lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-03 22:20:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: lkddi:v1.20.10
Branches Tags
lkddi:v2 lkddi:v2-dev lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7
...
compare: lkddi:v1.21.2
Branches Tags
lkddi:v2-dev lkddi:v2 lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7

107 Commits
v1.20.10 ... v1.21.2

Author SHA1 Message Date
xiaojunnuo
031df8fc35 v1.21.2 2024-07-08 15:58:51 +08:00
xiaojunnuo
62419a8212 build: prepare to build 2024-07-08 15:57:13 +08:00
xiaojunnuo
09d93af853 build: prepare to build 2024-07-08 15:47:51 +08:00
xiaojunnuo
b6ab178de9 chore: 1 2024-07-08 15:47:36 +08:00
xiaojunnuo
5a08f27d2c build: prepare to build 2024-07-08 15:36:18 +08:00
xiaojunnuo
fe91d94090 perf: 申请证书时可以选择跳过本地dns校验 2024-07-08 15:35:58 +08:00
xiaojunnuo
56ab3269d2 chore: 1 2024-07-08 12:05:56 +08:00
xiaojunnuo
c8243c573f chore: 1 2024-07-08 12:04:59 +08:00
xiaojunnuo
0b769a1c86 v1.21.1 2024-07-08 11:58:09 +08:00
xiaojunnuo
a8189a974d build: prepare to build 2024-07-08 11:46:13 +08:00
xiaojunnuo
322875d241 chore: 1 2024-07-08 11:45:31 +08:00
xiaojunnuo
ed8a54a2bc chore: 1 2024-07-08 11:29:11 +08:00
xiaojunnuo
5ba9831ed1 perf: 上传到主机,支持设置不mkdirs 2024-07-08 11:19:02 +08:00
xiaojunnuo
f9c9fce581 docs: 1 2024-07-08 11:10:08 +08:00
xiaojunnuo
bc650a32cd docs: 1 2024-07-08 10:59:19 +08:00
xiaojunnuo
c6d3e3fe5b docs: 1 2024-07-08 10:57:42 +08:00
xiaojunnuo
73acc62af1 docs: 1 2024-07-08 10:56:19 +08:00
xiaojunnuo
0d4491f3a0 docs: 1 2024-07-08 10:55:55 +08:00
xiaojunnuo
85248044ab docs: 1 2024-07-08 10:53:55 +08:00
xiaojunnuo
c532449102 docs: 1 2024-07-05 10:56:29 +08:00
xiaojunnuo
970c7fd8a0 perf: 说明优化,默认值优化 2024-07-04 02:22:52 +08:00
xiaojunnuo
4656019898 v1.21.0 2024-07-04 01:15:51 +08:00
xiaojunnuo
7eceabb2d8 build: prepare to build 2024-07-04 01:14:33 +08:00
xiaojunnuo
eade2c2b68 feat: 支持zero ssl 2024-07-04 01:14:09 +08:00
xiaojunnuo
6ec950818c v1.20.17 2024-07-03 23:45:57 +08:00
xiaojunnuo
7058b20df4 build: prepare to build 2024-07-03 23:43:55 +08:00
xiaojunnuo
a09b0e48c1 perf: 文件上传提示由cert.crt改为cert.pem 2024-07-03 23:39:12 +08:00
xiaojunnuo
664bb66a91 Merge branch 'client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/package.json
 2024-07-03 23:37:08 +08:00
xiaojunnuo
eba333de7a perf: 优化cname verify 2024-07-03 23:36:06 +08:00
xiaojunnuo
f47b35f6d5 perf: 创建dns解析后,强制等待60s 2024-07-03 23:27:35 +08:00
Greper
c04707c0f7 fix: 修复对Windows powershell 的支持 
修复对Windows powershell 的支持 #73
 2024-07-03 23:22:29 +08:00
ltxhhz
22ebcd4dd1 fixed #73 2024-07-03 18:30:38 +08:00
xiaojunnuo
d46dab4fdd v1.20.16 2024-07-02 00:36:55 +08:00
xiaojunnuo
d44849c53c build: prepare to build 2024-07-02 00:35:41 +08:00
xiaojunnuo
dbc5a3c6b3 docs: 1 2024-07-02 00:33:21 +08:00
xiaojunnuo
4a5fa767ed fix: 修复配置了cdn cname后申请失败的bug 2024-07-02 00:18:28 +08:00
xiaojunnuo
1b7debc6a4 Merge remote-tracking branch 'origin/acme_sync' into v2 
# Conflicts:
#	packages/core/acme-client/package.json
#	packages/core/acme-client/src/auto.js
#	packages/core/acme-client/src/axios.js
#	packages/core/acme-client/src/http.js
 2024-07-01 23:09:57 +08:00
xiaojunnuo
19a6b94680 v1.20.15 2024-06-28 16:06:55 +08:00
xiaojunnuo
65a72b8d60 build: prepare to build 2024-06-28 14:27:19 +08:00
xiaojunnuo
7f61cab101 perf: 支持windows文件上传 2024-06-27 16:38:43 +08:00
GitHub Actions Bot
692e2b5b96 🔱: [client] sync upgrade with 2 commits [trident-sync] 
perf: 增加示例,FsInDrawer
 2024-06-26 19:24:03 +00:00
xiaojunnuo
37caef38ad chore: 1 2024-06-26 19:07:37 +08:00
xiaojunnuo
9cc01db1d5 fix: 修复无法强制取消任务的bug 2024-06-26 19:05:35 +08:00
xiaojunnuo
9172440f79 chore: 1 2024-06-26 18:37:36 +08:00
xiaojunnuo
e0eb3a4413 perf: 腾讯云dns provider 支持腾讯云的accessId 2024-06-26 18:36:11 +08:00
xiaojunnuo
ae0f16bf35 chore: doc 2024-06-26 13:58:17 +08:00
xiaojunnuo
6c9ed162e3 chore: doc 2024-06-26 13:48:22 +08:00
xiaojunnuo
3849b52cdf chore: ssh优化 2024-06-25 12:28:37 +08:00
xiaojunnuo
9ecfcb5814 chore: ssh优化 2024-06-25 12:25:57 +08:00
xiaojunnuo
54ad09f755 chore: 1 2024-06-25 11:27:13 +08:00
xiaojunnuo
6ee4dc165b chore: 1 2024-06-25 11:22:11 +08:00
xiaojunnuo
8e2eb89696 chore: 1 2024-06-25 11:22:02 +08:00
xiaojunnuo
9d397cc8be chore: 1 2024-06-25 11:02:29 +08:00
xiaojunnuo
cbfb0755b3 chore: 1 2024-06-25 10:52:58 +08:00
xiaojunnuo
d8d127ee9d chore: 1 2024-06-24 09:59:14 +08:00
xiaojunnuo
0ed5430e80 chore: 1 2024-06-24 09:54:41 +08:00
xiaojunnuo
878c1f52fa chore: 1 2024-06-24 09:53:21 +08:00
GitHub Actions Bot
586d23fc55 🔱: [client] sync upgrade with 6 commits [trident-sync] 
build: publish success
fix: 修复多级表头时列设置的问题

https://github.com/fast-crud/fast-crud/issues/175
chore: 1
fix: 修复element示例中远程搜索下拉框label不显示的bug

https://github.com/fast-crud/fast-crud/issues/422
fix: 修复独立使用对话框 openDialog方法await无返回值的bug
 2024-06-23 19:23:47 +00:00
xiaojunnuo
6900452b49 v1.20.14 2024-06-24 01:05:48 +08:00
xiaojunnuo
b97e0e512d build: prepare to build 2024-06-24 01:04:25 +08:00
xiaojunnuo
f740ff517f fix: 修复修改密码功能异常问题 2024-06-24 01:04:03 +08:00
xiaojunnuo
e5989fe023 v1.20.13 2024-06-19 00:56:42 +08:00
xiaojunnuo
4323156fbe build: prepare to build 2024-06-19 00:54:13 +08:00
xiaojunnuo
3c721901c5 chore: 1 2024-06-19 00:53:53 +08:00
xiaojunnuo
5c2c50839a perf: ssh登录支持openssh格式私钥、支持私钥密码 2024-06-19 00:21:13 +08:00
xiaojunnuo
fd54c2ffac perf: 增加警告,修复一些样式错乱问题 2024-06-19 00:20:35 +08:00
xiaojunnuo
7e483e6091 fix: 修复logo问题 2024-06-19 00:19:48 +08:00
xiaojunnuo
80c48e9acd Merge remote-tracking branch 'origin/v2' into v2 2024-06-18 23:50:04 +08:00
xiaojunnuo
b98f1c0dd0 fix: 修复邮箱设置页面SMTP拼写错误的问题 
https://github.com/certd/certd/issues/69
 2024-06-18 23:09:32 +08:00
Greper
b53874a0b8 fix: 日志高度越界 
fix: 日志高度越界
 2024-06-18 23:07:55 +08:00
shenan
c4c9adb8bf fix: 日志高度越界 2024-06-18 11:46:54 +08:00
xiaojunnuo
eed265faf1 v1.20.12 2024-06-17 23:10:07 +08:00
xiaojunnuo
3dc6dd403d build: prepare to build 2024-06-17 23:08:33 +08:00
xiaojunnuo
deb9ba0c43 chore: 1 2024-06-16 02:56:49 +08:00
xiaojunnuo
fa33ff499d Merge branch 'client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/.env
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/index.html
#	packages/ui/certd-client/package.json
#	packages/ui/certd-client/public/images/logo/rect-black.svg
#	packages/ui/certd-client/public/images/logo/square.svg
#	packages/ui/certd-client/src/layout/components/theme/index.vue
#	packages/ui/certd-client/src/layout/layout-framework.vue
#	packages/ui/certd-client/src/layout/layout-outside.vue
#	packages/ui/certd-client/src/main.ts
#	packages/ui/certd-client/src/plugin/fast-crud/index.tsx
#	packages/ui/certd-client/src/router/source/header.ts
#	packages/ui/certd-client/src/store/modules/settings.ts
#	packages/ui/certd-client/src/style/common.less
#	packages/ui/certd-client/src/views/crud/form/independent/index.vue
#	packages/ui/certd-client/src/views/framework/login/index.vue
#	packages/ui/certd-client/src/views/framework/register/index.vue
#	packages/ui/certd-client/vite.config.ts
 2024-06-16 02:47:41 +08:00
xiaojunnuo
2ed4967744 chore: 1 2024-06-16 02:36:22 +08:00
GitHub Actions Bot
ad360e81cb 🔱: [client] sync upgrade with 21 commits [trident-sync] 
perf: 优化antdv4 示例授权页面tree的样式
build: publish success
chore: 1
chore: 1
chore: 1
fix: getFileName支持item参数

https://github.com/fast-crud/fast-crud/issues/385
fix: fs-form独立使用支持插槽

https://github.com/fast-crud/fast-crud/issues/389
fix: 修复三级以上路由页面无法缓存的问题

https://github.com/fast-crud/fast-crud/issues/394
perf: form.wrapper.buttons支持compute动态计算
feat: 表单支持变更关闭前提醒保存,form.wrapper支持beforeClose事件
fix: 修复图片裁剪按钮上下和左右相反的bug

https://github.com/fast-crud/fast-crud/issues/402
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
perf: fs-dict-tree支持插槽

https://github.com/fast-crud/fast-crud/issues/407
perf: 单选、多选、select、tree-select、table-select 都提供selected-change事件,可以获取选中的dict选项
feat: table-select 支持查看模式

https://github.com/fast-crud/fast-crud/issues/413
perf: 优化fs-admin可以在手机上操作
chore: pnpm workspace问题优化
docs: 1
chore: antdv4 支持主题色选择
...
 2024-06-15 18:32:36 +00:00
xiaojunnuo
f95f5188b4 Merge remote-tracking branch 'origin/client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/package.json
 2024-06-16 02:15:46 +08:00
xiaojunnuo
17d1efa395 chore: 1 2024-06-16 02:12:02 +08:00
xiaojunnuo
732cbc5e92 perf: 支持重置管理员密码,忘记密码的补救方案 2024-06-16 02:06:44 +08:00
xiaojunnuo
5d2d0955b1 docs: 1 2024-06-16 00:42:17 +08:00
xiaojunnuo
20feacea12 perf: 增加系统设置,可以关闭自助注册功能 2024-06-16 00:20:02 +08:00
xiaojunnuo
575bf2b73b docs: 1 2024-06-15 02:22:29 +08:00
xiaojunnuo
934e6e2bd0 perf: 增加cloudflare access token说明 2024-06-15 02:20:46 +08:00
xiaojunnuo
fbb9a47e8f perf: 支持cloudflare域名 2024-06-15 02:17:34 +08:00
xiaojunnuo
368132daae chore: 1 2024-06-14 01:26:50 +08:00
xiaojunnuo
3d54d04017 chore: 1 2024-06-14 01:25:30 +08:00
xiaojunnuo
5b1494b3ce fix: 修复aliyun域名超过100个找不到域名的bug 2024-06-14 01:22:07 +08:00
xiaojunnuo
ebf2a820cc chore: CF准备开始 2024-06-11 01:55:29 +08:00
GitHub Actions Bot
9caa4cd1d4 🔱: [client] sync upgrade with 3 commits [trident-sync] 
build: publish success
fix: 修复三级以上路由页面无法缓存的问题

https://github.com/fast-crud/fast-crud/issues/394
 2024-06-09 19:23:54 +00:00
GitHub Actions Bot
91fd80d44f 🔱: [client] sync upgrade with 3 commits [trident-sync] 
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
fix: edit-wang 改成edit-wang5

https://github.com/fast-crud/fast-crud/issues/409
 2024-06-08 19:24:01 +00:00
GitHub Actions Bot
f932e553b0 🔱: [client] sync upgrade with 2 commits [trident-sync] 
chore: pnpm workspace问题优化
 2024-05-30 19:23:48 +00:00
xiaojunnuo
0dd4953197 chore: 1.20.11 2024-05-30 14:55:31 +08:00
xiaojunnuo
aaea6aa1f3 chore: 1.20.11 2024-05-30 14:41:29 +08:00
xiaojunnuo
ab4a0aea70 chore: 1.20.11 2024-05-30 14:27:43 +08:00
xiaojunnuo
29f923537e chore: 1.20.10 2024-05-30 14:26:44 +08:00
xiaojunnuo
24aa416740 chore: 1.20.10 2024-05-30 14:17:43 +08:00
xiaojunnuo
08e517ff00 chore: 1.20.10 2024-05-30 13:59:27 +08:00
xiaojunnuo
29f65389bd chore: 1.20.10 2024-05-30 13:59:05 +08:00
xiaojunnuo
960a1964c7 chore: 1.20.10 2024-05-30 13:52:24 +08:00
xiaojunnuo
760d54ba85 chore: 1.20.10 2024-05-30 12:23:36 +08:00
xiaojunnuo
b1b21d3efc chore: 1.20.10 2024-05-30 12:23:09 +08:00
xiaojunnuo
5acd7f6fb6 chore: 1.20.10 2024-05-30 12:03:59 +08:00
GitHub Actions Bot
162e10909b 🔱: [acme] sync upgrade with 7 commits [trident-sync] 
Small crypto docs fix 2
Small crypto docs fix
Bump v5.3.1
Discourage use of cert subject common name, examples and docs
Style refactor docs and examples
Bump dependencies
 2024-05-23 19:24:12 +00:00
GitHub Actions Bot
0f1ae6ccd9 🔱: [acme] sync upgrade with 3 commits [trident-sync] 
Clean up eslintrc, style refactor and formatting fixes
Update auto.js

see https://github.com/publishlab/node-acme-client/issues/88#issuecomment-2105255828
 2024-05-22 19:24:07 +00:00
GitHub Actions Bot
33fb1a6bf3 🔱: [client] sync upgrade with 2 commits [trident-sync] 
docs: 修改依赖增加workspace:
 2024-05-10 19:23:53 +00:00
GitHub Actions Bot
56a1f8158a 🔱: [client] sync upgrade with 3 commits [trident-sync] 
build: publish success
chore:
 2024-03-21 19:24:00 +00:00
305 changed files with 6240 additions and 1826 deletions
Expand all files Collapse all files

1
.npmrc
View File

@@ -0,0 +1 @@
link-workspace-packages=deep

76
CHANGELOG.md
View File

@@ -3,6 +3,82 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
### Performance Improvements
* 申请证书时可以选择跳过本地dns校验 ([fe91d94](https://github.com/certd/certd/commit/fe91d94090d22ed0a3ea753ba74dfaa1bf057c17))
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
### Performance Improvements
* 上传到主机支持设置不mkdirs ([5ba9831](https://github.com/certd/certd/commit/5ba9831ed1aa6ec6057df246f1035b36b9c41d2e))
* 说明优化,默认值优化 ([970c7fd](https://github.com/certd/certd/commit/970c7fd8a0f557770e973d8462ee5684ef742810))
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
### Features
* 支持zero ssl ([eade2c2](https://github.com/certd/certd/commit/eade2c2b681569f03e9cd466e7d5bcd6703ed492))
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
### Performance Improvements
* 创建dns解析后强制等待60s ([f47b35f](https://github.com/certd/certd/commit/f47b35f6d5bd7d675005c3e286b7e9a029201f8b))
* 文件上传提示由cert.crt改为cert.pem ([a09b0e4](https://github.com/certd/certd/commit/a09b0e48c176f3ed763791bd50322c29729f7c1c))
* 优化cname verify ([eba333d](https://github.com/certd/certd/commit/eba333de7a5b5ef4b0b7eaa904f578720102fa61))
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
### Bug Fixes
* 修复配置了cdn cname后申请失败的bug ([4a5fa76](https://github.com/certd/certd/commit/4a5fa767edc347d03d29a467e86c9a4d70b0220c))
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
### Bug Fixes
* 修复无法强制取消任务的bug ([9cc01db](https://github.com/certd/certd/commit/9cc01db1d569a5c45bb3e731f35d85df324a8e62))
### Performance Improvements
* 腾讯云dns provider 支持腾讯云的accessId ([e0eb3a4](https://github.com/certd/certd/commit/e0eb3a441384d474fe2923c69b25318264bdc9df))
* 支持windows文件上传 ([7f61cab](https://github.com/certd/certd/commit/7f61cab101fa13b4e88234e9ad47434e6130fed2))
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
### Bug Fixes
* 修复修改密码功能异常问题 ([f740ff5](https://github.com/certd/certd/commit/f740ff517f521dce361284c2c54bccc68aee0ea2))
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
### Bug Fixes
* 日志高度越界 ([c4c9adb](https://github.com/certd/certd/commit/c4c9adb8bfd513f57252e523794e3799a9b220f8))
* 修复邮箱设置页面SMTP拼写错误的问题 ([b98f1c0](https://github.com/certd/certd/commit/b98f1c0dd0bc6c6b4f814c578692afdf6d90b88d))
* 修复logo问题 ([7e483e6](https://github.com/certd/certd/commit/7e483e60913d509b113148c735fe13ba1d72dddf))
### Performance Improvements
* 增加警告,修复一些样式错乱问题 ([fd54c2f](https://github.com/certd/certd/commit/fd54c2ffac492222e85ff2f5f49a9ee5cfc73588))
* ssh登录支持openssh格式私钥、支持私钥密码 ([5c2c508](https://github.com/certd/certd/commit/5c2c50839a9076004f9034d754ac6deb531acdfb))
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/certd/certd/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 增加系统设置,可以关闭自助注册功能 ([20feace](https://github.com/certd/certd/commit/20feacea12d43386540db6a600f391d786be4014))
* 增加cloudflare access token说明 ([934e6e2](https://github.com/certd/certd/commit/934e6e2bd05387cd50ffab95f230933543954098))
* 支持重置管理员密码,忘记密码的补救方案 ([732cbc5](https://github.com/certd/certd/commit/732cbc5e927b526850724594830392b2f10c6705))
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Bug Fixes

