lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-03 14:10:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: lkddi:v1.20.7
Branches Tags
lkddi:v2 lkddi:v2-dev lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7
...
compare: lkddi:v1.21.2
Branches Tags
lkddi:v2-dev lkddi:v2 lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7

130 Commits
v1.20.7 ... v1.21.2

Author SHA1 Message Date
xiaojunnuo
031df8fc35 v1.21.2 2024-07-08 15:58:51 +08:00
xiaojunnuo
62419a8212 build: prepare to build 2024-07-08 15:57:13 +08:00
xiaojunnuo
09d93af853 build: prepare to build 2024-07-08 15:47:51 +08:00
xiaojunnuo
b6ab178de9 chore: 1 2024-07-08 15:47:36 +08:00
xiaojunnuo
5a08f27d2c build: prepare to build 2024-07-08 15:36:18 +08:00
xiaojunnuo
fe91d94090 perf: 申请证书时可以选择跳过本地dns校验 2024-07-08 15:35:58 +08:00
xiaojunnuo
56ab3269d2 chore: 1 2024-07-08 12:05:56 +08:00
xiaojunnuo
c8243c573f chore: 1 2024-07-08 12:04:59 +08:00
xiaojunnuo
0b769a1c86 v1.21.1 2024-07-08 11:58:09 +08:00
xiaojunnuo
a8189a974d build: prepare to build 2024-07-08 11:46:13 +08:00
xiaojunnuo
322875d241 chore: 1 2024-07-08 11:45:31 +08:00
xiaojunnuo
ed8a54a2bc chore: 1 2024-07-08 11:29:11 +08:00
xiaojunnuo
5ba9831ed1 perf: 上传到主机,支持设置不mkdirs 2024-07-08 11:19:02 +08:00
xiaojunnuo
f9c9fce581 docs: 1 2024-07-08 11:10:08 +08:00
xiaojunnuo
bc650a32cd docs: 1 2024-07-08 10:59:19 +08:00
xiaojunnuo
c6d3e3fe5b docs: 1 2024-07-08 10:57:42 +08:00
xiaojunnuo
73acc62af1 docs: 1 2024-07-08 10:56:19 +08:00
xiaojunnuo
0d4491f3a0 docs: 1 2024-07-08 10:55:55 +08:00
xiaojunnuo
85248044ab docs: 1 2024-07-08 10:53:55 +08:00
xiaojunnuo
c532449102 docs: 1 2024-07-05 10:56:29 +08:00
xiaojunnuo
970c7fd8a0 perf: 说明优化,默认值优化 2024-07-04 02:22:52 +08:00
xiaojunnuo
4656019898 v1.21.0 2024-07-04 01:15:51 +08:00
xiaojunnuo
7eceabb2d8 build: prepare to build 2024-07-04 01:14:33 +08:00
xiaojunnuo
eade2c2b68 feat: 支持zero ssl 2024-07-04 01:14:09 +08:00
xiaojunnuo
6ec950818c v1.20.17 2024-07-03 23:45:57 +08:00
xiaojunnuo
7058b20df4 build: prepare to build 2024-07-03 23:43:55 +08:00
xiaojunnuo
a09b0e48c1 perf: 文件上传提示由cert.crt改为cert.pem 2024-07-03 23:39:12 +08:00
xiaojunnuo
664bb66a91 Merge branch 'client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/package.json
 2024-07-03 23:37:08 +08:00
xiaojunnuo
eba333de7a perf: 优化cname verify 2024-07-03 23:36:06 +08:00
xiaojunnuo
f47b35f6d5 perf: 创建dns解析后,强制等待60s 2024-07-03 23:27:35 +08:00
Greper
c04707c0f7 fix: 修复对Windows powershell 的支持 
修复对Windows powershell 的支持 #73
 2024-07-03 23:22:29 +08:00
ltxhhz
22ebcd4dd1 fixed #73 2024-07-03 18:30:38 +08:00
xiaojunnuo
d46dab4fdd v1.20.16 2024-07-02 00:36:55 +08:00
xiaojunnuo
d44849c53c build: prepare to build 2024-07-02 00:35:41 +08:00
xiaojunnuo
dbc5a3c6b3 docs: 1 2024-07-02 00:33:21 +08:00
xiaojunnuo
4a5fa767ed fix: 修复配置了cdn cname后申请失败的bug 2024-07-02 00:18:28 +08:00
xiaojunnuo
1b7debc6a4 Merge remote-tracking branch 'origin/acme_sync' into v2 
# Conflicts:
#	packages/core/acme-client/package.json
#	packages/core/acme-client/src/auto.js
#	packages/core/acme-client/src/axios.js
#	packages/core/acme-client/src/http.js
 2024-07-01 23:09:57 +08:00
xiaojunnuo
19a6b94680 v1.20.15 2024-06-28 16:06:55 +08:00
xiaojunnuo
65a72b8d60 build: prepare to build 2024-06-28 14:27:19 +08:00
xiaojunnuo
7f61cab101 perf: 支持windows文件上传 2024-06-27 16:38:43 +08:00
GitHub Actions Bot
692e2b5b96 🔱: [client] sync upgrade with 2 commits [trident-sync] 
perf: 增加示例,FsInDrawer
 2024-06-26 19:24:03 +00:00
xiaojunnuo
37caef38ad chore: 1 2024-06-26 19:07:37 +08:00
xiaojunnuo
9cc01db1d5 fix: 修复无法强制取消任务的bug 2024-06-26 19:05:35 +08:00
xiaojunnuo
9172440f79 chore: 1 2024-06-26 18:37:36 +08:00
xiaojunnuo
e0eb3a4413 perf: 腾讯云dns provider 支持腾讯云的accessId 2024-06-26 18:36:11 +08:00
xiaojunnuo
ae0f16bf35 chore: doc 2024-06-26 13:58:17 +08:00
xiaojunnuo
6c9ed162e3 chore: doc 2024-06-26 13:48:22 +08:00
xiaojunnuo
3849b52cdf chore: ssh优化 2024-06-25 12:28:37 +08:00
xiaojunnuo
9ecfcb5814 chore: ssh优化 2024-06-25 12:25:57 +08:00
xiaojunnuo
54ad09f755 chore: 1 2024-06-25 11:27:13 +08:00
xiaojunnuo
6ee4dc165b chore: 1 2024-06-25 11:22:11 +08:00
xiaojunnuo
8e2eb89696 chore: 1 2024-06-25 11:22:02 +08:00
xiaojunnuo
9d397cc8be chore: 1 2024-06-25 11:02:29 +08:00
xiaojunnuo
cbfb0755b3 chore: 1 2024-06-25 10:52:58 +08:00
xiaojunnuo
d8d127ee9d chore: 1 2024-06-24 09:59:14 +08:00
xiaojunnuo
0ed5430e80 chore: 1 2024-06-24 09:54:41 +08:00
xiaojunnuo
878c1f52fa chore: 1 2024-06-24 09:53:21 +08:00
GitHub Actions Bot
586d23fc55 🔱: [client] sync upgrade with 6 commits [trident-sync] 
build: publish success
fix: 修复多级表头时列设置的问题

https://github.com/fast-crud/fast-crud/issues/175
chore: 1
fix: 修复element示例中远程搜索下拉框label不显示的bug

https://github.com/fast-crud/fast-crud/issues/422
fix: 修复独立使用对话框 openDialog方法await无返回值的bug
 2024-06-23 19:23:47 +00:00
xiaojunnuo
6900452b49 v1.20.14 2024-06-24 01:05:48 +08:00
xiaojunnuo
b97e0e512d build: prepare to build 2024-06-24 01:04:25 +08:00
xiaojunnuo
f740ff517f fix: 修复修改密码功能异常问题 2024-06-24 01:04:03 +08:00
xiaojunnuo
e5989fe023 v1.20.13 2024-06-19 00:56:42 +08:00
xiaojunnuo
4323156fbe build: prepare to build 2024-06-19 00:54:13 +08:00
xiaojunnuo
3c721901c5 chore: 1 2024-06-19 00:53:53 +08:00
xiaojunnuo
5c2c50839a perf: ssh登录支持openssh格式私钥、支持私钥密码 2024-06-19 00:21:13 +08:00
xiaojunnuo
fd54c2ffac perf: 增加警告,修复一些样式错乱问题 2024-06-19 00:20:35 +08:00
xiaojunnuo
7e483e6091 fix: 修复logo问题 2024-06-19 00:19:48 +08:00
xiaojunnuo
80c48e9acd Merge remote-tracking branch 'origin/v2' into v2 2024-06-18 23:50:04 +08:00
xiaojunnuo
b98f1c0dd0 fix: 修复邮箱设置页面SMTP拼写错误的问题 
https://github.com/certd/certd/issues/69
 2024-06-18 23:09:32 +08:00
Greper
b53874a0b8 fix: 日志高度越界 
fix: 日志高度越界
 2024-06-18 23:07:55 +08:00
shenan
c4c9adb8bf fix: 日志高度越界 2024-06-18 11:46:54 +08:00
xiaojunnuo
eed265faf1 v1.20.12 2024-06-17 23:10:07 +08:00
xiaojunnuo
3dc6dd403d build: prepare to build 2024-06-17 23:08:33 +08:00
xiaojunnuo
deb9ba0c43 chore: 1 2024-06-16 02:56:49 +08:00
xiaojunnuo
fa33ff499d Merge branch 'client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/.env
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/index.html
#	packages/ui/certd-client/package.json
#	packages/ui/certd-client/public/images/logo/rect-black.svg
#	packages/ui/certd-client/public/images/logo/square.svg
#	packages/ui/certd-client/src/layout/components/theme/index.vue
#	packages/ui/certd-client/src/layout/layout-framework.vue
#	packages/ui/certd-client/src/layout/layout-outside.vue
#	packages/ui/certd-client/src/main.ts
#	packages/ui/certd-client/src/plugin/fast-crud/index.tsx
#	packages/ui/certd-client/src/router/source/header.ts
#	packages/ui/certd-client/src/store/modules/settings.ts
#	packages/ui/certd-client/src/style/common.less
#	packages/ui/certd-client/src/views/crud/form/independent/index.vue
#	packages/ui/certd-client/src/views/framework/login/index.vue
#	packages/ui/certd-client/src/views/framework/register/index.vue
#	packages/ui/certd-client/vite.config.ts
 2024-06-16 02:47:41 +08:00
xiaojunnuo
2ed4967744 chore: 1 2024-06-16 02:36:22 +08:00
GitHub Actions Bot
ad360e81cb 🔱: [client] sync upgrade with 21 commits [trident-sync] 
perf: 优化antdv4 示例授权页面tree的样式
build: publish success
chore: 1
chore: 1
chore: 1
fix: getFileName支持item参数

https://github.com/fast-crud/fast-crud/issues/385
fix: fs-form独立使用支持插槽

https://github.com/fast-crud/fast-crud/issues/389
fix: 修复三级以上路由页面无法缓存的问题

https://github.com/fast-crud/fast-crud/issues/394
perf: form.wrapper.buttons支持compute动态计算
feat: 表单支持变更关闭前提醒保存,form.wrapper支持beforeClose事件
fix: 修复图片裁剪按钮上下和左右相反的bug

https://github.com/fast-crud/fast-crud/issues/402
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
perf: fs-dict-tree支持插槽

https://github.com/fast-crud/fast-crud/issues/407
perf: 单选、多选、select、tree-select、table-select 都提供selected-change事件,可以获取选中的dict选项
feat: table-select 支持查看模式

https://github.com/fast-crud/fast-crud/issues/413
perf: 优化fs-admin可以在手机上操作
chore: pnpm workspace问题优化
docs: 1
chore: antdv4 支持主题色选择
...
 2024-06-15 18:32:36 +00:00
xiaojunnuo
f95f5188b4 Merge remote-tracking branch 'origin/client_sync' into v2 
# Conflicts:
#	packages/ui/certd-client/CHANGELOG.md
#	packages/ui/certd-client/package.json
 2024-06-16 02:15:46 +08:00
xiaojunnuo
17d1efa395 chore: 1 2024-06-16 02:12:02 +08:00
xiaojunnuo
732cbc5e92 perf: 支持重置管理员密码,忘记密码的补救方案 2024-06-16 02:06:44 +08:00
xiaojunnuo
5d2d0955b1 docs: 1 2024-06-16 00:42:17 +08:00
xiaojunnuo
20feacea12 perf: 增加系统设置,可以关闭自助注册功能 2024-06-16 00:20:02 +08:00
xiaojunnuo
575bf2b73b docs: 1 2024-06-15 02:22:29 +08:00
xiaojunnuo
934e6e2bd0 perf: 增加cloudflare access token说明 2024-06-15 02:20:46 +08:00
xiaojunnuo
fbb9a47e8f perf: 支持cloudflare域名 2024-06-15 02:17:34 +08:00
xiaojunnuo
368132daae chore: 1 2024-06-14 01:26:50 +08:00
xiaojunnuo
3d54d04017 chore: 1 2024-06-14 01:25:30 +08:00
xiaojunnuo
5b1494b3ce fix: 修复aliyun域名超过100个找不到域名的bug 2024-06-14 01:22:07 +08:00
xiaojunnuo
ebf2a820cc chore: CF准备开始 2024-06-11 01:55:29 +08:00
GitHub Actions Bot
9caa4cd1d4 🔱: [client] sync upgrade with 3 commits [trident-sync] 
build: publish success
fix: 修复三级以上路由页面无法缓存的问题

https://github.com/fast-crud/fast-crud/issues/394
 2024-06-09 19:23:54 +00:00
GitHub Actions Bot
91fd80d44f 🔱: [client] sync upgrade with 3 commits [trident-sync] 
perf: alioss getAuthorization接口支持后台返回key

https://github.com/fast-crud/fast-crud/issues/405
fix: edit-wang 改成edit-wang5

https://github.com/fast-crud/fast-crud/issues/409
 2024-06-08 19:24:01 +00:00
GitHub Actions Bot
f932e553b0 🔱: [client] sync upgrade with 2 commits [trident-sync] 
chore: pnpm workspace问题优化
 2024-05-30 19:23:48 +00:00
xiaojunnuo
0dd4953197 chore: 1.20.11 2024-05-30 14:55:31 +08:00
xiaojunnuo
aaea6aa1f3 chore: 1.20.11 2024-05-30 14:41:29 +08:00
xiaojunnuo
ab4a0aea70 chore: 1.20.11 2024-05-30 14:27:43 +08:00
xiaojunnuo
29f923537e chore: 1.20.10 2024-05-30 14:26:44 +08:00
xiaojunnuo
24aa416740 chore: 1.20.10 2024-05-30 14:17:43 +08:00
xiaojunnuo
08e517ff00 chore: 1.20.10 2024-05-30 13:59:27 +08:00
xiaojunnuo
29f65389bd chore: 1.20.10 2024-05-30 13:59:05 +08:00
xiaojunnuo
960a1964c7 chore: 1.20.10 2024-05-30 13:52:24 +08:00
xiaojunnuo
760d54ba85 chore: 1.20.10 2024-05-30 12:23:36 +08:00
xiaojunnuo
b1b21d3efc chore: 1.20.10 2024-05-30 12:23:09 +08:00
xiaojunnuo
5acd7f6fb6 chore: 1.20.10 2024-05-30 12:03:59 +08:00
xiaojunnuo
a31f1c7f5e v1.20.10 2024-05-30 11:39:05 +08:00
xiaojunnuo
660ae7333b build: prepare to build 2024-05-30 11:37:51 +08:00
xiaojunnuo
6cf699b25f chore: 1 2024-05-30 11:37:45 +08:00
xiaojunnuo
7e5dea51a5 build: prepare to build 2024-05-30 11:36:26 +08:00
xiaojunnuo
92446c3399 perf: 上传到主机插件支持复制到本机路径 2024-05-30 10:54:18 +08:00
xiaojunnuo
d9eb927b0a perf: 优化文件下载包名 2024-05-30 10:12:48 +08:00
xiaojunnuo
39ad7597fa perf: 增加任务复制功能 2024-05-28 17:07:20 +08:00
xiaojunnuo
83d1bda56a pref: 调整插件目录,增加一些帮助说明 2024-05-27 18:39:47 +08:00
xiaojunnuo
20bc5aa6c7 pref: 调整插件目录,增加一些帮助说明 2024-05-27 18:38:41 +08:00
GitHub Actions Bot
162e10909b 🔱: [acme] sync upgrade with 7 commits [trident-sync] 
Small crypto docs fix 2
Small crypto docs fix
Bump v5.3.1
Discourage use of cert subject common name, examples and docs
Style refactor docs and examples
Bump dependencies
 2024-05-23 19:24:12 +00:00
GitHub Actions Bot
0f1ae6ccd9 🔱: [acme] sync upgrade with 3 commits [trident-sync] 
Clean up eslintrc, style refactor and formatting fixes
Update auto.js

see https://github.com/publishlab/node-acme-client/issues/88#issuecomment-2105255828
 2024-05-22 19:24:07 +00:00
Greper
dd730f6beb Merge pull request #51 from certd/acme_sync 
[acme] sync upgrade [trident-sync]
 2024-05-22 03:24:13 +08:00
GitHub Actions Bot
c9d5cda953 🔱: [acme] sync upgrade with 7 commits [trident-sync] 
Add Node v22 to test matrix
Postpone Pebble bump, v2.5.1 broke EAB tests
Bump Pebble v2.5.1
Allow client.auto() being called with an empty CSR common name
Carry EAB over to new HttpClient when updating account key
Ignore actrc
 2024-05-21 19:24:05 +00:00
GitHub Actions Bot
33fb1a6bf3 🔱: [client] sync upgrade with 2 commits [trident-sync] 
docs: 修改依赖增加workspace:
 2024-05-10 19:23:53 +00:00
xiaojunnuo
a1344245cd chore: 2024-04-15 13:53:05 +08:00
xiaojunnuo
fe2ca6bed3 chore: 2024-04-08 10:13:34 +08:00
xiaojunnuo
19a3c7874a Merge remote-tracking branch 'origin/v2' into v2 2024-04-08 10:09:04 +08:00
xiaojunnuo
83e40836eb fix: 增加权限相关helper说明 2024-04-08 10:07:36 +08:00
xiaojunnuo
4304c9443a fix: 增加权限相关helper说明 2024-04-08 10:05:11 +08:00
xiaojunnuo
b72f8e796c chore: 2024-03-22 13:14:29 +08:00
xiaojunnuo
7c15f52368 chore: 2024-03-22 12:00:51 +08:00
xiaojunnuo
adf569eb62 v1.20.9 2024-03-22 11:29:56 +08:00
xiaojunnuo
340801e743 build: prepare to build 2024-03-22 11:26:51 +08:00
xiaojunnuo
80f96b5b26 v1.20.8 2024-03-22 11:22:58 +08:00
xiaojunnuo
6646ec888f build: prepare to build 2024-03-22 11:19:03 +08:00
xiaojunnuo
e6cab51031 chore: 2024-03-22 11:18:51 +08:00
GitHub Actions Bot
56a1f8158a 🔱: [client] sync upgrade with 3 commits [trident-sync] 
build: publish success
chore:
 2024-03-21 19:24:00 +00:00
473 changed files with 7742 additions and 5410 deletions
Expand all files Collapse all files

