just a little more...

This commit is contained in:
AJ ONeal 2016-08-07 02:02:02 -04:00
parent d1c0043f34
commit 635b130ab3
3 changed files with 96 additions and 113 deletions

View File

@ -99,12 +99,12 @@ LE.create = function (le) {
} }
le.register = function (args) { le.register = function (args) {
return le.core.registerAsync(args); return le.core.certificates.getAsync(args);
}; };
le.check = function (args) { le.check = function (args) {
// TODO must return email, domains, tos, pems // TODO must return email, domains, tos, pems
return le.core.fetchAsync(args); return le.core.certificates.checkAsync(args);
}; };
le.middleware = function () { le.middleware = function () {

View File

@ -113,99 +113,111 @@ module.exports.create = function (le) {
} }
, certificates: { , certificates: {
// getCertificateAsync:
registerAsync: function (args) { registerAsync: function (args) {
var err;
var copy = utils.merge(args, le);
args = utils.tplCopy(copy);
function log() { if (!Array.isArray(args.domains)) {
if (args.debug || le.debug) { return PromiseA.reject(new Error('args.domains should be an array of domains'));
console.log.apply(console, arguments);
}
} }
var account = args.account; if (!(args.domains.length && args.domains.every(utils.isValidDomain))) {
var keypairOpts = { public: true, pem: true }; // NOTE: this library can't assume to handle the http loopback
// (or dns-01 validation may be used)
// so we do not check dns records or attempt a loopback here
err = new Error("invalid domain name(s): '" + args.domains + "'");
err.code = "INVALID_DOMAIN";
return PromiseA.reject(err);
}
var promise = le.store.certificates.checkKeypairAsync(args).then(function (keypair) { return core.accounts.getAsync(copy).then(function (account) {
return RSA.import(keypair); copy.account = account;
}, function (/*err*/) {
return RSA.generateKeypairAsync(args.rsaKeySize, 65537, keypairOpts).then(function (keypair) { //var account = args.account;
keypair.privateKeyPem = RSA.exportPrivatePem(keypair); var keypairOpts = { public: true, pem: true };
keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair);
return le.store.certificates.setKeypairAsync(args, keypair); var promise = le.store.certificates.checkKeypairAsync(args).then(function (keypair) {
return RSA.import(keypair);
}, function (/*err*/) {
return RSA.generateKeypairAsync(args.rsaKeySize, 65537, keypairOpts).then(function (keypair) {
keypair.privateKeyPem = RSA.exportPrivatePem(keypair);
keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair);
return le.store.certificates.setKeypairAsync(args, keypair);
});
});
return promise.then(function (domainKeypair) {
args.domainKeypair = domainKeypair;
//args.registration = domainKey;
return LeCore.getCertificateAsync({
debug: args.debug || le.debug
, newAuthzUrl: args._acmeUrls.newAuthz
, newCertUrl: args._acmeUrls.newCert
, accountKeypair: RSA.import(account.keypair)
, domainKeypair: domainKeypair
, domains: args.domains
, challengeType: args.challengeType
//
// IMPORTANT
//
// setChallenge and removeChallenge are handed defaults
// instead of args because getChallenge does not have
// access to args
// (args is per-request, defaults is per instance)
//
, setChallenge: function (domain, key, value, done) {
var copy = utils.merge({ domains: [domain] }, le);
utils.tplCopy(copy);
//args.domains = [domain];
args.domains = args.domains || [domain];
if (5 !== le.challenger.set.length) {
done(new Error("le.challenger.set receives the wrong number of arguments."
+ " You must define setChallenge as function (opts, domain, key, val, cb) { }"));
return;
}
le.challenger.set(copy, domain, key, value, done);
}
, removeChallenge: function (domain, key, done) {
var copy = utils.merge({ domains: [domain] }, le);
utils.tplCopy(copy);
if (4 !== le.challenger.remove.length) {
done(new Error("le.challenger.remove receives the wrong number of arguments."
+ " You must define removeChallenge as function (opts, domain, key, cb) { }"));
return;
}
le.challenger.remove(copy, domain, key, done);
}
}).then(utils.attachCertInfo);
}).then(function (results) {
// { cert, chain, fullchain, privkey }
args.pems = results;