94
README.md
View File

@@ -1,13 +1,15 @@
# CertD
CertD 是一个免费全自动申请和部署SSL证书的工具。
CertD 是一个免费全自动申请和自动部署更新SSL证书的工具。
后缀D取自linux守护进程的命名风格意为证书守护进程。
## 一、特性
本项目不仅支持证书申请过程自动化,还可以自动化部署证书,让你的证书永不过期。
关键字:证书自动申请、证书自动更新、证书自动续期、证书自动续签
* 全自动申请证书(支持阿里云、腾讯云、华为云注册的域名)
*自动部署证书(目前支持服务器上传部署、部署到阿里云、腾讯云等)
## 一、特性
本项目不仅支持证书申请过程自动化,还可以自动部署更新证书,让你的证书永不过期。
* 全自动申请证书支持阿里云、腾讯云、华为云、Cloudflare注册的域名
* 全自动部署更新证书(目前支持服务器上传部署、部署到阿里云、腾讯云等)
* 支持通配符域名
* 支持多个域名打到一个证书上
* 邮件通知
@@ -42,24 +44,32 @@ https://certd.handsfree.work/
### 1. 安装docker、docker-compose
1.1 安装docker
https://docs.docker.com/engine/install/
1.1 准备一台云服务器
* 【阿里云】云服务器2核2G新老用户同享99元/年,续费同价!【 [立即购买](https://www.aliyun.com/benefit?scm=20140722.M_10244282._.V_1&source=5176.11533457&userCode=qya11txb )】
* 【腾讯云】云服务器2核2G新老用户同享99元/年,续费同价!【 [立即购买](https://cloud.tencent.com/act/cps/redirect?redirect=6094&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9&from=console)】
1.2 安装docker
https://docs.docker.com/engine/install/
选择对应的操作系统,按照官方文档执行命令即可
1.2 安装docker-compose
https://docs.docker.com/compose/install/linux/
### 2. 下载docker-compose.yaml文件
[docker-compose.yaml下载](https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml)
```bash
mkdir certd
cd certd
# wget下载docker-compose.yaml文件
wget https://raw.githubusercontent.com/certd/certd/v2/docker/run/docker-compose.yaml
# 或者使用gitee地址
wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
# 根据需要修改里面的配置
# 1.修改镜像版本号
# 2.配置数据保存路径
# 3.配置certd_auth_jwt_secret
# 1.修改镜像版本号【可选】
# 2.配置数据保存路径【可选】
# 3.配置certd_auth_jwt_secret【必须】
vi docker-compose.yaml
@@ -71,14 +81,14 @@ https://github.com/certd/certd/releases
### 3. 运行
```bash
# 如果docker compose是插件化安装
export CERTD_VERSION=1.20.9
export CERTD_VERSION=latest
docker compose up -d
#如果docker compose是独立安装
export CERTD_VERSION=1.20.9
docker-compose up -d
```
如果提示 没有compose命令,请安装docker-compose
https://docs.docker.com/compose/install/linux/
### 4. 访问
http://your_server_ip:7001
@@ -92,20 +102,50 @@ http://your_server_ip:7001
* 数据存在`/data/certd`目录下,不用担心数据丢失
## 五、一些说明
## 五、一些说明
* 本项目ssl证书提供商为letencrypt
* 申请过程遵循acme协议
* 需要验证域名所有权一般有两种方式目前本项目仅支持dns-01
* http-01 在网站根目录下放置一份txt文件
* dns-01 需要给域名添加txt解析记录通配符域名只能用这种方式
* 证书续期:
* 实际上acme并没有续期概念
* 我们所说的续期,其实就是按照全套流程重新申请一份新证书。
* 实际上没有办法不改变证书文件本身情况下直接续期或者续签
* 我们所说的续期,其实就是按照全套流程重新申请一份新证书,然后重新部署上去
* 免费证书过期时间90天以后可能还会缩短所以自动化部署必不可少
* 设置每天自动运行当证书过期前20天会自动重新申请证书并部署
## 六、联系作者
## 六、不同平台的设置说明
* [Cloudflare](./doc/cf/cf.md)
* [腾讯云](./doc/tencent/tencent.md)
* [windows主机](./doc/host/host.md)
## 七、问题处理
### 7.1 忘记管理员密码
解决方法如下:
1. 修改docker-compose.yaml文件将环境变量`certd_system_resetAdminPassword`改为`true`
```yaml
services:
certd:
environment: # 环境变量
- certd_system_resetAdminPassword=false
```
2. 重启容器
```shell
docker compose up -d
docker logs -f --tail 500 certd
# 观察日志当日志中输出“重置1号管理员用户的密码完成”即可操作下一步
```
3. 修改docker-compose.yaml`certd_system_resetAdminPassword`改回`false`
4. 再次重启容器
```shell
docker compose up -d
```
5. 使用admin/123456登录系统请及时修改管理员密码
## 八、联系作者
如有疑问欢迎加入群聊请备注certd
* QQ群141236433
* 微信群:
@@ -117,7 +157,7 @@ http://your_server_ip:7001
<img height="230" src="./doc/images/me.png">
</p>
## 捐赠
## 九、捐赠
媳妇儿说:“一天到晚搞开源,也不管管老婆孩子!😡😡😡”
拜托各位捐赠支持一下,让媳妇儿开心开心,我也能有更多时间进行开源项目,感谢🙏🙏🙏
<p align="center">
@@ -125,12 +165,16 @@ http://your_server_ip:7001
</p>
## 、贡献代码
## 、贡献代码
[贡献插件教程](./plugin.md)
## 、我的其他项目
## 十一、我的其他项目
* [袖手GPT](https://ai.handsfree.work/) ChatGPT国内可用无需FQ每日免费额度
* [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架
* [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具无需FQ解决github无法访问的问题
## 十二、版本更新日志
https://github.com/certd/certd/blob/v2/CHANGELOG.md

1
deploy.js
View File

@@ -1,6 +1,5 @@
import http from 'axios'
import fs from 'fs'
//读取 packages/core/pipline/package.json的版本号
import {default as packageJson} from './packages/core/pipeline/package.json' assert { type: "json" };

15
doc/cf/cf.md Normal file
View File

@@ -0,0 +1,15 @@
# Cloudflare
## CF Token申请
### 申请地址:
https://dash.cloudflare.com/profile/api-tokens
### 权限设置:
需要设置权限和资源范围
权限包括Zone.Zone.edit, Zone.DNS.edit
资源范围要包含对应域名推荐直接设置为All Zones
最终效果如下,可以切换语言为英文对比如下图检查
![](./cf_token.png)

BIN
doc/cf/cf_token.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 45 KiB

24
doc/host/host.md Normal file
View File

@@ -0,0 +1,24 @@
# 远程主机
远程主机基于ssh协议通过ssh连接远程主机执行命令。
## windows开启OpenSSH Server
1. 安装OpenSSH Server
请前往Microsoft官方文档查看如何开启openSSH
https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui#install-openssh-for-windows
2. 启动OpenSSH Server服务
```
win+R 弹出运行对话框,输入 services.msc 打开服务管理器
找到 OpenSSH SSH Server
启动ssh server服务并且设置为自动启动
```
3. 测试ssh登录
使用你常用的ssh客户端连接你的windows主机进行测试
```cmd
# 如何确定你用户名
C:\Users\xiaoj>
↑↑↑↑---------这个就是windows ssh的登录用户名
```

BIN
doc/images/15-2-email.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 35 KiB

After

Width:  |  Height:  |  Size: 145 KiB

BIN
doc/tencent/dnspod-token.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 149 KiB

BIN
doc/tencent/tencent-access.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 KiB

16
doc/tencent/tencent.md Normal file
View File

@@ -0,0 +1,16 @@
# 腾讯云
## DNSPOD 授权设置
目前腾讯云管理的域名的dns暂时只支持从DNSPOD进行设置
打开 https://console.dnspod.cn/account/token/apikey
然后按如下方式获取DNSPOD的授权
![](./dnspod-token.png)
## 腾讯云API密钥设置
腾讯云其他部署需要API密钥需要在腾讯云控制台进行设置
打开 https://console.cloud.tencent.com/cam/capi
然后按如下方式获取腾讯云的API密钥
![](./tencent-access.png)

4
docker/image/Dockerfile
View File

@@ -1,12 +1,14 @@
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/node:16-alpine
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/node:18-alpine
EXPOSE 7001
ENV NODE_ENV production
ENV MIDWAY_SERVER_ENV production
WORKDIR /app/
#RUN npm install -g pnpm
#RUN npm install cross-env -g --registry=https://registry.npmmirror.com
#RUN npm install pm2 -g --registry=https://registry.npmmirror.com
#RUN pm2 install pm2-logrotate
ADD ./workspace/certd-server/ /app/
RUN sed -i "s/workspace://g" "/app/package.json"
RUN yarn install --production --registry=https://registry.npmmirror.com
#RUN yarn install --production
RUN npm run build

9
docker/run/Dockerfile
View File

@@ -1,9 +0,0 @@
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
EXPOSE 7001
RUN npm run build
#RUN npm install pm2 -g --registry=https://registry.npmmirror.com
#CMD ["pm2-runtime", "start", "./bootstrap.js","--name", "certd","-i","1","--", "-p", "7001"]
CMD ["npm","run", "start"]

11
docker/run/docker-compose.yaml
View File

@@ -1,19 +1,22 @@
version: '3.3'
services:
certd:
# 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest
# 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest 如果设置了环境变量 export CERTD_VERSION=latest这里可以不修改
image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${CERTD_VERSION}
container_name: certd # 容器名
restart: unless-stopped # 重启
restart: unless-stopped # 自动重启
volumes:
# ↓↓↓↓↓ ------------------------------------------------------- 2、 修改数据库以及证书存储路径
# ↓↓↓↓↓ ------------------------------------------------------- 2、 修改数据库以及证书存储路径【可选】
- /data/certd:/app/data
ports: # 端口映射
# ↓↓↓↓ 如果端口有冲突可以修改第一个7001为其他不冲突的端口号
- "7001:7001"
environment: # 环境变量
- TZ=Asia/Shanghai
- certd_auth_jwt_secret=changeme
# ↑↑↑↑↑ ---------------------------------- 3、 修改成你的自定义密钥
# ↑↑↑↑↑ ---------------------------------- 3、 修改成你的自定义密钥【必须,安全需要】
- certd_system_resetAdminPassword=false
# ↑↑↑↑↑ 如果忘记管理员密码可以设置为true重启之后管理员密码将改成123456然后请及时修改回false
# 设置环境变量即可自定义certd配置
# 服务端配置项见: packages/ui/certd-server/src/config/config.default.ts
# 服务端配置规则: certd_ + 配置项, 点号用_代替

0
docker/run/build.sh → docker/run/run.sh Executable file → Normal file
View File

2
lerna.json
View File

@@ -9,5 +9,5 @@
}
},
"npmClient": "pnpm",
"version": "1.20.10"
"version": "1.21.2"
}

5
package.json
View File

@@ -14,9 +14,10 @@
"i-all": "lerna link && lerna exec npm install ",
"publish": "npm run prepublishOnly1 && lerna publish --conventional-commits && npm run afterpublishOnly && npm run deploy1",
"afterpublishOnly": "",
"prepublishOnly1": "npm run before-build && lerna run build ",
"prepublishOnly1": "npm run check && npm run before-build && lerna run build ",
"before-build": "cd ./packages/core/acme-client && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
"deploy1": "node --experimental-json-modules deploy.js "
"deploy1": "node --experimental-json-modules deploy.js ",
"check": "node --experimental-json-modules publish-check.js"
},
"license": "AGPL-3.0",
"dependencies": {

7
packages/core/acme-client/.eslintrc.yml
View File

@@ -9,15 +9,8 @@ env:
rules:
indent: [2, 4, { SwitchCase: 1, VariableDeclarator: 1 }]
brace-style: [2, 'stroustrup', { allowSingleLine: true }]
space-before-function-paren: [2, { anonymous: 'never', named: 'never' }]
func-names: 0
prefer-destructuring: 0
object-curly-newline: 0
class-methods-use-this: 0
wrap-iife: [2, 'inside']
no-param-reassign: 0
comma-dangle: [2, 'never']
max-len: [1, 200, 2, { ignoreUrls: true, ignoreComments: false }]
no-multiple-empty-lines: [2, { max: 2, maxBOF: 0, maxEOF: 0 }]
prefer-object-spread: 0
import/no-useless-path-segments: 0

3
packages/core/acme-client/.github/workflows/tests.yml vendored
View File

@@ -1,4 +1,3 @@
---
name: test
on: [push, pull_request]
@@ -12,7 +11,6 @@ jobs:
node: [16, 18, 20, 22]
eab: [0, 1]
#
# Environment
#
@@ -41,7 +39,6 @@ jobs:
ACME_HTTP_PORT: 5002
ACME_HTTPS_PORT: 5003
#
# Pipeline
#

55
packages/core/acme-client/CHANGELOG.md
View File

@@ -3,6 +3,57 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/publishlab/node-acme-client/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/acme-client
## [1.21.1](https://github.com/publishlab/node-acme-client/compare/v1.21.0...v1.21.1) (2024-07-08)
**Note:** Version bump only for package @certd/acme-client
# [1.21.0](https://github.com/publishlab/node-acme-client/compare/v1.20.17...v1.21.0) (2024-07-03)
### Features
* 支持zero ssl ([eade2c2](https://github.com/publishlab/node-acme-client/commit/eade2c2b681569f03e9cd466e7d5bcd6703ed492))
## [1.20.17](https://github.com/publishlab/node-acme-client/compare/v1.20.16...v1.20.17) (2024-07-03)
### Performance Improvements
* 创建dns解析后强制等待60s ([f47b35f](https://github.com/publishlab/node-acme-client/commit/f47b35f6d5bd7d675005c3e286b7e9a029201f8b))
* 优化cname verify ([eba333d](https://github.com/publishlab/node-acme-client/commit/eba333de7a5b5ef4b0b7eaa904f578720102fa61))
## [1.20.16](https://github.com/publishlab/node-acme-client/compare/v1.20.15...v1.20.16) (2024-07-01)
### Bug Fixes
* 修复配置了cdn cname后申请失败的bug ([4a5fa76](https://github.com/publishlab/node-acme-client/commit/4a5fa767edc347d03d29a467e86c9a4d70b0220c))
## [1.20.15](https://github.com/publishlab/node-acme-client/compare/v1.20.14...v1.20.15) (2024-06-28)
### Performance Improvements
* 腾讯云dns provider 支持腾讯云的accessId ([e0eb3a4](https://github.com/publishlab/node-acme-client/commit/e0eb3a441384d474fe2923c69b25318264bdc9df))
## [1.20.14](https://github.com/publishlab/node-acme-client/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/acme-client
## [1.20.13](https://github.com/publishlab/node-acme-client/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/acme-client
## [1.20.12](https://github.com/publishlab/node-acme-client/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/publishlab/node-acme-client/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 支持cloudflare域名 ([fbb9a47](https://github.com/publishlab/node-acme-client/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/publishlab/node-acme-client/compare/v1.20.9...v1.20.10) (2024-05-30)
**Note:** Version bump only for package @certd/acme-client
@@ -31,7 +82,7 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
# Changelog
## v5.3.1
## v5.3.1 (2024-05-22)
* `fixed` Allow `client.auto()` being called with an empty CSR common name
* `fixed` Bug when calling `updateAccountKey()` with external account binding
@@ -68,7 +119,7 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
* `fixed` Upgrade `axios@0.26.1`
* `fixed` Upgrade `node-forge@1.3.0` - [CVE-2022-24771](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24771), [CVE-2022-24772](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24772), [CVE-2022-24773](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24773)
## 4.2.4 (2022-03-19)
## v4.2.4 (2022-03-19)
* `fixed` Use SHA-256 when signing CSRs

39
packages/core/acme-client/README.md
View File

@@ -9,13 +9,13 @@ This module is written to handle communication with a Boulder/Let's Encrypt-styl
## Compatibility
| acme-client | Node.js | |
| ------------- | --------- | ----------------------------------------- |
| v5.x | >= v16 | [Upgrade guide](docs/upgrade-v5.md) |
| v4.x | >= v10 | [Changelog](CHANGELOG.md#v400-2020-05-29) |
| v3.x | >= v8 | [Changelog](CHANGELOG.md#v300-2019-07-13) |
| v2.x | >= v4 | [Changelog](CHANGELOG.md#v200-2018-04-02) |
| v1.x | >= v4 | [Changelog](CHANGELOG.md#v100-2017-10-20) |
| acme-client | Node.js | |
| ----------- | ------- | ----------------------------------------- |
| v5.x | >= v16 | [Upgrade guide](docs/upgrade-v5.md) |
| v4.x | >= v10 | [Changelog](CHANGELOG.md#v400-2020-05-29) |
| v3.x | >= v8 | [Changelog](CHANGELOG.md#v300-2019-07-13) |
| v2.x | >= v4 | [Changelog](CHANGELOG.md#v200-2018-04-02) |
| v1.x | >= v4 | [Changelog](CHANGELOG.md#v100-2017-10-20) |
## Table of contents
@@ -49,7 +49,7 @@ const accountPrivateKey = '<PEM encoded private key>';
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: accountPrivateKey
accountKey: accountPrivateKey,
});
```
@@ -75,8 +75,8 @@ const client = new acme.Client({
accountKey: accountPrivateKey,
externalAccountBinding: {
kid: 'YOUR-EAB-KID',
hmacKey: 'YOUR-EAB-HMAC-KEY'
}
hmacKey: 'YOUR-EAB-HMAC-KEY',
},
});
```
@@ -90,7 +90,7 @@ In some cases, for example with some EAB providers, this account creation step m
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: accountPrivateKey,
accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678'
accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678',
});
```
@@ -113,8 +113,7 @@ const privateRsaKey = await acme.crypto.createPrivateRsaKey();
const privateEcdsaKey = await acme.crypto.createPrivateEcdsaKey();
const [certificateKey, certificateCsr] = await acme.crypto.createCsr({
commonName: '*.example.com',
altNames: ['example.com']
altNames: ['example.com', '*.example.com'],
});
```
@@ -139,7 +138,7 @@ const autoOpts = {
email: 'test@example.com',
termsOfServiceAgreed: true,
challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {},
};
const certificate = await client.auto(autoOpts);
@@ -156,7 +155,7 @@ To modify challenge priority, provide a list of challenge types in `challengePri
```js
await client.auto({
...,
challengePriority: ['http-01', 'dns-01']
challengePriority: ['http-01', 'dns-01'],
});
```
@@ -171,7 +170,7 @@ To completely disable `acme-client`s internal challenge verification, enable `sk
```js
await client.auto({
...,
skipChallengeVerification: true
skipChallengeVerification: true,
});
```
@@ -185,14 +184,14 @@ For more fine-grained control you can interact with the ACME API using the metho
```js
const account = await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: '*.example.com' }
]
{ type: 'dns', value: '*.example.com' },
],
});
```
@@ -207,7 +206,7 @@ const acme = require('acme-client');
acme.axios.defaults.proxy = {
host: '127.0.0.1',
port: 9000
port: 9000,
};
```

2
packages/core/acme-client/build.md
View File

@@ -1 +1 @@
11:37
15:57

28
packages/core/acme-client/docs/client.md
View File

@@ -63,7 +63,7 @@ Create ACME client instance
```js
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: 'Private key goes here'
accountKey: 'Private key goes here',
});
```
**Example**
@@ -75,7 +75,7 @@ const client = new acme.Client({
accountUrl: 'Optional account URL goes here',
backoffAttempts: 10,
backoffMin: 5000,
backoffMax: 30000
backoffMax: 30000,
});
```
**Example**
@@ -86,8 +86,8 @@ const client = new acme.Client({
accountKey: 'Private key goes here',
externalAccountBinding: {
kid: 'YOUR-EAB-KID',
hmacKey: 'YOUR-EAB-HMAC-KEY'
}
hmacKey: 'YOUR-EAB-HMAC-KEY',
},
});
```
<a name="AcmeClient+getTermsOfServiceUrl"></a>
@@ -145,7 +145,7 @@ https://datatracker.ietf.org/doc/html/rfc8555#section-7.3
Create a new account
```js
const account = await client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
```
**Example**
@@ -153,7 +153,7 @@ Create a new account with contact info
```js
const account = await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
```
<a name="AcmeClient+updateAccount"></a>
@@ -174,7 +174,7 @@ https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2
Update existing account
```js
const account = await client.updateAccount({
contact: ['mailto:foo@example.com']
contact: ['mailto:foo@example.com'],
});
```
<a name="AcmeClient+updateAccountKey"></a>
@@ -218,8 +218,8 @@ Create a new order
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: 'test.example.com' }
]
{ type: 'dns', value: 'test.example.com' },
],
});
```
<a name="AcmeClient+getOrder"></a>
@@ -452,7 +452,7 @@ Revoke certificate with reason
```js
const certificate = { ... }; // Previously created certificate
const result = await client.revokeCertificate(certificate, {
reason: 4
reason: 4,
});
```
<a name="AcmeClient+auto"></a>
@@ -479,7 +479,7 @@ Auto mode
Order a certificate using auto mode
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
const certificate = await client.auto({
@@ -491,14 +491,14 @@ const certificate = await client.auto({
},
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {
// Clean up challenge here
}
},
});
```
**Example**
Order a certificate using auto mode with preferred chain
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
const certificate = await client.auto({
@@ -507,7 +507,7 @@ const certificate = await client.auto({
termsOfServiceAgreed: true,
preferredChain: 'DST Root CA X3',
challengeCreateFn: async () => {},
challengeRemoveFn: async () => {}
challengeRemoveFn: async () => {},
});
```
<a name="Client"></a>

13
packages/core/acme-client/docs/crypto.md
View File

@@ -239,29 +239,30 @@ Create a Certificate Signing Request
Create a Certificate Signing Request
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
```
**Example**
Certificate Signing Request with both common and alternative names
> *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
keySize: 4096,
commonName: 'test.example.com',
altNames: ['foo.example.com', 'bar.example.com']
altNames: ['foo.example.com', 'bar.example.com'],
});
```
**Example**
Certificate Signing Request with additional information
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com',
altNames: ['test.example.com'],
country: 'US',
state: 'California',
locality: 'Los Angeles',
organization: 'The Company Inc.',
organizationUnit: 'IT Department',
emailAddress: 'contact@example.com'
emailAddress: 'contact@example.com',
});
```
**Example**
@@ -270,8 +271,9 @@ Certificate Signing Request with ECDSA private key
const certificateKey = await acme.crypto.createPrivateEcdsaKey();
const [, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
}, certificateKey);
```
<a name="createAlpnCertificate"></a>
## createAlpnCertificate(authz, keyAuthorization, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
@@ -298,6 +300,7 @@ Create a ALPN certificate with ECDSA private key
```js
const alpnKey = await acme.crypto.createPrivateEcdsaKey();
const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAuthorization, alpnKey);
```
<a name="isAlpnCertificateAuthorizationValid"></a>
## isAlpnCertificateAuthorizationValid(certPem, keyAuthorization) ⇒ <code>boolean</code>

11
packages/core/acme-client/docs/forge.md
View File

@@ -222,29 +222,30 @@ Create a Certificate Signing Request
Create a Certificate Signing Request
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
```
**Example**
Certificate Signing Request with both common and alternative names
> *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
keySize: 4096,
commonName: 'test.example.com',
altNames: ['foo.example.com', 'bar.example.com']
altNames: ['foo.example.com', 'bar.example.com'],
});
```
**Example**
Certificate Signing Request with additional information
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com',
altNames: ['test.example.com'],
country: 'US',
state: 'California',
locality: 'Los Angeles',
organization: 'The Company Inc.',
organizationUnit: 'IT Department',
emailAddress: 'contact@example.com'
emailAddress: 'contact@example.com',
});
```
**Example**
@@ -253,5 +254,5 @@ Certificate Signing Request with predefined private key
const certificateKey = await acme.forge.createPrivateKey();
const [, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
}, certificateKey);