1
.npmrc
View File

@@ -0,0 +1 @@
link-workspace-packages=deep

97
CHANGELOG.md
View File

@@ -3,6 +3,103 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
### Performance Improvements
* 申请证书时可以选择跳过本地dns校验 ([fe91d94](https://github.com/certd/certd/commit/fe91d94090d22ed0a3ea753ba74dfaa1bf057c17))
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
### Performance Improvements
* 上传到主机支持设置不mkdirs ([5ba9831](https://github.com/certd/certd/commit/5ba9831ed1aa6ec6057df246f1035b36b9c41d2e))
* 说明优化,默认值优化 ([970c7fd](https://github.com/certd/certd/commit/970c7fd8a0f557770e973d8462ee5684ef742810))
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
### Features
* 支持zero ssl ([eade2c2](https://github.com/certd/certd/commit/eade2c2b681569f03e9cd466e7d5bcd6703ed492))
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
### Performance Improvements
* 创建dns解析后强制等待60s ([f47b35f](https://github.com/certd/certd/commit/f47b35f6d5bd7d675005c3e286b7e9a029201f8b))
* 文件上传提示由cert.crt改为cert.pem ([a09b0e4](https://github.com/certd/certd/commit/a09b0e48c176f3ed763791bd50322c29729f7c1c))
* 优化cname verify ([eba333d](https://github.com/certd/certd/commit/eba333de7a5b5ef4b0b7eaa904f578720102fa61))
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
### Bug Fixes
* 修复配置了cdn cname后申请失败的bug ([4a5fa76](https://github.com/certd/certd/commit/4a5fa767edc347d03d29a467e86c9a4d70b0220c))
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
### Bug Fixes
* 修复无法强制取消任务的bug ([9cc01db](https://github.com/certd/certd/commit/9cc01db1d569a5c45bb3e731f35d85df324a8e62))
### Performance Improvements
* 腾讯云dns provider 支持腾讯云的accessId ([e0eb3a4](https://github.com/certd/certd/commit/e0eb3a441384d474fe2923c69b25318264bdc9df))
* 支持windows文件上传 ([7f61cab](https://github.com/certd/certd/commit/7f61cab101fa13b4e88234e9ad47434e6130fed2))
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
### Bug Fixes
* 修复修改密码功能异常问题 ([f740ff5](https://github.com/certd/certd/commit/f740ff517f521dce361284c2c54bccc68aee0ea2))
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
### Bug Fixes
* 日志高度越界 ([c4c9adb](https://github.com/certd/certd/commit/c4c9adb8bfd513f57252e523794e3799a9b220f8))
* 修复邮箱设置页面SMTP拼写错误的问题 ([b98f1c0](https://github.com/certd/certd/commit/b98f1c0dd0bc6c6b4f814c578692afdf6d90b88d))
* 修复logo问题 ([7e483e6](https://github.com/certd/certd/commit/7e483e60913d509b113148c735fe13ba1d72dddf))
### Performance Improvements
* 增加警告,修复一些样式错乱问题 ([fd54c2f](https://github.com/certd/certd/commit/fd54c2ffac492222e85ff2f5f49a9ee5cfc73588))
* ssh登录支持openssh格式私钥、支持私钥密码 ([5c2c508](https://github.com/certd/certd/commit/5c2c50839a9076004f9034d754ac6deb531acdfb))
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/certd/certd/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 增加系统设置,可以关闭自助注册功能 ([20feace](https://github.com/certd/certd/commit/20feacea12d43386540db6a600f391d786be4014))
* 增加cloudflare access token说明 ([934e6e2](https://github.com/certd/certd/commit/934e6e2bd05387cd50ffab95f230933543954098))
* 支持重置管理员密码,忘记密码的补救方案 ([732cbc5](https://github.com/certd/certd/commit/732cbc5e927b526850724594830392b2f10c6705))
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Bug Fixes
* 增加权限相关helper说明 ([83e4083](https://github.com/certd/certd/commit/83e40836ebff10bec60efe8933183e1ba1c22bf9))
* 增加权限相关helper说明 ([4304c94](https://github.com/certd/certd/commit/4304c9443ad9248f63dd6d8c512d8d6f32f90d37))
### Performance Improvements
* 上传到主机插件支持复制到本机路径 ([92446c3](https://github.com/certd/certd/commit/92446c339936f98f08f654b8971a7393d8435224))
* 优化文件下载包名 ([d9eb927](https://github.com/certd/certd/commit/d9eb927b0a1445feab08b1958aa9ea80637a5ae6))
* 增加任务复制功能 ([39ad759](https://github.com/certd/certd/commit/39ad7597fa0e19cc1f7631bbd6fea0a9e05a62c9))
## [1.20.9](https://github.com/certd/certd/compare/v1.20.8...v1.20.9) (2024-03-22)
**Note:** Version bump only for package root
## [1.20.8](https://github.com/certd/certd/compare/v1.20.7...v1.20.8) (2024-03-22)
**Note:** Version bump only for package root
## [1.20.7](https://github.com/certd/certd/compare/v1.20.6...v1.20.7) (2024-03-22)
**Note:** Version bump only for package root

102
README.md
View File

@@ -1,13 +1,15 @@
# CertD
CertD 是一个免费全自动申请和部署SSL证书的工具。
CertD 是一个免费全自动申请和自动部署更新SSL证书的工具。
后缀D取自linux守护进程的命名风格意为证书守护进程。
## 一、特性
本项目不仅支持证书申请过程自动化,还可以自动化部署证书,让你的证书永不过期。
关键字:证书自动申请、证书自动更新、证书自动续期、证书自动续签
* 全自动申请证书(支持阿里云、腾讯云、华为云注册的域名)
*自动部署证书(目前支持服务器上传部署、部署到阿里云、腾讯云等)
## 一、特性
本项目不仅支持证书申请过程自动化,还可以自动部署更新证书,让你的证书永不过期。
* 全自动申请证书支持阿里云、腾讯云、华为云、Cloudflare注册的域名
* 全自动部署更新证书(目前支持服务器上传部署、部署到阿里云、腾讯云等)
* 支持通配符域名
* 支持多个域名打到一个证书上
* 邮件通知
@@ -42,24 +44,32 @@ https://certd.handsfree.work/
### 1. 安装docker、docker-compose
1.1 安装docker
https://docs.docker.com/engine/install/
1.1 准备一台云服务器
* 【阿里云】云服务器2核2G新老用户同享99元/年,续费同价!【 [立即购买](https://www.aliyun.com/benefit?scm=20140722.M_10244282._.V_1&source=5176.11533457&userCode=qya11txb )】
* 【腾讯云】云服务器2核2G新老用户同享99元/年,续费同价!【 [立即购买](https://cloud.tencent.com/act/cps/redirect?redirect=6094&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9&from=console)】
1.2 安装docker
https://docs.docker.com/engine/install/
选择对应的操作系统,按照官方文档执行命令即可
1.2 安装docker-compose
https://docs.docker.com/compose/install/linux/
### 2. 下载docker-compose.yaml文件
[docker-compose.yaml下载](https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml)
```bash
mkdir certd
cd certd
# wget下载docker-compose.yaml文件
wget https://raw.githubusercontent.com/certd/certd/v2/docker/run/docker-compose.yaml
# 或者使用gitee地址
wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
# 根据需要修改里面的配置
# 1.修改镜像版本号
# 2.配置数据保存路径
# 3.配置certd_auth_jwt_secret
# 1.修改镜像版本号【可选】
# 2.配置数据保存路径【可选】
# 3.配置certd_auth_jwt_secret【必须】
vi docker-compose.yaml
@@ -71,14 +81,14 @@ https://github.com/certd/certd/releases
### 3. 运行
```bash
# 如果docker compose是插件化安装
export CERTD_VERSION=1.2.0
export CERTD_VERSION=latest
docker compose up -d
#如果docker compose是独立安装
export CERTD_VERSION=1.2.0
docker-compose up -d
```
如果提示 没有compose命令,请安装docker-compose
https://docs.docker.com/compose/install/linux/
### 4. 访问
http://your_server_ip:7001
@@ -86,20 +96,56 @@ http://your_server_ip:7001
记得修改密码
## 五、一些说明
### 5. 升级
* 修改版本号,重新运行 `docker compose up -d` 即可
* 数据存在`/data/certd`目录下,不用担心数据丢失
## 五、一些说明
* 本项目ssl证书提供商为letencrypt
* 申请过程遵循acme协议
* 需要验证域名所有权一般有两种方式目前本项目仅支持dns-01
* http-01 在网站根目录下放置一份txt文件
* dns-01 需要给域名添加txt解析记录通配符域名只能用这种方式
* 证书续期:
* 实际上acme并没有续期概念
* 我们所说的续期,其实就是按照全套流程重新申请一份新证书。
* 实际上没有办法不改变证书文件本身情况下直接续期或者续签
* 我们所说的续期,其实就是按照全套流程重新申请一份新证书,然后重新部署上去
* 免费证书过期时间90天以后可能还会缩短所以自动化部署必不可少
* 设置每天自动运行当证书过期前20天会自动重新申请证书并部署
## 六、联系作者
## 六、不同平台的设置说明
* [Cloudflare](./doc/cf/cf.md)
* [腾讯云](./doc/tencent/tencent.md)
* [windows主机](./doc/host/host.md)
## 七、问题处理
### 7.1 忘记管理员密码
解决方法如下:
1. 修改docker-compose.yaml文件将环境变量`certd_system_resetAdminPassword`改为`true`
```yaml
services:
certd:
environment: # 环境变量
- certd_system_resetAdminPassword=false
```
2. 重启容器
```shell
docker compose up -d
docker logs -f --tail 500 certd
# 观察日志当日志中输出“重置1号管理员用户的密码完成”即可操作下一步
```
3. 修改docker-compose.yaml`certd_system_resetAdminPassword`改回`false`
4. 再次重启容器
```shell
docker compose up -d
```
5. 使用admin/123456登录系统请及时修改管理员密码
## 八、联系作者
如有疑问欢迎加入群聊请备注certd
* QQ群141236433
* 微信群:
@@ -111,7 +157,7 @@ http://your_server_ip:7001
<img height="230" src="./doc/images/me.png">
</p>
## 捐赠
## 九、捐赠
媳妇儿说:“一天到晚搞开源,也不管管老婆孩子!😡😡😡”
拜托各位捐赠支持一下,让媳妇儿开心开心,我也能有更多时间进行开源项目,感谢🙏🙏🙏
<p align="center">
@@ -119,12 +165,16 @@ http://your_server_ip:7001
</p>
## 、贡献代码
## 、贡献代码
[贡献插件教程](./packages/plugins/plugin-center/README.md)
[贡献插件教程](./plugin.md)
## 、我的其他项目
## 十一、我的其他项目
* [袖手GPT](https://ai.handsfree.work/) ChatGPT国内可用无需FQ每日免费额度
* [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架
* [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具无需FQ解决github无法访问的问题
## 十二、版本更新日志
https://github.com/certd/certd/blob/v2/CHANGELOG.md

3
deploy.js
View File

@@ -1,8 +1,7 @@
import http from 'axios'
import fs from 'fs'
//读取 packages/core/pipline/package.json的版本号
import {default as packageJson} from './packages/core/pipeline/package.json';
import {default as packageJson} from './packages/core/pipeline/package.json' assert { type: "json" };
const certdVersion = packageJson.version
console.log("certdVersion", certdVersion)

15
doc/cf/cf.md Normal file
View File

@@ -0,0 +1,15 @@
# Cloudflare
## CF Token申请
### 申请地址:
https://dash.cloudflare.com/profile/api-tokens
### 权限设置:
需要设置权限和资源范围
权限包括Zone.Zone.edit, Zone.DNS.edit
资源范围要包含对应域名推荐直接设置为All Zones
最终效果如下,可以切换语言为英文对比如下图检查
![](./cf_token.png)

BIN
doc/cf/cf_token.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 45 KiB

24
doc/host/host.md Normal file
View File

@@ -0,0 +1,24 @@
# 远程主机
远程主机基于ssh协议通过ssh连接远程主机执行命令。
## windows开启OpenSSH Server
1. 安装OpenSSH Server
请前往Microsoft官方文档查看如何开启openSSH
https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui#install-openssh-for-windows
2. 启动OpenSSH Server服务
```
win+R 弹出运行对话框,输入 services.msc 打开服务管理器
找到 OpenSSH SSH Server
启动ssh server服务并且设置为自动启动
```
3. 测试ssh登录
使用你常用的ssh客户端连接你的windows主机进行测试
```cmd
# 如何确定你用户名
C:\Users\xiaoj>
↑↑↑↑---------这个就是windows ssh的登录用户名
```

BIN
doc/images/15-2-email.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 35 KiB

After

Width:  |  Height:  |  Size: 145 KiB

BIN
doc/tencent/dnspod-token.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 149 KiB

BIN
doc/tencent/tencent-access.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 KiB

16
doc/tencent/tencent.md Normal file
View File

@@ -0,0 +1,16 @@
# 腾讯云
## DNSPOD 授权设置
目前腾讯云管理的域名的dns暂时只支持从DNSPOD进行设置
打开 https://console.dnspod.cn/account/token/apikey
然后按如下方式获取DNSPOD的授权
![](./dnspod-token.png)
## 腾讯云API密钥设置
腾讯云其他部署需要API密钥需要在腾讯云控制台进行设置
打开 https://console.cloud.tencent.com/cam/capi
然后按如下方式获取腾讯云的API密钥
![](./tencent-access.png)

4
docker/image/Dockerfile
View File

@@ -1,12 +1,14 @@
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/node:16-alpine
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/node:18-alpine
EXPOSE 7001
ENV NODE_ENV production
ENV MIDWAY_SERVER_ENV production
WORKDIR /app/
#RUN npm install -g pnpm
#RUN npm install cross-env -g --registry=https://registry.npmmirror.com
#RUN npm install pm2 -g --registry=https://registry.npmmirror.com
#RUN pm2 install pm2-logrotate
ADD ./workspace/certd-server/ /app/
RUN sed -i "s/workspace://g" "/app/package.json"
RUN yarn install --production --registry=https://registry.npmmirror.com
#RUN yarn install --production
RUN npm run build

9
docker/run/Dockerfile
View File

@@ -1,9 +0,0 @@
FROM registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
EXPOSE 7001
RUN npm run build
#RUN npm install pm2 -g --registry=https://registry.npmmirror.com
#CMD ["pm2-runtime", "start", "./bootstrap.js","--name", "certd","-i","1","--", "-p", "7001"]
CMD ["npm","run", "start"]

11
docker/run/docker-compose.yaml
View File

@@ -1,19 +1,22 @@
version: '3.3'
services:
certd:
# 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest
# 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest 如果设置了环境变量 export CERTD_VERSION=latest这里可以不修改
image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${CERTD_VERSION}
container_name: certd # 容器名
restart: unless-stopped # 重启
restart: unless-stopped # 自动重启
volumes:
# ↓↓↓↓↓ ------------------------------------------------------- 2、 修改数据库以及证书存储路径
# ↓↓↓↓↓ ------------------------------------------------------- 2、 修改数据库以及证书存储路径【可选】
- /data/certd:/app/data
ports: # 端口映射
# ↓↓↓↓ 如果端口有冲突可以修改第一个7001为其他不冲突的端口号
- "7001:7001"
environment: # 环境变量
- TZ=Asia/Shanghai
- certd_auth_jwt_secret=changeme
# ↑↑↑↑↑ ---------------------------------- 3、 修改成你的自定义密钥
# ↑↑↑↑↑ ---------------------------------- 3、 修改成你的自定义密钥【必须,安全需要】
- certd_system_resetAdminPassword=false
# ↑↑↑↑↑ 如果忘记管理员密码可以设置为true重启之后管理员密码将改成123456然后请及时修改回false
# 设置环境变量即可自定义certd配置
# 服务端配置项见: packages/ui/certd-server/src/config/config.default.ts
# 服务端配置规则: certd_ + 配置项, 点号用_代替

0
docker/run/build.sh → docker/run/run.sh Executable file → Normal file
View File

2
lerna.json
View File

@@ -9,5 +9,5 @@
}
},
"npmClient": "pnpm",
"version": "1.20.7"
"version": "1.21.2"
}

8
package.json
View File

@@ -12,12 +12,12 @@
"scripts": {
"start": "lerna bootstrap --hoist",
"i-all": "lerna link && lerna exec npm install ",
"publish": "npm run proxy && npm run prepublishOnly1 && lerna publish --conventional-commits && npm run afterpublishOnly && npm run deploy1",
"publish": "npm run prepublishOnly1 && lerna publish --conventional-commits && npm run afterpublishOnly && npm run deploy1",
"afterpublishOnly": "",
"proxy": "npm config set proxy=http://127.0.0.1:10811",
"prepublishOnly1": "npm run before-build && lerna run build ",
"prepublishOnly1": "npm run check && npm run before-build && lerna run build ",
"before-build": "cd ./packages/core/acme-client && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
"deploy1": "node --experimental-json-modules deploy.js "
"deploy1": "node --experimental-json-modules deploy.js ",
"check": "node --experimental-json-modules publish-check.js"
},
"license": "AGPL-3.0",
"dependencies": {

7
packages/core/acme-client/.eslintrc.yml
View File

@@ -9,15 +9,8 @@ env:
rules:
indent: [2, 4, { SwitchCase: 1, VariableDeclarator: 1 }]
brace-style: [2, 'stroustrup', { allowSingleLine: true }]
space-before-function-paren: [2, { anonymous: 'never', named: 'never' }]
func-names: 0
prefer-destructuring: 0
object-curly-newline: 0
class-methods-use-this: 0
wrap-iife: [2, 'inside']
no-param-reassign: 0
comma-dangle: [2, 'never']
max-len: [1, 200, 2, { ignoreUrls: true, ignoreComments: false }]
no-multiple-empty-lines: [2, { max: 2, maxBOF: 0, maxEOF: 0 }]
prefer-object-spread: 0
import/no-useless-path-segments: 0

2
packages/core/acme-client/.github/scripts/tests-install-pebble.sh vendored
View File

@@ -28,6 +28,6 @@ chown root:root /usr/local/bin/pebble
chmod 0755 /usr/local/bin/pebble
# Config
sed -i 's/test\/certs\/localhost/\/etc\/pebble/' /etc/pebble/pebble.json
sed -i 's#test/certs/localhost#/etc/pebble#' /etc/pebble/pebble.json
exit 0

5
packages/core/acme-client/.github/workflows/tests.yml vendored
View File

@@ -1,4 +1,3 @@
---
name: test
on: [push, pull_request]
@@ -9,10 +8,9 @@ jobs:
strategy:
matrix:
node: [16, 18, 20]
node: [16, 18, 20, 22]
eab: [0, 1]
#
# Environment
#
@@ -41,7 +39,6 @@ jobs:
ACME_HTTP_PORT: 5002
ACME_HTTPS_PORT: 5003
#
# Pipeline
#

1
packages/core/acme-client/.gitignore vendored
View File

@@ -1,3 +1,4 @@
.actrc
.vscode/
node_modules/
npm-debug.log

70
packages/core/acme-client/CHANGELOG.md
View File

@@ -3,6 +3,69 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/publishlab/node-acme-client/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/acme-client
## [1.21.1](https://github.com/publishlab/node-acme-client/compare/v1.21.0...v1.21.1) (2024-07-08)
**Note:** Version bump only for package @certd/acme-client
# [1.21.0](https://github.com/publishlab/node-acme-client/compare/v1.20.17...v1.21.0) (2024-07-03)
### Features
* 支持zero ssl ([eade2c2](https://github.com/publishlab/node-acme-client/commit/eade2c2b681569f03e9cd466e7d5bcd6703ed492))
## [1.20.17](https://github.com/publishlab/node-acme-client/compare/v1.20.16...v1.20.17) (2024-07-03)
### Performance Improvements
* 创建dns解析后强制等待60s ([f47b35f](https://github.com/publishlab/node-acme-client/commit/f47b35f6d5bd7d675005c3e286b7e9a029201f8b))
* 优化cname verify ([eba333d](https://github.com/publishlab/node-acme-client/commit/eba333de7a5b5ef4b0b7eaa904f578720102fa61))
## [1.20.16](https://github.com/publishlab/node-acme-client/compare/v1.20.15...v1.20.16) (2024-07-01)
### Bug Fixes
* 修复配置了cdn cname后申请失败的bug ([4a5fa76](https://github.com/publishlab/node-acme-client/commit/4a5fa767edc347d03d29a467e86c9a4d70b0220c))
## [1.20.15](https://github.com/publishlab/node-acme-client/compare/v1.20.14...v1.20.15) (2024-06-28)
### Performance Improvements
* 腾讯云dns provider 支持腾讯云的accessId ([e0eb3a4](https://github.com/publishlab/node-acme-client/commit/e0eb3a441384d474fe2923c69b25318264bdc9df))
## [1.20.14](https://github.com/publishlab/node-acme-client/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/acme-client
## [1.20.13](https://github.com/publishlab/node-acme-client/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/acme-client
## [1.20.12](https://github.com/publishlab/node-acme-client/compare/v1.20.10...v1.20.12) (2024-06-17)
### Bug Fixes
* 修复aliyun域名超过100个找不到域名的bug ([5b1494b](https://github.com/publishlab/node-acme-client/commit/5b1494b3ce93d1026dc56ee741342fbb8bf7be24))
### Performance Improvements
* 支持cloudflare域名 ([fbb9a47](https://github.com/publishlab/node-acme-client/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/publishlab/node-acme-client/compare/v1.20.9...v1.20.10) (2024-05-30)
**Note:** Version bump only for package @certd/acme-client
## [1.20.9](https://github.com/publishlab/node-acme-client/compare/v1.20.8...v1.20.9) (2024-03-22)
**Note:** Version bump only for package @certd/acme-client
## [1.20.8](https://github.com/publishlab/node-acme-client/compare/v1.20.7...v1.20.8) (2024-03-22)
**Note:** Version bump only for package @certd/acme-client
## [1.20.7](https://github.com/publishlab/node-acme-client/compare/v1.20.6...v1.20.7) (2024-03-22)
**Note:** Version bump only for package @certd/acme-client
@@ -19,6 +82,11 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
# Changelog
## v5.3.1 (2024-05-22)
* `fixed` Allow `client.auto()` being called with an empty CSR common name
* `fixed` Bug when calling `updateAccountKey()` with external account binding
## v5.3.0 (2024-02-05)
* `added` Support and tests for satisfying `tls-alpn-01` challenges
@@ -51,7 +119,7 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
* `fixed` Upgrade `axios@0.26.1`
* `fixed` Upgrade `node-forge@1.3.0` - [CVE-2022-24771](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24771), [CVE-2022-24772](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24772), [CVE-2022-24773](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24773)
## 4.2.4 (2022-03-19)
## v4.2.4 (2022-03-19)
* `fixed` Use SHA-256 when signing CSRs

39
packages/core/acme-client/README.md
View File

@@ -9,13 +9,13 @@ This module is written to handle communication with a Boulder/Let's Encrypt-styl
## Compatibility
| acme-client | Node.js | |
| ------------- | --------- | ----------------------------------------- |
| v5.x | >= v16 | [Upgrade guide](docs/upgrade-v5.md) |
| v4.x | >= v10 | [Changelog](CHANGELOG.md#v400-2020-05-29) |
| v3.x | >= v8 | [Changelog](CHANGELOG.md#v300-2019-07-13) |
| v2.x | >= v4 | [Changelog](CHANGELOG.md#v200-2018-04-02) |
| v1.x | >= v4 | [Changelog](CHANGELOG.md#v100-2017-10-20) |
| acme-client | Node.js | |
| ----------- | ------- | ----------------------------------------- |
| v5.x | >= v16 | [Upgrade guide](docs/upgrade-v5.md) |
| v4.x | >= v10 | [Changelog](CHANGELOG.md#v400-2020-05-29) |
| v3.x | >= v8 | [Changelog](CHANGELOG.md#v300-2019-07-13) |
| v2.x | >= v4 | [Changelog](CHANGELOG.md#v200-2018-04-02) |
| v1.x | >= v4 | [Changelog](CHANGELOG.md#v100-2017-10-20) |
## Table of contents
@@ -49,7 +49,7 @@ const accountPrivateKey = '<PEM encoded private key>';
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: accountPrivateKey
accountKey: accountPrivateKey,
});
```
@@ -75,8 +75,8 @@ const client = new acme.Client({
accountKey: accountPrivateKey,
externalAccountBinding: {
kid: 'YOUR-EAB-KID',
hmacKey: 'YOUR-EAB-HMAC-KEY'
}
hmacKey: 'YOUR-EAB-HMAC-KEY',
},
});
```
@@ -90,7 +90,7 @@ In some cases, for example with some EAB providers, this account creation step m
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: accountPrivateKey,
accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678'
accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678',
});
```
@@ -113,8 +113,7 @@ const privateRsaKey = await acme.crypto.createPrivateRsaKey();
const privateEcdsaKey = await acme.crypto.createPrivateEcdsaKey();
const [certificateKey, certificateCsr] = await acme.crypto.createCsr({
commonName: '*.example.com',
altNames: ['example.com']
altNames: ['example.com', '*.example.com'],
});
```
@@ -139,7 +138,7 @@ const autoOpts = {
email: 'test@example.com',
termsOfServiceAgreed: true,
challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {},
};
const certificate = await client.auto(autoOpts);
@@ -156,7 +155,7 @@ To modify challenge priority, provide a list of challenge types in `challengePri
```js
await client.auto({
...,
challengePriority: ['http-01', 'dns-01']
challengePriority: ['http-01', 'dns-01'],
});
```
@@ -171,7 +170,7 @@ To completely disable `acme-client`s internal challenge verification, enable `sk
```js
await client.auto({
...,
skipChallengeVerification: true
skipChallengeVerification: true,
});
```
@@ -185,14 +184,14 @@ For more fine-grained control you can interact with the ACME API using the metho
```js
const account = await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: '*.example.com' }
]
{ type: 'dns', value: '*.example.com' },
],
});
```
@@ -207,7 +206,7 @@ const acme = require('acme-client');
acme.axios.defaults.proxy = {
host: '127.0.0.1',
port: 9000
port: 9000,
};
```

