if (kresult.exists) {`
			`keyP = Promise.resolve();`
			`} else {`
			`query.keypair = keypair;`
			`query.receipt = receipt;`
updates for greenlock-express 5 years ago			`/*`
			`query.server = gnlck._defaults.directoryUrl.replace(`
			`/^https?:\/\//i,`
			`''`
			`);`
			`*/`
wip: yeah! 5 years ago			`keyP = db.setKeypair(query, keypair);`
			`}`

			`return keyP`
			`.then(function() {`
			`if (!db.set) {`
			`return Promise.resolve({`
			`keypair: keypair`
			`});`
			`}`
			`return db.set(`
			`{`
			`// id to be set by Store`
			`email: email,`
updates for greenlock-express 5 years ago			`subscriberEmail: email,`
			`customerEmail: args.customerEmail,`
			`agreeTos: true,`
v3.0.9: use directoryUrl consistently 5 years ago			`agreeToTerms: true,`
			`directoryUrl:`
			`args.directoryUrl \|\|`
			`mconf.directoryUrl \|\|`
			`gnlck._defaults.directoryUrl`
updates for greenlock-express 5 years ago			`/*`
			`server: gnlck._defaults.directoryUrl.replace(`
			`/^https?:\/\//i,`
			`''`
			`)`
			`*/`
wip: yeah! 5 years ago			`},`
			`reg`
			`);`
			`})`
			`.then(function(fullAccount) {`
			`if (fullAccount && 'object' !== typeof fullAccount) {`
			`throw new Error(`
			`"accounts.set should either return 'null' or an object with an 'id' string"`
			`);`
			`}`

			`if (!fullAccount) {`
			`fullAccount = {};`
			`}`
			`fullAccount.keypair = keypair;`
			`if (!fullAccount.key) {`
			`fullAccount.key = {};`
			`}`
			`fullAccount.key.kid = reg.kid;`

			`return fullAccount;`
			`});`
			`});`
			`}`
			`);`
			`};`

updates for greenlock-express 5 years ago			`A._checkStore = function(gnlck, mconf, db, acme, args, email) {`
wip: yeah! 5 years ago			`if ((args.domain \|\| args.domains) && !args.subject) {`
			`console.warn("use 'subject' instead of 'domain'");`
			`args.subject = args.domain;`
			`}`

			`var account = args.account;`
			`if (!account) {`
			`account = {};`
			`}`

updates for greenlock-express 5 years ago			`if (args.accountKey) {`
wip: yeah! 5 years ago			`console.warn(`
updates for greenlock-express 5 years ago			`'rather than passing accountKey, put it directly into your account key store'`
wip: yeah! 5 years ago			`);`
			`// TODO we probably don't need this`
updates for greenlock-express 5 years ago			`return U._importKeypair(args.accountKey);`
wip: yeah! 5 years ago			`}`

			`if (!db.check) {`
			`return Promise.resolve(null);`
			`}`

			`return db`
			`.check({`
			`//keypair: undefined,`
			`//receipt: undefined,`
			`email: email,`
updates for greenlock-express 5 years ago			`subscriberEmail: email,`
			`customerEmail: args.customerEmail \|\| mconf.customerEmail,`
v3.0.9: use directoryUrl consistently 5 years ago			`account: account,`
			`directoryUrl:`
			`args.directoryUrl \|\|`
			`mconf.directoryUrl \|\|`
			`gnlck._defaults.directoryUrl`
wip: yeah! 5 years ago			`})`
			`.then(function(fullAccount) {`
			`if (!fullAccount) {`
			`return null;`
			`}`

			`return fullAccount;`
			`});`
			`};`