16
packages/core/acme-client/examples/api.js
View File

@@ -8,7 +8,6 @@ function log(m) {
process.stdout.write(`${m}\n`);
}
/**
* Function used to satisfy an ACME challenge
*
@@ -25,7 +24,6 @@ async function challengeCreateFn(authz, challenge, keyAuthorization) {
log(keyAuthorization);
}
/**
* Function used to remove an ACME challenge response
*
@@ -41,30 +39,29 @@ async function challengeRemoveFn(authz, challenge, keyAuthorization) {
log(keyAuthorization);
}
/**
* Main
*/
module.exports = async function() {
module.exports = async () => {
/* Init client */
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/* Register account */
await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
/* Place new order */
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: '*.example.com' }
]
{ type: 'dns', value: '*.example.com' },
],
});
/**
@@ -138,8 +135,7 @@ module.exports = async function() {
/* Finalize order */
const [key, csr] = await acme.crypto.createCsr({
commonName: '*.example.com',
altNames: ['example.com']
altNames: ['example.com', '*.example.com'],
});
const finalized = await client.finalizeOrder(order, csr);

13
packages/core/acme-client/examples/auto.js
View File

@@ -9,7 +9,6 @@ function log(m) {
process.stdout.write(`${m}\n`);
}
/**
* Function used to satisfy an ACME challenge
*
@@ -47,7 +46,6 @@ async function challengeCreateFn(authz, challenge, keyAuthorization) {
}
}
/**
* Function used to remove an ACME challenge response
*
@@ -80,25 +78,24 @@ async function challengeRemoveFn(authz, challenge, keyAuthorization) {
/* Replace this */
log(`Would remove TXT record "${dnsRecord}" with value "${recordValue}"`);
// await dnsProvider.removeRecord(dnsRecord, 'TXT');
// await dnsProvider.removeRecord(dnsRecord, 'TXT', recordValue);
}
}
/**
* Main
*/
module.exports = async function() {
module.exports = async () => {
/* Init client */
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/* Create CSR */
const [key, csr] = await acme.crypto.createCsr({
commonName: 'example.com'
altNames: ['example.com'],
});
/* Certificate */
@@ -107,7 +104,7 @@ module.exports = async function() {
email: 'test@example.com',
termsOfServiceAgreed: true,
challengeCreateFn,
challengeRemoveFn
challengeRemoveFn,
});
/* Done */

12
packages/core/acme-client/examples/dns-01/dns-01.js
View File

@@ -19,7 +19,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* Main
*/
@@ -33,18 +32,16 @@ function log(m) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* Order wildcard certificate
*/
log(`Creating CSR for ${WILDCARD_DOMAIN}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: WILDCARD_DOMAIN,
altNames: [`*.${WILDCARD_DOMAIN}`]
altNames: [WILDCARD_DOMAIN, `*.${WILDCARD_DOMAIN}`],
});
log(`Ordering certificate for ${WILDCARD_DOMAIN}`);
@@ -60,12 +57,11 @@ function log(m) {
challengeRemoveFn: (authz, challenge, keyAuthorization) => {
/* TODO: Implement this */
log(`[TODO] Remove TXT record key=_acme-challenge.${authz.identifier.value} value=${keyAuthorization}`);
}
},
});
log(`Certificate for ${WILDCARD_DOMAIN} created successfully`);
/**
* HTTPS server
*/
@@ -78,7 +74,7 @@ function log(m) {
const httpsServer = https.createServer({
key,
cert
cert,
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

12
packages/core/acme-client/examples/http-01/http-01.js
View File

@@ -23,7 +23,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* On-demand certificate generation using http-01
*/
@@ -52,7 +51,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
/* Create CSR */
log(`Creating CSR for ${servername}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: servername
altNames: [servername],
});
/* Order certificate */
@@ -67,7 +66,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
},
challengeRemoveFn: (authz, challenge) => {
delete challengeResponses[challenge.token];
}
},
});
/* Done, store certificate */
@@ -77,7 +76,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
return certificateStore[servername];
}
/**
* Main
*/
@@ -91,10 +89,9 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* HTTP server
*/
@@ -129,7 +126,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`HTTP server listening on port ${HTTP_SERVER_PORT}`);
});
/**
* HTTPS server
*/
@@ -158,7 +154,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

16
packages/core/acme-client/examples/tls-alpn-01/tls-alpn-01.js
View File

@@ -22,7 +22,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* On-demand certificate generation using tls-alpn-01
*/
@@ -51,7 +50,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
/* Create CSR */
log(`Creating CSR for ${servername}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: servername
altNames: [servername],
});
/* Order certificate */
@@ -66,7 +65,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
},
challengeRemoveFn: (authz) => {
delete alpnResponses[authz.identifier.value];
}
},
});
/* Done, store certificate */
@@ -76,7 +75,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
return certificateStore[servername];
}
/**
* Main
*/
@@ -90,10 +88,9 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* ALPN responder
*/
@@ -118,14 +115,14 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`Found ALPN certificate for ${servername}, serving secure context`);
cb(null, tls.createSecureContext({
key: alpnResponses[servername][0],
cert: alpnResponses[servername][1]
cert: alpnResponses[servername][1],
}));
}
catch (e) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
});
/* Terminate once TLS handshake has been established */
@@ -137,7 +134,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`ALPN responder listening on port ${ALPN_RESPONDER_PORT}`);
});
/**
* HTTPS server
*/
@@ -166,7 +162,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

22
packages/core/acme-client/package.json
View File

@@ -3,7 +3,7 @@
"description": "Simple and unopinionated ACME client",
"private": false,
"author": "nmorsman",
"version": "1.20.10",
"version": "1.21.2",
"main": "src/index.js",
"types": "types/index.d.ts",
"license": "MIT",
@@ -16,24 +16,24 @@
"types"
],
"dependencies": {
"@peculiar/x509": "^1.9.7",
"@peculiar/x509": "^1.10.0",
"asn1js": "^3.0.5",
"axios": "^1.6.5",
"axios": "^1.7.2",
"debug": "^4.1.1",
"https-proxy-agent": "^7.0.4",
"node-forge": "^1.3.1"
},
"devDependencies": {
"@types/node": "^20.11.5",
"@types/node": "^20.12.12",
"chai": "^4.4.1",
"chai-as-promised": "^7.1.1",
"eslint": "^8.56.0",
"chai-as-promised": "^7.1.2",
"eslint": "^8.57.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-plugin-import": "^2.29.1",
"jsdoc-to-markdown": "^8.0.0",
"mocha": "^10.2.0",
"nock": "^13.5.0",
"tsd": "^0.30.4",
"jsdoc-to-markdown": "^8.0.1",
"mocha": "^10.4.0",
"nock": "^13.5.4",
"tsd": "^0.31.0",
"typescript": "^4.8.4",
"uuid": "^8.3.2"
},
@@ -59,5 +59,5 @@
"bugs": {
"url": "https://github.com/publishlab/node-acme-client/issues"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

18
packages/core/acme-client/src/api.js
View File

@@ -4,7 +4,6 @@
const util = require('./util');
/**
* AcmeApi
*
@@ -18,7 +17,6 @@ class AcmeApi {
this.accountUrl = accountUrl;
}
/**
* Get account URL
*
@@ -34,7 +32,6 @@ class AcmeApi {
return this.accountUrl;
}
/**
* ACME API request
*
@@ -59,7 +56,6 @@ class AcmeApi {
return resp;
}
/**
* ACME API request by resource name helper
*
@@ -78,7 +74,6 @@ class AcmeApi {
return this.apiRequest(resourceUrl, payload, validStatusCodes, { includeJwsKid, includeExternalAccountBinding });
}
/**
* Get Terms of Service URL if available
*
@@ -91,7 +86,6 @@ class AcmeApi {
return this.http.getMetaField('termsOfService');
}
/**
* Create new account
*
@@ -104,7 +98,7 @@ class AcmeApi {
async createAccount(data) {
const resp = await this.apiResourceRequest('newAccount', data, [200, 201], {
includeJwsKid: false,
includeExternalAccountBinding: (data.onlyReturnExisting !== true)
includeExternalAccountBinding: (data.onlyReturnExisting !== true),
});
/* Set account URL */
@@ -115,7 +109,6 @@ class AcmeApi {
return resp;
}
/**
* Update account
*
@@ -129,7 +122,6 @@ class AcmeApi {
return this.apiRequest(this.getAccountUrl(), data, [200, 202]);
}
/**
* Update account key
*
@@ -143,7 +135,6 @@ class AcmeApi {
return this.apiResourceRequest('keyChange', data, [200]);
}
/**
* Create new order
*
@@ -157,7 +148,6 @@ class AcmeApi {
return this.apiResourceRequest('newOrder', data, [201]);
}
/**
* Get order
*
@@ -171,7 +161,6 @@ class AcmeApi {
return this.apiRequest(url, null, [200]);
}
/**
* Finalize order
*
@@ -186,7 +175,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Get identifier authorization
*
@@ -200,7 +188,6 @@ class AcmeApi {
return this.apiRequest(url, null, [200]);
}
/**
* Update identifier authorization
*
@@ -215,7 +202,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Complete challenge
*
@@ -230,7 +216,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Revoke certificate
*
@@ -245,6 +230,5 @@ class AcmeApi {
}
}
/* Export API */
module.exports = AcmeApi;

105
packages/core/acme-client/src/auto.js
View File

@@ -4,6 +4,7 @@
const { readCsrDomains } = require('./crypto');
const { log } = require('./logger');
const { wait } = require('./wait');
const defaultOpts = {
csr: null,
@@ -13,10 +14,9 @@ const defaultOpts = {
skipChallengeVerification: false,
challengePriority: ['http-01', 'dns-01'],
challengeCreateFn: async () => { throw new Error('Missing challengeCreateFn()'); },
challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); }
challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); },
};
/**
* ACME client auto mode
*
@@ -25,8 +25,8 @@ const defaultOpts = {
* @returns {Promise<buffer>} Certificate
*/
module.exports = async function(client, userOpts) {
const opts = Object.assign({}, defaultOpts, userOpts);
module.exports = async (client, userOpts) => {
const opts = { ...defaultOpts, ...userOpts };
const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
if (!Buffer.isBuffer(opts.csr)) {
@@ -36,7 +36,9 @@ module.exports = async function(client, userOpts) {
if (opts.email) {
accountPayload.contact = [`mailto:${opts.email}`];
}
if (opts.externalAccountBinding) {
accountPayload.externalAccountBinding = opts.externalAccountBinding;
}
/**
* Register account
@@ -53,7 +55,6 @@ module.exports = async function(client, userOpts) {
await client.createAccount(accountPayload);
}
/**
* Parse domains from CSR
*/
@@ -64,7 +65,6 @@ module.exports = async function(client, userOpts) {
log(`[auto] Resolved ${uniqueDomains.length} unique domains from parsing the Certificate Signing Request`);
/**
* Place order
*/
@@ -76,7 +76,6 @@ module.exports = async function(client, userOpts) {
log(`[auto] Placed certificate order successfully, received ${authorizations.length} identity authorizations`);
/**
* Resolve and satisfy challenges
*/
@@ -118,10 +117,23 @@ module.exports = async function(client, userOpts) {
let recordItem = null;
try {
recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
log(`[auto] [${d}] challengeCreateFn success`);
log(`[auto] [${d}] add challengeRemoveFn()`);
clearTasks.push(async () => {
/* Trigger challengeRemoveFn(), suppress errors */
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
try {
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
}
catch (e) {
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
}
});
// throw new Error('测试异常');
/* Challenge verification */
if (opts.skipChallengeVerification === true) {
log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=true`);
log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=truewait 60s`);
await wait(60 * 1000);
}
else {
log(`[auto] [${d}] Running challenge verification`);
@@ -139,19 +151,6 @@ module.exports = async function(client, userOpts) {
log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
throw e;
}
finally {
log(`[auto] [${d}] add challengeRemoveFn()`);
clearTasks.push(async () => {
/* Trigger challengeRemoveFn(), suppress errors */
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
try {
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
}
catch (e) {
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
}
});
}
}
catch (e) {
/* Deactivate pending authz when unable to complete challenge */
@@ -176,21 +175,56 @@ module.exports = async function(client, userOpts) {
await challengeFunc(authz);
});
log('开始challenge');
let promise = Promise.resolve();
function runPromisesSerially(tasks) {
function runAllPromise(tasks) {
let promise = Promise.resolve();
tasks.forEach((task) => {
promise = promise.then(task);
});
return promise;
}
async function runPromisePa(tasks) {
const results = [];
// eslint-disable-next-line no-await-in-loop,no-restricted-syntax
for (const task of tasks) {
results.push(task());
// eslint-disable-next-line no-await-in-loop
await wait(10000);
}
return Promise.all(results);
}
try {
await runPromisesSerially(challengePromises);
log('开始challenge');
await runPromisePa(challengePromises);
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
return await client.getCertificate(finalized, opts.preferredChain);
}
catch (e) {
log('证书申请失败');
log(e);
throw new Error(`证书申请失败:${e.message}`);
}
finally {
await runPromisesSerially(clearTasks);
log(`清理challenge痕迹length:${clearTasks.length}`);
try {
await runAllPromise(clearTasks);
}
catch (e) {
log('清理challenge失败');
log(e);
}
}
// try {
@@ -200,19 +234,4 @@ module.exports = async function(client, userOpts) {
// log('清理challenge');
// await Promise.allSettled(clearTasks);
// }
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
return client.getCertificate(finalized, opts.preferredChain);
};

5
packages/core/acme-client/src/axios.js
View File

@@ -5,7 +5,6 @@
const axios = require('axios');
const pkg = require('./../package.json');
/**
* Instance
*/
@@ -19,9 +18,8 @@ instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version
instance.defaults.acmeSettings = {
httpChallengePort: 80,
httpsChallengePort: 443,
tlsAlpnChallengePort: 443
tlsAlpnChallengePort: 443,
};
// instance.defaults.proxy = {
// host: '192.168.34.139',
// port: 10811
@@ -35,7 +33,6 @@ instance.defaults.acmeSettings = {
instance.defaults.adapter = 'http';
/**
* Export instance
*/