2
packages/core/acme-client/build.md
View File

@@ -1 +1 @@
10:30
15:57

28
packages/core/acme-client/docs/client.md
View File

@@ -63,7 +63,7 @@ Create ACME client instance
```js
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: 'Private key goes here'
accountKey: 'Private key goes here',
});
```
**Example**
@@ -75,7 +75,7 @@ const client = new acme.Client({
accountUrl: 'Optional account URL goes here',
backoffAttempts: 10,
backoffMin: 5000,
backoffMax: 30000
backoffMax: 30000,
});
```
**Example**
@@ -86,8 +86,8 @@ const client = new acme.Client({
accountKey: 'Private key goes here',
externalAccountBinding: {
kid: 'YOUR-EAB-KID',
hmacKey: 'YOUR-EAB-HMAC-KEY'
}
hmacKey: 'YOUR-EAB-HMAC-KEY',
},
});
```
<a name="AcmeClient+getTermsOfServiceUrl"></a>
@@ -145,7 +145,7 @@ https://datatracker.ietf.org/doc/html/rfc8555#section-7.3
Create a new account
```js
const account = await client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
```
**Example**
@@ -153,7 +153,7 @@ Create a new account with contact info
```js
const account = await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
```
<a name="AcmeClient+updateAccount"></a>
@@ -174,7 +174,7 @@ https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2
Update existing account
```js
const account = await client.updateAccount({
contact: ['mailto:foo@example.com']
contact: ['mailto:foo@example.com'],
});
```
<a name="AcmeClient+updateAccountKey"></a>
@@ -218,8 +218,8 @@ Create a new order
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: 'test.example.com' }
]
{ type: 'dns', value: 'test.example.com' },
],
});
```
<a name="AcmeClient+getOrder"></a>
@@ -452,7 +452,7 @@ Revoke certificate with reason
```js
const certificate = { ... }; // Previously created certificate
const result = await client.revokeCertificate(certificate, {
reason: 4
reason: 4,
});
```
<a name="AcmeClient+auto"></a>
@@ -479,7 +479,7 @@ Auto mode
Order a certificate using auto mode
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
const certificate = await client.auto({
@@ -491,14 +491,14 @@ const certificate = await client.auto({
},
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {
// Clean up challenge here
}
},
});
```
**Example**
Order a certificate using auto mode with preferred chain
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
const certificate = await client.auto({
@@ -507,7 +507,7 @@ const certificate = await client.auto({
termsOfServiceAgreed: true,
preferredChain: 'DST Root CA X3',
challengeCreateFn: async () => {},
challengeRemoveFn: async () => {}
challengeRemoveFn: async () => {},
});
```
<a name="Client"></a>

13
packages/core/acme-client/docs/crypto.md
View File

@@ -239,29 +239,30 @@ Create a Certificate Signing Request
Create a Certificate Signing Request
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
```
**Example**
Certificate Signing Request with both common and alternative names
> *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
keySize: 4096,
commonName: 'test.example.com',
altNames: ['foo.example.com', 'bar.example.com']
altNames: ['foo.example.com', 'bar.example.com'],
});
```
**Example**
Certificate Signing Request with additional information
```js
const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com',
altNames: ['test.example.com'],
country: 'US',
state: 'California',
locality: 'Los Angeles',
organization: 'The Company Inc.',
organizationUnit: 'IT Department',
emailAddress: 'contact@example.com'
emailAddress: 'contact@example.com',
});
```
**Example**
@@ -270,8 +271,9 @@ Certificate Signing Request with ECDSA private key
const certificateKey = await acme.crypto.createPrivateEcdsaKey();
const [, certificateRequest] = await acme.crypto.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
}, certificateKey);
```
<a name="createAlpnCertificate"></a>
## createAlpnCertificate(authz, keyAuthorization, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
@@ -298,6 +300,7 @@ Create a ALPN certificate with ECDSA private key
```js
const alpnKey = await acme.crypto.createPrivateEcdsaKey();
const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAuthorization, alpnKey);
```
<a name="isAlpnCertificateAuthorizationValid"></a>
## isAlpnCertificateAuthorizationValid(certPem, keyAuthorization) ⇒ <code>boolean</code>

11
packages/core/acme-client/docs/forge.md
View File

@@ -222,29 +222,30 @@ Create a Certificate Signing Request
Create a Certificate Signing Request
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
});
```
**Example**
Certificate Signing Request with both common and alternative names
> *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
keySize: 4096,
commonName: 'test.example.com',
altNames: ['foo.example.com', 'bar.example.com']
altNames: ['foo.example.com', 'bar.example.com'],
});
```
**Example**
Certificate Signing Request with additional information
```js
const [certificateKey, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com',
altNames: ['test.example.com'],
country: 'US',
state: 'California',
locality: 'Los Angeles',
organization: 'The Company Inc.',
organizationUnit: 'IT Department',
emailAddress: 'contact@example.com'
emailAddress: 'contact@example.com',
});
```
**Example**
@@ -253,5 +254,5 @@ Certificate Signing Request with predefined private key
const certificateKey = await acme.forge.createPrivateKey();
const [, certificateRequest] = await acme.forge.createCsr({
commonName: 'test.example.com'
altNames: ['test.example.com'],
}, certificateKey);

16
packages/core/acme-client/examples/api.js
View File

@@ -8,7 +8,6 @@ function log(m) {
process.stdout.write(`${m}\n`);
}
/**
* Function used to satisfy an ACME challenge
*
@@ -25,7 +24,6 @@ async function challengeCreateFn(authz, challenge, keyAuthorization) {
log(keyAuthorization);
}
/**
* Function used to remove an ACME challenge response
*
@@ -41,30 +39,29 @@ async function challengeRemoveFn(authz, challenge, keyAuthorization) {
log(keyAuthorization);
}
/**
* Main
*/
module.exports = async function() {
module.exports = async () => {
/* Init client */
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/* Register account */
await client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
contact: ['mailto:test@example.com'],
});
/* Place new order */
const order = await client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: '*.example.com' }
]
{ type: 'dns', value: '*.example.com' },
],
});
/**
@@ -138,8 +135,7 @@ module.exports = async function() {
/* Finalize order */
const [key, csr] = await acme.crypto.createCsr({
commonName: '*.example.com',
altNames: ['example.com']
altNames: ['example.com', '*.example.com'],
});
const finalized = await client.finalizeOrder(order, csr);

13
packages/core/acme-client/examples/auto.js
View File

@@ -9,7 +9,6 @@ function log(m) {
process.stdout.write(`${m}\n`);
}
/**
* Function used to satisfy an ACME challenge
*
@@ -47,7 +46,6 @@ async function challengeCreateFn(authz, challenge, keyAuthorization) {
}
}
/**
* Function used to remove an ACME challenge response
*
@@ -80,25 +78,24 @@ async function challengeRemoveFn(authz, challenge, keyAuthorization) {
/* Replace this */
log(`Would remove TXT record "${dnsRecord}" with value "${recordValue}"`);
// await dnsProvider.removeRecord(dnsRecord, 'TXT');
// await dnsProvider.removeRecord(dnsRecord, 'TXT', recordValue);
}
}
/**
* Main
*/
module.exports = async function() {
module.exports = async () => {
/* Init client */
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/* Create CSR */
const [key, csr] = await acme.crypto.createCsr({
commonName: 'example.com'
altNames: ['example.com'],
});
/* Certificate */
@@ -107,7 +104,7 @@ module.exports = async function() {
email: 'test@example.com',
termsOfServiceAgreed: true,
challengeCreateFn,
challengeRemoveFn
challengeRemoveFn,
});
/* Done */

12
packages/core/acme-client/examples/dns-01/dns-01.js
View File

@@ -19,7 +19,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* Main
*/
@@ -33,18 +32,16 @@ function log(m) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* Order wildcard certificate
*/
log(`Creating CSR for ${WILDCARD_DOMAIN}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: WILDCARD_DOMAIN,
altNames: [`*.${WILDCARD_DOMAIN}`]
altNames: [WILDCARD_DOMAIN, `*.${WILDCARD_DOMAIN}`],
});
log(`Ordering certificate for ${WILDCARD_DOMAIN}`);
@@ -60,12 +57,11 @@ function log(m) {
challengeRemoveFn: (authz, challenge, keyAuthorization) => {
/* TODO: Implement this */
log(`[TODO] Remove TXT record key=_acme-challenge.${authz.identifier.value} value=${keyAuthorization}`);
}
},
});
log(`Certificate for ${WILDCARD_DOMAIN} created successfully`);
/**
* HTTPS server
*/
@@ -78,7 +74,7 @@ function log(m) {
const httpsServer = https.createServer({
key,
cert
cert,
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

12
packages/core/acme-client/examples/http-01/http-01.js
View File

@@ -23,7 +23,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* On-demand certificate generation using http-01
*/
@@ -52,7 +51,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
/* Create CSR */
log(`Creating CSR for ${servername}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: servername
altNames: [servername],
});
/* Order certificate */
@@ -67,7 +66,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
},
challengeRemoveFn: (authz, challenge) => {
delete challengeResponses[challenge.token];
}
},
});
/* Done, store certificate */
@@ -77,7 +76,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
return certificateStore[servername];
}
/**
* Main
*/
@@ -91,10 +89,9 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* HTTP server
*/
@@ -129,7 +126,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`HTTP server listening on port ${HTTP_SERVER_PORT}`);
});
/**
* HTTPS server
*/
@@ -158,7 +154,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

16
packages/core/acme-client/examples/tls-alpn-01/tls-alpn-01.js
View File

@@ -22,7 +22,6 @@ function log(m) {
process.stdout.write(`${(new Date()).toISOString()} ${m}\n`);
}
/**
* On-demand certificate generation using tls-alpn-01
*/
@@ -51,7 +50,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
/* Create CSR */
log(`Creating CSR for ${servername}`);
const [key, csr] = await acme.crypto.createCsr({
commonName: servername
altNames: [servername],
});
/* Order certificate */
@@ -66,7 +65,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
},
challengeRemoveFn: (authz) => {
delete alpnResponses[authz.identifier.value];
}
},
});
/* Done, store certificate */
@@ -76,7 +75,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
return certificateStore[servername];
}
/**
* Main
*/
@@ -90,10 +88,9 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log('Initializing ACME client');
const client = new acme.Client({
directoryUrl: acme.directory.letsencrypt.staging,
accountKey: await acme.crypto.createPrivateKey()
accountKey: await acme.crypto.createPrivateKey(),
});
/**
* ALPN responder
*/
@@ -118,14 +115,14 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`Found ALPN certificate for ${servername}, serving secure context`);
cb(null, tls.createSecureContext({
key: alpnResponses[servername][0],
cert: alpnResponses[servername][1]
cert: alpnResponses[servername][1],
}));
}
catch (e) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
});
/* Terminate once TLS handshake has been established */
@@ -137,7 +134,6 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`ALPN responder listening on port ${ALPN_RESPONDER_PORT}`);
});
/**
* HTTPS server
*/
@@ -166,7 +162,7 @@ async function getCertOnDemand(client, servername, attempt = 0) {
log(`[ERROR] ${e.message}`);
cb(e.message);
}
}
},
}, requestListener);
httpsServer.listen(HTTPS_SERVER_PORT, () => {

22
packages/core/acme-client/package.json
View File

@@ -3,7 +3,7 @@
"description": "Simple and unopinionated ACME client",
"private": false,
"author": "nmorsman",
"version": "1.20.7",
"version": "1.21.2",
"main": "src/index.js",
"types": "types/index.d.ts",
"license": "MIT",
@@ -16,24 +16,24 @@
"types"
],
"dependencies": {
"@peculiar/x509": "^1.9.7",
"@peculiar/x509": "^1.10.0",
"asn1js": "^3.0.5",
"axios": "^1.6.5",
"axios": "^1.7.2",
"debug": "^4.1.1",
"https-proxy-agent": "^7.0.4",
"node-forge": "^1.3.1"
},
"devDependencies": {
"@types/node": "^20.11.5",
"@types/node": "^20.12.12",
"chai": "^4.4.1",
"chai-as-promised": "^7.1.1",
"eslint": "^8.56.0",
"chai-as-promised": "^7.1.2",
"eslint": "^8.57.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-plugin-import": "^2.29.1",
"jsdoc-to-markdown": "^8.0.0",
"mocha": "^10.2.0",
"nock": "^13.5.0",
"tsd": "^0.30.4",
"jsdoc-to-markdown": "^8.0.1",
"mocha": "^10.4.0",
"nock": "^13.5.4",
"tsd": "^0.31.0",
"typescript": "^4.8.4",
"uuid": "^8.3.2"
},
@@ -59,5 +59,5 @@
"bugs": {
"url": "https://github.com/publishlab/node-acme-client/issues"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

18
packages/core/acme-client/src/api.js
View File

@@ -4,7 +4,6 @@
const util = require('./util');
/**
* AcmeApi
*
@@ -18,7 +17,6 @@ class AcmeApi {
this.accountUrl = accountUrl;
}
/**
* Get account URL
*
@@ -34,7 +32,6 @@ class AcmeApi {
return this.accountUrl;
}
/**
* ACME API request
*
@@ -59,7 +56,6 @@ class AcmeApi {
return resp;
}
/**
* ACME API request by resource name helper
*
@@ -78,7 +74,6 @@ class AcmeApi {
return this.apiRequest(resourceUrl, payload, validStatusCodes, { includeJwsKid, includeExternalAccountBinding });
}
/**
* Get Terms of Service URL if available
*
@@ -91,7 +86,6 @@ class AcmeApi {
return this.http.getMetaField('termsOfService');
}
/**
* Create new account
*
@@ -104,7 +98,7 @@ class AcmeApi {
async createAccount(data) {
const resp = await this.apiResourceRequest('newAccount', data, [200, 201], {
includeJwsKid: false,
includeExternalAccountBinding: (data.onlyReturnExisting !== true)
includeExternalAccountBinding: (data.onlyReturnExisting !== true),
});
/* Set account URL */
@@ -115,7 +109,6 @@ class AcmeApi {
return resp;
}
/**
* Update account
*
@@ -129,7 +122,6 @@ class AcmeApi {
return this.apiRequest(this.getAccountUrl(), data, [200, 202]);
}
/**
* Update account key
*
@@ -143,7 +135,6 @@ class AcmeApi {
return this.apiResourceRequest('keyChange', data, [200]);
}
/**
* Create new order
*
@@ -157,7 +148,6 @@ class AcmeApi {
return this.apiResourceRequest('newOrder', data, [201]);
}
/**
* Get order
*
@@ -171,7 +161,6 @@ class AcmeApi {
return this.apiRequest(url, null, [200]);
}
/**
* Finalize order
*
@@ -186,7 +175,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Get identifier authorization
*
@@ -200,7 +188,6 @@ class AcmeApi {
return this.apiRequest(url, null, [200]);
}
/**
* Update identifier authorization
*
@@ -215,7 +202,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Complete challenge
*
@@ -230,7 +216,6 @@ class AcmeApi {
return this.apiRequest(url, data, [200]);
}
/**
* Revoke certificate
*
@@ -245,6 +230,5 @@ class AcmeApi {
}
}
/* Export API */
module.exports = AcmeApi;

