2016-08-12 05:42:28 +00:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
module.exports.create = function (options) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var defaults = {};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var accounts = {
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
// Accounts
|
|
|
|
setKeypair: function (opts, keypair, cb) {
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.email // optional
|
|
|
|
// opts.accountId // optional - same as returned from acounts.set(opts, reg)
|
|
|
|
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
// SAVE to db (as PEM and/or JWK) and index each domain in domains to this keypair
|
2016-09-02 21:45:57 +00:00
|
|
|
// keypair = { privateKeyPem: '...', privateKeyJwk: { ... } }
|
2016-08-13 21:11:09 +00:00
|
|
|
cb(null, keypair);
|
2016-08-12 05:42:28 +00:00
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
// Accounts
|
|
|
|
, checkKeypair: function (opts, cb) {
|
2016-08-12 05:42:28 +00:00
|
|
|
// opts.email // optional
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.accountId // optional - same as returned from acounts.set(opts, reg)
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-09-02 21:45:57 +00:00
|
|
|
|
|
|
|
// check db and return null or keypair object with one
|
|
|
|
// (or both) of privateKeyPem or privateKeyJwk
|
2016-08-13 21:11:09 +00:00
|
|
|
cb(null, { privateKeyPem: '...', privateKeyJwk: {} });
|
2016-08-12 05:42:28 +00:00
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Accounts
|
2016-08-12 05:42:28 +00:00
|
|
|
, check: function (opts, cb) {
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.email // optional
|
|
|
|
// opts.accountId // optional - same as returned from acounts.set(opts, reg)
|
|
|
|
// opts.domains // optional - same as set in certificates.set(opts, certs)
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
// return account from db if it exists, otherwise null
|
2016-09-02 21:45:57 +00:00
|
|
|
cb(null, { id: '...', keypair: { privateKeyJwk: {} }/*, domains: []*/ });
|
2016-08-12 05:42:28 +00:00
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
// Accounts
|
2016-08-12 05:42:28 +00:00
|
|
|
, set: function (opts, reg, cb) {
|
|
|
|
// opts.email
|
|
|
|
// reg.keypair
|
|
|
|
// reg.receipt // response from acme server
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
|
2016-09-02 21:45:57 +00:00
|
|
|
// You must implement a method to deterministically generate 'id'
|
|
|
|
// For example, you could do this:
|
|
|
|
// var id = crypto.createHash('sha256').update(reg.keypair.publicKeyPem).digest('hex');
|
2016-08-12 05:42:28 +00:00
|
|
|
cb(null, { id: '...', email: opts.email, keypair: reg.keypair, receipt: reg.receipt });
|
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var certificates = {
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
// Certificates
|
|
|
|
setKeypair: function (opts, keypair, cb) {
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.domains - this is an array, but you nly need the first (or any) of them
|
|
|
|
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
// SAVE to db (as PEM and/or JWK) and index each domain in domains to this keypair
|
|
|
|
cb(null, keypair);
|
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
// Certificates
|
|
|
|
, checkKeypair: function (opts, cb) {
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.domains - this is an array, but you only need the first (or any) of them
|
|
|
|
|
2016-08-13 21:11:09 +00:00
|
|
|
|
|
|
|
// check db and return null or keypair object with one of privateKeyPem or privateKeyJwk
|
|
|
|
cb(null, { privateKeyPem: '...', privateKeyJwk: {} });
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Certificates
|
2016-08-12 05:42:28 +00:00
|
|
|
, check: function (opts, cb) {
|
|
|
|
// You will be provided one of these (which should be tried in this order)
|
|
|
|
// opts.domains
|
|
|
|
// opts.email // optional
|
|
|
|
// opts.accountId // optional
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-09-02 21:45:57 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
// return certificate PEMs from db if they exist, otherwise null
|
|
|
|
// optionally include expiresAt and issuedAt, if they are known exactly
|
|
|
|
// (otherwise they will be read from the cert itself later)
|
|
|
|
cb(null, { privkey: 'PEM', cert: 'PEM', chain: 'PEM', domains: [], accountId: '...' });
|
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
// Certificates
|
2019-02-17 17:44:58 +00:00
|
|
|
, set: function (opts, cb) {
|
2016-09-02 21:45:57 +00:00
|
|
|
// opts.domains // each of these must be indexed
|
|
|
|
// opts.email // optional, should be indexed
|
|
|
|
// opts.accountId // optional - same as set by you in accounts.set(opts, keypair) above
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2019-02-17 17:44:58 +00:00
|
|
|
// opts.certs.privkey
|
|
|
|
// opts.certs.cert
|
|
|
|
// opts.certs.chain
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-09-02 21:45:57 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
// SAVE to the database, index the email address, the accountId, and alias the domains
|
2019-02-17 17:44:58 +00:00
|
|
|
cb(null, { privkey: 'PEM', cert: 'PEM', chain: 'PEM' });
|
2016-08-12 05:42:28 +00:00
|
|
|
}
|
2016-08-13 21:11:09 +00:00
|
|
|
|
2016-08-12 05:42:28 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
getOptions: function () {
|
|
|
|
// merge options with default settings and then return them
|
|
|
|
return options;
|
|
|
|
}
|
|
|
|
, accounts: accounts
|
|
|
|
, certificates: certificates
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
};
|