60
packages/core/acme-client/src/client.js
View File

@@ -13,7 +13,6 @@ const verify = require('./verify');
const util = require('./util');
const auto = require('./auto');
/**
* ACME states
*
@@ -24,7 +23,6 @@ const validStates = ['ready', 'valid'];
const pendingStates = ['pending', 'processing'];
const invalidStates = ['invalid'];
/**
* Default options
*
@@ -38,10 +36,9 @@ const defaultOpts = {
externalAccountBinding: {},
backoffAttempts: 10,
backoffMin: 5000,
backoffMax: 30000
backoffMax: 30000,
};
/**
* AcmeClient
*
@@ -61,7 +58,7 @@ const defaultOpts = {
* ```js
* const client = new acme.Client({
* directoryUrl: acme.directory.letsencrypt.staging,
* accountKey: 'Private key goes here'
* accountKey: 'Private key goes here',
* });
* ```
*
@@ -73,7 +70,7 @@ const defaultOpts = {
* accountUrl: 'Optional account URL goes here',
* backoffAttempts: 10,
* backoffMin: 5000,
* backoffMax: 30000
* backoffMax: 30000,
* });
* ```
*
@@ -84,8 +81,8 @@ const defaultOpts = {
* accountKey: 'Private key goes here',
* externalAccountBinding: {
* kid: 'YOUR-EAB-KID',
* hmacKey: 'YOUR-EAB-HMAC-KEY'
* }
* hmacKey: 'YOUR-EAB-HMAC-KEY',
* },
* });
* ```
*/
@@ -96,19 +93,17 @@ class AcmeClient {
opts.accountKey = Buffer.from(opts.accountKey);
}
this.opts = Object.assign({}, defaultOpts, opts);
this.opts = { ...defaultOpts, ...opts };
this.backoffOpts = {
attempts: this.opts.backoffAttempts,
min: this.opts.backoffMin,
max: this.opts.backoffMax
max: this.opts.backoffMax,
};
this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding);
this.api = new AcmeApi(this.http, this.opts.accountUrl);
}
/**
* Get Terms of Service URL if available
*
@@ -128,7 +123,6 @@ class AcmeClient {
return this.api.getTermsOfServiceUrl();
}
/**
* Get current account URL
*
@@ -150,7 +144,6 @@ class AcmeClient {
return this.api.getAccountUrl();
}
/**
* Create a new account
*
@@ -162,7 +155,7 @@ class AcmeClient {
* @example Create a new account
* ```js
* const account = await client.createAccount({
* termsOfServiceAgreed: true
* termsOfServiceAgreed: true,
* });
* ```
*
@@ -170,7 +163,7 @@ class AcmeClient {
* ```js
* const account = await client.createAccount({
* termsOfServiceAgreed: true,
* contact: ['mailto:test@example.com']
* contact: ['mailto:test@example.com'],
* });
* ```
*/
@@ -196,7 +189,6 @@ class AcmeClient {
}
}
/**
* Update existing account
*
@@ -208,7 +200,7 @@ class AcmeClient {
* @example Update existing account
* ```js
* const account = await client.updateAccount({
* contact: ['mailto:foo@example.com']
* contact: ['mailto:foo@example.com'],
* });
* ```
*/
@@ -236,7 +228,6 @@ class AcmeClient {
return resp.data;
}
/**
* Update account private key
*
@@ -282,7 +273,6 @@ class AcmeClient {
return resp.data;
}
/**
* Create a new order
*
@@ -296,8 +286,8 @@ class AcmeClient {
* const order = await client.createOrder({
* identifiers: [
* { type: 'dns', value: 'example.com' },
* { type: 'dns', value: 'test.example.com' }
* ]
* { type: 'dns', value: 'test.example.com' },
* ],
* });
* ```
*/
@@ -314,7 +304,6 @@ class AcmeClient {
return resp.data;
}
/**
* Refresh order object from CA
*
@@ -376,7 +365,6 @@ class AcmeClient {
return resp.data;
}
/**
* Get identifier authorizations from order
*
@@ -406,7 +394,6 @@ class AcmeClient {
}));
}
/**
* Deactivate identifier authorization
*
@@ -427,10 +414,7 @@ class AcmeClient {
throw new Error('Unable to deactivate identifier authorization, URL not found');
}
const data = {
status: 'deactivated'
};
const data = { status: 'deactivated' };
const resp = await this.api.updateAuthorization(authz.url, data);
/* Add URL to response */
@@ -438,7 +422,6 @@ class AcmeClient {
return resp.data;
}
/**
* Get key authorization for ACME challenge
*
@@ -480,7 +463,6 @@ class AcmeClient {
throw new Error(`Unable to produce key authorization, unknown challenge type: ${challenge.type}`);
}
/**
* Verify that ACME challenge is satisfied
*
@@ -515,7 +497,6 @@ class AcmeClient {
return util.retry(verifyFn, this.backoffOpts);
}
/**
* Notify CA that challenge has been completed
*
@@ -536,7 +517,6 @@ class AcmeClient {
return resp.data;
}
/**
* Wait for ACME provider to verify status on a order, authorization or challenge
*
@@ -593,7 +573,6 @@ class AcmeClient {
return util.retry(verifyFn, this.backoffOpts);
}
/**
* Get certificate from ACME order
*
@@ -640,7 +619,6 @@ class AcmeClient {
return resp.data;
}
/**
* Revoke certificate
*
@@ -660,7 +638,7 @@ class AcmeClient {
* ```js
* const certificate = { ... }; // Previously created certificate
* const result = await client.revokeCertificate(certificate, {
* reason: 4
* reason: 4,
* });
* ```
*/
@@ -671,7 +649,6 @@ class AcmeClient {
return resp.data;
}
/**
* Auto mode
*
@@ -689,7 +666,7 @@ class AcmeClient {
* @example Order a certificate using auto mode
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
*
* const certificate = await client.auto({
@@ -701,14 +678,14 @@ class AcmeClient {
* },
* challengeRemoveFn: async (authz, challenge, keyAuthorization) => {
* // Clean up challenge here
* }
* },
* });
* ```
*
* @example Order a certificate using auto mode with preferred chain
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
*
* const certificate = await client.auto({
@@ -717,7 +694,7 @@ class AcmeClient {
* termsOfServiceAgreed: true,
* preferredChain: 'DST Root CA X3',
* challengeCreateFn: async () => {},
* challengeRemoveFn: async () => {}
* challengeRemoveFn: async () => {},
* });
* ```
*/
@@ -727,6 +704,5 @@ class AcmeClient {
}
}
/* Export client */
module.exports = AcmeClient;

49
packages/core/acme-client/src/crypto/forge.js
View File

@@ -13,7 +13,6 @@ const forge = require('node-forge');
const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);
/**
* Attempt to parse forge object from PEM encoded string
*
@@ -54,7 +53,6 @@ function forgeObjectFromPem(input) {
return result;
}
/**
* Parse domain names from a certificate or CSR
*
@@ -93,11 +91,10 @@ function parseDomains(obj) {
return {
commonName,
altNames
altNames,
};
}
/**
* Generate a private RSA key
*
@@ -123,7 +120,6 @@ async function createPrivateKey(size = 2048) {
exports.createPrivateKey = createPrivateKey;
/**
* Create public key from a private RSA key
*
@@ -136,14 +132,13 @@ exports.createPrivateKey = createPrivateKey;
* ```
*/
exports.createPublicKey = async function(key) {
exports.createPublicKey = async (key) => {
const privateKey = forge.pki.privateKeyFromPem(key);
const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
const pemKey = forge.pki.publicKeyToPem(publicKey);
return Buffer.from(pemKey);
};
/**
* Parse body of PEM encoded object from buffer or string
* If multiple objects are chained, the first body will be returned
@@ -157,7 +152,6 @@ exports.getPemBody = (str) => {
return forge.util.encode64(msg.body);
};
/**
* Split chain of PEM encoded objects from buffer or string into array
*
@@ -167,7 +161,6 @@ exports.getPemBody = (str) => {
exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
/**
* Get modulus
*
@@ -182,7 +175,7 @@ exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
* ```
*/
exports.getModulus = async function(input) {
exports.getModulus = async (input) => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -191,7 +184,6 @@ exports.getModulus = async function(input) {
return Buffer.from(forge.util.hexToBytes(obj.n.toString(16)), 'binary');
};
/**
* Get public exponent
*
@@ -206,7 +198,7 @@ exports.getModulus = async function(input) {
* ```
*/
exports.getPublicExponent = async function(input) {
exports.getPublicExponent = async (input) => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -215,7 +207,6 @@ exports.getPublicExponent = async function(input) {
return Buffer.from(forge.util.hexToBytes(obj.e.toString(16)), 'binary');
};
/**
* Read domains from a Certificate Signing Request
*
@@ -231,7 +222,7 @@ exports.getPublicExponent = async function(input) {
* ```
*/
exports.readCsrDomains = async function(csr) {
exports.readCsrDomains = async (csr) => {
if (!Buffer.isBuffer(csr)) {
csr = Buffer.from(csr);
}
@@ -240,7 +231,6 @@ exports.readCsrDomains = async function(csr) {
return parseDomains(obj);
};
/**
* Read information from a certificate
*
@@ -260,7 +250,7 @@ exports.readCsrDomains = async function(csr) {
* ```
*/
exports.readCertificateInfo = async function(cert) {
exports.readCertificateInfo = async (cert) => {
if (!Buffer.isBuffer(cert)) {
cert = Buffer.from(cert);
}
@@ -270,15 +260,14 @@ exports.readCertificateInfo = async function(cert) {
return {
issuer: {
commonName: issuerCn ? issuerCn.value : null
commonName: issuerCn ? issuerCn.value : null,
},
domains: parseDomains(obj),
notAfter: obj.validity.notAfter,
notBefore: obj.validity.notBefore
notBefore: obj.validity.notBefore,
};
};
/**
* Determine ASN.1 type for CSR subject short name
* Note: https://datatracker.ietf.org/doc/html/rfc5280
@@ -299,7 +288,6 @@ function getCsrValueTagClass(shortName) {
}
}
/**
* Create array of short names and values for Certificate Signing Request subjects
*
@@ -319,7 +307,6 @@ function createCsrSubject(subjectObj) {
}, []);
}
/**
* Create array of alt names for Certificate Signing Requests
* Note: https://github.com/digitalbazaar/forge/blob/dfdde475677a8a25c851e33e8f81dca60d90cfb9/lib/x509.js#L1444-L1454
@@ -336,7 +323,6 @@ function formatCsrAltNames(altNames) {
});
}
/**
* Create a Certificate Signing Request
*
@@ -356,29 +342,30 @@ function formatCsrAltNames(altNames) {
* @example Create a Certificate Signing Request
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
* ```
*
* @example Certificate Signing Request with both common and alternative names
* > *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* keySize: 4096,
* commonName: 'test.example.com',
* altNames: ['foo.example.com', 'bar.example.com']
* altNames: ['foo.example.com', 'bar.example.com'],
* });
* ```
*
* @example Certificate Signing Request with additional information
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com',
* altNames: ['test.example.com'],
* country: 'US',
* state: 'California',
* locality: 'Los Angeles',
* organization: 'The Company Inc.',
* organizationUnit: 'IT Department',
* emailAddress: 'contact@example.com'
* emailAddress: 'contact@example.com',
* });
* ```
*
@@ -387,11 +374,11 @@ function formatCsrAltNames(altNames) {
* const certificateKey = await acme.forge.createPrivateKey();
*
* const [, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* }, certificateKey);
*/
exports.createCsr = async function(data, key = null) {
exports.createCsr = async (data, key = null) => {
if (!key) {
key = await createPrivateKey(data.keySize);
}
@@ -423,7 +410,7 @@ exports.createCsr = async function(data, key = null) {
L: data.locality,
O: data.organization,
OU: data.organizationUnit,
E: data.emailAddress
E: data.emailAddress,
});
csr.setSubject(subject);
@@ -434,8 +421,8 @@ exports.createCsr = async function(data, key = null) {
name: 'extensionRequest',
extensions: [{
name: 'subjectAltName',
altNames: formatCsrAltNames(data.altNames)
}]
altNames: formatCsrAltNames(data.altNames),
}],
}]);
}

65
packages/core/acme-client/src/crypto/index.js
View File

@@ -22,7 +22,6 @@ const subjectAltNameOID = '2.5.29.17';
/* id-pe-acmeIdentifier - https://datatracker.ietf.org/doc/html/rfc8737#section-6.1 */
const alpnAcmeIdentifierOID = '1.3.6.1.5.5.7.1.31';
/**
* Determine key type and info by attempting to derive public key
*
@@ -35,7 +34,7 @@ function getKeyInfo(keyPem) {
const result = {
isRSA: false,
isECDSA: false,
publicKey: crypto.createPublicKey(keyPem)
publicKey: crypto.createPublicKey(keyPem),
};
if (result.publicKey.asymmetricKeyType === 'rsa') {
@@ -51,7 +50,6 @@ function getKeyInfo(keyPem) {
return result;
}
/**
* Generate a private RSA key
*
@@ -74,8 +72,8 @@ async function createPrivateRsaKey(modulusLength = 2048) {
modulusLength,
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
format: 'pem',
},
});
return Buffer.from(pair.privateKey);
@@ -83,7 +81,6 @@ async function createPrivateRsaKey(modulusLength = 2048) {
exports.createPrivateRsaKey = createPrivateRsaKey;
/**
* Alias of `createPrivateRsaKey()`
*
@@ -92,7 +89,6 @@ exports.createPrivateRsaKey = createPrivateRsaKey;
exports.createPrivateKey = createPrivateRsaKey;
/**
* Generate a private ECDSA key
*
@@ -115,14 +111,13 @@ exports.createPrivateEcdsaKey = async (namedCurve = 'P-256') => {
namedCurve,
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
format: 'pem',
},
});
return Buffer.from(pair.privateKey);
};
/**
* Get a public key derived from a RSA or ECDSA key
*
@@ -140,13 +135,12 @@ exports.getPublicKey = (keyPem) => {
const publicKey = info.publicKey.export({
type: info.isECDSA ? 'spki' : 'pkcs1',
format: 'pem'
format: 'pem',
});
return Buffer.from(publicKey);
};
/**
* Get a JSON Web Key derived from a RSA or ECDSA key
*
@@ -163,7 +157,7 @@ exports.getPublicKey = (keyPem) => {
function getJwk(keyPem) {
const jwk = crypto.createPublicKey(keyPem).export({
format: 'jwk'
format: 'jwk',
});
/* Sort keys */
@@ -175,7 +169,6 @@ function getJwk(keyPem) {
exports.getJwk = getJwk;
/**
* Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
*
@@ -191,7 +184,7 @@ async function getWebCryptoKeyPair(keyPem) {
/* Signing algorithm */
const sigalg = {
name: 'RSASSA-PKCS1-v1_5',
hash: { name: 'SHA-256' }
hash: { name: 'SHA-256' },
};
if (info.isECDSA) {
@@ -215,7 +208,6 @@ async function getWebCryptoKeyPair(keyPem) {
return [{ privateKey, publicKey }, sigalg];
}
/**
* Split chain of PEM encoded objects from string into array
*
@@ -235,7 +227,6 @@ function splitPemChain(chainPem) {
exports.splitPemChain = splitPemChain;
/**
* Parse body of PEM encoded object and return a Base64URL string
* If multiple objects are chained, the first body will be returned
@@ -256,7 +247,6 @@ exports.getPemBodyAsB64u = (pem) => {
return Buffer.from(dec).toString('base64url');
};
/**
* Parse domains from a certificate or CSR
*
@@ -277,11 +267,10 @@ function parseDomains(input) {
return {
commonName,
altNames
altNames,
};
}
/**
* Read domains from a Certificate Signing Request
*
@@ -307,7 +296,6 @@ exports.readCsrDomains = (csrPem) => {
return parseDomains(csr);
};
/**
* Read information from a certificate
* If multiple certificates are chained, the first will be read
@@ -338,15 +326,14 @@ exports.readCertificateInfo = (certPem) => {
return {
issuer: {
commonName: cert.issuerName.getField('CN').pop() || null
commonName: cert.issuerName.getField('CN').pop() || null,
},
domains: parseDomains(cert),
notBefore: cert.notBefore,
notAfter: cert.notAfter
notAfter: cert.notAfter,
};
};
/**
* Determine ASN.1 character string type for CSR subject field name
*
@@ -369,7 +356,6 @@ function getCsrAsn1CharStringType(field) {
}
}
/**
* Create array of subject fields for a Certificate Signing Request
*
@@ -391,7 +377,6 @@ function createCsrSubject(input) {
}, []);
}
/**
* Create x509 subject alternate name extension
*
@@ -409,7 +394,6 @@ function createSubjectAltNameExtension(altNames) {
}));
}
/**
* Create a Certificate Signing Request
*
@@ -429,29 +413,30 @@ function createSubjectAltNameExtension(altNames) {
* @example Create a Certificate Signing Request
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
* ```
*
* @example Certificate Signing Request with both common and alternative names
* > *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* keySize: 4096,
* commonName: 'test.example.com',
* altNames: ['foo.example.com', 'bar.example.com']
* altNames: ['foo.example.com', 'bar.example.com'],
* });
* ```
*
* @example Certificate Signing Request with additional information
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com',
* altNames: ['test.example.com'],
* country: 'US',
* state: 'California',
* locality: 'Los Angeles',
* organization: 'The Company Inc.',
* organizationUnit: 'IT Department',
* emailAddress: 'contact@example.com'
* emailAddress: 'contact@example.com',
* });
* ```
*
@@ -460,8 +445,9 @@ function createSubjectAltNameExtension(altNames) {
* const certificateKey = await acme.crypto.createPrivateEcdsaKey();
*
* const [, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* }, certificateKey);
* ```
*/
exports.createCsr = async (data, keyPem = null) => {
@@ -489,7 +475,7 @@ exports.createCsr = async (data, keyPem = null) => {
new x509.KeyUsagesExtension(x509.KeyUsageFlags.digitalSignature | x509.KeyUsageFlags.keyEncipherment), // eslint-disable-line no-bitwise
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
createSubjectAltNameExtension(data.altNames)
createSubjectAltNameExtension(data.altNames),
];
/* Create CSR */
@@ -504,8 +490,8 @@ exports.createCsr = async (data, keyPem = null) => {
L: data.locality,
O: data.organization,
OU: data.organizationUnit,
E: data.emailAddress
})
E: data.emailAddress,
}),
});
/* Done */
@@ -513,7 +499,6 @@ exports.createCsr = async (data, keyPem = null) => {
return [keyPem, Buffer.from(pem)];
};
/**
* Create a self-signed ALPN certificate for TLS-ALPN-01 challenges
*
@@ -533,6 +518,7 @@ exports.createCsr = async (data, keyPem = null) => {
* ```js
* const alpnKey = await acme.crypto.createPrivateEcdsaKey();
* const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAuthorization, alpnKey);
* ```
*/
exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
@@ -564,7 +550,7 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
await x509.SubjectKeyIdentifierExtension.create(keys.publicKey),
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
createSubjectAltNameExtension([commonName])
createSubjectAltNameExtension([commonName]),
];
/* ALPN extension */
@@ -581,8 +567,8 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
notBefore: now,
notAfter: now,
name: createCsrSubject({
CN: commonName
})
CN: commonName,
}),
});
/* Done */
@@ -590,7 +576,6 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
return [keyPem, Buffer.from(pem)];
};
/**
* Validate that a ALPN certificate contains the expected key authorization
*

17
packages/core/acme-client/src/http.js
View File

@@ -40,7 +40,6 @@ class HttpClient {
this.jwk = null;
}
/**
* HTTP request
*
@@ -70,7 +69,6 @@ class HttpClient {
return resp;
}
/**
* Ensure provider directory exists
*
@@ -95,7 +93,6 @@ class HttpClient {
}
}
/**
* Get JSON Web Key
*
@@ -110,7 +107,6 @@ class HttpClient {
return this.jwk;
}
/**
* Get nonce from directory API endpoint
*
@@ -130,7 +126,6 @@ class HttpClient {
return resp.headers['replay-nonce'];
}
/**
* Get URL for a directory resource
*
@@ -148,7 +143,6 @@ class HttpClient {
return this.directory[resource];
}
/**
* Get directory meta field
*
@@ -166,7 +160,6 @@ class HttpClient {
return null;
}
/**
* Prepare HTTP request body for signature
*
@@ -199,11 +192,10 @@ class HttpClient {
/* Body */
return {
payload: payload ? Buffer.from(JSON.stringify(payload)).toString('base64url') : '',
protected: Buffer.from(JSON.stringify(header)).toString('base64url')
protected: Buffer.from(JSON.stringify(header)).toString('base64url'),
};
}
/**
* Create JWS HTTP request body using HMAC
*
@@ -226,7 +218,6 @@ class HttpClient {
return result;
}
/**
* Create JWS HTTP request body using RSA or ECC
*
@@ -267,13 +258,12 @@ class HttpClient {
result.signature = signer.sign({
key: this.accountKey,
padding: RSA_PKCS1_PADDING,
dsaEncoding: 'ieee-p1363'
dsaEncoding: 'ieee-p1363',
}, 'base64url');
return result;
}
/**
* Signed HTTP request
*
@@ -309,7 +299,7 @@ class HttpClient {
const data = this.createSignedBody(url, payload, { nonce, kid });
const resp = await this.request(url, 'post', { data });
/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/draft-ietf-acme-acme-10#section-6.4 */
/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/rfc8555#section-6.5 */
if (resp.data && resp.data.type && (resp.status === 400) && (resp.data.type === 'urn:ietf:params:acme:error:badNonce') && (attempts < this.maxBadNonceRetries)) {
nonce = resp.headers['replay-nonce'] || null;
attempts += 1;
@@ -323,6 +313,5 @@ class HttpClient {
}
}
/* Export client */
module.exports = HttpClient;

13
packages/core/acme-client/src/index.js
View File

@@ -4,7 +4,6 @@
exports.Client = require('./client');
/**
* Directory URLs
*/
@@ -12,18 +11,18 @@ exports.Client = require('./client');
exports.directory = {
buypass: {
staging: 'https://api.test4.buypass.no/acme/directory',
production: 'https://api.buypass.com/acme/directory'
production: 'https://api.buypass.com/acme/directory',
},
letsencrypt: {
staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
production: 'https://acme-v02.api.letsencrypt.org/directory'
production: 'https://acme-v02.api.letsencrypt.org/directory',
},
zerossl: {
production: 'https://acme.zerossl.com/v2/DV90'
}
staging: 'https://acme.zerossl.com/v2/DV90',
production: 'https://acme.zerossl.com/v2/DV90',
},
};
/**
* Crypto
*/
@@ -31,14 +30,12 @@ exports.directory = {
exports.crypto = require('./crypto');
exports.forge = require('./crypto/forge');
/**
* Axios
*/
exports.axios = require('./axios');
/**
* Logger
*/

4
packages/core/acme-client/src/logger.js
View File

@@ -6,7 +6,6 @@ const debug = require('debug')('acme-client');
let logger = () => {};
/**
* Set logger function
*
@@ -17,11 +16,10 @@ exports.setLogger = (fn) => {
logger = fn;
};
/**
* Log message
*
* @param {string} Message
* @param {string} msg Message
*/
exports.log = (msg) => {

15
packages/core/acme-client/src/util.js
View File

