coolaj86
/
telebit.js
1
2
Fork 1
Code Issues 46 Pull Requests 2 Releases Activity
Browse Source

[WIP] getting closer

wip
AJ ONeal 5 years ago
parent
ffc95b4ddf
commit
1726e137b8
4 changed files with 33 additions and 29 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      bin/telebit-remote.js
  2. 44
      bin/telebitd.js
  3. 7
      lib/eggspress.js
  4. 4
      lib/rc/index.js

7
bin/telebit-remote.js
View File

@ -688,7 +688,7 @@ function parseConfig(err, text) {
// Occassionally rotate the key just for the sake of testing the key rotation
return urequestAsync({ method: 'HEAD', url: RC.resolve('/acme/new-nonce') }).then(function (resp) {
var nonce = resp.headers['replay-nonce'];
var newAccountUrl = RC.resolve('/new-acct');
var newAccountUrl = RC.resolve('/acme/new-acct');
return keypairs.signJws({
jwk: state.key
, protected: {
@ -706,10 +706,11 @@ function parseConfig(err, text) {
}).then(function (jws) {
return urequestAsync({
url: newAccountUrl
, json: jws
, method: 'POST'
, json: jws // TODO default to post when body is present
, headers: { "Content-Type": 'application/jose+json' }
}).then(function (resp) {
console.log('resp.body:');
console.log(newAccountUrl, 'resp.body:');
console.log(resp.body);
if (!resp.body || 'valid' !== resp.body.status) {
throw new Error("did not successfully create or restore account");

44
bin/telebitd.js
View File

@ -394,25 +394,25 @@ controllers._issueNonce = function (req, res) {
var nonce = toUrlSafe(crypto.randomBytes(16).toString('base64'));
// TODO associate with a TLS session
controllers._nonces[nonce] = Date.now();
res.headers.set("Replay-Nonce", nonce);
res.setHeader("Replay-Nonce", nonce);
return nonce;
};
controllers.newNonce = function (req, res) {
res.statusCode = 200;
res.headers.set("Cache-Control", "max-age=0, no-cache, no-store");
res.setHeader("Cache-Control", "max-age=0, no-cache, no-store");
// TODO
//res.headers.set("Date", "Sun, 10 Mar 2019 08:04:45 GMT");
//res.setHeader("Date", "Sun, 10 Mar 2019 08:04:45 GMT");
// is this the expiration of the nonce itself? methinks maybe so
//res.headers.set("Expires", "Sun, 10 Mar 2019 08:04:45 GMT");
//res.setHeader("Expires", "Sun, 10 Mar 2019 08:04:45 GMT");
// TODO use one of the registered domains
//var indexUrl = "https://acme-staging-v02.api.letsencrypt.org/index"
var port = (state.config.ipc && state.config.ipc.port || state._ipc.port || undefined);
var indexUrl = "http://localhost:" + port + "/index";
res.headers.set("Link", "<" + indexUrl + ">;rel=\"index\"");
res.headers.set("Cache-Control", "max-age=0, no-cache, no-store");
res.headers.set("Pragma", "no-cache");
//res.headers.set("Strict-Transport-Security", "max-age=604800");
res.headers.set("X-Frame-Options", "DENY");
res.setHeader("Link", "<" + indexUrl + ">;rel=\"index\"");
res.setHeader("Cache-Control", "max-age=0, no-cache, no-store");
res.setHeader("Pragma", "no-cache");
//res.setHeader("Strict-Transport-Security", "max-age=604800");
res.setHeader("X-Frame-Options", "DENY");
res.end("");
};
@ -959,11 +959,11 @@ function handleApi() {
}
// TODO turn strings into regexes to match beginnings
app.use('/.well-known/openid-configuration', function (req, res) {
res.headers.set("Access-Control-Allow-Headers", "Content-Type");
res.headers.set("Access-Control-Allow-Origin", "*");
res.headers.set("Access-Control-Expose-Headers", "Link, Replay-Nonce, Location");
res.headers.set("Access-Control-Max-Age", "86400");
app.get('/.well-known/openid-configuration', function (req, res) {
res.setHeader("Access-Control-Allow-Headers", "Content-Type");
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Expose-Headers", "Link, Replay-Nonce, Location");
res.setHeader("Access-Control-Max-Age", "86400");
if ('OPTIONS' === req.method) { res.end(); return; }
res.send({
jwks_uri: 'http://localhost/.well-known/jwks.json'
@ -972,21 +972,22 @@ function handleApi() {
});
app.use('/acme', function acmeCors(req, res, next) {
// Taken from New-Nonce
res.headers.set("Access-Control-Allow-Headers", "Content-Type");
res.headers.set("Access-Control-Allow-Origin", "*");
res.headers.set("Access-Control-Expose-Headers", "Link, Replay-Nonce, Location");
res.headers.set("Access-Control-Max-Age", "86400");
res.setHeader("Access-Control-Allow-Headers", "Content-Type");
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Expose-Headers", "Link, Replay-Nonce, Location");
res.setHeader("Access-Control-Max-Age", "86400");
if ('OPTIONS' === req.method) { res.end(); return; }
next();
});
app.use('/acme/directory', function (req, res) {
app.get('/acme/directory', function (req, res) {
res.send({
'new-nonce': '/acme/new-nonce'
, 'new-account': '/acme/new-acct'
});
});
app.use('/acme/new-nonce', controllers.newNonce);
app.use('/acme/new-acct', controllers.newAccount);
app.head('/acme/new-nonce', controllers.newNonce);
app.get('/acme/new-nonce', controllers.newNonce);
app.post('/acme/new-acct', controllers.newAccount);
app.use(/\b(relay)\b/, controllers.relay);
app.get(/\b(config)\b/, getConfigOnly);
app.use(/\b(init|config)\b/, initOrConfig);
@ -1021,6 +1022,7 @@ function serveControlsHelper() {
app.use('/rpc/', apiHandler);
app.use('/api/', apiHandler);
app.use('/acme/', apiHandler);
app.use('/', serveStatic);
controlServer = http.createServer(app);