110
packages/core/acme-client/src/auto.js
View File

@@ -4,6 +4,7 @@
const { readCsrDomains } = require('./crypto');
const { log } = require('./logger');
const { wait } = require('./wait');
const defaultOpts = {
csr: null,
@@ -13,10 +14,9 @@ const defaultOpts = {
skipChallengeVerification: false,
challengePriority: ['http-01', 'dns-01'],
challengeCreateFn: async () => { throw new Error('Missing challengeCreateFn()'); },
challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); }
challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); },
};
/**
* ACME client auto mode
*
@@ -25,8 +25,8 @@ const defaultOpts = {
* @returns {Promise<buffer>} Certificate
*/
module.exports = async function(client, userOpts) {
const opts = Object.assign({}, defaultOpts, userOpts);
module.exports = async (client, userOpts) => {
const opts = { ...defaultOpts, ...userOpts };
const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
if (!Buffer.isBuffer(opts.csr)) {
@@ -36,7 +36,9 @@ module.exports = async function(client, userOpts) {
if (opts.email) {
accountPayload.contact = [`mailto:${opts.email}`];
}
if (opts.externalAccountBinding) {
accountPayload.externalAccountBinding = opts.externalAccountBinding;
}
/**
* Register account
@@ -53,19 +55,16 @@ module.exports = async function(client, userOpts) {
await client.createAccount(accountPayload);
}
/**
* Parse domains from CSR
*/
log('[auto] Parsing domains from Certificate Signing Request');
const csrDomains = readCsrDomains(opts.csr);
const domains = [csrDomains.commonName].concat(csrDomains.altNames);
const uniqueDomains = Array.from(new Set(domains));
const { commonName, altNames } = readCsrDomains(opts.csr);
const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));
log(`[auto] Resolved ${uniqueDomains.length} unique domains from parsing the Certificate Signing Request`);
/**
* Place order
*/
@@ -77,7 +76,6 @@ module.exports = async function(client, userOpts) {
log(`[auto] Placed certificate order successfully, received ${authorizations.length} identity authorizations`);
/**
* Resolve and satisfy challenges
*/
@@ -119,10 +117,23 @@ module.exports = async function(client, userOpts) {
let recordItem = null;
try {
recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
log(`[auto] [${d}] challengeCreateFn success`);
log(`[auto] [${d}] add challengeRemoveFn()`);
clearTasks.push(async () => {
/* Trigger challengeRemoveFn(), suppress errors */
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
try {
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
}
catch (e) {
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
}
});
// throw new Error('测试异常');
/* Challenge verification */
if (opts.skipChallengeVerification === true) {
log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=true`);
log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=truewait 60s`);
await wait(60 * 1000);
}
else {
log(`[auto] [${d}] Running challenge verification`);
@@ -140,19 +151,6 @@ module.exports = async function(client, userOpts) {
log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
throw e;
}
finally {
log(`[auto] [${d}] add challengeRemoveFn()`);
clearTasks.push(async () => {
/* Trigger challengeRemoveFn(), suppress errors */
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
try {
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
}
catch (e) {
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
}
});
}
}
catch (e) {
/* Deactivate pending authz when unable to complete challenge */
@@ -177,21 +175,56 @@ module.exports = async function(client, userOpts) {
await challengeFunc(authz);
});
log('开始challenge');
let promise = Promise.resolve();
function runPromisesSerially(tasks) {
function runAllPromise(tasks) {
let promise = Promise.resolve();
tasks.forEach((task) => {
promise = promise.then(task);
});
return promise;
}
async function runPromisePa(tasks) {
const results = [];
// eslint-disable-next-line no-await-in-loop,no-restricted-syntax
for (const task of tasks) {
results.push(task());
// eslint-disable-next-line no-await-in-loop
await wait(10000);
}
return Promise.all(results);
}
try {
await runPromisesSerially(challengePromises);
log('开始challenge');
await runPromisePa(challengePromises);
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
return await client.getCertificate(finalized, opts.preferredChain);
}
catch (e) {
log('证书申请失败');
log(e);
throw new Error(`证书申请失败:${e.message}`);
}
finally {
await runPromisesSerially(clearTasks);
log(`清理challenge痕迹length:${clearTasks.length}`);
try {
await runAllPromise(clearTasks);
}
catch (e) {
log('清理challenge失败');
log(e);
}
}
// try {
@@ -201,19 +234,4 @@ module.exports = async function(client, userOpts) {
// log('清理challenge');
// await Promise.allSettled(clearTasks);
// }
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
return client.getCertificate(finalized, opts.preferredChain);
};

5
packages/core/acme-client/src/axios.js
View File

@@ -5,7 +5,6 @@
const axios = require('axios');
const pkg = require('./../package.json');
/**
* Instance
*/
@@ -19,9 +18,8 @@ instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version
instance.defaults.acmeSettings = {
httpChallengePort: 80,
httpsChallengePort: 443,
tlsAlpnChallengePort: 443
tlsAlpnChallengePort: 443,
};
// instance.defaults.proxy = {
// host: '192.168.34.139',
// port: 10811
@@ -35,7 +33,6 @@ instance.defaults.acmeSettings = {
instance.defaults.adapter = 'http';
/**
* Export instance
*/

62
packages/core/acme-client/src/client.js
View File

@@ -13,7 +13,6 @@ const verify = require('./verify');
const util = require('./util');
const auto = require('./auto');
/**
* ACME states
*
@@ -24,7 +23,6 @@ const validStates = ['ready', 'valid'];
const pendingStates = ['pending', 'processing'];
const invalidStates = ['invalid'];
/**
* Default options
*
@@ -38,10 +36,9 @@ const defaultOpts = {
externalAccountBinding: {},
backoffAttempts: 10,
backoffMin: 5000,
backoffMax: 30000
backoffMax: 30000,
};
/**
* AcmeClient
*
@@ -61,7 +58,7 @@ const defaultOpts = {
* ```js
* const client = new acme.Client({
* directoryUrl: acme.directory.letsencrypt.staging,
* accountKey: 'Private key goes here'
* accountKey: 'Private key goes here',
* });
* ```
*
@@ -73,7 +70,7 @@ const defaultOpts = {
* accountUrl: 'Optional account URL goes here',
* backoffAttempts: 10,
* backoffMin: 5000,
* backoffMax: 30000
* backoffMax: 30000,
* });
* ```
*
@@ -84,8 +81,8 @@ const defaultOpts = {
* accountKey: 'Private key goes here',
* externalAccountBinding: {
* kid: 'YOUR-EAB-KID',
* hmacKey: 'YOUR-EAB-HMAC-KEY'
* }
* hmacKey: 'YOUR-EAB-HMAC-KEY',
* },
* });
* ```
*/
@@ -96,19 +93,17 @@ class AcmeClient {
opts.accountKey = Buffer.from(opts.accountKey);
}
this.opts = Object.assign({}, defaultOpts, opts);
this.opts = { ...defaultOpts, ...opts };
this.backoffOpts = {
attempts: this.opts.backoffAttempts,
min: this.opts.backoffMin,
max: this.opts.backoffMax
max: this.opts.backoffMax,
};
this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding);
this.api = new AcmeApi(this.http, this.opts.accountUrl);
}
/**
* Get Terms of Service URL if available
*
@@ -128,7 +123,6 @@ class AcmeClient {
return this.api.getTermsOfServiceUrl();
}
/**
* Get current account URL
*
@@ -150,7 +144,6 @@ class AcmeClient {
return this.api.getAccountUrl();
}
/**
* Create a new account
*
@@ -162,7 +155,7 @@ class AcmeClient {
* @example Create a new account
* ```js
* const account = await client.createAccount({
* termsOfServiceAgreed: true
* termsOfServiceAgreed: true,
* });
* ```
*
@@ -170,7 +163,7 @@ class AcmeClient {
* ```js
* const account = await client.createAccount({
* termsOfServiceAgreed: true,
* contact: ['mailto:test@example.com']
* contact: ['mailto:test@example.com'],
* });
* ```
*/
@@ -196,7 +189,6 @@ class AcmeClient {
}
}
/**
* Update existing account
*
@@ -208,7 +200,7 @@ class AcmeClient {
* @example Update existing account
* ```js
* const account = await client.updateAccount({
* contact: ['mailto:foo@example.com']
* contact: ['mailto:foo@example.com'],
* });
* ```
*/
@@ -236,7 +228,6 @@ class AcmeClient {
return resp.data;
}
/**
* Update account private key
*
@@ -261,7 +252,7 @@ class AcmeClient {
const accountUrl = this.api.getAccountUrl();
/* Create new HTTP and API clients using new key */
const newHttpClient = new HttpClient(this.opts.directoryUrl, newAccountKey);
const newHttpClient = new HttpClient(this.opts.directoryUrl, newAccountKey, this.opts.externalAccountBinding);
const newApiClient = new AcmeApi(newHttpClient, accountUrl);
/* Get old JWK */
@@ -282,7 +273,6 @@ class AcmeClient {
return resp.data;
}
/**
* Create a new order
*
@@ -296,8 +286,8 @@ class AcmeClient {
* const order = await client.createOrder({
* identifiers: [
* { type: 'dns', value: 'example.com' },
* { type: 'dns', value: 'test.example.com' }
* ]
* { type: 'dns', value: 'test.example.com' },
* ],
* });
* ```
*/
@@ -314,7 +304,6 @@ class AcmeClient {
return resp.data;
}
/**
* Refresh order object from CA
*
@@ -376,7 +365,6 @@ class AcmeClient {
return resp.data;
}
/**
* Get identifier authorizations from order
*
@@ -406,7 +394,6 @@ class AcmeClient {
}));
}
/**
* Deactivate identifier authorization
*
@@ -427,10 +414,7 @@ class AcmeClient {
throw new Error('Unable to deactivate identifier authorization, URL not found');
}
const data = {
status: 'deactivated'
};
const data = { status: 'deactivated' };
const resp = await this.api.updateAuthorization(authz.url, data);
/* Add URL to response */
@@ -438,7 +422,6 @@ class AcmeClient {
return resp.data;
}
/**
* Get key authorization for ACME challenge
*
@@ -480,7 +463,6 @@ class AcmeClient {
throw new Error(`Unable to produce key authorization, unknown challenge type: ${challenge.type}`);
}
/**
* Verify that ACME challenge is satisfied
*
@@ -515,7 +497,6 @@ class AcmeClient {
return util.retry(verifyFn, this.backoffOpts);
}
/**
* Notify CA that challenge has been completed
*
@@ -536,7 +517,6 @@ class AcmeClient {
return resp.data;
}
/**
* Wait for ACME provider to verify status on a order, authorization or challenge
*
@@ -593,7 +573,6 @@ class AcmeClient {
return util.retry(verifyFn, this.backoffOpts);
}
/**
* Get certificate from ACME order
*
@@ -640,7 +619,6 @@ class AcmeClient {
return resp.data;
}
/**
* Revoke certificate
*
@@ -660,7 +638,7 @@ class AcmeClient {
* ```js
* const certificate = { ... }; // Previously created certificate
* const result = await client.revokeCertificate(certificate, {
* reason: 4
* reason: 4,
* });
* ```
*/
@@ -671,7 +649,6 @@ class AcmeClient {
return resp.data;
}
/**
* Auto mode
*
@@ -689,7 +666,7 @@ class AcmeClient {
* @example Order a certificate using auto mode
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
*
* const certificate = await client.auto({
@@ -701,14 +678,14 @@ class AcmeClient {
* },
* challengeRemoveFn: async (authz, challenge, keyAuthorization) => {
* // Clean up challenge here
* }
* },
* });
* ```
*
* @example Order a certificate using auto mode with preferred chain
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
*
* const certificate = await client.auto({
@@ -717,7 +694,7 @@ class AcmeClient {
* termsOfServiceAgreed: true,
* preferredChain: 'DST Root CA X3',
* challengeCreateFn: async () => {},
* challengeRemoveFn: async () => {}
* challengeRemoveFn: async () => {},
* });
* ```
*/
@@ -727,6 +704,5 @@ class AcmeClient {
}
}
/* Export client */
module.exports = AcmeClient;

49
packages/core/acme-client/src/crypto/forge.js
View File

@@ -13,7 +13,6 @@ const forge = require('node-forge');
const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);
/**
* Attempt to parse forge object from PEM encoded string
*
@@ -54,7 +53,6 @@ function forgeObjectFromPem(input) {
return result;
}
/**
* Parse domain names from a certificate or CSR
*
@@ -93,11 +91,10 @@ function parseDomains(obj) {
return {
commonName,
altNames
altNames,
};
}
/**
* Generate a private RSA key
*
@@ -123,7 +120,6 @@ async function createPrivateKey(size = 2048) {
exports.createPrivateKey = createPrivateKey;
/**
* Create public key from a private RSA key
*
@@ -136,14 +132,13 @@ exports.createPrivateKey = createPrivateKey;
* ```
*/
exports.createPublicKey = async function(key) {
exports.createPublicKey = async (key) => {
const privateKey = forge.pki.privateKeyFromPem(key);
const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
const pemKey = forge.pki.publicKeyToPem(publicKey);
return Buffer.from(pemKey);
};
/**
* Parse body of PEM encoded object from buffer or string
* If multiple objects are chained, the first body will be returned
@@ -157,7 +152,6 @@ exports.getPemBody = (str) => {
return forge.util.encode64(msg.body);
};
/**
* Split chain of PEM encoded objects from buffer or string into array
*
@@ -167,7 +161,6 @@ exports.getPemBody = (str) => {
exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
/**
* Get modulus
*
@@ -182,7 +175,7 @@ exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
* ```
*/
exports.getModulus = async function(input) {
exports.getModulus = async (input) => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -191,7 +184,6 @@ exports.getModulus = async function(input) {
return Buffer.from(forge.util.hexToBytes(obj.n.toString(16)), 'binary');
};
/**
* Get public exponent
*
@@ -206,7 +198,7 @@ exports.getModulus = async function(input) {
* ```
*/
exports.getPublicExponent = async function(input) {
exports.getPublicExponent = async (input) => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -215,7 +207,6 @@ exports.getPublicExponent = async function(input) {
return Buffer.from(forge.util.hexToBytes(obj.e.toString(16)), 'binary');
};
/**
* Read domains from a Certificate Signing Request
*
@@ -231,7 +222,7 @@ exports.getPublicExponent = async function(input) {
* ```
*/
exports.readCsrDomains = async function(csr) {
exports.readCsrDomains = async (csr) => {
if (!Buffer.isBuffer(csr)) {
csr = Buffer.from(csr);
}
@@ -240,7 +231,6 @@ exports.readCsrDomains = async function(csr) {
return parseDomains(obj);
};
/**
* Read information from a certificate
*
@@ -260,7 +250,7 @@ exports.readCsrDomains = async function(csr) {
* ```
*/
exports.readCertificateInfo = async function(cert) {
exports.readCertificateInfo = async (cert) => {
if (!Buffer.isBuffer(cert)) {
cert = Buffer.from(cert);
}
@@ -270,15 +260,14 @@ exports.readCertificateInfo = async function(cert) {
return {
issuer: {
commonName: issuerCn ? issuerCn.value : null
commonName: issuerCn ? issuerCn.value : null,
},
domains: parseDomains(obj),
notAfter: obj.validity.notAfter,
notBefore: obj.validity.notBefore
notBefore: obj.validity.notBefore,
};
};
/**
* Determine ASN.1 type for CSR subject short name
* Note: https://datatracker.ietf.org/doc/html/rfc5280
@@ -299,7 +288,6 @@ function getCsrValueTagClass(shortName) {
}
}
/**
* Create array of short names and values for Certificate Signing Request subjects
*
@@ -319,7 +307,6 @@ function createCsrSubject(subjectObj) {
}, []);
}
/**
* Create array of alt names for Certificate Signing Requests
* Note: https://github.com/digitalbazaar/forge/blob/dfdde475677a8a25c851e33e8f81dca60d90cfb9/lib/x509.js#L1444-L1454
@@ -336,7 +323,6 @@ function formatCsrAltNames(altNames) {
});
}
/**
* Create a Certificate Signing Request
*
@@ -356,29 +342,30 @@ function formatCsrAltNames(altNames) {
* @example Create a Certificate Signing Request
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
* ```
*
* @example Certificate Signing Request with both common and alternative names
* > *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* keySize: 4096,
* commonName: 'test.example.com',
* altNames: ['foo.example.com', 'bar.example.com']
* altNames: ['foo.example.com', 'bar.example.com'],
* });
* ```
*
* @example Certificate Signing Request with additional information
* ```js
* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com',
* altNames: ['test.example.com'],
* country: 'US',
* state: 'California',
* locality: 'Los Angeles',
* organization: 'The Company Inc.',
* organizationUnit: 'IT Department',
* emailAddress: 'contact@example.com'
* emailAddress: 'contact@example.com',
* });
* ```
*
@@ -387,11 +374,11 @@ function formatCsrAltNames(altNames) {
* const certificateKey = await acme.forge.createPrivateKey();
*
* const [, certificateRequest] = await acme.forge.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* }, certificateKey);
*/
exports.createCsr = async function(data, key = null) {
exports.createCsr = async (data, key = null) => {
if (!key) {
key = await createPrivateKey(data.keySize);
}
@@ -423,7 +410,7 @@ exports.createCsr = async function(data, key = null) {
L: data.locality,
O: data.organization,
OU: data.organizationUnit,
E: data.emailAddress
E: data.emailAddress,
});
csr.setSubject(subject);
@@ -434,8 +421,8 @@ exports.createCsr = async function(data, key = null) {
name: 'extensionRequest',
extensions: [{
name: 'subjectAltName',
altNames: formatCsrAltNames(data.altNames)
}]
altNames: formatCsrAltNames(data.altNames),
}],
}]);
}