@@ -7,7 +7,6 @@ const dns = require('dns').promises;
const { readCertificateInfo, splitPemChain } = require('./crypto');
const { log } = require('./logger');
/**
* Exponential backoff
*
@@ -26,7 +25,6 @@ class Backoff {
this.attempts = 0;
}
/**
* Get backoff duration
*
@@ -40,7 +38,6 @@ class Backoff {
}
}
/**
* Retry promise
*
@@ -70,7 +67,6 @@ async function retryPromise(fn, attempts, backoff) {
}
}
/**
* Retry promise
*
@@ -87,7 +83,6 @@ function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
return retryPromise(fn, attempts, backoff);
}
/**
* Parse URLs from link header
*
@@ -107,7 +102,6 @@ function parseLinkHeader(header, rel = 'alternate') {
return results.filter((r) => r);
}
/**
* Find certificate chain with preferred issuer common name
* - If issuer is found in multiple chains, the closest to root wins
@@ -157,7 +151,6 @@ function findCertificateChainForIssuer(chains, issuer) {
return chains[0];
}
/**
* Find and format error in response object
*
@@ -178,7 +171,6 @@ function formatResponseError(resp) {
return result.replace(/\n/g, '');
}
/**
* Resolve root domain name by looking for SOA record
*
@@ -204,7 +196,6 @@ async function resolveDomainBySoaRecord(recordName) {
}
}
/**
* Get DNS resolver using domains authoritative NS records
*
@@ -245,7 +236,6 @@ async function getAuthoritativeDnsResolver(recordName) {
return resolver;
}
/**
* Attempt to retrieve TLS ALPN certificate from peer
*
@@ -267,7 +257,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
port,
servername: host,
rejectUnauthorized: false,
ALPNProtocols: ['acme-tls/1']
ALPNProtocols: ['acme-tls/1'],
});
socket.setTimeout(timeout);
@@ -299,7 +289,6 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
});
}
/**
* Export utils
*/
@@ -310,5 +299,5 @@ module.exports = {
findCertificateChainForIssuer,
formatResponseError,
getAuthoritativeDnsResolver,
retrieveTlsAlpnCertificate
retrieveTlsAlpnCertificate,
};

31
packages/core/acme-client/src/verify.js
View File

@@ -9,7 +9,6 @@ const axios = require('./axios');
const util = require('./util');
const { isAlpnCertificateAuthorizationValid } = require('./crypto');
/**
* Verify ACME HTTP challenge
*
@@ -43,25 +42,24 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
return true;
}
/**
* Walk DNS until TXT records are found
*/
async function walkDnsChallengeRecord(recordName, resolver = dns) {
/* Resolve CNAME record first */
try {
log(`Checking name for CNAME records: ${recordName}`);
const cnameRecords = await resolver.resolveCname(recordName);
if (cnameRecords.length) {
log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
return walkDnsChallengeRecord(cnameRecords[0]);
}
}
catch (e) {
log(`No CNAME records found for name: ${recordName}`);
}
// try {
// log(`Checking name for CNAME records: ${recordName}`);
// const cnameRecords = await resolver.resolveCname(recordName);
//
// if (cnameRecords.length) {
// log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
// return walkDnsChallengeRecord(cnameRecords[0]);
// }
// }
// catch (e) {
// log(`No CNAME records found for name: ${recordName}`);
// }
/* Resolve TXT records */
try {
@@ -81,7 +79,6 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
throw new Error(`No TXT records found for name: ${recordName}`);
}
/**
* Verify ACME DNS challenge
*
@@ -121,7 +118,6 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
return true;
}
/**
* Verify ACME TLS ALPN challenge
*
@@ -149,7 +145,6 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
return true;
}
/**
* Export API
*/
@@ -157,5 +152,5 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
module.exports = {
'http-01': verifyHttpChallenge,
'dns-01': verifyDnsChallenge,
'tls-alpn-01': verifyTlsAlpnChallenge
'tls-alpn-01': verifyTlsAlpnChallenge,
};

9
packages/core/acme-client/src/wait.js Normal file
View File

@@ -0,0 +1,9 @@
async function wait(ms) {
return new Promise((resolve) => {
setTimeout(resolve, ms);
});
}
module.exports = {
wait
};

11
packages/core/acme-client/test/00-pebble.spec.js
View File

@@ -16,7 +16,6 @@ const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
describe('pebble', () => {
const httpsAgent = new https.Agent({ rejectUnauthorized: false });
@@ -39,18 +38,16 @@ describe('pebble', () => {
const testTlsAlpn01ChallengeHost = `${uuid()}.${domainName}`;
const testTlsAlpn01ChallengeValue = uuid();
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* DNS mocking
*/
@@ -92,7 +89,6 @@ describe('pebble', () => {
});
});
/**
* HTTP-01 challenge response
*/
@@ -118,7 +114,6 @@ describe('pebble', () => {
});
});
/**
* HTTPS-01 challenge response
*/
@@ -143,7 +138,7 @@ describe('pebble', () => {
/* Assert HTTP 302 */
const resp = await axios.get(`http://${testHttps01ChallengeHost}:${httpPort}/.well-known/acme-challenge/${testHttps01ChallengeToken}`, {
maxRedirects: 0,
validateStatus: null
validateStatus: null,
});
assert.strictEqual(resp.status, 302);
@@ -165,7 +160,6 @@ describe('pebble', () => {
});
});
/**
* DNS-01 challenge response
*/
@@ -188,7 +182,6 @@ describe('pebble', () => {
});
});
/**
* TLS-ALPN-01 challenge response
*/

5
packages/core/acme-client/test/10-http.spec.js
View File

@@ -9,7 +9,6 @@ const axios = require('./../src/axios');
const HttpClient = require('./../src/http');
const pkg = require('./../package.json');
describe('http', () => {
let testClient;
@@ -20,7 +19,6 @@ describe('http', () => {
const defaultUaEndpoint = `http://${uuid()}.example.com`;
const customUaEndpoint = `http://${uuid()}.example.com`;
/**
* HTTP mocking
*/
@@ -43,7 +41,6 @@ describe('http', () => {
axios.defaults.headers.common['User-Agent'] = defaultUserAgent;
});
/**
* Initialize
*/
@@ -52,7 +49,6 @@ describe('http', () => {
testClient = new HttpClient();
});
/**
* HTTP verbs
*/
@@ -65,7 +61,6 @@ describe('http', () => {
assert.strictEqual(resp.data, 'ok');
});
/**
* User-Agent
*/

3
packages/core/acme-client/test/10-logger.spec.js
View File

@@ -5,7 +5,6 @@
const { assert } = require('chai');
const logger = require('./../src/logger');
describe('logger', () => {
let lastLogMessage = null;
@@ -13,7 +12,6 @@ describe('logger', () => {
lastLogMessage = msg;
}
/**
* Logger
*/
@@ -23,7 +21,6 @@ describe('logger', () => {
assert.isNull(lastLogMessage);
});
it('should log with custom logger', () => {
logger.setLogger(customLoggerFn);

9
packages/core/acme-client/test/10-verify.spec.js
View File

@@ -9,7 +9,6 @@ const verify = require('./../src/verify');
const domainName = process.env.ACME_DOMAIN_NAME || 'example.com';
describe('verify', () => {
const challengeTypes = ['http-01', 'dns-01'];
@@ -30,18 +29,16 @@ describe('verify', () => {
const testTlsAlpn01Challenge = { type: 'dns-01', status: 'pending', token: uuid() };
const testTlsAlpn01Key = uuid();
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* API
*/
@@ -50,7 +47,6 @@ describe('verify', () => {
assert.containsAllKeys(verify, challengeTypes);
});
/**
* http-01
*/
@@ -81,7 +77,6 @@ describe('verify', () => {
});
});
/**
* https-01
*/
@@ -102,7 +97,6 @@ describe('verify', () => {
});
});
/**
* dns-01
*/
@@ -133,7 +127,6 @@ describe('verify', () => {
});
});
/**
* tls-alpn-01
*/

19
packages/core/acme-client/test/20-crypto-legacy.spec.js
View File

@@ -9,10 +9,9 @@ const spec = require('./spec');
const forge = require('./../src/crypto/forge');
const cryptoEngines = {
forge
forge,
};
describe('crypto-legacy', () => {
let testPemKey;
let testCert;
@@ -28,7 +27,6 @@ describe('crypto-legacy', () => {
const testCertPath = path.join(__dirname, 'fixtures', 'certificate.crt');
const testSanCertPath = path.join(__dirname, 'fixtures', 'san-certificate.crt');
/**
* Fixtures
*/
@@ -50,7 +48,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Engines
*/
@@ -62,7 +59,6 @@ describe('crypto-legacy', () => {
let testNonCnCsr;
let testNonAsciiCsr;
/**
* Key generation
*/
@@ -83,14 +79,13 @@ describe('crypto-legacy', () => {
publicKeyStore.push(key.toString().replace(/[\r\n]/gm, ''));
});
/**
* Certificate Signing Request
*/
it('should generate a csr', async () => {
const [key, csr] = await engine.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
});
assert.isTrue(Buffer.isBuffer(key));
@@ -102,7 +97,7 @@ describe('crypto-legacy', () => {
it('should generate a san csr', async () => {
const [key, csr] = await engine.createCsr({
commonName: testSanCsrDomains[0],
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length)
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length),
});
assert.isTrue(Buffer.isBuffer(key));
@@ -113,7 +108,7 @@ describe('crypto-legacy', () => {
it('should generate a csr without common name', async () => {
const [key, csr] = await engine.createCsr({
altNames: testSanCsrDomains
altNames: testSanCsrDomains,
});
assert.isTrue(Buffer.isBuffer(key));
@@ -126,7 +121,7 @@ describe('crypto-legacy', () => {
const [key, csr] = await engine.createCsr({
commonName: testCsrDomain,
organization: '大安區',
organizationUnit: '中文部門'
organizationUnit: '中文部門',
});
assert.isTrue(Buffer.isBuffer(key));
@@ -167,7 +162,6 @@ describe('crypto-legacy', () => {
assert.deepStrictEqual(result.altNames, [testCsrDomain]);
});
/**
* Certificate
*/
@@ -188,7 +182,6 @@ describe('crypto-legacy', () => {
assert.deepEqual(info.domains.altNames, testSanCsrDomains.slice(1, testSanCsrDomains.length));
});
/**
* PEM utils
*/
@@ -214,7 +207,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Modulus and exponent
*/
@@ -246,7 +238,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Verify identical results
*/

37
packages/core/acme-client/test/20-crypto.spec.js
View File

@@ -50,7 +50,6 @@ dGVzdGluZ3Rlc3Rpbmd0ZXN0aW5ndGVzdGluZ3Rlc3Rpbmd0ZXN0aW5ndGVzdGluZ3Rlc3Rpbmd0ZXN0
-----END TEST-----
`;
describe('crypto', () => {
const testCsrDomain = 'example.com';
const testSanCsrDomains = ['example.com', 'test.example.com', 'abc.example.com'];
@@ -58,7 +57,6 @@ describe('crypto', () => {
const testCertPath = path.join(__dirname, 'fixtures', 'certificate.crt');
const testSanCertPath = path.join(__dirname, 'fixtures', 'san-certificate.crt');
/**
* Key types
*/
@@ -68,24 +66,23 @@ describe('crypto', () => {
createKeyFns: {
s1024: () => crypto.createPrivateRsaKey(1024),
s2048: () => crypto.createPrivateRsaKey(),
s4096: () => crypto.createPrivateRsaKey(4096)
s4096: () => crypto.createPrivateRsaKey(4096),
},
jwkSpecFn: spec.jwk.rsa
jwkSpecFn: spec.jwk.rsa,
},
ecdsa: {
createKeyFns: {
p256: () => crypto.createPrivateEcdsaKey(),
p384: () => crypto.createPrivateEcdsaKey('P-384'),
p521: () => crypto.createPrivateEcdsaKey('P-521')
p521: () => crypto.createPrivateEcdsaKey('P-521'),
},
jwkSpecFn: spec.jwk.ecdsa
}
jwkSpecFn: spec.jwk.ecdsa,
},
}).forEach(([name, { createKeyFns, jwkSpecFn }]) => {
describe(name, () => {
const testPrivateKeys = {};
const testPublicKeys = {};
/**
* Iterate through all generator variations
*/
@@ -97,7 +94,6 @@ describe('crypto', () => {
let testNonAsciiCsr;
let testAlpnCertificate;
/**
* Keys and JWK
*/
@@ -132,14 +128,13 @@ describe('crypto', () => {
jwkSpecFn(jwk);
});
/**
* Certificate Signing Request
*/
it(`${n}/should generate a csr`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -151,7 +146,7 @@ describe('crypto', () => {
it(`${n}/should generate a san csr`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testSanCsrDomains[0],
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length)
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length),
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -162,7 +157,7 @@ describe('crypto', () => {
it(`${n}/should generate a csr without common name`, async () => {
const [key, csr] = await crypto.createCsr({
altNames: testSanCsrDomains
altNames: testSanCsrDomains,
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -175,7 +170,7 @@ describe('crypto', () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain,
organization: '大安區',
organizationUnit: '中文部門'
organizationUnit: '中文部門',
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -186,7 +181,7 @@ describe('crypto', () => {
it(`${n}/should generate a csr with key as string`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPrivateKeys[n].toString());
assert.isTrue(Buffer.isBuffer(key));
@@ -195,11 +190,10 @@ describe('crypto', () => {
it(`${n}/should throw with invalid key`, async () => {
await assert.isRejected(crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPublicKeys[n]));
});
/**
* Domain and info resolver
*/
@@ -243,7 +237,6 @@ describe('crypto', () => {
});
});
/**
* ALPN
*/
@@ -284,7 +277,6 @@ describe('crypto', () => {
});
});
/**
* Common functionality
*/
@@ -294,7 +286,6 @@ describe('crypto', () => {
let testCert;
let testSanCert;
it('should read private key fixture', async () => {
testPemKey = await fs.readFile(testKeyPath);
assert.isTrue(Buffer.isBuffer(testPemKey));
@@ -310,21 +301,19 @@ describe('crypto', () => {
assert.isTrue(Buffer.isBuffer(testSanCert));
});
/**
* CSR with auto-generated key
*/
it('should generate a csr with default key', async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
});
assert.isTrue(Buffer.isBuffer(key));
assert.isTrue(Buffer.isBuffer(csr));
});
/**
* Certificate
*/
@@ -352,7 +341,6 @@ describe('crypto', () => {
});
});
/**
* ALPN
*/
@@ -365,7 +353,6 @@ describe('crypto', () => {
assert.isTrue(Buffer.isBuffer(cert));
});
/**
* PEM utils
*/

94
packages/core/acme-client/test/50-client.spec.js
View File

@@ -20,35 +20,32 @@ const clientOpts = {
directoryUrl,
backoffAttempts: 5,
backoffMin: 1000,
backoffMax: 5000
backoffMax: 5000,
};
if (capEabEnabled && process.env.ACME_EAB_KID && process.env.ACME_EAB_HMAC_KEY) {
clientOpts.externalAccountBinding = {
kid: process.env.ACME_EAB_KID,
hmacKey: process.env.ACME_EAB_HMAC_KEY
hmacKey: process.env.ACME_EAB_HMAC_KEY,
};
}
describe('client', () => {
const testDomain = `${uuid()}.${domainName}`;
const testDomainAlpn = `${uuid()}.${domainName}`;
const testDomainWildcard = `*.${testDomain}`;
const testContact = `mailto:test-${uuid()}@nope.com`;
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* Key types
*/
@@ -58,18 +55,18 @@ describe('client', () => {
createKeyFn: () => acme.crypto.createPrivateRsaKey(),
createKeyAltFns: {
s1024: () => acme.crypto.createPrivateRsaKey(1024),
s4096: () => acme.crypto.createPrivateRsaKey(4096)
s4096: () => acme.crypto.createPrivateRsaKey(4096),
},
jwkSpecFn: spec.jwk.rsa
jwkSpecFn: spec.jwk.rsa,
},
ecdsa: {
createKeyFn: () => acme.crypto.createPrivateEcdsaKey(),
createKeyAltFns: {
p384: () => acme.crypto.createPrivateEcdsaKey('P-384'),
p521: () => acme.crypto.createPrivateEcdsaKey('P-521')
p521: () => acme.crypto.createPrivateEcdsaKey('P-521'),
},
jwkSpecFn: spec.jwk.ecdsa
}
jwkSpecFn: spec.jwk.ecdsa,
},
}).forEach(([name, { createKeyFn, createKeyAltFns, jwkSpecFn }]) => {
describe(name, () => {
let testIssuers;
@@ -97,7 +94,6 @@ describe('client', () => {
let testCertificateAlpn;
let testCertificateWildcard;
/**
* Fixtures
*/
@@ -114,11 +110,11 @@ describe('client', () => {
it('should generate certificate signing request', async () => {
[, testCsr] = await acme.crypto.createCsr({ commonName: testDomain }, await createKeyFn());
[, testCsrAlpn] = await acme.crypto.createCsr({ commonName: testDomainAlpn }, await createKeyFn());
[, testCsrWildcard] = await acme.crypto.createCsr({ commonName: testDomainWildcard }, await createKeyFn());
[, testCsrAlpn] = await acme.crypto.createCsr({ altNames: [testDomainAlpn] }, await createKeyFn());
[, testCsrWildcard] = await acme.crypto.createCsr({ altNames: [testDomainWildcard] }, await createKeyFn());
});
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -134,7 +130,6 @@ describe('client', () => {
});
});
/**
* Initialize clients
*/
@@ -142,7 +137,7 @@ describe('client', () => {
it('should initialize client', () => {
testClient = new acme.Client({
...clientOpts,
accountKey: testAccountKey
accountKey: testAccountKey,
});
});
@@ -151,12 +146,11 @@ describe('client', () => {
jwkSpecFn(jwk);
});
/**
* Terms of Service
*/
it('should produce tos url [ACME_CAP_META_TOS_FIELD]', async function() {
it('should produce tos url [ACME_CAP_META_TOS_FIELD]', async function () {
if (!capMetaTosField) {
this.skip();
}
@@ -165,7 +159,7 @@ describe('client', () => {
assert.isString(tos);
});
it('should not produce tos url [!ACME_CAP_META_TOS_FIELD]', async function() {
it('should not produce tos url [!ACME_CAP_META_TOS_FIELD]', async function () {
if (capMetaTosField) {
this.skip();
}
@@ -174,12 +168,11 @@ describe('client', () => {
assert.isNull(tos);
});
/**
* Create account
*/
it('should refuse account creation without tos [ACME_CAP_META_TOS_FIELD]', async function() {
it('should refuse account creation without tos [ACME_CAP_META_TOS_FIELD]', async function () {
if (!capMetaTosField) {
this.skip();
}
@@ -187,7 +180,7 @@ describe('client', () => {
await assert.isRejected(testClient.createAccount());
});
it('should refuse account creation without eab [ACME_CAP_EAB_ENABLED]', async function() {
it('should refuse account creation without eab [ACME_CAP_EAB_ENABLED]', async function () {
if (!capEabEnabled) {
this.skip();
}
@@ -195,17 +188,17 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
externalAccountBinding: null
externalAccountBinding: null,
});
await assert.isRejected(client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
}));
});
it('should create an account', async () => {
testAccount = await testClient.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
spec.rfc8555.account(testAccount);
@@ -217,7 +210,6 @@ describe('client', () => {
assert.isString(testAccountUrl);
});
/**
* Create account with alternate key sizes
*/
@@ -226,11 +218,11 @@ describe('client', () => {
it(`should create account with key=${k}`, async () => {
const client = new acme.Client({
...clientOpts,
accountKey: await altKeyFn()
accountKey: await altKeyFn(),
});
const account = await client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
spec.rfc8555.account(account);
@@ -238,7 +230,6 @@ describe('client', () => {
});
});
/**
* Find existing account using secondary client
*/
@@ -246,22 +237,22 @@ describe('client', () => {
it('should throw when trying to find account using invalid account key', async () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountSecondaryKey
accountKey: testAccountSecondaryKey,
});
await assert.isRejected(client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
}));
});
it('should find existing account using account key', async () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey
accountKey: testAccountKey,
});
const account = await client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -269,7 +260,6 @@ describe('client', () => {
assert.deepStrictEqual(account.key, testAccount.key);
});
/**
* Account URL
*/
@@ -278,7 +268,7 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
accountUrl: 'https://acme-staging-v02.api.letsencrypt.org/acme/acct/1'
accountUrl: 'https://acme-staging-v02.api.letsencrypt.org/acme/acct/1',
});
await assert.isRejected(client.updateAccount());
@@ -288,11 +278,11 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
accountUrl: testAccountUrl
accountUrl: testAccountUrl,
});
const account = await client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -300,7 +290,6 @@ describe('client', () => {
assert.deepStrictEqual(account.key, testAccount.key);
});
/**
* Update account contact info
*/
@@ -316,12 +305,11 @@ describe('client', () => {
assert.include(account.contact, testContact);
});
/**
* Change account private key
*/
it('should change account private key [ACME_CAP_UPDATE_ACCOUNT_KEY]', async function() {
it('should change account private key [ACME_CAP_UPDATE_ACCOUNT_KEY]', async function () {
if (!capUpdateAccountKey) {
this.skip();
}
@@ -329,7 +317,7 @@ describe('client', () => {
await testClient.updateAccountKey(testAccountSecondaryKey);
const account = await testClient.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -337,7 +325,6 @@ describe('client', () => {
assert.notDeepEqual(account.key, testAccount.key);
});
/**
* Create new certificate order
*/
@@ -357,7 +344,6 @@ describe('client', () => {
});
});
/**
* Get status of existing certificate order
*/
@@ -371,7 +357,6 @@ describe('client', () => {
}));
});
/**
* Get identifier authorization
*/
@@ -401,7 +386,6 @@ describe('client', () => {
});
});
/**
* Generate challenge key authorization
*/
@@ -418,7 +402,6 @@ describe('client', () => {
[testKeyAuthorization, testKeyAuthorizationAlpn, testKeyAuthorizationWildcard].forEach((k) => assert.isString(k));
});
/**
* Deactivate identifier authorization
*/
@@ -427,8 +410,8 @@ describe('client', () => {
const order = await testClient.createOrder({
identifiers: [
{ type: 'dns', value: `${uuid()}.${domainName}` },
{ type: 'dns', value: `${uuid()}.${domainName}` }
]
{ type: 'dns', value: `${uuid()}.${domainName}` },
],
});
const authzCollection = await testClient.getAuthorizations(order);
@@ -445,7 +428,6 @@ describe('client', () => {
});
});
/**
* Verify satisfied challenge
*/
@@ -460,7 +442,6 @@ describe('client', () => {
await testClient.verifyChallenge(testAuthzWildcard, testChallengeWildcard);
});
/**
* Complete challenge
*/
@@ -474,7 +455,6 @@ describe('client', () => {
}));
});
/**
* Wait for valid challenge
*/
@@ -483,7 +463,6 @@ describe('client', () => {
await Promise.all([testChallenge, testChallengeAlpn, testChallengeWildcard].map(async (c) => testClient.waitForValidStatus(c)));
