mirror of
				https://github.com/therootcompany/acme.js.git
				synced 2024-11-16 17:29:00 +00:00 
			
		
		
		
	remove cruft
This commit is contained in:
		
							parent
							
								
									c89e5b7882
								
							
						
					
					
						commit
						d25fa6756c
					
				
							
								
								
									
										109
									
								
								acme.js
									
									
									
									
									
								
							
							
						
						
									
										109
									
								
								acme.js
									
									
									
									
									
								
							| @ -63,7 +63,7 @@ ACME.challengeTests = { | ||||
| 					'See https://git.coolaj86.com/coolaj86/acme-v2.js/issues/4' | ||||
| 			); | ||||
| 			err.code = 'E_FAIL_DRY_CHALLENGE'; | ||||
| 			return Promise.reject(err); | ||||
| 			throw err; | ||||
| 		}); | ||||
| 	}, | ||||
| 	'dns-01': function(me, auth) { | ||||
| @ -90,7 +90,7 @@ ACME.challengeTests = { | ||||
| 					'See https://git.coolaj86.com/coolaj86/acme-v2.js/issues/4' | ||||
| 			); | ||||
| 			err.code = 'E_FAIL_DRY_CHALLENGE'; | ||||
| 			return Promise.reject(err); | ||||
| 			throw err; | ||||
| 		}); | ||||
| 	} | ||||
| }; | ||||
| @ -389,7 +389,8 @@ ACME._testChallenges = function(me, options) { | ||||
| 			}); | ||||
| 			if (!challenge) { | ||||
| 				// For example, wildcards require dns-01 and, if we don't have that, we have to bail
 | ||||
| 				var enabled = options.challengeTypes.join(', ') || 'none'; | ||||
| 				var enabled = | ||||
| 					Object.keys(options.challenges).join(', ') || 'none'; | ||||
| 				var suitable = | ||||
| 					challenges | ||||
| 						.map(function(r) { | ||||
| @ -481,7 +482,7 @@ ACME._testChallenges = function(me, options) { | ||||
| ACME._chooseChallenge = function(options, results) { | ||||
| 	// For each of the challenge types that we support
 | ||||
| 	var challenge; | ||||
| 	options.challengeTypes.some(function(chType) { | ||||
| 	options._challengeTypes.some(function(chType) { | ||||
| 		// And for each of the challenge types that are allowed
 | ||||
| 		return results.challenges.some(function(ch) { | ||||
| 			// Check to see if there are any matches
 | ||||
| @ -907,63 +908,54 @@ ACME._getCertificate = function(me, options) { | ||||
| 		console.debug('[acme-v2] DEBUG get cert 1'); | ||||
| 	} | ||||
| 
 | ||||
| 	// Lot's of error checking to inform the user of mistakes
 | ||||
| 	if (!(options.challengeTypes || []).length) { | ||||
| 		options.challengeTypes = Object.keys(options.challenges || {}); | ||||
| 	// Prefer this order for efficiency:
 | ||||
| 	// * http-01 is the fasest
 | ||||
| 	// * tls-alpn-01 is for networks that don't allow plain traffic
 | ||||
| 	// * dns-01 is the slowest (due to DNS propagation), but is required for private networks and wildcards
 | ||||
| 	var challengeTypes = Object.keys(options.challenges); | ||||
| 	options._challengeTypes = ['http-01', 'tls-alpn-01', 'dns-01'].filter( | ||||
| 		function(typ) { | ||||
| 			return -1 !== challengeTypes.indexOf(typ); | ||||
| 		} | ||||
| 	if (!options.challengeTypes.length) { | ||||
| 		options.challengeTypes = [options.challengeType].filter(Boolean); | ||||
| 	} | ||||
| 	if (options.challengeType) { | ||||
| 		options.challengeTypes.sort(function(a, b) { | ||||
| 			if (a === options.challengeType) { | ||||
| 				return -1; | ||||
| 			} | ||||
| 			if (b === options.challengeType) { | ||||
| 				return 1; | ||||
| 			} | ||||
| 			return 0; | ||||
| 		}); | ||||
| 		if (options.challengeType !== options.challengeTypes[0]) { | ||||
| 			return Promise.reject( | ||||
| 				new Error( | ||||
| 					"options.challengeType is '" + | ||||
| 						options.challengeType + | ||||
| 						"'," + | ||||
| 						" which does not exist in the supplied types '" + | ||||
| 						options.challengeTypes.join(',') + | ||||