65
packages/core/acme-client/src/crypto/index.js
View File

@@ -22,7 +22,6 @@ const subjectAltNameOID = '2.5.29.17';
/* id-pe-acmeIdentifier - https://datatracker.ietf.org/doc/html/rfc8737#section-6.1 */
const alpnAcmeIdentifierOID = '1.3.6.1.5.5.7.1.31';
/**
* Determine key type and info by attempting to derive public key
*
@@ -35,7 +34,7 @@ function getKeyInfo(keyPem) {
const result = {
isRSA: false,
isECDSA: false,
publicKey: crypto.createPublicKey(keyPem)
publicKey: crypto.createPublicKey(keyPem),
};
if (result.publicKey.asymmetricKeyType === 'rsa') {
@@ -51,7 +50,6 @@ function getKeyInfo(keyPem) {
return result;
}
/**
* Generate a private RSA key
*
@@ -74,8 +72,8 @@ async function createPrivateRsaKey(modulusLength = 2048) {
modulusLength,
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
format: 'pem',
},
});
return Buffer.from(pair.privateKey);
@@ -83,7 +81,6 @@ async function createPrivateRsaKey(modulusLength = 2048) {
exports.createPrivateRsaKey = createPrivateRsaKey;
/**
* Alias of `createPrivateRsaKey()`
*
@@ -92,7 +89,6 @@ exports.createPrivateRsaKey = createPrivateRsaKey;
exports.createPrivateKey = createPrivateRsaKey;
/**
* Generate a private ECDSA key
*
@@ -115,14 +111,13 @@ exports.createPrivateEcdsaKey = async (namedCurve = 'P-256') => {
namedCurve,
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
format: 'pem',
},
});
return Buffer.from(pair.privateKey);
};
/**
* Get a public key derived from a RSA or ECDSA key
*
@@ -140,13 +135,12 @@ exports.getPublicKey = (keyPem) => {
const publicKey = info.publicKey.export({
type: info.isECDSA ? 'spki' : 'pkcs1',
format: 'pem'
format: 'pem',
});
return Buffer.from(publicKey);
};
/**
* Get a JSON Web Key derived from a RSA or ECDSA key
*
@@ -163,7 +157,7 @@ exports.getPublicKey = (keyPem) => {
function getJwk(keyPem) {
const jwk = crypto.createPublicKey(keyPem).export({
format: 'jwk'
format: 'jwk',
});
/* Sort keys */
@@ -175,7 +169,6 @@ function getJwk(keyPem) {
exports.getJwk = getJwk;
/**
* Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
*
@@ -191,7 +184,7 @@ async function getWebCryptoKeyPair(keyPem) {
/* Signing algorithm */
const sigalg = {
name: 'RSASSA-PKCS1-v1_5',
hash: { name: 'SHA-256' }
hash: { name: 'SHA-256' },
};
if (info.isECDSA) {
@@ -215,7 +208,6 @@ async function getWebCryptoKeyPair(keyPem) {
return [{ privateKey, publicKey }, sigalg];
}
/**
* Split chain of PEM encoded objects from string into array
*
@@ -235,7 +227,6 @@ function splitPemChain(chainPem) {
exports.splitPemChain = splitPemChain;
/**
* Parse body of PEM encoded object and return a Base64URL string
* If multiple objects are chained, the first body will be returned
@@ -256,7 +247,6 @@ exports.getPemBodyAsB64u = (pem) => {
return Buffer.from(dec).toString('base64url');
};
/**
* Parse domains from a certificate or CSR
*
@@ -277,11 +267,10 @@ function parseDomains(input) {
return {
commonName,
altNames
altNames,
};
}
/**
* Read domains from a Certificate Signing Request
*
@@ -307,7 +296,6 @@ exports.readCsrDomains = (csrPem) => {
return parseDomains(csr);
};
/**
* Read information from a certificate
* If multiple certificates are chained, the first will be read
@@ -338,15 +326,14 @@ exports.readCertificateInfo = (certPem) => {
return {
issuer: {
commonName: cert.issuerName.getField('CN').pop() || null
commonName: cert.issuerName.getField('CN').pop() || null,
},
domains: parseDomains(cert),
notBefore: cert.notBefore,
notAfter: cert.notAfter
notAfter: cert.notAfter,
};
};
/**
* Determine ASN.1 character string type for CSR subject field name
*
@@ -369,7 +356,6 @@ function getCsrAsn1CharStringType(field) {
}
}
/**
* Create array of subject fields for a Certificate Signing Request
*
@@ -391,7 +377,6 @@ function createCsrSubject(input) {
}, []);
}
/**
* Create x509 subject alternate name extension
*
@@ -409,7 +394,6 @@ function createSubjectAltNameExtension(altNames) {
}));
}
/**
* Create a Certificate Signing Request
*
@@ -429,29 +413,30 @@ function createSubjectAltNameExtension(altNames) {
* @example Create a Certificate Signing Request
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* });
* ```
*
* @example Certificate Signing Request with both common and alternative names
* > *Warning*: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* keySize: 4096,
* commonName: 'test.example.com',
* altNames: ['foo.example.com', 'bar.example.com']
* altNames: ['foo.example.com', 'bar.example.com'],
* });
* ```
*
* @example Certificate Signing Request with additional information
* ```js
* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com',
* altNames: ['test.example.com'],
* country: 'US',
* state: 'California',
* locality: 'Los Angeles',
* organization: 'The Company Inc.',
* organizationUnit: 'IT Department',
* emailAddress: 'contact@example.com'
* emailAddress: 'contact@example.com',
* });
* ```
*
@@ -460,8 +445,9 @@ function createSubjectAltNameExtension(altNames) {
* const certificateKey = await acme.crypto.createPrivateEcdsaKey();
*
* const [, certificateRequest] = await acme.crypto.createCsr({
* commonName: 'test.example.com'
* altNames: ['test.example.com'],
* }, certificateKey);
* ```
*/
exports.createCsr = async (data, keyPem = null) => {
@@ -489,7 +475,7 @@ exports.createCsr = async (data, keyPem = null) => {
new x509.KeyUsagesExtension(x509.KeyUsageFlags.digitalSignature | x509.KeyUsageFlags.keyEncipherment), // eslint-disable-line no-bitwise
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
createSubjectAltNameExtension(data.altNames)
createSubjectAltNameExtension(data.altNames),
];
/* Create CSR */
@@ -504,8 +490,8 @@ exports.createCsr = async (data, keyPem = null) => {
L: data.locality,
O: data.organization,
OU: data.organizationUnit,
E: data.emailAddress
})
E: data.emailAddress,
}),
});
/* Done */
@@ -513,7 +499,6 @@ exports.createCsr = async (data, keyPem = null) => {
return [keyPem, Buffer.from(pem)];
};
/**
* Create a self-signed ALPN certificate for TLS-ALPN-01 challenges
*
@@ -533,6 +518,7 @@ exports.createCsr = async (data, keyPem = null) => {
* ```js
* const alpnKey = await acme.crypto.createPrivateEcdsaKey();
* const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAuthorization, alpnKey);
* ```
*/
exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
@@ -564,7 +550,7 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
await x509.SubjectKeyIdentifierExtension.create(keys.publicKey),
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
createSubjectAltNameExtension([commonName])
createSubjectAltNameExtension([commonName]),
];
/* ALPN extension */
@@ -581,8 +567,8 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
notBefore: now,
notAfter: now,
name: createCsrSubject({
CN: commonName
})
CN: commonName,
}),
});
/* Done */
@@ -590,7 +576,6 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
return [keyPem, Buffer.from(pem)];
};
/**
* Validate that a ALPN certificate contains the expected key authorization
*

17
packages/core/acme-client/src/http.js
View File

@@ -40,7 +40,6 @@ class HttpClient {
this.jwk = null;
}
/**
* HTTP request
*
@@ -70,7 +69,6 @@ class HttpClient {
return resp;
}
/**
* Ensure provider directory exists
*
@@ -95,7 +93,6 @@ class HttpClient {
}
}
/**
* Get JSON Web Key
*
@@ -110,7 +107,6 @@ class HttpClient {
return this.jwk;
}
/**
* Get nonce from directory API endpoint
*
@@ -130,7 +126,6 @@ class HttpClient {
return resp.headers['replay-nonce'];
}
/**
* Get URL for a directory resource
*
@@ -148,7 +143,6 @@ class HttpClient {
return this.directory[resource];
}
/**
* Get directory meta field
*
@@ -166,7 +160,6 @@ class HttpClient {
return null;
}
/**
* Prepare HTTP request body for signature
*
@@ -199,11 +192,10 @@ class HttpClient {
/* Body */
return {
payload: payload ? Buffer.from(JSON.stringify(payload)).toString('base64url') : '',
protected: Buffer.from(JSON.stringify(header)).toString('base64url')
protected: Buffer.from(JSON.stringify(header)).toString('base64url'),
};
}
/**
* Create JWS HTTP request body using HMAC
*
@@ -226,7 +218,6 @@ class HttpClient {
return result;
}
/**
* Create JWS HTTP request body using RSA or ECC
*
@@ -267,13 +258,12 @@ class HttpClient {
result.signature = signer.sign({
key: this.accountKey,
padding: RSA_PKCS1_PADDING,
dsaEncoding: 'ieee-p1363'
dsaEncoding: 'ieee-p1363',
}, 'base64url');
return result;
}
/**
* Signed HTTP request
*
@@ -309,7 +299,7 @@ class HttpClient {
const data = this.createSignedBody(url, payload, { nonce, kid });
const resp = await this.request(url, 'post', { data });
/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/draft-ietf-acme-acme-10#section-6.4 */
/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/rfc8555#section-6.5 */
if (resp.data && resp.data.type && (resp.status === 400) && (resp.data.type === 'urn:ietf:params:acme:error:badNonce') && (attempts < this.maxBadNonceRetries)) {
nonce = resp.headers['replay-nonce'] || null;
attempts += 1;
@@ -323,6 +313,5 @@ class HttpClient {
}
}
/* Export client */
module.exports = HttpClient;

13
packages/core/acme-client/src/index.js
View File

@@ -4,7 +4,6 @@
exports.Client = require('./client');
/**
* Directory URLs
*/
@@ -12,18 +11,18 @@ exports.Client = require('./client');
exports.directory = {
buypass: {
staging: 'https://api.test4.buypass.no/acme/directory',
production: 'https://api.buypass.com/acme/directory'
production: 'https://api.buypass.com/acme/directory',
},
letsencrypt: {
staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
production: 'https://acme-v02.api.letsencrypt.org/directory'
production: 'https://acme-v02.api.letsencrypt.org/directory',
},
zerossl: {
production: 'https://acme.zerossl.com/v2/DV90'
}
staging: 'https://acme.zerossl.com/v2/DV90',
production: 'https://acme.zerossl.com/v2/DV90',
},
};
/**
* Crypto
*/
@@ -31,14 +30,12 @@ exports.directory = {
exports.crypto = require('./crypto');
exports.forge = require('./crypto/forge');
/**
* Axios
*/
exports.axios = require('./axios');
/**
* Logger
*/

4
packages/core/acme-client/src/logger.js
View File

@@ -6,7 +6,6 @@ const debug = require('debug')('acme-client');
let logger = () => {};
/**
* Set logger function
*
@@ -17,11 +16,10 @@ exports.setLogger = (fn) => {
logger = fn;
};
/**
* Log message
*
* @param {string} Message
* @param {string} msg Message
*/
exports.log = (msg) => {

15
packages/core/acme-client/src/util.js
View File

@@ -7,7 +7,6 @@ const dns = require('dns').promises;
const { readCertificateInfo, splitPemChain } = require('./crypto');
const { log } = require('./logger');
/**
* Exponential backoff
*
@@ -26,7 +25,6 @@ class Backoff {
this.attempts = 0;
}
/**
* Get backoff duration
*
@@ -40,7 +38,6 @@ class Backoff {
}
}
/**
* Retry promise
*
@@ -70,7 +67,6 @@ async function retryPromise(fn, attempts, backoff) {
}
}
/**
* Retry promise
*
@@ -87,7 +83,6 @@ function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
return retryPromise(fn, attempts, backoff);
}
/**
* Parse URLs from link header
*
@@ -107,7 +102,6 @@ function parseLinkHeader(header, rel = 'alternate') {
return results.filter((r) => r);
}
/**
* Find certificate chain with preferred issuer common name
* - If issuer is found in multiple chains, the closest to root wins
@@ -157,7 +151,6 @@ function findCertificateChainForIssuer(chains, issuer) {
return chains[0];
}
/**
* Find and format error in response object
*
@@ -178,7 +171,6 @@ function formatResponseError(resp) {
return result.replace(/\n/g, '');
}
/**
* Resolve root domain name by looking for SOA record
*
@@ -204,7 +196,6 @@ async function resolveDomainBySoaRecord(recordName) {
}
}
/**
* Get DNS resolver using domains authoritative NS records
*
@@ -245,7 +236,6 @@ async function getAuthoritativeDnsResolver(recordName) {
return resolver;
}
/**
* Attempt to retrieve TLS ALPN certificate from peer
*
@@ -267,7 +257,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
port,
servername: host,
rejectUnauthorized: false,
ALPNProtocols: ['acme-tls/1']
ALPNProtocols: ['acme-tls/1'],
});
socket.setTimeout(timeout);
@@ -299,7 +289,6 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
});
}
/**
* Export utils
*/
@@ -310,5 +299,5 @@ module.exports = {
findCertificateChainForIssuer,
formatResponseError,
getAuthoritativeDnsResolver,
retrieveTlsAlpnCertificate
retrieveTlsAlpnCertificate,
};

31
packages/core/acme-client/src/verify.js
View File

@@ -9,7 +9,6 @@ const axios = require('./axios');
const util = require('./util');
const { isAlpnCertificateAuthorizationValid } = require('./crypto');
/**
* Verify ACME HTTP challenge
*
@@ -43,25 +42,24 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
return true;
}
/**
* Walk DNS until TXT records are found
*/
async function walkDnsChallengeRecord(recordName, resolver = dns) {
/* Resolve CNAME record first */
try {
log(`Checking name for CNAME records: ${recordName}`);
const cnameRecords = await resolver.resolveCname(recordName);
if (cnameRecords.length) {
log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
return walkDnsChallengeRecord(cnameRecords[0]);
}
}
catch (e) {
log(`No CNAME records found for name: ${recordName}`);
}
// try {
// log(`Checking name for CNAME records: ${recordName}`);
// const cnameRecords = await resolver.resolveCname(recordName);
//
// if (cnameRecords.length) {
// log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
// return walkDnsChallengeRecord(cnameRecords[0]);
// }
// }
// catch (e) {
// log(`No CNAME records found for name: ${recordName}`);
// }
/* Resolve TXT records */
try {
@@ -81,7 +79,6 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
throw new Error(`No TXT records found for name: ${recordName}`);
}
/**
* Verify ACME DNS challenge
*
@@ -121,7 +118,6 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
return true;
}
/**
* Verify ACME TLS ALPN challenge
*
@@ -149,7 +145,6 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
return true;
}
/**
* Export API
*/
@@ -157,5 +152,5 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
module.exports = {
'http-01': verifyHttpChallenge,
'dns-01': verifyDnsChallenge,
'tls-alpn-01': verifyTlsAlpnChallenge
'tls-alpn-01': verifyTlsAlpnChallenge,
};

9
packages/core/acme-client/src/wait.js Normal file
View File

@@ -0,0 +1,9 @@
async function wait(ms) {
return new Promise((resolve) => {
setTimeout(resolve, ms);
});
}
module.exports = {
wait
};

11
packages/core/acme-client/test/00-pebble.spec.js
View File

@@ -16,7 +16,6 @@ const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
describe('pebble', () => {
const httpsAgent = new https.Agent({ rejectUnauthorized: false });
@@ -39,18 +38,16 @@ describe('pebble', () => {
const testTlsAlpn01ChallengeHost = `${uuid()}.${domainName}`;
const testTlsAlpn01ChallengeValue = uuid();
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* DNS mocking
*/
@@ -92,7 +89,6 @@ describe('pebble', () => {
});
});
/**
* HTTP-01 challenge response
*/
@@ -118,7 +114,6 @@ describe('pebble', () => {
});
});
/**
* HTTPS-01 challenge response
*/
@@ -143,7 +138,7 @@ describe('pebble', () => {
/* Assert HTTP 302 */
const resp = await axios.get(`http://${testHttps01ChallengeHost}:${httpPort}/.well-known/acme-challenge/${testHttps01ChallengeToken}`, {
maxRedirects: 0,
validateStatus: null
validateStatus: null,
});
assert.strictEqual(resp.status, 302);
@@ -165,7 +160,6 @@ describe('pebble', () => {
});
});
/**
* DNS-01 challenge response
*/
@@ -188,7 +182,6 @@ describe('pebble', () => {
});
});
/**
* TLS-ALPN-01 challenge response
*/

5
packages/core/acme-client/test/10-http.spec.js
View File

@@ -9,7 +9,6 @@ const axios = require('./../src/axios');
const HttpClient = require('./../src/http');
const pkg = require('./../package.json');
describe('http', () => {
let testClient;
@@ -20,7 +19,6 @@ describe('http', () => {
const defaultUaEndpoint = `http://${uuid()}.example.com`;
const customUaEndpoint = `http://${uuid()}.example.com`;
/**
* HTTP mocking
*/
@@ -43,7 +41,6 @@ describe('http', () => {
axios.defaults.headers.common['User-Agent'] = defaultUserAgent;
});
/**
* Initialize
*/
@@ -52,7 +49,6 @@ describe('http', () => {
testClient = new HttpClient();
});
/**
* HTTP verbs
*/
@@ -65,7 +61,6 @@ describe('http', () => {
assert.strictEqual(resp.data, 'ok');
});
/**
* User-Agent
*/

3
packages/core/acme-client/test/10-logger.spec.js
View File

@@ -5,7 +5,6 @@
const { assert } = require('chai');
const logger = require('./../src/logger');
describe('logger', () => {
let lastLogMessage = null;
@@ -13,7 +12,6 @@ describe('logger', () => {
lastLogMessage = msg;
}
/**
* Logger
*/
@@ -23,7 +21,6 @@ describe('logger', () => {
assert.isNull(lastLogMessage);
});
it('should log with custom logger', () => {
logger.setLogger(customLoggerFn);

9
packages/core/acme-client/test/10-verify.spec.js
View File

@@ -9,7 +9,6 @@ const verify = require('./../src/verify');
const domainName = process.env.ACME_DOMAIN_NAME || 'example.com';
describe('verify', () => {
const challengeTypes = ['http-01', 'dns-01'];
@@ -30,18 +29,16 @@ describe('verify', () => {
const testTlsAlpn01Challenge = { type: 'dns-01', status: 'pending', token: uuid() };
const testTlsAlpn01Key = uuid();
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* API
*/
@@ -50,7 +47,6 @@ describe('verify', () => {
assert.containsAllKeys(verify, challengeTypes);
});
/**
* http-01
*/
@@ -81,7 +77,6 @@ describe('verify', () => {
});
});
/**
* https-01
*/
@@ -102,7 +97,6 @@ describe('verify', () => {
});
});
/**
* dns-01
*/
@@ -133,7 +127,6 @@ describe('verify', () => {
});
});
/**
* tls-alpn-01
*/

19
packages/core/acme-client/test/20-crypto-legacy.spec.js
View File

@@ -9,10 +9,9 @@ const spec = require('./spec');
const forge = require('./../src/crypto/forge');
const cryptoEngines = {
forge
forge,
};
describe('crypto-legacy', () => {
let testPemKey;
let testCert;
@@ -28,7 +27,6 @@ describe('crypto-legacy', () => {
const testCertPath = path.join(__dirname, 'fixtures', 'certificate.crt');
const testSanCertPath = path.join(__dirname, 'fixtures', 'san-certificate.crt');
/**
* Fixtures
*/
@@ -50,7 +48,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Engines
*/
@@ -62,7 +59,6 @@ describe('crypto-legacy', () => {
let testNonCnCsr;
let testNonAsciiCsr;
/**
* Key generation
*/
@@ -83,14 +79,13 @@ describe('crypto-legacy', () => {
publicKeyStore.push(key.toString().replace(/[\r\n]/gm, ''));
});
/**
* Certificate Signing Request
*/
it('should generate a csr', async () => {
const [key, csr] = await engine.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
});
assert.isTrue(Buffer.isBuffer(key));
@@ -102,7 +97,7 @@ describe('crypto-legacy', () => {
it('should generate a san csr', async () => {
const [key, csr] = await engine.createCsr({
commonName: testSanCsrDomains[0],
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length)
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length),
});
assert.isTrue(Buffer.isBuffer(key));
@@ -113,7 +108,7 @@ describe('crypto-legacy', () => {
it('should generate a csr without common name', async () => {
const [key, csr] = await engine.createCsr({
altNames: testSanCsrDomains
altNames: testSanCsrDomains,
});
assert.isTrue(Buffer.isBuffer(key));
@@ -126,7 +121,7 @@ describe('crypto-legacy', () => {
const [key, csr] = await engine.createCsr({
commonName: testCsrDomain,
organization: '大安區',
organizationUnit: '中文部門'
organizationUnit: '中文部門',
});
assert.isTrue(Buffer.isBuffer(key));
@@ -167,7 +162,6 @@ describe('crypto-legacy', () => {
assert.deepStrictEqual(result.altNames, [testCsrDomain]);
});
/**
* Certificate
*/
@@ -188,7 +182,6 @@ describe('crypto-legacy', () => {