});
/**
* Finalize order
*/
@@ -500,7 +479,6 @@ describe('client', () => {
assert.strictEqual(testOrderWildcard.url, finalizeWildcard.url);
});
/**
* Wait for valid order
*/
@@ -509,7 +487,6 @@ describe('client', () => {
await Promise.all([testOrder, testOrderAlpn, testOrderWildcard].map(async (o) => testClient.waitForValidStatus(o)));
});
/**
* Get certificate
*/
@@ -525,7 +502,7 @@ describe('client', () => {
});
});
it('should get alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -539,7 +516,7 @@ describe('client', () => {
}));
});
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -551,7 +528,6 @@ describe('client', () => {
assert.strictEqual(testIssuers[0], info.issuer.commonName);
});
/**
* Revoke certificate
*/
@@ -568,7 +544,6 @@ describe('client', () => {
await assert.isRejected(testClient.getCertificate(testOrderWildcard));
});
/**
* Deactivate account
*/
@@ -581,7 +556,6 @@ describe('client', () => {
assert.strictEqual(account.status, 'deactivated');
});
/**
* Verify that no new orders can be made
*/

103
packages/core/acme-client/test/70-auto.spec.js
View File

@@ -18,17 +18,16 @@ const clientOpts = {
directoryUrl,
backoffAttempts: 5,
backoffMin: 1000,
backoffMax: 5000
backoffMax: 5000,
};
if (capEabEnabled && process.env.ACME_EAB_KID && process.env.ACME_EAB_HMAC_KEY) {
clientOpts.externalAccountBinding = {
kid: process.env.ACME_EAB_KID,
hmacKey: process.env.ACME_EAB_HMAC_KEY
hmacKey: process.env.ACME_EAB_HMAC_KEY,
};
}
describe('client.auto', () => {
const testDomain = `${uuid()}.${domainName}`;
const testHttpDomain = `${uuid()}.${domainName}`;
@@ -40,21 +39,19 @@ describe('client.auto', () => {
const testSanDomains = [
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`
`${uuid()}.${domainName}`,
];
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* Key types
*/
@@ -64,16 +61,16 @@ describe('client.auto', () => {
createKeyFn: () => acme.crypto.createPrivateRsaKey(),
createKeyAltFns: {
s1024: () => acme.crypto.createPrivateRsaKey(1024),
s4096: () => acme.crypto.createPrivateRsaKey(4096)
}
s4096: () => acme.crypto.createPrivateRsaKey(4096),
},
},
ecdsa: {
createKeyFn: () => acme.crypto.createPrivateEcdsaKey(),
createKeyAltFns: {
p384: () => acme.crypto.createPrivateEcdsaKey('P-384'),
p521: () => acme.crypto.createPrivateEcdsaKey('P-521')
}
}
p521: () => acme.crypto.createPrivateEcdsaKey('P-521'),
},
},
}).forEach(([name, { createKeyFn, createKeyAltFns }]) => {
describe(name, () => {
let testIssuers;
@@ -82,12 +79,11 @@ describe('client.auto', () => {
let testSanCertificate;
let testWildcardCertificate;
/**
* Fixtures
*/
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -103,7 +99,6 @@ describe('client.auto', () => {
});
});
/**
* Initialize client
*/
@@ -111,31 +106,30 @@ describe('client.auto', () => {
it('should initialize client', async () => {
testClient = new acme.Client({
...clientOpts,
accountKey: await createKeyFn()
accountKey: await createKeyFn(),
});
});
/**
* Invalid challenge response
*/
it('should throw on invalid challenge response', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeNoopFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}), /^authorization not found/i);
});
it('should throw on invalid challenge response with opts.skipChallengeVerification=true', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
@@ -143,38 +137,37 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
skipChallengeVerification: true,
challengeCreateFn: cts.challengeNoopFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}));
});
/**
* Challenge function exceptions
*/
it('should throw on challengeCreate exception', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeThrowFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}), /^oops$/);
});
it('should not throw on challengeRemove exception', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeThrowFn
challengeRemoveFn: cts.challengeThrowFn,
});
assert.isString(cert);
@@ -188,8 +181,8 @@ describe('client.auto', () => {
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`
]
`${uuid()}.${domainName}`,
],
}, await createKeyFn());
await assert.isRejected(testClient.auto({
@@ -205,28 +198,27 @@ describe('client.auto', () => {
results.push(true);
return cts.challengeCreateFn(...args);
},
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
}));
assert.strictEqual(results.length, 5);
assert.deepStrictEqual(results, [false, false, false, true, true]);
});
/**
* Order certificates
*/
it('should order certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDomain
commonName: testDomain,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -235,7 +227,7 @@ describe('client.auto', () => {
it('should order certificate using http-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testHttpDomain
commonName: testHttpDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -243,7 +235,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertHttpChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['http-01']
challengePriority: ['http-01'],
});
assert.isString(cert);
@@ -251,7 +243,7 @@ describe('client.auto', () => {
it('should order certificate using https-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testHttpsDomain
commonName: testHttpsDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -259,7 +251,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertHttpsChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['http-01']
challengePriority: ['http-01'],
});
assert.isString(cert);
@@ -267,7 +259,7 @@ describe('client.auto', () => {
it('should order certificate using dns-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDnsDomain
commonName: testDnsDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -275,7 +267,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertDnsChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['dns-01']
challengePriority: ['dns-01'],
});
assert.isString(cert);
@@ -283,7 +275,7 @@ describe('client.auto', () => {
it('should order certificate using tls-alpn-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testAlpnDomain
commonName: testAlpnDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -291,7 +283,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertTlsAlpnChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['tls-alpn-01']
challengePriority: ['tls-alpn-01'],
});
assert.isString(cert);
@@ -299,14 +291,14 @@ describe('client.auto', () => {
it('should order san certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
altNames: testSanDomains
altNames: testSanDomains,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -315,15 +307,14 @@ describe('client.auto', () => {
it('should order wildcard certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testWildcardDomain,
altNames: [`*.${testWildcardDomain}`]
altNames: [testWildcardDomain, `*.${testWildcardDomain}`],
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -332,7 +323,7 @@ describe('client.auto', () => {
it('should order certificate with opts.skipChallengeVerification=true', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -340,20 +331,20 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
skipChallengeVerification: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
});
it('should order alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should order alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
await Promise.all(testIssuers.map(async (issuer) => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -361,7 +352,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
preferredChain: issuer,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
const rootCert = acme.crypto.splitPemChain(cert).pop();
@@ -371,13 +362,13 @@ describe('client.auto', () => {
}));
});
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -385,7 +376,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
preferredChain: uuid(),
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
const rootCert = acme.crypto.splitPemChain(cert).pop();
@@ -394,7 +385,6 @@ describe('client.auto', () => {
assert.strictEqual(testIssuers[0], info.issuer.commonName);
});
/**
* Order certificate with alternate key sizes
*/
@@ -402,21 +392,20 @@ describe('client.auto', () => {
Object.entries(createKeyAltFns).forEach(([k, altKeyFn]) => {
it(`should order certificate with key=${k}`, async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDomain
commonName: testDomain,
}, await altKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
});
});
/**
* Read certificates
*/

9
packages/core/acme-client/test/challtestsrv.js
View File

@@ -8,7 +8,6 @@ const axios = require('./../src/axios');
const apiBaseUrl = process.env.ACME_CHALLTESTSRV_URL || null;
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
/**
* Send request
*/
@@ -21,20 +20,18 @@ async function request(apiPath, data = {}) {
await axios.request({
url: `${apiBaseUrl}/${apiPath}`,
method: 'post',
data
data,
});
return true;
}
/**
* State
*/
exports.isEnabled = () => !!apiBaseUrl;
/**
* DNS
*/
@@ -42,7 +39,6 @@ exports.isEnabled = () => !!apiBaseUrl;
exports.addDnsARecord = async (host, addresses) => request('add-a', { host, addresses });
exports.setDnsCnameRecord = async (host, target) => request('set-cname', { host, target });
/**
* Challenge response
*/
@@ -55,7 +51,7 @@ async function addHttps01ChallengeResponse(token, content, targetHostname) {
await addHttp01ChallengeResponse(token, content);
return request('add-redirect', {
path: `/.well-known/acme-challenge/${token}`,
targetURL: `https://${targetHostname}:${httpsPort}/.well-known/acme-challenge/${token}`
targetURL: `https://${targetHostname}:${httpsPort}/.well-known/acme-challenge/${token}`,
});
}
@@ -72,7 +68,6 @@ exports.addHttps01ChallengeResponse = addHttps01ChallengeResponse;
exports.addDns01ChallengeResponse = addDns01ChallengeResponse;
exports.addTlsAlpn01ChallengeResponse = addTlsAlpn01ChallengeResponse;
/**
* Challenge response mock functions
*/

2
packages/core/acme-client/test/get-cert-issuers.js
View File

@@ -7,7 +7,6 @@ const util = require('./../src/util');
const pebbleManagementUrl = process.env.ACME_PEBBLE_MANAGEMENT_URL || null;
/**
* Pebble
*/
@@ -26,7 +25,6 @@ async function getPebbleCertIssuers() {
return info.map((i) => i.issuer.commonName);
}
/**
* Get certificate issuers
*/

3
packages/core/acme-client/test/setup.js
View File

@@ -7,14 +7,12 @@ const chai = require('chai');
const chaiAsPromised = require('chai-as-promised');
const axios = require('./../src/axios');
/**
* Add promise support to Chai
*/
chai.use(chaiAsPromised);
/**
* Challenge test server ports
*/
@@ -31,7 +29,6 @@ if (process.env.ACME_TLSALPN_PORT) {
axios.defaults.acmeSettings.tlsAlpnChallengePort = process.env.ACME_TLSALPN_PORT;
}
/**
* External account binding
*/

3
packages/core/acme-client/test/spec.js
View File

@@ -7,7 +7,6 @@ const { assert } = require('chai');
const spec = {};
module.exports = spec;
/**
* ACME
*/
@@ -120,7 +119,6 @@ spec.rfc8555.challenge = (obj) => {
}
};
/**
* Crypto
*/
@@ -150,7 +148,6 @@ spec.crypto.certificateInfo = (obj) => {
assert.strictEqual(Object.prototype.toString.call(obj.notAfter), '[object Date]');
};
/**
* JWK
*/

7
packages/core/acme-client/types/index.d.ts vendored
View File

@@ -15,7 +15,6 @@ export type PublicKeyString = string;
export type CertificateString = string;
export type CsrString = string;
/**
* Augmented ACME interfaces
*/
@@ -28,7 +27,6 @@ export interface Authorization extends rfc8555.Authorization {
url: string;
}
/**
* Client
*/
@@ -80,7 +78,6 @@ export class Client {
auto(opts: ClientAutoOptions): Promise<string>;
}
/**
* Directory URLs
*/
@@ -95,11 +92,11 @@ export const directory: {
production: string
},
zerossl: {
staging: string,
production: string
}
};
/**
* Crypto
*/
@@ -177,14 +174,12 @@ export interface CryptoLegacyInterface {
export const forge: CryptoLegacyInterface;
/**
* Axios
*/
export const axios: AxiosInstance;
/**
* Logger
*/

1
packages/core/acme-client/types/index.test-d.ts
View File

@@ -4,7 +4,6 @@
import * as acme from 'acme-client';
(async () => {
/* Client */
const accountKey = await acme.crypto.createPrivateKey();

4
packages/core/acme-client/types/rfc8555.d.ts vendored
View File

@@ -27,7 +27,6 @@ export interface AccountUpdateRequest {
termsOfServiceAgreed?: boolean;
}
/**
* Order
*
@@ -53,7 +52,6 @@ export interface OrderCreateRequest {
notAfter?: string;
}
/**
* Authorization
*
@@ -73,7 +71,6 @@ export interface Identifier {
value: string;
}
/**
* Challenge
*
@@ -102,7 +99,6 @@ export interface DnsChallenge extends ChallengeAbstract {
export type Challenge = HttpChallenge | DnsChallenge;
/**
* Certificate
*

38
packages/core/pipeline/CHANGELOG.md
View File

@@ -3,6 +3,44 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/pipeline
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
**Note:** Version bump only for package @certd/pipeline
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
**Note:** Version bump only for package @certd/pipeline
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
**Note:** Version bump only for package @certd/pipeline
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
**Note:** Version bump only for package @certd/pipeline
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
**Note:** Version bump only for package @certd/pipeline
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/pipeline
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/pipeline
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Performance Improvements
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Performance Improvements

6
packages/core/pipeline/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/pipeline",
"private": false,
"version": "1.20.10",
"version": "1.21.2",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
@@ -23,7 +23,7 @@
"qs": "^6.11.2"
},
"devDependencies": {
"@certd/acme-client": "workspace:^1.20.10",
"@certd/acme-client": "workspace:^1.21.2",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",
@@ -57,5 +57,5 @@
"vite": "^4.3.8",
"vue-tsc": "^1.6.5"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

5
packages/core/pipeline/src/core/executor.ts
View File

@@ -6,7 +6,7 @@ import { ContextFactory, IContext } from "./context";
import { IStorage } from "./storage";
import { logger } from "../utils/util.log";
import { Logger } from "log4js";
import { request } from "../utils/util.request";
import { createAxiosService } from "../utils/util.request";
import { IAccessService } from "../access";
import { RegistryItem } from "../registry";
import { Decorator } from "../decorator";
@@ -213,11 +213,12 @@ export class Executor {
}
});
const http = createAxiosService({ logger: currentLogger });
const taskCtx: TaskInstanceContext = {
pipeline: this.pipeline,
step,
lastStatus,
http: request,
http,
logger: currentLogger,
accessService: this.options.accessService,
emailService: this.options.emailService,

15
packages/core/pipeline/src/utils/util.request.ts
View File

@@ -2,10 +2,11 @@ import axios from "axios";
// @ts-ignore
import qs from "qs";
import { logger } from "./util.log";
import { Logger } from "log4js";
/**
* @description 创建请求实例
*/
function createService() {
export function createAxiosService({ logger }: { logger: Logger }) {
// 创建一个 axios 实例
const service = axios.create();
// 请求拦截
@@ -18,18 +19,19 @@ function createService() {
}); // 序列化请求参数
delete config.formData;
}
logger.info(`http request:${config.url}method:${config.method}`);
return config;
},
(error: Error) => {
// 发送失败
logger.error(error);
logger.error("接口请求失败:", error);
return Promise.reject(error);
}
);
// 响应拦截
service.interceptors.response.use(
(response: any) => {
logger.info("http response:", JSON.stringify(response.data));
logger.info("http response:", JSON.stringify(response?.data));
return response.data;
},
(error: any) => {
@@ -48,11 +50,14 @@ function createService() {
// case 505: error.message = 'HTTP版本不受支持'; break
// default: break
// }
logger.error("请求出错:", error.response.config.url, error);
logger.error(`请求出错:url:${error?.response?.config.url},method:${error.response.config.method},status:${error?.response?.status}`);
logger.info("返回数据:", JSON.stringify(error?.response?.data));
delete error.config;
delete error.response;
return Promise.reject(error);
}
);
return service;
}
export const request = createService();
export const request = createAxiosService({ logger });

54
packages/plugins/plugin-cert/CHANGELOG.md
View File

@@ -3,6 +3,60 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
### Performance Improvements
* 申请证书时可以选择跳过本地dns校验 ([fe91d94](https://github.com/certd/certd/commit/fe91d94090d22ed0a3ea753ba74dfaa1bf057c17))
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
### Performance Improvements
* 说明优化,默认值优化 ([970c7fd](https://github.com/certd/certd/commit/970c7fd8a0f557770e973d8462ee5684ef742810))
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
### Features
* 支持zero ssl ([eade2c2](https://github.com/certd/certd/commit/eade2c2b681569f03e9cd466e7d5bcd6703ed492))
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
### Performance Improvements
* 优化cname verify ([eba333d](https://github.com/certd/certd/commit/eba333de7a5b5ef4b0b7eaa904f578720102fa61))
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
### Bug Fixes
* 修复配置了cdn cname后申请失败的bug ([4a5fa76](https://github.com/certd/certd/commit/4a5fa767edc347d03d29a467e86c9a4d70b0220c))
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
### Performance Improvements
* 腾讯云dns provider 支持腾讯云的accessId ([e0eb3a4](https://github.com/certd/certd/commit/e0eb3a441384d474fe2923c69b25318264bdc9df))
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/plugin-cert
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/plugin-cert
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/certd/certd/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Performance Improvements

12
packages/plugins/plugin-cert/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/plugin-cert",
"private": false,
"version": "1.20.10",
"version": "1.21.2",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
@@ -17,10 +17,11 @@
"preview": "vite preview"
},
"dependencies": {
"@certd/acme-client": "workspace:^1.20.10",
"@certd/pipeline": "workspace:^1.20.10",
"@certd/acme-client": "workspace:^1.21.2",
"@certd/pipeline": "workspace:^1.21.2",
"jszip": "^3.10.1",
"node-forge": "^0.10.0"
"node-forge": "^0.10.0",
"psl": "^1.9.0"
},
"devDependencies": {
"@alicloud/cs20151215": "^3.0.3",
@@ -35,6 +36,7 @@
"@types/lodash": "^4.14.186",
"@types/mocha": "^10.0.0",
"@types/node-forge": "^1.3.0",
"@types/psl": "^1.1.3",
"@typescript-eslint/eslint-plugin": "^5.38.1",
"@typescript-eslint/parser": "^5.38.1",
"chai": "^4.3.6",
@@ -56,5 +58,5 @@
"vite": "^3.1.0",
"vue-tsc": "^0.38.9"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

29
packages/plugins/plugin-cert/src/access/eab-access.ts Normal file
View File

@@ -0,0 +1,29 @@
import { IsAccess, AccessInput } from "@certd/pipeline";
@IsAccess({
name: "eab",
title: "EAB授权",
desc: "ZeroSSL证书申请需要EAB授权",
})
export class EabAccess {
@AccessInput({
title: "KID",
component: {
placeholder: "kid",
},
helper: "EAB KID",
required: true,
})
kid = "";
@AccessInput({
title: "HMACKey",
component: {
placeholder: "HMAC Key",
},
helper: "EAB HMAC Key",
required: true,
})
hmacKey = "";
}
new EabAccess();

1
packages/plugins/plugin-cert/src/access/index.ts Normal file
View File

@@ -0,0 +1 @@
export * from "./eab-access";

21
packages/plugins/plugin-cert/src/dns-provider/api.ts
View File

@@ -1,4 +1,4 @@
import { Registrable } from "@certd/pipeline";
import { HttpClient, IAccess, ILogger, Registrable } from "@certd/pipeline";
export type DnsProviderDefine = Registrable & {
accessType: string;
@@ -11,13 +11,22 @@ export type CreateRecordOptions = {
fullRecord: string;
type: string;
value: any;
domain: string;
};
export type RemoveRecordOptions = CreateRecordOptions & {
record: any;
export type RemoveRecordOptions<T> = CreateRecordOptions & {
// 本次创建的dns解析记录实际上就是createRecord接口的返回值
record: T;
};
export interface IDnsProvider {
export type DnsProviderContext = {
access: IAccess;
logger: ILogger;
http: HttpClient;
};
export interface IDnsProvider<T = any> {
onInstance(): Promise<void>;
createRecord(options: CreateRecordOptions): Promise<any>;
removeRecord(options: RemoveRecordOptions): Promise<any>;
createRecord(options: CreateRecordOptions): Promise<T>;
removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
setCtx(ctx: DnsProviderContext): void;
}

15
packages/plugins/plugin-cert/src/dns-provider/base.ts Normal file
View File

@@ -0,0 +1,15 @@
import { CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions } from "./api";
export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
ctx!: DnsProviderContext;
setCtx(ctx: DnsProviderContext) {
this.ctx = ctx;
}
abstract createRecord(options: CreateRecordOptions): Promise<T>;
abstract onInstance(): Promise<void>;
abstract removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
}

1
packages/plugins/plugin-cert/src/dns-provider/index.ts
View File

@@ -1,3 +1,4 @@
export * from "./api";
export * from "./registry";
export * from "./decorator";
export * from "./base";

1
packages/plugins/plugin-cert/src/index.ts
View File

@@ -1,2 +1,3 @@
