Merge remote-tracking branch 'origin/acme_sync' into v2

# Conflicts: # packages/core/acme-client/package.json # packages/core/acme-client/src/auto.js # packages/core/acme-client/src/axios.js # packages/core/acme-client/src/http.js
2026-04-24 20:57:26 +08:00 · 2024-07-01 23:09:57 +08:00
parent 19a6b94680 162e10909b
commit 1b7debc6a4
39 changed files with 262 additions and 503 deletions
@@ -40,7 +40,6 @@ class HttpClient {
        this.jwk = null;
    }

-
    /**
     * HTTP request
     *
@@ -70,7 +69,6 @@ class HttpClient {
        return resp;
    }

-
    /**
     * Ensure provider directory exists
     *
@@ -95,7 +93,6 @@ class HttpClient {
        }
    }

-
    /**
     * Get JSON Web Key
     *
@@ -110,7 +107,6 @@ class HttpClient {
        return this.jwk;
    }

-
    /**
     * Get nonce from directory API endpoint
     *
@@ -130,7 +126,6 @@ class HttpClient {
        return resp.headers['replay-nonce'];
    }

-
    /**
     * Get URL for a directory resource
     *
@@ -148,7 +143,6 @@ class HttpClient {
        return this.directory[resource];
    }

-
    /**
     * Get directory meta field
     *
@@ -166,7 +160,6 @@ class HttpClient {
        return null;
    }

-
    /**
     * Prepare HTTP request body for signature
     *
@@ -199,11 +192,10 @@ class HttpClient {
        /* Body */
        return {
            payload: payload ? Buffer.from(JSON.stringify(payload)).toString('base64url') : '',
-            protected: Buffer.from(JSON.stringify(header)).toString('base64url')
+            protected: Buffer.from(JSON.stringify(header)).toString('base64url'),
        };
    }

-
    /**
     * Create JWS HTTP request body using HMAC
     *
@@ -226,7 +218,6 @@ class HttpClient {
        return result;
    }

-
    /**
     * Create JWS HTTP request body using RSA or ECC
     *
@@ -267,13 +258,12 @@ class HttpClient {
        result.signature = signer.sign({
            key: this.accountKey,
            padding: RSA_PKCS1_PADDING,
-            dsaEncoding: 'ieee-p1363'
+            dsaEncoding: 'ieee-p1363',
        }, 'base64url');

        return result;
    }

-
    /**
     * Signed HTTP request
     *
@@ -309,7 +299,7 @@ class HttpClient {
        const data = this.createSignedBody(url, payload, { nonce, kid });
        const resp = await this.request(url, 'post', { data });

-        /* Retry on bad nonce - https://datatracker.ietf.org/doc/html/draft-ietf-acme-acme-10#section-6.4 */
+        /* Retry on bad nonce - https://datatracker.ietf.org/doc/html/rfc8555#section-6.5 */
        if (resp.data && resp.data.type && (resp.status === 400) && (resp.data.type === 'urn:ietf:params:acme:error:badNonce') && (attempts < this.maxBadNonceRetries)) {
            nonce = resp.headers['replay-nonce'] || null;
            attempts += 1;
@@ -323,6 +313,5 @@ class HttpClient {
    }
 }

-
 /* Export client */
 module.exports = HttpClient;