assert.deepEqual(info.domains.altNames, testSanCsrDomains.slice(1, testSanCsrDomains.length));
});
/**
* PEM utils
*/
@@ -214,7 +207,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Modulus and exponent
*/
@@ -246,7 +238,6 @@ describe('crypto-legacy', () => {
});
});
/**
* Verify identical results
*/

37
packages/core/acme-client/test/20-crypto.spec.js
View File

@@ -50,7 +50,6 @@ dGVzdGluZ3Rlc3Rpbmd0ZXN0aW5ndGVzdGluZ3Rlc3Rpbmd0ZXN0aW5ndGVzdGluZ3Rlc3Rpbmd0ZXN0
-----END TEST-----
`;
describe('crypto', () => {
const testCsrDomain = 'example.com';
const testSanCsrDomains = ['example.com', 'test.example.com', 'abc.example.com'];
@@ -58,7 +57,6 @@ describe('crypto', () => {
const testCertPath = path.join(__dirname, 'fixtures', 'certificate.crt');
const testSanCertPath = path.join(__dirname, 'fixtures', 'san-certificate.crt');
/**
* Key types
*/
@@ -68,24 +66,23 @@ describe('crypto', () => {
createKeyFns: {
s1024: () => crypto.createPrivateRsaKey(1024),
s2048: () => crypto.createPrivateRsaKey(),
s4096: () => crypto.createPrivateRsaKey(4096)
s4096: () => crypto.createPrivateRsaKey(4096),
},
jwkSpecFn: spec.jwk.rsa
jwkSpecFn: spec.jwk.rsa,
},
ecdsa: {
createKeyFns: {
p256: () => crypto.createPrivateEcdsaKey(),
p384: () => crypto.createPrivateEcdsaKey('P-384'),
p521: () => crypto.createPrivateEcdsaKey('P-521')
p521: () => crypto.createPrivateEcdsaKey('P-521'),
},
jwkSpecFn: spec.jwk.ecdsa
}
jwkSpecFn: spec.jwk.ecdsa,
},
}).forEach(([name, { createKeyFns, jwkSpecFn }]) => {
describe(name, () => {
const testPrivateKeys = {};
const testPublicKeys = {};
/**
* Iterate through all generator variations
*/
@@ -97,7 +94,6 @@ describe('crypto', () => {
let testNonAsciiCsr;
let testAlpnCertificate;
/**
* Keys and JWK
*/
@@ -132,14 +128,13 @@ describe('crypto', () => {
jwkSpecFn(jwk);
});
/**
* Certificate Signing Request
*/
it(`${n}/should generate a csr`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -151,7 +146,7 @@ describe('crypto', () => {
it(`${n}/should generate a san csr`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testSanCsrDomains[0],
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length)
altNames: testSanCsrDomains.slice(1, testSanCsrDomains.length),
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -162,7 +157,7 @@ describe('crypto', () => {
it(`${n}/should generate a csr without common name`, async () => {
const [key, csr] = await crypto.createCsr({
altNames: testSanCsrDomains
altNames: testSanCsrDomains,
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -175,7 +170,7 @@ describe('crypto', () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain,
organization: '大安區',
organizationUnit: '中文部門'
organizationUnit: '中文部門',
}, testPrivateKeys[n]);
assert.isTrue(Buffer.isBuffer(key));
@@ -186,7 +181,7 @@ describe('crypto', () => {
it(`${n}/should generate a csr with key as string`, async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPrivateKeys[n].toString());
assert.isTrue(Buffer.isBuffer(key));
@@ -195,11 +190,10 @@ describe('crypto', () => {
it(`${n}/should throw with invalid key`, async () => {
await assert.isRejected(crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
}, testPublicKeys[n]));
});
/**
* Domain and info resolver
*/
@@ -243,7 +237,6 @@ describe('crypto', () => {
});
});
/**
* ALPN
*/
@@ -284,7 +277,6 @@ describe('crypto', () => {
});
});
/**
* Common functionality
*/
@@ -294,7 +286,6 @@ describe('crypto', () => {
let testCert;
let testSanCert;
it('should read private key fixture', async () => {
testPemKey = await fs.readFile(testKeyPath);
assert.isTrue(Buffer.isBuffer(testPemKey));
@@ -310,21 +301,19 @@ describe('crypto', () => {
assert.isTrue(Buffer.isBuffer(testSanCert));
});
/**
* CSR with auto-generated key
*/
it('should generate a csr with default key', async () => {
const [key, csr] = await crypto.createCsr({
commonName: testCsrDomain
commonName: testCsrDomain,
});
assert.isTrue(Buffer.isBuffer(key));
assert.isTrue(Buffer.isBuffer(csr));
});
/**
* Certificate
*/
@@ -352,7 +341,6 @@ describe('crypto', () => {
});
});
/**
* ALPN
*/
@@ -365,7 +353,6 @@ describe('crypto', () => {
assert.isTrue(Buffer.isBuffer(cert));
});
/**
* PEM utils
*/

94
packages/core/acme-client/test/50-client.spec.js
View File

@@ -20,35 +20,32 @@ const clientOpts = {
directoryUrl,
backoffAttempts: 5,
backoffMin: 1000,
backoffMax: 5000
backoffMax: 5000,
};
if (capEabEnabled && process.env.ACME_EAB_KID && process.env.ACME_EAB_HMAC_KEY) {
clientOpts.externalAccountBinding = {
kid: process.env.ACME_EAB_KID,
hmacKey: process.env.ACME_EAB_HMAC_KEY
hmacKey: process.env.ACME_EAB_HMAC_KEY,
};
}
describe('client', () => {
const testDomain = `${uuid()}.${domainName}`;
const testDomainAlpn = `${uuid()}.${domainName}`;
const testDomainWildcard = `*.${testDomain}`;
const testContact = `mailto:test-${uuid()}@nope.com`;
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* Key types
*/
@@ -58,18 +55,18 @@ describe('client', () => {
createKeyFn: () => acme.crypto.createPrivateRsaKey(),
createKeyAltFns: {
s1024: () => acme.crypto.createPrivateRsaKey(1024),
s4096: () => acme.crypto.createPrivateRsaKey(4096)
s4096: () => acme.crypto.createPrivateRsaKey(4096),
},
jwkSpecFn: spec.jwk.rsa
jwkSpecFn: spec.jwk.rsa,
},
ecdsa: {
createKeyFn: () => acme.crypto.createPrivateEcdsaKey(),
createKeyAltFns: {
p384: () => acme.crypto.createPrivateEcdsaKey('P-384'),
p521: () => acme.crypto.createPrivateEcdsaKey('P-521')
p521: () => acme.crypto.createPrivateEcdsaKey('P-521'),
},
jwkSpecFn: spec.jwk.ecdsa
}
jwkSpecFn: spec.jwk.ecdsa,
},
}).forEach(([name, { createKeyFn, createKeyAltFns, jwkSpecFn }]) => {
describe(name, () => {
let testIssuers;
@@ -97,7 +94,6 @@ describe('client', () => {
let testCertificateAlpn;
let testCertificateWildcard;
/**
* Fixtures
*/
@@ -114,11 +110,11 @@ describe('client', () => {
it('should generate certificate signing request', async () => {
[, testCsr] = await acme.crypto.createCsr({ commonName: testDomain }, await createKeyFn());
[, testCsrAlpn] = await acme.crypto.createCsr({ commonName: testDomainAlpn }, await createKeyFn());
[, testCsrWildcard] = await acme.crypto.createCsr({ commonName: testDomainWildcard }, await createKeyFn());
[, testCsrAlpn] = await acme.crypto.createCsr({ altNames: [testDomainAlpn] }, await createKeyFn());
[, testCsrWildcard] = await acme.crypto.createCsr({ altNames: [testDomainWildcard] }, await createKeyFn());
});
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -134,7 +130,6 @@ describe('client', () => {
});
});
/**
* Initialize clients
*/
@@ -142,7 +137,7 @@ describe('client', () => {
it('should initialize client', () => {
testClient = new acme.Client({
...clientOpts,
accountKey: testAccountKey
accountKey: testAccountKey,
});
});
@@ -151,12 +146,11 @@ describe('client', () => {
jwkSpecFn(jwk);
});
/**
* Terms of Service
*/
it('should produce tos url [ACME_CAP_META_TOS_FIELD]', async function() {
it('should produce tos url [ACME_CAP_META_TOS_FIELD]', async function () {
if (!capMetaTosField) {
this.skip();
}
@@ -165,7 +159,7 @@ describe('client', () => {
assert.isString(tos);
});
it('should not produce tos url [!ACME_CAP_META_TOS_FIELD]', async function() {
it('should not produce tos url [!ACME_CAP_META_TOS_FIELD]', async function () {
if (capMetaTosField) {
this.skip();
}
@@ -174,12 +168,11 @@ describe('client', () => {
assert.isNull(tos);
});
/**
* Create account
*/
it('should refuse account creation without tos [ACME_CAP_META_TOS_FIELD]', async function() {
it('should refuse account creation without tos [ACME_CAP_META_TOS_FIELD]', async function () {
if (!capMetaTosField) {
this.skip();
}
@@ -187,7 +180,7 @@ describe('client', () => {
await assert.isRejected(testClient.createAccount());
});
it('should refuse account creation without eab [ACME_CAP_EAB_ENABLED]', async function() {
it('should refuse account creation without eab [ACME_CAP_EAB_ENABLED]', async function () {
if (!capEabEnabled) {
this.skip();
}
@@ -195,17 +188,17 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
externalAccountBinding: null
externalAccountBinding: null,
});
await assert.isRejected(client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
}));
});
it('should create an account', async () => {
testAccount = await testClient.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
spec.rfc8555.account(testAccount);
@@ -217,7 +210,6 @@ describe('client', () => {
assert.isString(testAccountUrl);
});
/**
* Create account with alternate key sizes
*/
@@ -226,11 +218,11 @@ describe('client', () => {
it(`should create account with key=${k}`, async () => {
const client = new acme.Client({
...clientOpts,
accountKey: await altKeyFn()
accountKey: await altKeyFn(),
});
const account = await client.createAccount({
termsOfServiceAgreed: true
termsOfServiceAgreed: true,
});
spec.rfc8555.account(account);
@@ -238,7 +230,6 @@ describe('client', () => {
});
});
/**
* Find existing account using secondary client
*/
@@ -246,22 +237,22 @@ describe('client', () => {
it('should throw when trying to find account using invalid account key', async () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountSecondaryKey
accountKey: testAccountSecondaryKey,
});
await assert.isRejected(client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
}));
});
it('should find existing account using account key', async () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey
accountKey: testAccountKey,
});
const account = await client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -269,7 +260,6 @@ describe('client', () => {
assert.deepStrictEqual(account.key, testAccount.key);
});
/**
* Account URL
*/
@@ -278,7 +268,7 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
accountUrl: 'https://acme-staging-v02.api.letsencrypt.org/acme/acct/1'
accountUrl: 'https://acme-staging-v02.api.letsencrypt.org/acme/acct/1',
});
await assert.isRejected(client.updateAccount());
@@ -288,11 +278,11 @@ describe('client', () => {
const client = new acme.Client({
...clientOpts,
accountKey: testAccountKey,
accountUrl: testAccountUrl
accountUrl: testAccountUrl,
});
const account = await client.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -300,7 +290,6 @@ describe('client', () => {
assert.deepStrictEqual(account.key, testAccount.key);
});
/**
* Update account contact info
*/
@@ -316,12 +305,11 @@ describe('client', () => {
assert.include(account.contact, testContact);
});
/**
* Change account private key
*/
it('should change account private key [ACME_CAP_UPDATE_ACCOUNT_KEY]', async function() {
it('should change account private key [ACME_CAP_UPDATE_ACCOUNT_KEY]', async function () {
if (!capUpdateAccountKey) {
this.skip();
}
@@ -329,7 +317,7 @@ describe('client', () => {
await testClient.updateAccountKey(testAccountSecondaryKey);
const account = await testClient.createAccount({
onlyReturnExisting: true
onlyReturnExisting: true,
});
spec.rfc8555.account(account);
@@ -337,7 +325,6 @@ describe('client', () => {
assert.notDeepEqual(account.key, testAccount.key);
});
/**
* Create new certificate order
*/
@@ -357,7 +344,6 @@ describe('client', () => {
});
});
/**
* Get status of existing certificate order
*/
@@ -371,7 +357,6 @@ describe('client', () => {
}));
});
/**
* Get identifier authorization
*/
@@ -401,7 +386,6 @@ describe('client', () => {
});
});
/**
* Generate challenge key authorization
*/
@@ -418,7 +402,6 @@ describe('client', () => {
[testKeyAuthorization, testKeyAuthorizationAlpn, testKeyAuthorizationWildcard].forEach((k) => assert.isString(k));
});
/**
* Deactivate identifier authorization
*/
@@ -427,8 +410,8 @@ describe('client', () => {
const order = await testClient.createOrder({
identifiers: [
{ type: 'dns', value: `${uuid()}.${domainName}` },
{ type: 'dns', value: `${uuid()}.${domainName}` }
]
{ type: 'dns', value: `${uuid()}.${domainName}` },
],
});
const authzCollection = await testClient.getAuthorizations(order);
@@ -445,7 +428,6 @@ describe('client', () => {
});
});
/**
* Verify satisfied challenge
*/
@@ -460,7 +442,6 @@ describe('client', () => {
await testClient.verifyChallenge(testAuthzWildcard, testChallengeWildcard);
});
/**
* Complete challenge
*/
@@ -474,7 +455,6 @@ describe('client', () => {
}));
});
/**
* Wait for valid challenge
*/
@@ -483,7 +463,6 @@ describe('client', () => {
await Promise.all([testChallenge, testChallengeAlpn, testChallengeWildcard].map(async (c) => testClient.waitForValidStatus(c)));
});
/**
* Finalize order
*/
@@ -500,7 +479,6 @@ describe('client', () => {
assert.strictEqual(testOrderWildcard.url, finalizeWildcard.url);
});
/**
* Wait for valid order
*/
@@ -509,7 +487,6 @@ describe('client', () => {
await Promise.all([testOrder, testOrderAlpn, testOrderWildcard].map(async (o) => testClient.waitForValidStatus(o)));
});
/**
* Get certificate
*/
@@ -525,7 +502,7 @@ describe('client', () => {
});
});
it('should get alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -539,7 +516,7 @@ describe('client', () => {
}));
});
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -551,7 +528,6 @@ describe('client', () => {
assert.strictEqual(testIssuers[0], info.issuer.commonName);
});
/**
* Revoke certificate
*/
@@ -568,7 +544,6 @@ describe('client', () => {
await assert.isRejected(testClient.getCertificate(testOrderWildcard));
});
/**
* Deactivate account
*/
@@ -581,7 +556,6 @@ describe('client', () => {
assert.strictEqual(account.status, 'deactivated');
});
/**
* Verify that no new orders can be made
*/

104
packages/core/acme-client/test/70-auto.spec.js
View File

@@ -18,17 +18,16 @@ const clientOpts = {
directoryUrl,
backoffAttempts: 5,
backoffMin: 1000,
backoffMax: 5000
backoffMax: 5000,
};
if (capEabEnabled && process.env.ACME_EAB_KID && process.env.ACME_EAB_HMAC_KEY) {
clientOpts.externalAccountBinding = {
kid: process.env.ACME_EAB_KID,
hmacKey: process.env.ACME_EAB_HMAC_KEY
hmacKey: process.env.ACME_EAB_HMAC_KEY,
};
}
describe('client.auto', () => {
const testDomain = `${uuid()}.${domainName}`;
const testHttpDomain = `${uuid()}.${domainName}`;
@@ -40,21 +39,19 @@ describe('client.auto', () => {
const testSanDomains = [
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`
`${uuid()}.${domainName}`,
];
/**
* Pebble CTS required
*/
before(function() {
before(function () {
if (!cts.isEnabled()) {
this.skip();
}
});
/**
* Key types
*/
@@ -64,16 +61,16 @@ describe('client.auto', () => {
createKeyFn: () => acme.crypto.createPrivateRsaKey(),
createKeyAltFns: {
s1024: () => acme.crypto.createPrivateRsaKey(1024),
s4096: () => acme.crypto.createPrivateRsaKey(4096)
}
s4096: () => acme.crypto.createPrivateRsaKey(4096),
},
},
ecdsa: {
createKeyFn: () => acme.crypto.createPrivateEcdsaKey(),
createKeyAltFns: {
p384: () => acme.crypto.createPrivateEcdsaKey('P-384'),
p521: () => acme.crypto.createPrivateEcdsaKey('P-521')
}
}
p521: () => acme.crypto.createPrivateEcdsaKey('P-521'),
},
},
}).forEach(([name, { createKeyFn, createKeyAltFns }]) => {
describe(name, () => {
let testIssuers;
@@ -82,12 +79,11 @@ describe('client.auto', () => {
let testSanCertificate;
let testWildcardCertificate;
/**
* Fixtures
*/
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should resolve certificate issuers [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
@@ -103,7 +99,6 @@ describe('client.auto', () => {
});
});
/**
* Initialize client
*/
@@ -111,31 +106,30 @@ describe('client.auto', () => {
it('should initialize client', async () => {
testClient = new acme.Client({
...clientOpts,
accountKey: await createKeyFn()
accountKey: await createKeyFn(),
});
});
/**
* Invalid challenge response
*/
it('should throw on invalid challenge response', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeNoopFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}), /^authorization not found/i);
});
it('should throw on invalid challenge response with opts.skipChallengeVerification=true', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
@@ -143,38 +137,37 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
skipChallengeVerification: true,
challengeCreateFn: cts.challengeNoopFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}));
});
/**
* Challenge function exceptions
*/
it('should throw on challengeCreate exception', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
await assert.isRejected(testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeThrowFn,
challengeRemoveFn: cts.challengeNoopFn
challengeRemoveFn: cts.challengeNoopFn,
}), /^oops$/);
});
it('should not throw on challengeRemove exception', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeThrowFn
challengeRemoveFn: cts.challengeThrowFn,
});
assert.isString(cert);
@@ -188,8 +181,8 @@ describe('client.auto', () => {
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`,
`${uuid()}.${domainName}`
]
`${uuid()}.${domainName}`,
],
}, await createKeyFn());
await assert.isRejected(testClient.auto({
@@ -205,28 +198,27 @@ describe('client.auto', () => {
results.push(true);
return cts.challengeCreateFn(...args);
},
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
}));
assert.strictEqual(results.length, 5);
assert.deepStrictEqual(results, [false, false, false, true, true]);
});
/**
* Order certificates
*/
it('should order certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDomain
commonName: testDomain,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -235,7 +227,7 @@ describe('client.auto', () => {
it('should order certificate using http-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testHttpDomain
commonName: testHttpDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -243,7 +235,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertHttpChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['http-01']
challengePriority: ['http-01'],
});
assert.isString(cert);
@@ -251,7 +243,7 @@ describe('client.auto', () => {
it('should order certificate using https-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testHttpsDomain
commonName: testHttpsDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -259,7 +251,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertHttpsChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['http-01']
challengePriority: ['http-01'],
});
assert.isString(cert);
@@ -267,7 +259,7 @@ describe('client.auto', () => {
it('should order certificate using dns-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDnsDomain
commonName: testDnsDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -275,7 +267,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertDnsChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['dns-01']
challengePriority: ['dns-01'],
});
assert.isString(cert);
@@ -283,7 +275,7 @@ describe('client.auto', () => {
it('should order certificate using tls-alpn-01', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testAlpnDomain
commonName: testAlpnDomain,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -291,7 +283,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
challengeCreateFn: cts.assertTlsAlpnChallengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn,
challengePriority: ['tls-alpn-01']
challengePriority: ['tls-alpn-01'],
});
assert.isString(cert);
@@ -299,15 +291,14 @@ describe('client.auto', () => {
it('should order san certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testSanDomains[0],
altNames: testSanDomains
altNames: testSanDomains,
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -316,15 +307,14 @@ describe('client.auto', () => {
it('should order wildcard certificate', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testWildcardDomain,