7
lib/eggspress.js
View File

@ -33,11 +33,12 @@ module.exports = function eggspress() {
return;
}
if (!req.url.match(todo[0])) {
var urlstr = (req.url.replace(/\/$/, '') + '/');
if (!urlstr.match(todo[0])) {
//console.log("[eggspress] pattern doesn't match", todo[0], req.url);
next();
return;
} else if ('string' === typeof todo[0] && 0 !== req.url.match(todo[0]).index) {
} else if ('string' === typeof todo[0] && 0 !== urlstr.match(todo[0]).index) {
//console.log("[eggspress] string pattern is not the start", todo[0], req.url);
next();
return;
@ -70,7 +71,7 @@ module.exports = function eggspress() {
app.use = function (pattern, fn) {
return app._use('', pattern, fn);
};
[ 'GET', 'POST', 'DELETE' ].forEach(function (method) {
[ 'HEAD', 'GET', 'POST', 'DELETE' ].forEach(function (method) {
app[method.toLowerCase()] = function (pattern, fn) {
return app._use(method, pattern, fn);
};

4
lib/rc/index.js
View File

@ -74,7 +74,7 @@ module.exports.create = function (state) {
var RC = {};
RC.resolve = function (pathstr) {
// TODO use real hostname and return reqOpts rather than string?
return 'http://localhost:' + RC.port({}).port.toString() + '/' + pathstr.replace(/^\//, '');
return 'http://localhost:' + (RC.port({}).port||'1').toString() + '/' + pathstr.replace(/^\//, '');
};
RC.port = function (reqOpts) {
var fs = require('fs');
@ -93,7 +93,7 @@ module.exports.create = function (state) {
}
return reqOpts;
};
RC.createErrorhandler = function (replay, opts, cb) {
RC.createErrorHandler = function (replay, opts, cb) {
return function (err) {
// ENOENT - never started, cleanly exited last start, or creating socket at a different path
// ECONNREFUSED - leftover socket just needs to be restarted

Write Preview
Loading…
Cancel
Save