export * from "./plugin";
export * from "./dns-provider";
export * from "./access";

62
packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
View File

@@ -5,17 +5,33 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
import { Logger } from "log4js";
import { IContext } from "@certd/pipeline";
import { IDnsProvider } from "../../dns-provider";
import psl from "psl";
import { ClientExternalAccountBindingOptions } from "@certd/acme-client";
export type CertInfo = {
crt: string;
key: string;
csr: string;
};
export type SSLProvider = "letsencrypt" | "buypass" | "zerossl";
export class AcmeService {
userContext: IContext;
logger: Logger;
constructor(options: { userContext: IContext; logger: Logger }) {
sslProvider: SSLProvider;
skipLocalVerify = true;
eab?: ClientExternalAccountBindingOptions;
constructor(options: {
userContext: IContext;
logger: Logger;
sslProvider: SSLProvider;
eab?: ClientExternalAccountBindingOptions;
skipLocalVerify?: boolean;
}) {
this.userContext = options.userContext;
this.logger = options.logger;
this.sslProvider = options.sslProvider || "letsencrypt";
this.eab = options.eab;
this.skipLocalVerify = options.skipLocalVerify ?? false;
acme.setLogger((text: string) => {
this.logger.info(text);
});
@@ -26,7 +42,7 @@ export class AcmeService {
}
buildAccountKey(email: string) {
return "acme.config." + email;
return `acme.config.${this.sslProvider}.${email}`;
}
async saveAccountConfig(email: string, conf: any) {
@@ -39,11 +55,18 @@ export class AcmeService {
conf.key = await this.createNewKey();
await this.saveAccountConfig(email, conf);
}
let directoryUrl = "";
if (isTest) {
directoryUrl = acme.directory[this.sslProvider].staging;
} else {
directoryUrl = acme.directory[this.sslProvider].production;
}
const client = new acme.Client({
directoryUrl: isTest ? acme.directory.letsencrypt.staging : acme.directory.letsencrypt.production,
directoryUrl: directoryUrl,
accountKey: conf.key,
accountUrl: conf.accountUrl,
backoffAttempts: 20,
externalAccountBinding: this.eab,
backoffAttempts: 30,
backoffMin: 5000,
backoffMax: 10000,
});
@@ -52,6 +75,7 @@ export class AcmeService {
const accountPayload = {
termsOfServiceAgreed: true,
contact: [`mailto:${email}`],
externalAccountBinding: this.eab,
};
await client.createAccount(accountPayload);
conf.accountUrl = client.getAccountUrl();
@@ -65,33 +89,43 @@ export class AcmeService {
return key.toString();
}
parseDomain(fullDomain: string) {
const parsed = psl.parse(fullDomain) as psl.ParsedDomain;
if (parsed.error) {
throw new Error(`解析${fullDomain}域名失败:` + JSON.stringify(parsed.error));
}
return parsed.domain as string;
}
async challengeCreateFn(authz: any, challenge: any, keyAuthorization: string, dnsProvider: IDnsProvider) {
this.logger.info("Triggered challengeCreateFn()");
/* http-01 */
const fullDomain = authz.identifier.value;
if (challenge.type === "http-01") {
const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
const fileContents = keyAuthorization;
this.logger.info(`Creating challenge response for ${authz.identifier.value} at path: ${filePath}`);
this.logger.info(`Creating challenge response for ${fullDomain} at path: ${filePath}`);
/* Replace this */
this.logger.info(`Would write "${fileContents}" to path "${filePath}"`);
// await fs.writeFileAsync(filePath, fileContents);
} else if (challenge.type === "dns-01") {
/* dns-01 */
const dnsRecord = `_acme-challenge.${authz.identifier.value}`;
const dnsRecord = `_acme-challenge.${fullDomain}`;
const recordValue = keyAuthorization;
this.logger.info(`Creating TXT record for ${authz.identifier.value}: ${dnsRecord}`);
this.logger.info(`Creating TXT record for ${fullDomain}: ${dnsRecord}`);
/* Replace this */
this.logger.info(`Would create TXT record "${dnsRecord}" with value "${recordValue}"`);
const domain = this.parseDomain(fullDomain);
this.logger.info("解析到域名domain=", domain);
return await dnsProvider.createRecord({
fullRecord: dnsRecord,
type: "TXT",
value: recordValue,
domain,
});
}
}
@@ -111,28 +145,33 @@ export class AcmeService {
this.logger.info("Triggered challengeRemoveFn()");
/* http-01 */
const fullDomain = authz.identifier.value;
if (challenge.type === "http-01") {
const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
this.logger.info(`Removing challenge response for ${authz.identifier.value} at path: ${filePath}`);
this.logger.info(`Removing challenge response for ${fullDomain} at path: ${filePath}`);
/* Replace this */
this.logger.info(`Would remove file on path "${filePath}"`);
// await fs.unlinkAsync(filePath);
} else if (challenge.type === "dns-01") {
const dnsRecord = `_acme-challenge.${authz.identifier.value}`;
const dnsRecord = `_acme-challenge.${fullDomain}`;
const recordValue = keyAuthorization;
this.logger.info(`Removing TXT record for ${authz.identifier.value}: ${dnsRecord}`);
this.logger.info(`Removing TXT record for ${fullDomain}: ${dnsRecord}`);
/* Replace this */
this.logger.info(`Would remove TXT record "${dnsRecord}" with value "${recordValue}"`);
const domain = this.parseDomain(fullDomain);
try {
await dnsProvider.removeRecord({
fullRecord: dnsRecord,
type: "TXT",
value: keyAuthorization,
record: recordItem,
domain,
});
} catch (e) {
this.logger.error("删除解析记录出错:", e);
@@ -161,6 +200,7 @@ export class AcmeService {
csr,
email: email,
termsOfServiceAgreed: true,
skipChallengeVerification: this.skipLocalVerify,
challengePriority: ["dns-01"],
challengeCreateFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string): Promise<any> => {
return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider);

95
packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
View File

@@ -1,21 +1,10 @@
import {
AbstractTaskPlugin,
Decorator,
HttpClient,
IAccessService,
IContext,
IsTaskPlugin,
RunStrategy,
Step,
TaskInput,
TaskOutput
} from "@certd/pipeline";
import { AbstractTaskPlugin, Decorator, HttpClient, IAccessService, IContext, IsTaskPlugin, RunStrategy, Step, TaskInput, TaskOutput } from "@certd/pipeline";
import dayjs from "dayjs";
import {AcmeService, CertInfo} from "./acme";
import { AcmeService, CertInfo, SSLProvider } from "./acme";
import _ from "lodash";
import {Logger} from "log4js";
import {DnsProviderDefine, dnsProviderRegistry} from "../../dns-provider";
import {CertReader} from "./cert-reader";
import { Logger } from "log4js";
import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry } from "../../dns-provider";
import { CertReader } from "./cert-reader";
import JSZip from "jszip";
export { CertReader };
@@ -49,10 +38,10 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
span: 24,
},
helper:
"支持通配符域名,例如: *.foo.com、foo.com、*.test.handsfree.work\n" +
"支持多个域名、多个子域名、多个通配符域名打到一个证书上域名必须是在同一个DNS提供商解析\n" +
"多级子域名要分成多个域名输入(*.foo.com的证书不能用于xxx.yyy.foo.com、foo.com\n" +
"输入一个回车之后,再输入下一个",
"1、支持通配符域名,例如: *.foo.com、foo.com、*.test.handsfree.work\n" +
"2、支持多个域名、多个子域名、多个通配符域名打到一个证书上域名必须是在同一个DNS提供商解析\n" +
"3、多级子域名要分成多个域名输入(*.foo.com的证书不能用于xxx.yyy.foo.com、foo.com\n" +
"4、输入一个回车之后,再输入下一个",
})
domains!: string;
@@ -67,6 +56,32 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
})
email!: string;
@TaskInput({
title: "证书提供商",
default: "letsencrypt",
component: {
name: "a-select",
vModel: "value",
options: [
{ value: "letsencrypt", label: "Let's Encrypt" },
// { value: "buypass", label: "Buypass" },
{ value: "zerossl", label: "ZeroSSL" },
],
},
required: true,
})
sslProvider!: SSLProvider;
@TaskInput({
title: "EAB授权",
component: {
name: "pi-access-selector",
type: "eab",
},
helper: "如果使用ZeroSSL证书需要提供EAB授权 请前往 https://app.zerossl.com/developer 生成 'EAB Credentials for ACME Clients' ",
})
eabAccessId!: number;
@TaskInput({
title: "DNS提供商",
component: {
@@ -94,6 +109,17 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
})
dnsProviderAccess!: string;
@TaskInput({
title: "跳过本地校验DNS",
default: false,
component: {
name: "a-switch",
vModel: "checked",
},
helper: "如果重试多次出现Authorization not found TXT record导致无法申请成功请尝试开启此选项",
})
skipLocalVerify = false;
@TaskInput({
title: "更新天数",
component: {
@@ -101,7 +127,7 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
vModel: "value",
},
required: true,
helper: "到期前多少天后更新证书",
helper: "到期前多少天后更新证书,注意:流水线默认不会自动运行,请设置定时器,每天定时运行本流水线",
})
renewDays!: number;
@@ -117,8 +143,15 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
@TaskInput({
title: "CsrInfo",
helper: "暂时没有用",
})
csrInfo: any;
csrInfo!: string;
@TaskInput({
title: "配置说明",
helper: "运行策略请选择总是运行,其他证书部署任务请选择成功后跳过;当证书快到期前将会自动重新申请证书,然后会清空后续任务的成功状态,部署任务将会重新运行",
})
intro!: string;
acme!: AcmeService;
logger!: Logger;
@@ -139,7 +172,17 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
this.http = this.ctx.http;
this.lastStatus = this.ctx.lastStatus as Step;
this.acme = new AcmeService({ userContext: this.userContext, logger: this.logger });
let eab: any = null;
if (this.eabAccessId) {
eab = await this.ctx.accessService.getById(this.eabAccessId);
}
this.acme = new AcmeService({
userContext: this.userContext,
logger: this.logger,
sslProvider: this.sslProvider,
eab,
skipLocalVerify: this.skipLocalVerify,
});
}
async execute(): Promise<void> {
@@ -178,7 +221,6 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
/**
* 是否更新证书
* @param input
*/
async condition() {
if (this.forceUpdate) {
@@ -231,7 +273,7 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
organizationUnit: "IT Department",
emailAddress: email,
},
this.csrInfo
this.csrInfo ? JSON.parse(this.csrInfo) : {}
);
this.logger.info("开始申请证书,", email, domains);
@@ -242,8 +284,9 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
// @ts-ignore
const dnsProvider: IDnsProvider = new DnsProviderClass();
const context = { access, logger: this.logger, http: this.http };
const context: DnsProviderContext = { access, logger: this.logger, http: this.http };
Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
dnsProvider.setCtx(context);
await dnsProvider.onInstance();
const cert = await this.acme.order({

36
packages/plugins/plugin-util/CHANGELOG.md
View File

@@ -3,6 +3,42 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/plugin-util
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
**Note:** Version bump only for package @certd/plugin-util
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
**Note:** Version bump only for package @certd/plugin-util
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Performance Improvements

6
packages/plugins/plugin-util/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/plugin-util",
"private": false,
"version": "1.20.10",
"version": "1.21.2",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
@@ -21,7 +21,7 @@
"shelljs": "^0.8.5"
},
"devDependencies": {
"@certd/pipeline": "workspace:^1.20.10",
"@certd/pipeline": "workspace:^1.21.2",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",
@@ -43,5 +43,5 @@
"tslib": "^2.5.2",
"typescript": "^4.8.4"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

6
packages/ui/certd-client/.env
View File

@@ -2,3 +2,9 @@ VITE_APP_API=/api
#登录与权限关闭
VITE_APP_PM_ENABLED=true
VITE_APP_TITLE=Certd
VITE_APP_SLOGAN=让你的证书永不过期
VITE_APP_COPYRIGHT_YEAR=2021-2024
VITE_APP_COPYRIGHT_NAME=handsfree.work
VITE_APP_COPYRIGHT_URL=https://certd.handsfree.work
VITE_APP_LOGO_PATH=./images/logo/logo.svg
VITE_APP_PROJECT_PATH=https://github.com/certd/certd

4
packages/ui/certd-client/.github/workflows/sync-to-gitee.yml vendored
View File

@@ -30,6 +30,8 @@ jobs:
- name: push to gitee # 4. 执行同步
run: |
git remote add upstream https://gitee.com/fast-crud/fs-admin-antdv
git remote add upstream https://gitee.com/fast-crud/fs-admin-antdv4
git push --set-upstream upstream main

2
packages/ui/certd-client/.npmrc Normal file
View File

@@ -0,0 +1,2 @@
link-workspace-packages=deep
prefer-workspace-packages=true

61
packages/ui/certd-client/CHANGELOG.md
View File

@@ -3,6 +3,67 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/ui-client
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
### Performance Improvements
* 说明优化,默认值优化 ([970c7fd](https://github.com/certd/certd/commit/970c7fd8a0f557770e973d8462ee5684ef742810))
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
**Note:** Version bump only for package @certd/ui-client
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
**Note:** Version bump only for package @certd/ui-client
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
**Note:** Version bump only for package @certd/ui-client
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
### Bug Fixes
* 修复无法强制取消任务的bug ([9cc01db](https://github.com/certd/certd/commit/9cc01db1d569a5c45bb3e731f35d85df324a8e62))
### Performance Improvements
* 支持windows文件上传 ([7f61cab](https://github.com/certd/certd/commit/7f61cab101fa13b4e88234e9ad47434e6130fed2))
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
### Bug Fixes
* 修复修改密码功能异常问题 ([f740ff5](https://github.com/certd/certd/commit/f740ff517f521dce361284c2c54bccc68aee0ea2))
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
### Bug Fixes
* 日志高度越界 ([c4c9adb](https://github.com/certd/certd/commit/c4c9adb8bfd513f57252e523794e3799a9b220f8))
* 修复邮箱设置页面SMTP拼写错误的问题 ([b98f1c0](https://github.com/certd/certd/commit/b98f1c0dd0bc6c6b4f814c578692afdf6d90b88d))
* 修复logo问题 ([7e483e6](https://github.com/certd/certd/commit/7e483e60913d509b113148c735fe13ba1d72dddf))
### Performance Improvements
* 增加警告,修复一些样式错乱问题 ([fd54c2f](https://github.com/certd/certd/commit/fd54c2ffac492222e85ff2f5f49a9ee5cfc73588))
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/certd/certd/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 增加系统设置,可以关闭自助注册功能 ([20feace](https://github.com/certd/certd/commit/20feacea12d43386540db6a600f391d786be4014))
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Performance Improvements

141
packages/ui/certd-client/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@certd/ui-client",
"version": "1.20.10",
"version": "1.21.2",
"private": true,
"scripts": {
"dev": "vite --open",
@@ -9,7 +9,7 @@
"debug": "vite --mode debug --open",
"debug:pm": "vite --mode debugpm",
"debug:force": "vite --force --mode debug",
"build": "vite build ",
"build": " vite build ",
"serve": "vite preview",
"preview": "vite preview",
"pretty-quick": "pretty-quick",
@@ -22,97 +22,100 @@
"author": "Greper",
"license": "AGPL-3.0",
"dependencies": {
"@ant-design/colors": "^7.0.0",
"@ant-design/icons-vue": "^6.1.0",
"@aws-sdk/client-s3": "^3.383.0",
"@aws-sdk/s3-request-presigner": "^3.383.0",
"@fast-crud/fast-crud": "^1.20.2",
"@fast-crud/fast-extends": "^1.20.2",
"@fast-crud/ui-antdv4": "^1.20.2",
"@fast-crud/ui-interface": "^1.20.2",
"@ant-design/colors": "^7.0.2",
"@ant-design/icons-vue": "^7.0.1",
"@aws-sdk/client-s3": "^3.535.0",
"@aws-sdk/s3-request-presigner": "^3.535.0",
"@fast-crud/fast-crud": "^1.21.1",
"@fast-crud/fast-extends": "^1.21.1",
"@fast-crud/ui-antdv4": "^1.21.1",
"@fast-crud/ui-interface": "^1.21.1",
"@iconify/vue": "^4.1.1",
"@soerenmartius/vue3-clipboard": "^0.1.2",
"ant-design-vue": "^4.1.2",
"axios": "^1.3.4",
"axios-mock-adapter": "^1.21.2",
"axios": "^1.6.8",
"axios-mock-adapter": "^1.22.0",
"base64-js": "^1.5.1",
"better-scroll": "^2.5.1",
"china-division": "^2.6.1",
"core-js": "^3.32.0",
"cos-js-sdk-v5": "^1.4.19",
"cropperjs": "^1.5.13",
"dayjs": "^1.11.9",
"highlight.js": "^11.8.0",
"china-division": "^2.7.0",
"core-js": "^3.36.0",
"cos-js-sdk-v5": "^1.7.0",
"cropperjs": "^1.6.1",
"dayjs": "^1.11.10",
"highlight.js": "^11.9.0",
"humanize-duration": "^3.27.3",
"lodash-es": "^4.17.21",
"mitt": "^3.0.1",
"nanoid": "^4.0.0",
"nprogress": "^0.2.0",
"object-assign": "^4.1.1",
"pinia": "2.1.6",
"qiniu-js": "^3.4.1",
"sortablejs": "^1.15.0",
"vue": "^3.4.0",
"pinia": "2.1.7",
"qiniu-js": "^3.4.2",
"sortablejs": "^1.15.2",
"vue": "^3.4.21",
"vue-cropperjs": "^5.0.0",
"vue-i18n": "^9.2.2",
"vue-router": "^4.2.4",
"vue-i18n": "^9.10.2",
"vue-router": "^4.3.0",
"vuedraggable": "^2.24.3"
},
"devDependencies": {
"@certd/pipeline": "^1.20.10",
"@rollup/plugin-commonjs": "^25.0.3",
"@rollup/plugin-node-resolve": "^15.1.0",
"@types/chai": "^4.3.5",
"@types/lodash-es": "^4.17.8",
"@types/mocha": "^10.0.1",
"@types/node": "^20.4.7",
"@types/nprogress": "^0.2.0",
"@typescript-eslint/eslint-plugin": "^6.2.1",
"@typescript-eslint/parser": "^6.2.1",
"@vitejs/plugin-legacy": "^4.1.1",
"@vitejs/plugin-vue": "^4.2.3",
"@vitejs/plugin-vue-jsx": "^3.0.1",
"@vue/compiler-sfc": "^3.3.4",
"@vue/eslint-config-typescript": "^11.0.3",
"@vue/test-utils": "^2.4.1",
"autoprefixer": "^10.4.14",
"@certd/pipeline": "^1.21.2",
"@rollup/plugin-commonjs": "^25.0.7",
"@rollup/plugin-node-resolve": "^15.2.3",
"@types/chai": "^4.3.12",
"@types/lodash-es": "^4.17.12",
"@types/mocha": "^10.0.6",
"@types/node": "^20.11.28",
"@types/nprogress": "^0.2.3",
"@typescript-eslint/eslint-plugin": "^7.2.0",
"@typescript-eslint/parser": "^7.2.0",
"@vitejs/plugin-legacy": "^5.3.2",
"@vitejs/plugin-vue": "^5.0.4",
"@vitejs/plugin-vue-jsx": "^3.1.0",
"@vue/compiler-sfc": "^3.4.21",
"@vue/eslint-config-typescript": "^13.0.0",
"@vue/test-utils": "^2.4.5",
"autoprefixer": "^10.4.18",
"caller-path": "^4.0.0",
"chai": "^4.3.7",
"dependency-cruiser": "^13.1.1",
"chai": "^5.1.0",
"dependency-cruiser": "^16.2.3",
"dot": "^1.1.3",
"eslint": "8.46.0",
"eslint-config-prettier": "^8.10.0",
"eslint-plugin-import": "^2.28.0",
"eslint": "8.57.0",
"eslint-config-prettier": "^9.1.0",
"eslint-plugin-import": "^2.29.1",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-prettier": "^5.0.0",
"eslint-plugin-prettier": "^5.1.3",
"eslint-plugin-promise": "^6.1.1",
"eslint-plugin-vue": "^9.16.1",
"esno": "^0.17.0",
"husky": "^8.0.3",
"less": "^4.1.3",
"less-loader": "^11.1.3",
"lint-staged": "^13.2.3",
"postcss": "^8.4.27",
"prettier": "^2.8.8",
"pretty-quick": "^3.1.3",
"rimraf": "^5.0.1",
"rollup": "^3.27.2",
"rollup-plugin-visualizer": "^5.9.2",
"stylelint": "^15.10.2",
"eslint-plugin-vue": "^9.23.0",
"esno": "^4.7.0",
"husky": "^9.0.11",
"less": "^4.2.0",
"less-loader": "^12.2.0",
"lint-staged": "^15.2.2",
"postcss": "^8.4.35",
"prettier": "3.2.5",
"pretty-quick": "^4.0.0",
"rimraf": "^5.0.5",
"rollup": "^4.13.0",
"rollup-plugin-visualizer": "^5.12.0",
"stylelint": "^16.2.1",
"stylelint-config-prettier": "^9.0.5",
"stylelint-order": "^6.0.3",
"terser": "^5.19.2",
"ts-node": "^10.9.1",
"typescript": "5.1.6",
"unplugin-vue-define-options": "^1.3.14",
"vite": "^4.4.8",
"stylelint-order": "^6.0.4",
"tailwindcss": "^3.4.1",
"terser": "^5.29.2",
"ts-node": "^10.9.2",
"tslint": "^6.1.3",
"typescript": "5.4.2",
"unplugin-vue-define-options": "^1.4.2",
"vite": "^5.1.6",
"vite-plugin-compression": "^0.5.1",
"vite-plugin-html": "^3.2.2",
"vite-plugin-optimize-persist": "^0.1.2",
"vite-plugin-package-config": "^0.1.1",
"vite-plugin-purge-icons": "^0.9.2",
"vite-plugin-purge-icons": "^0.10.0",
"vite-plugin-theme": "^0.8.6",
"vite-plugin-windicss": "^1.9.0",
"vue-eslint-parser": "^9.3.1",
"vite-plugin-windicss": "^1.9.3",
"vue-eslint-parser": "^9.4.2",
"vue-tsc": "^1.8.8"
},
"husky": {

6
packages/ui/certd-client/public/images/logo/logo.svg
View File

@@ -1,7 +1,7 @@
<svg version="1.0" xmlns="http://www.w3.org/2000/svg"
width="500" height="500" viewBox="0 0 500.000000 500.000000"
>
width="500" height="500" viewBox="0 0 500.000000 500.000000"
>
<path d="M28.34 56.68h28.34V36.12H28.34a7.79 7.79 0 1 1 0-15.58h19.84v9.05h8.5V12H28.34a16.29 16.29 0 0 0 0 32.58h19.84v3.56H28.34a19.84 19.84 0 0 1 0-39.68h28.34V0H28.34a28.34 28.34 0 0 0 0 56.68z"
transform="translate(70, 76) scale(6,6)"
></path>
</svg>
</svg>
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 402 B

After

Width:  |  Height:  |  Size: 397 B

44
packages/ui/certd-client/public/images/logo/rect.svg
View File

@@ -1,44 +0,0 @@
<svg version="1.0" xmlns="http://www.w3.org/2000/svg"
width="800" height="300" viewBox="0 0 800.000000 300.000000"
>
<g fill="#fff">
<path d="M28.34 56.68h28.34V36.12H28.34a7.79 7.79 0 1 1 0-15.58h19.84v9.05h8.5V12H28.34a16.29 16.29 0 0 0 0 32.58h19.84v3.56H28.34a19.84 19.84 0 0 1 0-39.68h28.34V0H28.34a28.34 28.34 0 0 0 0 56.68z"
transform="translate(40, 40) scale(4,4)"
></path>
<g transform="translate(280, 260) scale(2,2)">
<path d="M28.95-58.70L49.98-58.70L49.98-48.22L33.70-48.22Q27.37-48.22 24.46-47.34Q21.56-46.46 19.62-43.91L19.62-43.91Q18.30-42.15 17.82-40.39Q17.34-38.63 16.98-34.41L16.98-34.41L49.98-34.41L49.98-23.94L16.98-23.94Q17.69-16.37 21.47-13.42Q25.26-10.47 34.32-10.47L34.32-10.47L49.98-10.47L49.98 0L33.70 0Q27.10 0 22.09-0.79L22.09-0.79Q14.17-2.11 9.50-7.74L9.50-7.74Q2.82-15.84 2.82-29.66L2.82-29.66Q2.82-44.97 12.23-53.50L12.23-53.50Q15.49-56.41 19.14-57.55Q22.79-58.70 28.95-58.70L28.95-58.70Z"
transform="translate(0 0) "
></path>
<path d="M28.51-22.26L18.48-22.26L18.48 0L5.98 0L5.98-58.70L34.67-58.70Q46.99-58.70 51.83-55.53L51.83-55.53Q55.18-53.42 56.98-49.94Q58.78-46.46 58.78-42.33L58.78-42.33Q58.78-33.97 54.56-29.39L54.56-29.39Q51.92-26.66 47.61-25.26L47.61-25.26Q51.04-24.02 52.80-22.66Q54.56-21.30 55.97-18.66L55.97-18.66Q57.02-16.54 57.51-14.61Q57.99-12.67 58.26-8.89L58.26-8.89Q58.78-2.55 59.66 0L59.66 0L45.67 0Q45.06-2.02 44.35-8.36L44.35-8.36Q43.91-13.46 42.55-16.19Q41.18-18.92 38.46-20.50L38.46-20.50Q35.02-22.35 28.51-22.26L28.51-22.26ZM18.48-48.22L18.48-32.74L35.99-32.74Q40.39-32.74 42.24-34.06L42.24-34.06Q45.06-35.99 45.06-40.83L45.06-40.83Q45.06-46.20 40.83-47.70L40.83-47.70Q39.34-48.22 35.99-48.22L35.99-48.22L18.48-48.22Z"