altNames: [`*.${testWildcardDomain}`]
altNames: [testWildcardDomain, `*.${testWildcardDomain}`],
}, await createKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
@@ -333,7 +323,7 @@ describe('client.auto', () => {
it('should order certificate with opts.skipChallengeVerification=true', async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -341,20 +331,20 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
skipChallengeVerification: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
});
it('should order alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should order alternate certificate chain [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
await Promise.all(testIssuers.map(async (issuer) => {
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -362,7 +352,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
preferredChain: issuer,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
const rootCert = acme.crypto.splitPemChain(cert).pop();
@@ -372,13 +362,13 @@ describe('client.auto', () => {
}));
});
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function() {
it('should get default chain with invalid preference [ACME_CAP_ALTERNATE_CERT_ROOTS]', async function () {
if (!capAlternateCertRoots) {
this.skip();
}
const [, csr] = await acme.crypto.createCsr({
commonName: `${uuid()}.${domainName}`
commonName: `${uuid()}.${domainName}`,
}, await createKeyFn());
const cert = await testClient.auto({
@@ -386,7 +376,7 @@ describe('client.auto', () => {
termsOfServiceAgreed: true,
preferredChain: uuid(),
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
const rootCert = acme.crypto.splitPemChain(cert).pop();
@@ -395,7 +385,6 @@ describe('client.auto', () => {
assert.strictEqual(testIssuers[0], info.issuer.commonName);
});
/**
* Order certificate with alternate key sizes
*/
@@ -403,21 +392,20 @@ describe('client.auto', () => {
Object.entries(createKeyAltFns).forEach(([k, altKeyFn]) => {
it(`should order certificate with key=${k}`, async () => {
const [, csr] = await acme.crypto.createCsr({
commonName: testDomain
commonName: testDomain,
}, await altKeyFn());
const cert = await testClient.auto({
csr,
termsOfServiceAgreed: true,
challengeCreateFn: cts.challengeCreateFn,
challengeRemoveFn: cts.challengeRemoveFn
challengeRemoveFn: cts.challengeRemoveFn,
});
assert.isString(cert);
});
});
/**
* Read certificates
*/

9
packages/core/acme-client/test/challtestsrv.js
View File

@@ -8,7 +8,6 @@ const axios = require('./../src/axios');
const apiBaseUrl = process.env.ACME_CHALLTESTSRV_URL || null;
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
/**
* Send request
*/
@@ -21,20 +20,18 @@ async function request(apiPath, data = {}) {
await axios.request({
url: `${apiBaseUrl}/${apiPath}`,
method: 'post',
data
data,
});
return true;
}
/**
* State
*/
exports.isEnabled = () => !!apiBaseUrl;
/**
* DNS
*/
@@ -42,7 +39,6 @@ exports.isEnabled = () => !!apiBaseUrl;
exports.addDnsARecord = async (host, addresses) => request('add-a', { host, addresses });
exports.setDnsCnameRecord = async (host, target) => request('set-cname', { host, target });
/**
* Challenge response
*/
@@ -55,7 +51,7 @@ async function addHttps01ChallengeResponse(token, content, targetHostname) {
await addHttp01ChallengeResponse(token, content);
return request('add-redirect', {
path: `/.well-known/acme-challenge/${token}`,
targetURL: `https://${targetHostname}:${httpsPort}/.well-known/acme-challenge/${token}`
targetURL: `https://${targetHostname}:${httpsPort}/.well-known/acme-challenge/${token}`,
});
}
@@ -72,7 +68,6 @@ exports.addHttps01ChallengeResponse = addHttps01ChallengeResponse;
exports.addDns01ChallengeResponse = addDns01ChallengeResponse;
exports.addTlsAlpn01ChallengeResponse = addTlsAlpn01ChallengeResponse;
/**
* Challenge response mock functions
*/

2
packages/core/acme-client/test/get-cert-issuers.js
View File

@@ -7,7 +7,6 @@ const util = require('./../src/util');
const pebbleManagementUrl = process.env.ACME_PEBBLE_MANAGEMENT_URL || null;
/**
* Pebble
*/
@@ -26,7 +25,6 @@ async function getPebbleCertIssuers() {
return info.map((i) => i.issuer.commonName);
}
/**
* Get certificate issuers
*/

3
packages/core/acme-client/test/setup.js
View File

@@ -7,14 +7,12 @@ const chai = require('chai');
const chaiAsPromised = require('chai-as-promised');
const axios = require('./../src/axios');
/**
* Add promise support to Chai
*/
chai.use(chaiAsPromised);
/**
* Challenge test server ports
*/
@@ -31,7 +29,6 @@ if (process.env.ACME_TLSALPN_PORT) {
axios.defaults.acmeSettings.tlsAlpnChallengePort = process.env.ACME_TLSALPN_PORT;
}
/**
* External account binding
*/

3
packages/core/acme-client/test/spec.js
View File

@@ -7,7 +7,6 @@ const { assert } = require('chai');
const spec = {};
module.exports = spec;
/**
* ACME
*/
@@ -120,7 +119,6 @@ spec.rfc8555.challenge = (obj) => {
}
};
/**
* Crypto
*/
@@ -150,7 +148,6 @@ spec.crypto.certificateInfo = (obj) => {
assert.strictEqual(Object.prototype.toString.call(obj.notAfter), '[object Date]');
};
/**
* JWK
*/

7
packages/core/acme-client/types/index.d.ts vendored
View File

@@ -15,7 +15,6 @@ export type PublicKeyString = string;
export type CertificateString = string;
export type CsrString = string;
/**
* Augmented ACME interfaces
*/
@@ -28,7 +27,6 @@ export interface Authorization extends rfc8555.Authorization {
url: string;
}
/**
* Client
*/
@@ -80,7 +78,6 @@ export class Client {
auto(opts: ClientAutoOptions): Promise<string>;
}
/**
* Directory URLs
*/
@@ -95,11 +92,11 @@ export const directory: {
production: string
},
zerossl: {
staging: string,
production: string
}
};
/**
* Crypto
*/
@@ -177,14 +174,12 @@ export interface CryptoLegacyInterface {
export const forge: CryptoLegacyInterface;
/**
* Axios
*/
export const axios: AxiosInstance;
/**
* Logger
*/

1
packages/core/acme-client/types/index.test-d.ts
View File

@@ -4,7 +4,6 @@
import * as acme from 'acme-client';
(async () => {
/* Client */
const accountKey = await acme.crypto.createPrivateKey();

4
packages/core/acme-client/types/rfc8555.d.ts vendored
View File

@@ -27,7 +27,6 @@ export interface AccountUpdateRequest {
termsOfServiceAgreed?: boolean;
}
/**
* Order
*
@@ -53,7 +52,6 @@ export interface OrderCreateRequest {
notAfter?: string;
}
/**
* Authorization
*
@@ -73,7 +71,6 @@ export interface Identifier {
value: string;
}
/**
* Challenge
*
@@ -102,7 +99,6 @@ export interface DnsChallenge extends ChallengeAbstract {
export type Challenge = HttpChallenge | DnsChallenge;
/**
* Certificate
*

52
packages/core/pipeline/CHANGELOG.md
View File

@@ -3,6 +3,58 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.21.2](https://github.com/certd/certd/compare/v1.21.1...v1.21.2) (2024-07-08)
**Note:** Version bump only for package @certd/pipeline
## [1.21.1](https://github.com/certd/certd/compare/v1.21.0...v1.21.1) (2024-07-08)
**Note:** Version bump only for package @certd/pipeline
# [1.21.0](https://github.com/certd/certd/compare/v1.20.17...v1.21.0) (2024-07-03)
**Note:** Version bump only for package @certd/pipeline
## [1.20.17](https://github.com/certd/certd/compare/v1.20.16...v1.20.17) (2024-07-03)
**Note:** Version bump only for package @certd/pipeline
## [1.20.16](https://github.com/certd/certd/compare/v1.20.15...v1.20.16) (2024-07-01)
**Note:** Version bump only for package @certd/pipeline
## [1.20.15](https://github.com/certd/certd/compare/v1.20.14...v1.20.15) (2024-06-28)
**Note:** Version bump only for package @certd/pipeline
## [1.20.14](https://github.com/certd/certd/compare/v1.20.13...v1.20.14) (2024-06-23)
**Note:** Version bump only for package @certd/pipeline
## [1.20.13](https://github.com/certd/certd/compare/v1.20.12...v1.20.13) (2024-06-18)
**Note:** Version bump only for package @certd/pipeline
## [1.20.12](https://github.com/certd/certd/compare/v1.20.10...v1.20.12) (2024-06-17)
### Performance Improvements
* 支持cloudflare域名 ([fbb9a47](https://github.com/certd/certd/commit/fbb9a47e8f7bb805289b9ee64bd46ffee0f01c06))
## [1.20.10](https://github.com/certd/certd/compare/v1.20.9...v1.20.10) (2024-05-30)
### Performance Improvements
* 优化文件下载包名 ([d9eb927](https://github.com/certd/certd/commit/d9eb927b0a1445feab08b1958aa9ea80637a5ae6))
## [1.20.9](https://github.com/certd/certd/compare/v1.20.8...v1.20.9) (2024-03-22)
**Note:** Version bump only for package @certd/pipeline
## [1.20.8](https://github.com/certd/certd/compare/v1.20.7...v1.20.8) (2024-03-22)
**Note:** Version bump only for package @certd/pipeline
## [1.20.7](https://github.com/certd/certd/compare/v1.20.6...v1.20.7) (2024-03-22)
**Note:** Version bump only for package @certd/pipeline

6
packages/core/pipeline/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/pipeline",
"private": false,
"version": "1.20.7",
"version": "1.21.2",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
@@ -23,7 +23,7 @@
"qs": "^6.11.2"
},
"devDependencies": {
"@certd/acme-client": "^1.20.7",
"@certd/acme-client": "workspace:^1.21.2",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",
@@ -57,5 +57,5 @@
"vite": "^4.3.8",
"vue-tsc": "^1.6.5"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
"gitHead": "a31f1c7f5e71fa946de9bf0283e11d6ce049b3e9"
}

2
packages/core/pipeline/src/access/registry.ts
View File

@@ -1,4 +1,4 @@
import { Registry } from "../registry";
// @ts-ignore
export const accessRegistry = new Registry();
export const accessRegistry = new Registry("access");

5
packages/core/pipeline/src/core/executor.ts
View File

@@ -6,7 +6,7 @@ import { ContextFactory, IContext } from "./context";
import { IStorage } from "./storage";
import { logger } from "../utils/util.log";
import { Logger } from "log4js";
import { request } from "../utils/util.request";
import { createAxiosService } from "../utils/util.request";
import { IAccessService } from "../access";
import { RegistryItem } from "../registry";
import { Decorator } from "../decorator";
@@ -213,11 +213,12 @@ export class Executor {
}
});
const http = createAxiosService({ logger: currentLogger });
const taskCtx: TaskInstanceContext = {
pipeline: this.pipeline,
step,
lastStatus,
http: request,
http,
logger: currentLogger,
accessService: this.options.accessService,
emailService: this.options.emailService,

4
packages/core/pipeline/src/core/file-store.ts
View File

@@ -1,7 +1,8 @@
import { fileUtils } from "../utils/util.file";
import { fileUtils } from "../utils";
import dayjs from "dayjs";
import path from "path";
import fs from "fs";
import { logger } from "../utils";
export type FileStoreOptions = {
rootDir?: string;
@@ -30,6 +31,7 @@ export class FileStore {
const localPath = this.buildFilePath(filename);
fs.writeFileSync(localPath, file);
logger.info(`写入文件:${localPath}`);
return localPath;
}

2
packages/core/pipeline/src/plugin/api.ts
View File

@@ -6,6 +6,7 @@ import { IAccessService } from "../access";
import { IEmailService } from "../service";
import { IContext } from "../core";
import { AxiosInstance } from "axios";
import { logger } from "../utils";
export enum ContextScope {
global,
@@ -89,6 +90,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
}
saveFile(filename: string, file: Buffer) {
const filePath = this.ctx.fileStore.writeFile(filename, file);
logger.info(`saveFile:${filePath}`);
this._result.files!.push({
id: this.randomFileId(),
filename,

2
packages/core/pipeline/src/plugin/registry.ts
View File

@@ -1,4 +1,4 @@
import { Registry } from "../registry";
import { AbstractTaskPlugin } from "./api";
export const pluginRegistry = new Registry<AbstractTaskPlugin>();
export const pluginRegistry = new Registry<AbstractTaskPlugin>("plugin");

8
packages/core/pipeline/src/registry/registry.ts
View File

@@ -1,3 +1,5 @@
import { logger } from "../utils";
export type Registrable = {
name: string;
title: string;
@@ -9,15 +11,21 @@ export type RegistryItem<T> = {
target: T;
};
export class Registry<T> {
type = "";
storage: {
[key: string]: RegistryItem<T>;
} = {};
constructor(type: string) {
this.type = type;
}
register(key: string, value: RegistryItem<T>) {
if (!key || value == null) {
return;
}
this.storage[key] = value;
logger.info(`注册插件:${this.type}:${key}`);
}
get(name: string): RegistryItem<T> {

1
packages/core/pipeline/src/utils/index.ts
View File

@@ -1,6 +1,7 @@
import sleep from "./util.sleep";
import { request } from "./util.request";
export * from "./util.log";
export * from "./util.file";
export const utils = {
sleep,
http: request,

15
packages/core/pipeline/src/utils/util.request.ts
View File

@@ -2,10 +2,11 @@ import axios from "axios";
// @ts-ignore
import qs from "qs";
import { logger } from "./util.log";
import { Logger } from "log4js";
/**
* @description 创建请求实例
*/
function createService() {
export function createAxiosService({ logger }: { logger: Logger }) {
// 创建一个 axios 实例
const service = axios.create();
// 请求拦截
@@ -18,18 +19,19 @@ function createService() {
}); // 序列化请求参数
delete config.formData;
}
logger.info(`http request:${config.url}method:${config.method}`);
return config;
},
(error: Error) => {
// 发送失败
logger.error(error);
logger.error("接口请求失败:", error);
return Promise.reject(error);
}
);
// 响应拦截
service.interceptors.response.use(
(response: any) => {
logger.info("http response:", JSON.stringify(response.data));
logger.info("http response:", JSON.stringify(response?.data));
return response.data;
},
(error: any) => {
@@ -48,11 +50,14 @@ function createService() {
// case 505: error.message = 'HTTP版本不受支持'; break
// default: break
// }
logger.error("请求出错:", error.response.config.url, error);
logger.error(`请求出错:url:${error?.response?.config.url},method:${error.response.config.method},status:${error?.response?.status}`);
logger.info("返回数据:", JSON.stringify(error?.response?.data));
delete error.config;
delete error.response;
return Promise.reject(error);
}
);
return service;
}
export const request = createService();
export const request = createAxiosService({ logger });

23
packages/plugins/plugin-aliyun/.eslintrc
View File

@@ -1,23 +0,0 @@
{
"parser": "@typescript-eslint/parser",
"plugins": [
"@typescript-eslint"
],
"extends": [
"plugin:@typescript-eslint/recommended",
"plugin:prettier/recommended",
"prettier"
],
"env": {
"mocha": true
},
"rules": {
"@typescript-eslint/no-var-requires": "off",
"@typescript-eslint/ban-ts-comment": "off",
"@typescript-eslint/ban-ts-ignore": "off",
"@typescript-eslint/no-explicit-any": "off",
"@typescript-eslint/no-empty-function": "off",
// "no-unused-expressions": "off",
"max-len": [0, 160, 2, { "ignoreUrls": true }]
}
}

26
packages/plugins/plugin-aliyun/.gitignore vendored
View File

@@ -1,26 +0,0 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
test/user.secret.ts

5
packages/plugins/plugin-aliyun/.mocharc.json
View File

@@ -1,5 +0,0 @@
{
"extension": ["ts"],
"spec": "test/**/*.test.ts",
"require": "ts-node/register"
}

2
packages/plugins/plugin-aliyun/.npmignore
View File

@@ -1,2 +0,0 @@
node_modules
src

3
packages/plugins/plugin-aliyun/.prettierrc
View File

@@ -1,3 +0,0 @@
{
"printWidth": 160
}

90
packages/plugins/plugin-aliyun/CHANGELOG.md
View File

@@ -1,90 +0,0 @@
# Change Log
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.20.7](https://github.com/certd/certd/compare/v1.20.6...v1.20.7) (2024-03-22)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.20.6](https://github.com/certd/certd/compare/v1.20.5...v1.20.6) (2024-03-21)
### Performance Improvements
* 插件贡献文档及示例 ([72fb20a](https://github.com/certd/certd/commit/72fb20abf3ba5bdd862575d2907703a52fd7eb17))
## [1.20.5](https://github.com/certd/certd/compare/v1.20.2...v1.20.5) (2024-03-11)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.20.2](https://github.com/certd/certd/compare/v1.2.1...v1.20.2) (2024-02-28)
### Bug Fixes
* 临时修复阿里云domainlist接口返回域名列表不全的问题后续还需要增加翻页查询 ([849c145](https://github.com/certd/certd/commit/849c145926984762bd9dbec87bd91cd047fc0855))
## [1.2.1](https://github.com/certd/certd/compare/v1.2.0...v1.2.1) (2023-12-12)
**Note:** Version bump only for package @certd/plugin-aliyun
**Note:** Version bump only for package @certd/plugin-aliyun
# [1.2.0](https://github.com/certd/certd/compare/v1.1.6...v1.2.0) (2023-10-27)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.1.6](https://github.com/certd/certd/compare/v1.1.5...v1.1.6) (2023-07-10)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.1.5](https://github.com/certd/certd/compare/v1.1.4...v1.1.5) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.1.4](https://github.com/certd/certd/compare/v1.1.3...v1.1.4) (2023-07-03)
### Performance Improvements
* timeout ([3eeb1f7](https://github.com/certd/certd/commit/3eeb1f77aa2922f3545f3d2067f561d95621d54f))
## [1.1.3](https://github.com/certd/certd/compare/v1.1.2...v1.1.3) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.1.2](https://github.com/certd/certd/compare/v1.1.1...v1.1.2) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.1.1](https://github.com/certd/certd/compare/v1.1.0...v1.1.1) (2023-06-28)
**Note:** Version bump only for package @certd/plugin-aliyun
# [1.1.0](https://github.com/certd/certd/compare/v1.0.6...v1.1.0) (2023-06-28)
### Features
* save files ([671d273](https://github.com/certd/certd/commit/671d273e2f9136d16896536b0ca127cf372f1619))
## [1.0.6](https://github.com/certd/certd/compare/v1.0.5...v1.0.6) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.0.5](https://github.com/certd/certd/compare/v1.0.4...v1.0.5) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.0.4](https://github.com/certd/certd/compare/v1.0.3...v1.0.4) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.0.3](https://github.com/certd/certd/compare/v1.0.2...v1.0.3) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.0.2](https://github.com/certd/certd/compare/v1.0.1...v1.0.2) (2023-05-24)
**Note:** Version bump only for package @certd/plugin-aliyun
## [1.0.1](https://github.com/certd/certd/compare/v1.0.0...v1.0.1) (2023-05-24)
**Note:** Version bump only for package @certd/plugin-aliyun

16
packages/plugins/plugin-aliyun/README.md
View File

@@ -1,16 +0,0 @@
# Vue 3 + TypeScript + Vite
This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
## Recommended IDE Setup
- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
## Type Support For `.vue` Imports in TS
Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

62
packages/plugins/plugin-aliyun/package.json
View File

@@ -1,62 +0,0 @@
{
"name": "@certd/plugin-aliyun",
"private": false,
"version": "1.20.7",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
"publishConfig": {
"main": "./dist/bundle.js",
"module": "./dist/bundle.mjs",
"types": "./dist/d/index.d.ts"
},
"scripts": {
"dev": "vite",
"build1": "vue-tsc --noEmit && vite build",
"build": "rollup -c",
"preview": "vite preview"
},
"dependencies": {
"@alicloud/cs20151215": "^3.0.3",
"@alicloud/openapi-client": "^0.4.0",
"@alicloud/pop-core": "^1.7.10",
"node-forge": "^0.10.0"
},
"devDependencies": {
"@certd/acme-client": "^1.20.7",
"@certd/pipeline": "^1.20.7",
"@certd/plugin-cert": "^1.20.7",
"@certd/plugin-util": "^1.20.7",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",
"@rollup/plugin-terser": "^0.4.3",
"@rollup/plugin-typescript": "^11.0.0",
"@types/chai": "^4.3.3",
"@types/lodash": "^4.14.186",
"@types/mocha": "^10.0.0",
"@types/node-forge": "^1.3.0",
"@typescript-eslint/eslint-plugin": "^5.38.1",
"@typescript-eslint/parser": "^5.38.1",
"chai": "^4.3.6",
"dayjs": "^1.11.6",
"eslint": "^8.24.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-import": "^2.26.0",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-prettier": "^4.2.1",