return le.store.certificates.setAsync(args).then(function () {
return results;
});
}); });
}); });
return promise.then(function (domainKeypair) {
log("[le/core.js] get certificate");
args.domainKeypair = domainKeypair;
//args.registration = domainKey;
return LeCore.getCertificateAsync({
debug: args.debug || le.debug
, newAuthzUrl: args._acmeUrls.newAuthz
, newCertUrl: args._acmeUrls.newCert
, accountKeypair: RSA.import(account.keypair)
, domainKeypair: domainKeypair
, domains: args.domains
, challengeType: args.challengeType
//
// IMPORTANT
//
// setChallenge and removeChallenge are handed defaults
// instead of args because getChallenge does not have
// access to args
// (args is per-request, defaults is per instance)
//
, setChallenge: function (domain, key, value, done) {
var copy = utils.merge({ domains: [domain] }, le);
utils.tplCopy(copy);
//args.domains = [domain];
args.domains = args.domains || [domain];
if (5 !== le.challenger.set.length) {
done(new Error("le.challenger.set receives the wrong number of arguments."
+ " You must define setChallenge as function (opts, domain, key, val, cb) { }"));
return;
}
le.challenger.set(copy, domain, key, value, done);
}
, removeChallenge: function (domain, key, done) {
var copy = utils.merge({ domains: [domain] }, le);
utils.tplCopy(copy);
if (4 !== le.challenger.remove.length) {
done(new Error("le.challenger.remove receives the wrong number of arguments."
+ " You must define removeChallenge as function (opts, domain, key, cb) { }"));
return;
}
le.challenger.remove(copy, domain, key, done);
}
}).then(utils.attachCertInfo);
}).then(function (results) {
// { cert, chain, fullchain, privkey }
args.pems = results;
return le.store.certificates.setAsync(args);
});
} }
// checkAsync
, checkAsync: function (args) { , checkAsync: function (args) {
var copy = utils.merge(args, le); var copy = utils.merge(args, le);
utils.tplCopy(copy); utils.tplCopy(copy);
// returns pems
return le.store.certificates.checkAsync(copy).then(utils.attachCertInfo); return le.store.certificates.checkAsync(copy).then(utils.attachCertInfo);
} }
// getOrCreateDomainCertificate
, getAsync: function (args) { , getAsync: function (args) {
var copy = utils.merge(args, le); var copy = utils.merge(args, le);
utils.tplCopy(copy); args = utils.tplCopy(copy);
if (args.duplicate) { if (args.duplicate) {
// we're forcing a refresh via 'dupliate: true' // we're forcing a refresh via 'dupliate: true'
@ -229,44 +241,13 @@ module.exports.create = function (le) {
+ new Date(certs.expiresAt).toISOString() + "'. Ignoring renewal attempt until half-life at '" + new Date(certs.expiresAt).toISOString() + "'. Ignoring renewal attempt until half-life at '"
+ new Date(renewableAt).toISOString() + "'. Set { duplicate: true } to force." + new Date(renewableAt).toISOString() + "'. Set { duplicate: true } to force."
)); ));
}).then(function (results) {
// returns pems
return results;
}); });
} }
} }
// returns 'account' from lib/accounts { meta, regr, keypair, accountId (id) }
, registerAsync: function (args) {
var err;
if (!Array.isArray(args.domains)) {
return PromiseA.reject(new Error('args.domains should be an array of domains'));
}
if (!(args.domains.length && args.domains.every(utils.isValidDomain))) {
// NOTE: this library can't assume to handle the http loopback
// (or dns-01 validation may be used)
// so we do not check dns records or attempt a loopback here
err = new Error("invalid domain name(s): '" + args.domains + "'");
err.code = "INVALID_DOMAIN";
return PromiseA.reject(err);
}
var copy = utils.merge(args, le);
utils.tplCopy(copy);
return core.accounts.getAsync(copy).then(function (account) {
copy.account = account;
return backend.getOrCreateRenewal(copy).then(function (pyobj) {
copy.pyobj = pyobj;
return core.certificates.getAsync(copy);
});
}).then(function (result) {
return result;
}, function (err) {
return PromiseA.reject(err);
});
}
}; };
return core; return core;

View File

@ -75,4 +75,6 @@ module.exports.tplCopy = function (copy) {
copy[key] = copy[key].replace(':' + tplname, tpls[tplname]); copy[key] = copy[key].replace(':' + tplname, tpls[tplname]);
}); });
}); });
return copy;
}; };