transform="translate(58.855999999999995 0) "
></path>
<path d="M19.01 0L19.01-48.22L0.35-48.22L0.35-58.70L50.95-58.70L50.95-48.22L31.50-48.22L31.50 0L19.01 0Z"
transform="translate(126.68799999999999 0) "
></path>
<path d="M5.98 0L5.98-58.70L30.89-58.70Q40.22-58.70 45.32-56.85L45.32-56.85Q54.74-53.42 57.90-44.26L57.90-44.26Q60.28-37.22 60.28-29.22L60.28-29.22Q60.28-21.30 57.99-14.26L57.99-14.26Q55.70-7.04 50.42-3.61L50.42-3.61Q47.08-1.50 43.08-0.75Q39.07 0 30.89 0L30.89 0L5.98 0ZM30.89-48.22L18.48-48.22L18.48-10.47L30.89-10.47Q39.07-10.47 42.24-14.08L42.24-14.08Q44.18-16.37 45.36-20.50Q46.55-24.64 46.55-29.30L46.55-29.30Q46.55-34.50 45.14-38.81Q43.74-43.12 41.45-45.23L41.45-45.23Q38.10-48.22 30.89-48.22L30.89-48.22Z"
transform="translate(183.07999999999998 0) "
></path>
</g>
<!-- <path d="M13.00-21.91L21.24-21.91L21.24-17.23L14.04-17.23Q10.39-17.23-->
<!-- 9-15.62L9-15.62Q7.65-14.08-->
<!-- 7.65-10.93L7.65-10.93Q7.65-7.42 9.86-5.80L9.86-5.80Q10.75-5.17-->
<!-- 11.81-4.93Q12.87-4.68-->
<!-- 14.76-4.68L14.76-4.68L21.24-4.68L21.24-->
<!-- 0L13.00 0Q9.67 0 7.74-0.67Q5.80-1.35-->
<!-- 4.32-3.01L4.32-3.01Q1.48-6.17-->
<!-- 1.48-11.03L1.48-11.03Q1.48-16.88-->
<!-- 4.86-19.75L4.86-19.75Q6.21-20.93-->
<!-- 8.10-21.42Q9.99-21.91-->
<!-- 13.00-21.91L13.00-21.91ZM31.05-13.32L43.74-13.32L43.74-8.64L31.05-8.64Q31.23-6.48-->
<!-- 32.44-5.58Q33.66-4.68 36.41-4.68L36.41-4.68L43.74-4.68L43.74 0L35.73 0Q33.12 0 31.48-0.47Q29.83-0.94 28.39-2.02L28.39-2.02Q24.39-5.13 24.39-11.25L24.39-11.25Q24.39-15.21 26.50-18.18L26.50-18.18Q27.94-20.20 29.97-21.06Q31.99-21.91 35.28-21.91L35.28-21.91L43.74-21.91L43.74-17.23L35.73-17.23Q33.25-17.23 32.27-16.40Q31.27-15.57 31.05-13.32L31.05-13.32ZM48.64 0L48.64-21.91L57.55-21.91Q60.30-21.91 61.81-21.53Q63.31-21.15 64.31-20.25L64.31-20.25Q65.30-19.35 65.70-18Q66.10-16.65 66.10-14.13L66.10-14.13L66.10-12.01L60.30-12.01L60.30-13.18Q60.30-15.52 59.49-16.38Q58.68-17.23 56.38-17.23L56.38-17.23L54.67-17.23L54.67 0L48.64 0ZM67.50-21.91L71.33-21.91L71.33-30.02L77.36-30.02L77.36-21.91L82.94-21.91L82.94-17.23L77.36-17.23L77.36-9.27Q77.36-6.48 77.85-5.76L77.85-5.76Q78.61-4.68 80.55-4.68L80.55-4.68L82.94-4.68L82.94 0L78.57 0Q74.66 0 72.99-1.89Q71.33-3.78 71.33-8.23L71.33-8.23L71.33-17.23L67.50-17.23L67.50-21.91ZM96.08-21.91L101.75-21.91L101.75-30.02L107.73-30.02L107.73 0L97.38 0Q94.23 0 92.61-0.49L92.61-0.49Q88.78-1.71 86.90-5.26L86.90-5.26Q85.59-7.65 85.59-11.12L85.59-11.12Q85.59-16.74 89.37-19.84L89.37-19.84Q91.84-21.91 96.08-21.91L96.08-21.91ZM97.38-4.68L101.75-4.68L101.75-17.23L97.38-17.23Q94.50-17.23 93.02-15.30L93.02-15.30Q91.71-13.68 91.71-11.12L91.71-11.12Q91.71-7.38 93.87-5.76L93.87-5.76Q95.36-4.68 97.38-4.68L97.38-4.68Z"-->
<!-- fill="#2c3e50"-->
<!-- transform="translate(300, 270) scale(4,4)"-->
<!-- ></path>-->
<text x="300" y="100" font-size="50" font-weight="bold">让你的证书永不过期</text>
</g>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 4.7 KiB

20
packages/ui/certd-client/src/App.vue
View File

@@ -1,29 +1,32 @@
<template>
<a-config-provider :locale="locale">
<router-view v-if="routerEnabled" />
<a-config-provider :locale="locale" :theme="settingStore.themeToken">
<fs-form-provider>
<router-view v-if="routerEnabled" />
</fs-form-provider>
</a-config-provider>
</template>
<script lang="ts">
import zhCN from "ant-design-vue/es/locale/zh_CN";
import enUS from "ant-design-vue/es/locale/en_US";
import { provide, ref, nextTick, getCurrentInstance } from "vue";
import { nextTick, provide, ref } from "vue";
import { usePageStore } from "/src/store/modules/page";
import { useResourceStore } from "/src/store/modules/resource";
import { useSettingStore } from "/@/store/modules/settings";
import "dayjs/locale/zh-cn";
import "dayjs/locale/en";
import dayjs from "dayjs";
export default {
name: "App",
setup(props: any, ctx: any) {
setup() {
//刷新页面方法
const routerEnabled = ref(true);
const locale = ref(zhCN);
async function reload() {
routerEnabled.value = false;
await nextTick();
routerEnabled.value = true;
// routerEnabled.value = false;
// await nextTick();
// routerEnabled.value = true;
}
function localeChanged(value: any) {
console.log("locale changed:", value);
@@ -49,7 +52,8 @@ export default {
return {
routerEnabled,
locale
locale,
settingStore
};
}
};

13
packages/ui/certd-client/src/api/modules/api.basic.ts Normal file
View File

@@ -0,0 +1,13 @@
import { request } from "../service";
export type SysPublicSetting = {
registerEnabled:boolean
}
export async function getSysPublicSettings(): Promise<SysPublicSetting> {
return await request({
url: "/basic/settings/public",
method: "get"
});
}

7
packages/ui/certd-client/src/i18n/locale/en.ts
View File

@@ -1,3 +1,8 @@
export default {
app: { crud: { i18n: { name: "name", city: "city", status: "status" } } }
app: { crud: { i18n: { name: "name", city: "city", status: "status" } } },
fs: {
rowHandle: {
title: "Operation"
}
}
};

5
packages/ui/certd-client/src/i18n/locale/zh_CN.ts
View File

@@ -5,5 +5,10 @@ export default {
logoutTip: "确认",
logoutMessage: "确定要注销登录吗?"
}
},
fs: {
rowHandle: {
title: "操作列"
}
}
};

2
packages/ui/certd-client/src/layout/components/source-link/index.vue
View File

@@ -22,7 +22,7 @@ export default defineComponent({
},
{ immediate: true }
);
const middle = "/fast-crud/fs-admin-antdv/blob/main/src/views";
const middle = "/fast-crud/fs-admin-antdv4/blob/main/src/views";
function goSource(prefix: any) {
const path = router.currentRoute.value.fullPath;
window.open(prefix + middle + path + "/index.vue");

6
packages/ui/certd-client/src/layout/components/tabs/index.vue
View File

@@ -2,7 +2,7 @@
<div class="fs-multiple-page-control-group">
<div class="fs-multiple-page-control-content">
<div class="fs-multiple-page-control-content-inner">
<a-tabs class="fs-multiple-page-control fs-multiple-page-sort" :active-key="page.getCurrent" type="editable-card" hide-add @tabClick="handleClick" @edit="handleTabEdit">
<a-tabs class="fs-multiple-page-control fs-multiple-page-sort" :active-key="page.getCurrent" type="editable-card" hide-add @tab-click="handleClick" @edit="handleTabEdit">
<a-tab-pane v-for="item in page.getOpened" :key="item.fullPath" :tab="item.meta?.title || '未命名'" :name="item.fullPath" :closable="isTabClosable(item)" />
</a-tabs>
<!-- <fs-contextmenu v-model:open="contextmenuFlag" :x="contentmenuX" :y="contentmenuY">-->
@@ -16,10 +16,10 @@
<div class="fs-multiple-page-control-btn">
<a-dropdown-button class="control-btn-dropdown" split-button @click="closeAll">
<span class="iconify" data-icon="ion:close-circle" data-inline="false"></span>
<fs-icon icon="ion:close-circle"></fs-icon>
<template #icon><DownOutlined /></template>
<template #overlay>
<a-menu @click="(command:any) => handleControlItemClick(command)">
<a-menu @click="(command: any) => handleControlItemClick(command)">
<a-menu-item key="left">
<fs-icon name="arrow-left" class="fs-mr-10" />
关闭左侧

1
packages/ui/certd-client/src/layout/components/theme/color-picker.vue
View File

@@ -54,6 +54,7 @@ export default defineComponent({
name: "FsThemeColorPicker",
props: {
primaryColor: {
type: String,
default: "#1890ff"
}
},

2
packages/ui/certd-client/src/layout/components/theme/index.vue
View File

@@ -2,7 +2,7 @@
<div class="fs-theme" @click="show()">
<fs-iconify icon="ion:sparkles-outline" />
<a-drawer v-model:open="visible" title="主题设置" placement="right" width="350px" :closable="false" @after-open-change="afterVisibleChange">
<fs-theme-color-picker :primary-color="setting.getTheme.primaryColor" @change="setting.setPrimaryColor"></fs-theme-color-picker>
<fs-theme-color-picker :primary-color="setting.themeConfig?.colorPrimary" @change="setting.setPrimaryColor"></fs-theme-color-picker>
</a-drawer>
</div>
</template>

44
packages/ui/certd-client/src/layout/components/theme/mode-set.vue Normal file
View File

@@ -0,0 +1,44 @@
<template>
<div class="fs-theme-mode">
<a-switch :checked="setting.themeConfig.mode === 'dark'" @update:checked="onChange">
<template #checkedChildren>
<fs-iconify icon="ion:moon" />
</template>
<template #unCheckedChildren>
<fs-iconify icon="ion:sunny" />
</template>
</a-switch>
</div>
</template>
<script lang="ts">
import { ref, defineComponent } from "vue";
import { useSettingStore } from "/@/store/modules/settings";
export default defineComponent({
name: "FsThemeModeSet",
components: {},
setup() {
const setting = useSettingStore();
const onChange = (checked: boolean) => {
if (checked) {
setting.setDarkMode("dark");
} else {
setting.setDarkMode("light");
}
};
return {
setting,
onChange
};
}
});
</script>
<style lang="less">
.fs-theme-mode {
display: inline-flex;
justify-content: center;
align-items: center;
}
</style>

34
packages/ui/certd-client/src/layout/layout-framework.vue
View File

@@ -31,9 +31,18 @@
<!-- Button-->
<!-- </button>-->
<fs-menu class="header-menu" mode="horizontal" :expand-selected="false" :selectable="false" :menus="headerMenus" />
<fs-locale class="btn" />
<!-- <fs-theme-set class="btn" />-->
<fs-user-info class="btn" />
<div class="header-btn">
<fs-locale />
</div>
<!-- <div class="header-btn">-->
<!-- <fs-theme-mode-set />-->
<!-- </div>-->
<div class="header-btn">
<fs-theme-set />
</div>
<div class="header-btn">
<fs-user-info />
</div>
</div>
</a-layout-header>
<fs-tabs></fs-tabs>
@@ -69,11 +78,12 @@ import { useResourceStore } from "../store/modules/resource";
import { usePageStore } from "/@/store/modules/page";
import { MenuFoldOutlined, MenuUnfoldOutlined } from "@ant-design/icons-vue";
import FsThemeSet from "/@/layout/components/theme/index.vue";
import { notification } from "ant-design-vue";
import { env } from "../utils/util.env";
import FsThemeModeSet from "./components/theme/mode-set.vue";
export default {
name: "LayoutFramework",
// eslint-disable-next-line vue/no-unused-components
components: { FsThemeSet, MenuFoldOutlined, MenuUnfoldOutlined, FsMenu, FsLocale, FsSourceLink, FsUserInfo, FsTabs },
components: { FsThemeSet, MenuFoldOutlined, MenuUnfoldOutlined, FsMenu, FsLocale, FsSourceLink, FsUserInfo, FsTabs, FsThemeModeSet },
setup() {
const resourceStore = useResourceStore();
const frameworkMenus = computed(() => {
@@ -100,6 +110,8 @@ export default {
return false;
});
const version = ref(import.meta.env.VITE_APP_VERSION);
const envRef = ref(env);
return {
version,
frameworkMenus,
@@ -107,7 +119,8 @@ export default {
asideMenus,
keepAlive,
asideCollapsed,
asideCollapsedToggle
asideCollapsedToggle,
envRef
};
}
};
@@ -165,11 +178,16 @@ export default {
cursor: pointer;
padding: 0 10px;
}
height: 100%;
& > .btn {
& > .header-btn {
display: inline-flex;
justify-content: center;
align-items: center;
height: 100%;
//border-bottom: 1px solid rgba(255, 255, 255, 0);
&:hover {
background-color: #fff;
color: @primary-color;
}
}
}

15
packages/ui/certd-client/src/layout/layout-outside.vue
View File

@@ -19,15 +19,26 @@
<a href="_self">隐私</a>
<a href="_self">条款</a>
</div>
<div class="copyright">Copyright &copy; 2021 Greper</div>
<div class="copyright">
Copyright &copy; {{ envRef.COPYRIGHT_YEAR }} <a :href="envRef.COPYRIGHT_URL" target="_blank">{{ envRef.COPYRIGHT_NAME }}</a>
</div>
</div>
</div>
</div>
</div>
</template>
<script lang="ts">
import { env } from "/@/utils/util.env";
import { ref } from "vue";
export default {
name: "LayoutOutside"
name: "LayoutOutside",
setup() {
const envRef = ref(env);
return {
envRef
};
}
};
</script>

9
packages/ui/certd-client/src/layout/layout-pass.vue
View File

@@ -1,3 +1,10 @@
<template>
<router-view />
<router-view> </router-view>
</template>
<!--<script lang="ts" setup>-->
<!--import { usePageStore } from "/@/store/modules/page";-->
<!--const pageStore = usePageStore();-->
<!--const keepAlive = pageStore.keepAlive;-->
<!--</script>-->

2
packages/ui/certd-client/src/main.ts
View File

@@ -2,14 +2,12 @@ import { createApp } from "vue";
import App from "./App.vue";
import router from "./router";
import Antd from "ant-design-vue";
import 'ant-design-vue/dist/reset.css';
import "./style/common.less";
import i18n from "./i18n";
import store from "./store";
import components from "./components";
import plugin from "./plugin/";
// 正式项目请删除mock避免影响性能
//import "./mock";

6
packages/ui/certd-client/src/mock/common/mock.dict.ts
View File

@@ -27,9 +27,11 @@ let manyStatus = [
{ value: "2", label: "停止", color: "cyan" },
{ value: "0", label: "关闭", color: "red", icon: "ion:radio-button-off" }
];
for (let i = 0; i < 2; i++) {
manyStatus = manyStatus.concat(_.cloneDeep(manyStatus));
let tempManyStatus: any[] = [];
for (let i = 0; i < 100; i++) {
tempManyStatus = tempManyStatus.concat(_.cloneDeep(manyStatus));
}
manyStatus = tempManyStatus;
let idIndex = 0;
for (const item of manyStatus) {
idIndex++;

9
packages/ui/certd-client/src/mock/index.ts
View File

@@ -1,6 +1,7 @@
import { mock } from "../api/service";
import * as tools from "../api/tools";
import _ from "lodash-es";
import { utils } from "@fast-crud/fast-crud";
// @ts-ignore
const commonMocks: any = import.meta.glob("./common/mock.*.[j|t]s", { eager: true });
// @ts-ignore
@@ -22,8 +23,8 @@ _.forEach(viewMocks, (value) => {
list.forEach((apiFile: any) => {
for (const item of apiFile) {
mock.onAny(new RegExp(item.path)).reply(async (config: any) => {
console.log("------------fake request start -------------");
console.log("request:", config);
utils.logger.debug("------------fake request start -------------");
utils.logger.debug("request:", config);
const data = config.data ? JSON.parse(config.data) : {};
const query = config.url.indexOf("?") >= 0 ? config.url.substring(config.url.indexOf("?") + 1) : undefined;
const params = config.params || {};
@@ -40,8 +41,8 @@ list.forEach((apiFile: any) => {
params: params
};
const ret = await item.handle(req);
console.log("response:", ret);
console.log("------------fake request end-------------");
utils.logger.debug("response:", ret);
utils.logger.debug("------------fake request end-------------");
if (ret.code === 0) {
return tools.responseSuccess(ret.data, ret.msg);
} else {

51
packages/ui/certd-client/src/plugin/fast-crud/index.tsx
View File

@@ -1,9 +1,11 @@
import { request, requestForMock } from "/src/api/service";
import { ColumnCompositionProps, CrudOptions, FastCrud, PageQuery, PageRes, setLogger, TransformResProps, useColumns, UseCrudProps, UserPageQuery, useTypes, useUi } from "@fast-crud/fast-crud";
// import "/src/mock";
import { ColumnCompositionProps, CrudOptions, FastCrud, PageQuery, PageRes, setLogger, TransformResProps, useColumns, UseCrudProps, UserPageQuery, useTypes, utils } from "@fast-crud/fast-crud";
import "@fast-crud/fast-crud/dist/style.css";
import { FsExtendsCopyable, FsExtendsEditor, FsExtendsJson, FsExtendsTime, FsExtendsUploader, FsUploaderS3SignedUrlType } from "@fast-crud/fast-extends";
import { FsExtendsCopyable, FsExtendsEditor, FsExtendsJson, FsExtendsTime, FsExtendsUploader, FsExtendsInput, FsUploaderS3SignedUrlType, FsUploaderGetAuthContext, FsUploaderAliossSTS } from "@fast-crud/fast-extends";
import "@fast-crud/fast-extends/dist/style.css";
import UiAntdv from "@fast-crud/ui-antdv4";
import "@fast-crud/ui-antdv4/dist/style.css";
import _ from "lodash-es";
import { useCrudPermission } from "../permission";
import { App } from "vue";
@@ -28,9 +30,13 @@ function install(app: App, options: any = {}) {
* @param propsuseCrud的参数
*/
commonOptions(props: UseCrudProps): CrudOptions {
utils.logger.debug("commonOptions:", props);
const crudBinding = props.crudExpose?.crudBinding;
const opts: CrudOptions = {
table: {
scroll: {
x: 960
},
size: "small",
pagination: false,
onResizeColumn: (w: number, col: any) => {
@@ -41,7 +47,7 @@ function install(app: App, options: any = {}) {
conditionalRender: {
match(scope) {
//不能用 !scope.value 否则switch组件设置为关之后就消失了
const { value, key } = scope;
const { value, key, props } = scope;
return !value && key != "_index" && value != false;
},
render() {
@@ -57,8 +63,8 @@ function install(app: App, options: any = {}) {
rowHandle: {
buttons: {
view: { type: "link", text: null, icon: "ion:eye-outline" },
copy: { show: true, type: "link", text: null, icon: "ion:copy-outline" },
edit: { type: "link", text: null, icon: "ion:create-outline" },
copy: {show:true,type: "link", text: null, icon: "ion:copy-outline"},
remove: { type: "link", style: { color: "red" }, text: null, icon: "ion:trash-outline" }
},
dropdown: {
@@ -90,7 +96,7 @@ function install(app: App, options: any = {}) {
if (res.offset % pageSize === 0) {
currentPage++;
}
return { currentPage, pageSize, total: res.total, records: res.records };
return { currentPage, pageSize, records: res.records, total: res.total, ...res };
}
},
form: {
@@ -111,7 +117,25 @@ function install(app: App, options: any = {}) {
},
wrapperCol: {
span: null
},
wrapper: {
saveRemind: true
// inner: true,
// innerContainerSelector: "main.fs-framework-content"
}
},
columns: {
// createdAt: {
// title: "创建时间",
// type: "datetime",
// form: {
// show: false
// },
// column: {
// show: false,
// order: 1000
// }
// }
}
};
@@ -157,19 +181,27 @@ function install(app: App, options: any = {}) {
}
},
alioss: {
keepName: true,
domain: "https://d2p-demo.oss-cn-shenzhen.aliyuncs.com",
bucket: "d2p-plugins",
region: "oss-cn-shenzhen",
accessKeyId: "",
accessKeySecret: "",
keepName: true,
async getAuthorization(custom: any, context: any) {
async getAuthorization(context: FsUploaderGetAuthContext): Promise<FsUploaderAliossSTS> {
// 不传accessKeySecret代表使用临时签名模式,此时此参数必传(安全,生产环境推荐)
const ret = await request({
url: "http://www.docmirror.cn:7070/api/upload/alioss/getAuthorization",
method: "get"
});
console.log("ret", ret);
// 返回结构要求如下
// ret.data:{
// TmpSecretId,
// TmpSecretKey,
// XCosSecurityToken,
// ExpiredTime, // SDK 在 ExpiredTime 时间前,不会再次调用 getAuthorization
// key //【可选】后台生成的文件key如果不传则用前端自己生成的key
// }
return ret;
},
sdkOpts: {
@@ -217,7 +249,7 @@ function install(app: App, options: any = {}) {
}
},
//预签名配置,向后端获取上传的预签名连接
async getSignedUrl(bucket: string, key: string, options: any, type: FsUploaderS3SignedUrlType) {
async getSignedUrl(bucket: string, key: string, options: any, type: FsUploaderS3SignedUrlType = "put") {
return await GetSignedUrl(bucket, key, type);
},
successHandle(ret: any) {
@@ -271,11 +303,12 @@ function install(app: App, options: any = {}) {
app.use(FsExtendsJson);
app.use(FsExtendsTime);
app.use(FsExtendsCopyable);
app.use(FsExtendsInput);
const { addTypes, getType } = useTypes();
//此处演示修改官方字段类型
const textType = getType("text");
textType.search.autoSearchTrigger = "change"; //修改官方的字段类型,设置为文本变化就触发查询
textType.search.autoSearchTrigger = "change"; //修改官方的字段类型,变化就触发 "enter"=回车键触发
// 此处演示自定义字段类型
addTypes({

8
packages/ui/certd-client/src/router/index.ts
View File

@@ -18,7 +18,10 @@ const router = createRouter({
router.beforeEach(async (to, from, next) => {
// 进度条
NProgress.start();
// 修复三级以上路由页面无法缓存的问题
if (to.matched && to.matched.length > 2) {
to.matched.splice(1, to.matched.length - 2);
}
// 验证当前路由所有的匹配中是否需要有登录验证的
if (
to.matched.some((r) => {
@@ -54,6 +57,9 @@ router.afterEach((to: any) => {
NProgress.done();
// 多页控制 打开新的页面
const pageStore = usePageStore();
// for (const item of to.matched) {
// pageStore.keepAlivePush(item.name);
// }
pageStore.open(to);
// 更改标题
site.title(to.meta.title);

1
packages/ui/certd-client/src/router/resolve.ts
View File

@@ -152,3 +152,4 @@ const routes = [...outsideRoutes, ...frameworkRoutes];
const frameworkMenus = frameworkRet.menus;
const headerMenus = headerRet.menus;
export { routes, outsideRoutes, frameworkRoutes, frameworkMenus, headerMenus, findMenus, filterMenus };

37
packages/ui/certd-client/src/router/source/modules/crud.ts
View File

@@ -96,7 +96,22 @@ export const crudResources = [
title: "ResetCrudOptions",
name: "BasisReset",
path: "/crud/basis/reset",
component: "/crud/basis/reset/index.vue"
component: "/crud/basis/reset/index.vue",
meta: {
cache: true
}
},
{
title: "CrudOptions插件",
name: "BasisPlugin",
path: "/crud/basis/plugin",
component: "/crud/basis/plugin/index.vue"
},
{
title: "Ts定义测试",
name: "BasisTsTest",
path: "/crud/basis/ts",
component: "/crud/basis/ts/index.vue"
}
]
},
@@ -193,7 +208,7 @@ export const crudResources = [
component: "/crud/component/select/index.vue"
},
{
title: "表格选择(table-select)",
title: " 表格选择(table-select)",
name: "ComponentTableSelect",
path: "/crud/component/table-select",
component: "/crud/component/table-select/index.vue"
@@ -300,6 +315,12 @@ export const crudResources = [
path: "/crud/component/json",
component: "/crud/component/json/index.vue"
},
{
title: "手机号输入框",
name: "ComponentPhone",
path: "/crud/component/phone",
component: "/crud/component/phone/index.vue"
},
{
title: "组件独立使用",
name: "ComponentIndependent",
@@ -449,6 +470,12 @@ export const crudResources = [
path: "/crud/form/view",
component: "/crud/form/view/index.vue"
},
{
title: "initialForm",
name: "FormInitial",
path: "/crud/form/initial",
component: "/crud/form/initial/index.vue"
},
{
title: "表单Watch",
name: "FormWatch",
@@ -738,6 +765,12 @@ export const crudResources = [
path: "/crud/advanced/in-dialog",
component: "/crud/advanced/in-dialog/index.vue"
},
{
title: "抽屉中显示crud",
name: "AdvancedInDrawer",
path: "/crud/advanced/in-drawer",
component: "/crud/advanced/in-drawer/index.vue"
},
{
title: "大量数据",
name: "AdvancedBigData",

Some files were not shown because too many files have changed in this diff Show More