"lodash": "^4.17.21",
"log4js": "^6.7.1",
"mocha": "^10.1.0",
"prettier": "^2.8.8",
"rollup": "^3.7.4",
"rollup-plugin-typescript2": "^0.34.1",
"rollup-plugin-visualizer": "^5.8.2",
"ts-node": "^10.9.1",
"tslib": "^2.5.2",
"typescript": "^4.8.4",
"vite": "^3.1.0",
"vue-tsc": "^0.38.9"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
}

43
packages/plugins/plugin-aliyun/rollup.config.js
View File

@@ -1,43 +0,0 @@
const resolve = require("@rollup/plugin-node-resolve");
const commonjs = require("@rollup/plugin-commonjs");
//const Typescript = require("rollup-plugin-typescript2");
const Typescript = require("@rollup/plugin-typescript");
const json = require("@rollup/plugin-json");
const terser = require("@rollup/plugin-terser");
module.exports = {
input: "src/index.ts",
output: {
file: "dist/bundle.js",
format: "cjs",
},
plugins: [
// 解析第三方依赖
resolve(),
// 识别 commonjs 模式第三方依赖
commonjs(),
Typescript({
target: "esnext",
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
exclude: ["./node_modules/**", "./src/**/*.vue"],
allowSyntheticDefaultImports: true,
}),
json(),
terser(),
],
external: [
"vue",
"lodash",
"dayjs",
"@certd/acme-client",
"@certd/pipeline",
"@certd/plugin-cert",
"@certd/plugin-aliyun",
"@certd/plugin-tencent",
"@certd/plugin-huawei",
"@certd/plugin-host",
"@certd/plugin-tencent",
"@certd/plugin-util",
],
};

27
packages/plugins/plugin-aliyun/src/access/aliyun-access.ts
View File

@@ -1,27 +0,0 @@
import { IsAccess, AccessInput } from "@certd/pipeline";
@IsAccess({
name: "aliyun",
title: "阿里云授权",
desc: "",
})
export class AliyunAccess {
@AccessInput({
title: "accessKeyId",
component: {
placeholder: "accessKeyId",
},
required: true,
})
accessKeyId = "";
@AccessInput({
title: "accessKeySecret",
component: {
placeholder: "accessKeySecret",
},
required: true,
})
accessKeySecret = "";
}
new AliyunAccess();

1
packages/plugins/plugin-aliyun/src/access/index.ts
View File

@@ -1 +0,0 @@
export * from "./aliyun-access";

127
packages/plugins/plugin-aliyun/src/dns-provider/aliyun-dns-provider.ts
View File

@@ -1,127 +0,0 @@
import Core from "@alicloud/pop-core";
import _ from "lodash";
import { CreateRecordOptions, IDnsProvider, IsDnsProvider, RemoveRecordOptions } from "@certd/plugin-cert";
import { Autowire, ILogger } from "@certd/pipeline";
import { AliyunAccess } from "../access";
@IsDnsProvider({
name: "aliyun",
title: "阿里云",
desc: "阿里云DNS解析提供商",
accessType: "aliyun",
})
export class AliyunDnsProvider implements IDnsProvider {
client: any;
@Autowire()
access!: AliyunAccess;
@Autowire()
logger!: ILogger;
async onInstance() {
const access: any = this.access;
this.client = new Core({
accessKeyId: access.accessKeyId,
accessKeySecret: access.accessKeySecret,
endpoint: "https://alidns.aliyuncs.com",
apiVersion: "2015-01-09",
});
}
async getDomainList() {
const params = {
RegionId: "cn-hangzhou",
PageSize: 100,
};
const requestOption = {
method: "POST",
};
const ret = await this.client.request("DescribeDomains", params, requestOption);
return ret.Domains.Domain;
}
async matchDomain(dnsRecord: string) {
const list = await this.getDomainList();
let domain = null;
const domainList = [];
for (const item of list) {
domainList.push(item.DomainName);
if (_.endsWith(dnsRecord, item.DomainName)) {
domain = item.DomainName;
break;
}
}
if (!domain) {
throw new Error(`can not find Domain :${dnsRecord} ,list: ${JSON.stringify(domainList)}`);
}
return domain;
}
async getRecords(domain: string, rr: string, value: string) {
const params: any = {
RegionId: "cn-hangzhou",
DomainName: domain,
RRKeyWord: rr,
ValueKeyWord: undefined,
};
if (value) {
params.ValueKeyWord = value;
}
const requestOption = {
method: "POST",
};
const ret = await this.client.request("DescribeDomainRecords", params, requestOption);
return ret.DomainRecords.Record;
}
async createRecord(options: CreateRecordOptions): Promise<any> {
const { fullRecord, value, type } = options;
this.logger.info("添加域名解析:", fullRecord, value);
const domain = await this.matchDomain(fullRecord);
const rr = fullRecord.replace("." + domain, "");
const params = {
RegionId: "cn-hangzhou",
DomainName: domain,
RR: rr,
Type: type,
Value: value,
// Line: 'oversea' // 海外
};
const requestOption = {
method: "POST",
};
try {
const ret = await this.client.request("AddDomainRecord", params, requestOption);
this.logger.info("添加域名解析成功:", value, value, ret.RecordId);
return ret.RecordId;
} catch (e: any) {
if (e.code === "DomainRecordDuplicate") {
return;
}
this.logger.info("添加域名解析出错", e);
throw e;
}
}
async removeRecord(options: RemoveRecordOptions): Promise<any> {
const { fullRecord, value, record } = options;
const params = {
RegionId: "cn-hangzhou",
RecordId: record,
};
const requestOption = {
method: "POST",
};
const ret = await this.client.request("DeleteDomainRecord", params, requestOption);
this.logger.info("删除域名解析成功:", fullRecord, value, ret.RecordId);
return ret.RecordId;
}
}
new AliyunDnsProvider();

1
packages/plugins/plugin-aliyun/src/dns-provider/index.ts
View File

@@ -1 +0,0 @@
import "./aliyun-dns-provider";

3
packages/plugins/plugin-aliyun/src/index.ts
View File

@@ -1,3 +0,0 @@
export * from "./access/index";
export * from "./dns-provider/index";
export * from "./plugin/index";

106
packages/plugins/plugin-aliyun/src/plugin/deploy-to-cdn/index.ts
View File

@@ -1,106 +0,0 @@
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, RunStrategy, TaskInput } from "@certd/pipeline";
import dayjs from "dayjs";
import Core from "@alicloud/pop-core";
import RPCClient from "@alicloud/pop-core";
import { AliyunAccess } from "../../access";
@IsTaskPlugin({
name: "DeployCertToAliyunCDN",
title: "部署证书至阿里云CDN",
desc: "依赖证书申请前置任务自动部署域名证书至阿里云CDN",
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
export class DeployCertToAliyunCDN extends AbstractTaskPlugin {
@TaskInput({
title: "CDN加速域名",
helper: "你在阿里云上配置的CDN加速域名比如:certd.docmirror.cn",
required: true,
})
domainName!: string;
@TaskInput({
title: "证书名称",
helper: "上传后将以此名称作为前缀备注",
})
certName!: string;
@TaskInput({
title: "域名证书",
helper: "请选择前置任务输出的域名证书",
component: {
name: "pi-output-selector",
},
required: true,
})
cert!: string;
@TaskInput({
title: "Access授权",
helper: "阿里云授权AccessKeyId、AccessKeySecret",
component: {
name: "pi-access-selector",
type: "aliyun",
},
required: true,
})
accessId!: string;
accessService!: IAccessService;
logger!: ILogger;
async onInstance() {
this.accessService = this.ctx.accessService;
this.logger = this.ctx.logger;
}
async execute(): Promise<void> {
console.log("开始部署证书到阿里云cdn");
const access = (await this.accessService.getById(this.accessId)) as AliyunAccess;
const client = this.getClient(access);
const params = await this.buildParams();
await this.doRequest(client, params);
console.log("部署完成");
}
getClient(access: AliyunAccess) {
return new Core({
accessKeyId: access.accessKeyId,
accessKeySecret: access.accessKeySecret,
endpoint: "https://cdn.aliyuncs.com",
apiVersion: "2018-05-10",
});
}
async buildParams() {
const CertName = (this.certName ?? "certd") + "-" + dayjs().format("YYYYMMDDHHmmss");
const cert: any = this.cert;
return {
RegionId: "cn-hangzhou",
DomainName: this.domainName,
ServerCertificateStatus: "on",
CertName: CertName,
CertType: "upload",
ServerCertificate: cert.crt,
PrivateKey: cert.key,
};
}
async doRequest(client: RPCClient, params: any) {
const requestOption = {
method: "POST",
};
const ret: any = await client.request("SetDomainServerCertificate", params, requestOption);
this.checkRet(ret);
this.logger.info("设置cdn证书成功:", ret.RequestId);
}
checkRet(ret: any) {
if (ret.code != null) {
throw new Error("执行失败:" + ret.Message);
}
}
}
new DeployCertToAliyunCDN();

3
packages/plugins/plugin-aliyun/src/plugin/index.ts
View File

@@ -1,3 +0,0 @@
export * from "./deploy-to-cdn/index";
export * from "./deploy-to-ack-ingress/index";
export * from "./upload-to-aliyun/index";

104
packages/plugins/plugin-aliyun/src/plugin/upload-to-aliyun/index.ts
View File

@@ -1,104 +0,0 @@
import { AbstractTaskPlugin, IAccessService, IsTaskPlugin, RunStrategy, TaskInput, TaskOutput } from "@certd/pipeline";
import Core from "@alicloud/pop-core";
import { AliyunAccess } from "../../access";
import { appendTimeSuffix, checkRet, ZoneOptions } from "../../utils";
import { Logger } from "log4js";
@IsTaskPlugin({
name: "uploadCertToAliyun",
title: "上传证书到阿里云",
desc: "",
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
export class UploadCertToAliyun extends AbstractTaskPlugin {
@TaskInput({
title: "证书名称",
helper: "证书上传后将以此参数作为名称前缀",
})
name!: string;
@TaskInput({
title: "大区",
value: "cn-hangzhou",
component: {
name: "a-select",
vModel: "value",
options: ZoneOptions,
},
required: true,
})
regionId!: string;
@TaskInput({
title: "域名证书",
helper: "请选择前置任务输出的域名证书",
component: {
name: "pi-output-selector",
},
required: true,
})
cert!: any;
@TaskInput({
title: "Access授权",
helper: "阿里云授权AccessKeyId、AccessKeySecret",
component: {
name: "pi-access-selector",
type: "aliyun",
},
required: true,
})
accessId!: string;
@TaskOutput({
title: "上传成功后的阿里云CertId",
})
aliyunCertId!: string;
accessService!: IAccessService;
logger!: Logger;
async onInstance() {
this.accessService = this.ctx.accessService;
this.logger = this.ctx.logger;
}
async execute(): Promise<void> {
console.log("开始部署证书到阿里云cdn");
const access = (await this.accessService.getById(this.accessId)) as AliyunAccess;
const client = this.getClient(access);
const certName = appendTimeSuffix(this.name);
const params = {
RegionId: this.regionId || "cn-hangzhou",
Name: certName,
Cert: this.cert.crt,
Key: this.cert.key,
};
const requestOption = {
method: "POST",
};
const ret = (await client.request("CreateUserCertificate", params, requestOption)) as any;
checkRet(ret);
this.logger.info("证书上传成功aliyunCertId=", ret.CertId);
//output
this.aliyunCertId = ret.CertId;
}
getClient(aliyunProvider: AliyunAccess) {
return new Core({
accessKeyId: aliyunProvider.accessKeyId,
accessKeySecret: aliyunProvider.accessKeySecret,
endpoint: "https://cas.aliyuncs.com",
apiVersion: "2018-07-13",
});
}
}
//注册插件
new UploadCertToAliyun();

15
packages/plugins/plugin-aliyun/src/utils/index.ts
View File

@@ -1,15 +0,0 @@
import dayjs from "dayjs";
export const ZoneOptions = [{ value: "cn-hangzhou" }];
export function appendTimeSuffix(name: string) {
if (name == null) {
name = "certd";
}
return name + "-" + dayjs().format("YYYYMMDD-HHmmss");
}
export function checkRet(ret: any) {
if (ret.code != null) {
throw new Error("执行失败:" + ret.Message);
}
}

23
packages/plugins/plugin-aliyun/tsconfig.json
View File

@@ -1,23 +0,0 @@
{
"compilerOptions": {
"importHelpers": false,
"target": "ESNext",
"useDefineForClassFields": true,
"module": "ESNext",
"moduleResolution": "Node",
"strict": true,
"jsx": "preserve",
"sourceMap": true,
"resolveJsonModule": true,
"isolatedModules": true,
"esModuleInterop": true,
"lib": ["ESNext", "DOM"],
"skipLibCheck": true,
"experimentalDecorators": true,
"paths": {
"tslib" : ["./node_modules/tslib/tslib.d.ts"]
}
},
"include": ["src/**/*.ts", "src/**/*.d.ts", "src/**/*.tsx", "src/**/*.vue","test/**/*.ts","rollup.config.ts"],
}

57
packages/plugins/plugin-aliyun/vite.config.ts
View File

@@ -1,57 +0,0 @@
import { defineConfig } from "vite";
import visualizer from "rollup-plugin-visualizer";
import typescript from "@rollup/plugin-typescript";
// https://vitejs.dev/config/
export default defineConfig({
plugins: [],
build: {
lib: {
entry: "src/index.ts",
name: "pipeline",
},
rollupOptions: {
plugins: [
// @ts-ignore
visualizer(),
// @ts-ignore
typescript({
target: "esnext",
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
exclude: ["./node_modules/**", "./src/**/*.vue"],
allowSyntheticDefaultImports: true,
}),
],
external: [
"vue",
"lodash",
"dayjs",
"@certd/acme-client",
"@certd/pipeline",
"@certd/plugin-cert",
"@certd/plugin-aliyun",
"@certd/plugin-tencent",
"@certd/plugin-huawei",
"@certd/plugin-host",
"@certd/plugin-tencent",
"@certd/plugin-util",
],
output: {
globals: {
vue: "Vue",
lodash: "_",
dayjs: "dayjs",
"@certd/plugin-cert": "CertdPluginCert",
"@certd/acme-client": "CertdAcmeClient",
"@certd/pipeline": "CertdPluginPipeline",
"@certd/plugin-aliyun": "CertdPluginAliyun",
"@certd/plugin-host": "CertdPluginHost",
"@certd/plugin-huawei": "CertdPluginHuawei",
"@certd/plugin-util": "CertdPluginUtil",
},
},
},
},
});

23
packages/plugins/plugin-all/.eslintrc
View File

@@ -1,23 +0,0 @@
{
"parser": "@typescript-eslint/parser",
"plugins": [
"@typescript-eslint"
],
"extends": [
"plugin:@typescript-eslint/recommended",
"plugin:prettier/recommended",
"prettier"
],
"env": {
"mocha": true
},
"rules": {
"@typescript-eslint/no-var-requires": "off",
"@typescript-eslint/ban-ts-comment": "off",
"@typescript-eslint/ban-ts-ignore": "off",
"@typescript-eslint/no-explicit-any": "off",
"@typescript-eslint/no-empty-function": "off",
// "no-unused-expressions": "off",
"max-len": [0, 160, 2, { "ignoreUrls": true }]
}
}

26
packages/plugins/plugin-all/.gitignore vendored
View File

@@ -1,26 +0,0 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
test/user.secret.ts

5
packages/plugins/plugin-all/.mocharc.json
View File

@@ -1,5 +0,0 @@
{
"extension": ["ts"],
"spec": "test/**/*.test.ts",
"require": "ts-node/register"
}

2
packages/plugins/plugin-all/.npmignore
View File

@@ -1,2 +0,0 @@
node_modules
src

3
packages/plugins/plugin-all/.prettierrc
View File

@@ -1,3 +0,0 @@
{
"printWidth": 160
}

88
packages/plugins/plugin-all/CHANGELOG.md
View File

@@ -1,88 +0,0 @@
# Change Log
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.20.7](https://github.com/certd/certd/compare/v1.20.6...v1.20.7) (2024-03-22)
**Note:** Version bump only for package @certd/plugin-all
## [1.20.6](https://github.com/certd/certd/compare/v1.20.5...v1.20.6) (2024-03-21)
### Performance Improvements
* 插件贡献文档及示例 ([72fb20a](https://github.com/certd/certd/commit/72fb20abf3ba5bdd862575d2907703a52fd7eb17))
## [1.20.5](https://github.com/certd/certd/compare/v1.20.2...v1.20.5) (2024-03-11)
**Note:** Version bump only for package @certd/plugin-all
## [1.20.2](https://github.com/certd/certd/compare/v1.2.1...v1.20.2) (2024-02-28)
**Note:** Version bump only for package @certd/plugin-all
## [1.2.1](https://github.com/certd/certd/compare/v1.2.0...v1.2.1) (2023-12-12)
**Note:** Version bump only for package @certd/plugin-all
**Note:** Version bump only for package @certd/plugin-all
# [1.2.0](https://github.com/certd/certd/compare/v1.1.6...v1.2.0) (2023-10-27)
**Note:** Version bump only for package @certd/plugin-all
## [1.1.6](https://github.com/certd/certd/compare/v1.1.5...v1.1.6) (2023-07-10)
### Bug Fixes
* 修复上传证书到腾讯云失败的bug ([e950322](https://github.com/certd/certd/commit/e950322232e19d1263b8552eefa5b0150fd7864e))
## [1.1.5](https://github.com/certd/certd/compare/v1.1.4...v1.1.5) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-all
## [1.1.4](https://github.com/certd/certd/compare/v1.1.3...v1.1.4) (2023-07-03)
### Performance Improvements
* timeout ([3eeb1f7](https://github.com/certd/certd/commit/3eeb1f77aa2922f3545f3d2067f561d95621d54f))
## [1.1.3](https://github.com/certd/certd/compare/v1.1.2...v1.1.3) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-all
## [1.1.2](https://github.com/certd/certd/compare/v1.1.1...v1.1.2) (2023-07-03)
**Note:** Version bump only for package @certd/plugin-all
## [1.1.1](https://github.com/certd/certd/compare/v1.1.0...v1.1.1) (2023-06-28)
**Note:** Version bump only for package @certd/plugin-all
# [1.1.0](https://github.com/certd/certd/compare/v1.0.6...v1.1.0) (2023-06-28)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.6](https://github.com/certd/certd/compare/v1.0.5...v1.0.6) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.5](https://github.com/certd/certd/compare/v1.0.4...v1.0.5) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.4](https://github.com/certd/certd/compare/v1.0.3...v1.0.4) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.3](https://github.com/certd/certd/compare/v1.0.2...v1.0.3) (2023-05-25)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.2](https://github.com/certd/certd/compare/v1.0.1...v1.0.2) (2023-05-24)
**Note:** Version bump only for package @certd/plugin-all
## [1.0.1](https://github.com/certd/certd/compare/v1.0.0...v1.0.1) (2023-05-24)
**Note:** Version bump only for package @certd/plugin-all

16
packages/plugins/plugin-all/README.md
View File

@@ -1,16 +0,0 @@
# Vue 3 + TypeScript + Vite
This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
## Recommended IDE Setup
- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
## Type Support For `.vue` Imports in TS
Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

54
packages/plugins/plugin-all/package.json
View File

@@ -1,54 +0,0 @@
{
"name": "@certd/plugin-all",
"private": false,
"version": "1.20.7",
"main": "./src/index.ts",
"module": "./src/index.ts",
"types": "./src/index.ts",
"publishConfig": {
"main": "./dist/bundle.js",
"module": "./dist/bundle.mjs",
"types": "./dist/d/index.d.ts"
},
"scripts": {
"dev": "vite",
"build2": " vite build",
"build": "rollup -c",
"preview": "vite preview"
},
"devDependencies": {
"@certd/pipeline": "^1.20.7",
"@certd/plugin-aliyun": "^1.20.7",
"@certd/plugin-center": "^1.20.7",
"@certd/plugin-cert": "^1.20.7",
"@certd/plugin-host": "^1.20.7",
"@certd/plugin-huawei": "^1.20.7",
"@certd/plugin-tencent": "^1.20.7",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",
"@rollup/plugin-terser": "^0.4.3",
"@rollup/plugin-typescript": "^11.0.0",
"@types/chai": "^4.3.5",
"@types/jest": "^26.0.24",
"@types/lodash": "^4.14.186",
"@types/node-forge": "^1.3.0",
"@typescript-eslint/eslint-plugin": "^5.38.1",
"@typescript-eslint/parser": "^5.38.1",
"eslint": "^8.24.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-import": "^2.26.0",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-prettier": "^4.2.1",
"prettier": "^2.8.8",
"rollup": "^3.7.4",
"rollup-plugin-typescript2": "^0.34.1",
"rollup-plugin-visualizer": "^5.8.2",
"ts-node": "^10.9.1",
"tslib": "^2.5.2",
"typescript": "^4.8.4",
"vite": "^3.1.0",
"vue-tsc": "^0.38.9"
},
"gitHead": "b258e926209fef4cc4d633b0383eb54e26c516f9"
}

44
packages/plugins/plugin-all/rollup.config.js
View File

@@ -1,44 +0,0 @@
const resolve = require("@rollup/plugin-node-resolve");
const commonjs = require("@rollup/plugin-commonjs");
//const Typescript = require("rollup-plugin-typescript2");
const Typescript = require("@rollup/plugin-typescript");
const json = require("@rollup/plugin-json");
const terser = require("@rollup/plugin-terser");
module.exports = {
input: "src/index.ts",
output: {
file: "dist/bundle.js",
format: "cjs",
},
plugins: [
// 解析第三方依赖
resolve(),
// 识别 commonjs 模式第三方依赖
commonjs(),
Typescript({
target: "esnext",
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
exclude: ["./node_modules/**", "./src/**/*.vue"],
allowSyntheticDefaultImports: true,
}),
json(),
terser(),
],
external: [
"vue",
"lodash",
"dayjs",
"@certd/acme-client",
"@certd/pipeline",
"@certd/plugin-cert",
"@certd/plugin-aliyun",
"@certd/plugin-tencent",
"@certd/plugin-huawei",
"@certd/plugin-host",
"@certd/plugin-tencent",
"@certd/plugin-util",
"@certd/plugin-center",
],
};

6
packages/plugins/plugin-all/src/index.ts
View File

@@ -1,6 +0,0 @@
export * from "@certd/plugin-cert";
export * from "@certd/plugin-aliyun";
export * from "@certd/plugin-tencent";
export * from "@certd/plugin-host";
export * from "@certd/plugin-huawei";
export * from "@certd/plugin-center";

Some files were not shown because too many files have changed in this diff Show More