| 						"'" | ||||
| 				) | ||||
| 	); | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	// TODO check that all challengeTypes are represented in challenges
 | ||||
| 	if (!options.challengeTypes.length) { | ||||
| 	if (!options._challengeTypes.length) { | ||||
| 		return Promise.reject( | ||||
| 			new Error( | ||||
| 				'options.challengeTypes (string array) must be specified' + | ||||
| 					' (and in order of preferential priority).' | ||||
| 			) | ||||
| 			new Error('options.challenges must be specified') | ||||
| 		); | ||||
| 	} | ||||
| 	if (options.csr) { | ||||
| 		// TODO validate csr signature
 | ||||
| 		options._csr = me.CSR._info(options.csr); | ||||
| 		options.domains = options._csr.altnames; | ||||
| 
 | ||||
| 	if (!options.csr) { | ||||
| 		throw new Error( | ||||
| 			'no `csr` option given (should be in DER or PEM format)' | ||||
| 		); | ||||
| 	} | ||||
| 	// TODO validate csr signature?
 | ||||
| 	options._csr = CSR._info(options.csr); | ||||
| 	options.domains = options.domains || options._csr.altnames; | ||||
| 	options._csr.altnames = options._csr.altnames || []; | ||||
| 	if ( | ||||
| 		options.domains | ||||
| 			.slice(0) | ||||
| 			.sort() | ||||
| 			.join(' ') !== | ||||
| 		options._csr.altnames | ||||
| 			.slice(0) | ||||
| 			.sort() | ||||
| 			.join(' ') | ||||
| 	) { | ||||
| 		throw new Error('certificate altnames do not match requested domains'); | ||||
| 	} | ||||
| 	if (options._csr.subject !== options.domains[0]) { | ||||
| 			return Promise.reject( | ||||
| 				new Error( | ||||
| 		throw new Error( | ||||
| 			'certificate subject (commonName) does not match first altname (SAN)' | ||||
| 				) | ||||
| 		); | ||||
| 	} | ||||
| 	} | ||||
| 	if (!(options.domains && options.domains.length)) { | ||||
| 		return Promise.reject( | ||||
| 			new Error( | ||||
| 		throw new Error( | ||||
| 			'options.domains must be a list of string domain names,' + | ||||
| 					' with the first being the subject of the certificate (or options.subject must specified).' | ||||
| 			) | ||||
| 				' with the first being the subject of the certificate' | ||||
| 		); | ||||
| 	} | ||||
| 
 | ||||
| @ -1296,16 +1288,6 @@ ACME._generateCsrWeb64 = function(me, options, validatedDomains) { | ||||
| 		csr = Enc.base64ToUrlBase64(csr.trim().replace(/\s+/g, '')); | ||||
| 		return Promise.resolve(csr); | ||||
| 	} | ||||
| 
 | ||||
| 	return ACME._importKeypair(me, options.serverKeypair).then(function(pair) { | ||||
| 		return me.CSR.csr({ | ||||
| 			jwk: pair.private, | ||||
| 			domains: validatedDomains, | ||||
| 			encoding: 'der' | ||||
| 		}).then(function(der) { | ||||
| 			return Enc.bufToUrlBase64(der); | ||||
| 		}); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| ACME.create = function create(me) { | ||||
| @ -1315,7 +1297,6 @@ ACME.create = function create(me) { | ||||
| 	// me.debug = true;
 | ||||
| 	me.challengePrefixes = ACME.challengePrefixes; | ||||
| 	me.Keypairs = me.Keypairs || Keypairs; | ||||
| 	me.CSR = me.CSR || CSR; | ||||
| 	me._nonces = []; | ||||
| 	me._canUse = {}; | ||||
| 	if (!me._baseUrl) { | ||||
| @ -1372,12 +1353,20 @@ ACME.create = function create(me) { | ||||
| 	}; | ||||
| 	me.accounts = { | ||||
| 		create: function(options) { | ||||
| 			try { | ||||
| 				return ACME._registerAccount(me, options); | ||||
| 			} catch (e) { | ||||
| 				return Promise.reject(e); | ||||
| 			} | ||||
| 		} | ||||
| 	}; | ||||
| 	me.certificates = { | ||||
| 		create: function(options) { | ||||
| 			try { | ||||
| 				return ACME._getCertificate(me, options); | ||||
| 			} catch (e) { | ||||
| 				return Promise.reject(e); | ||||
| 			} | ||||
| 		} | ||||
| 	}; | ||||
| 	return me; | ||||
|  | ||||
| @ -13,6 +13,12 @@ var acme = ACME.create({ | ||||
| }); | ||||
| 
 | ||||
| // TODO exec npm install --save-dev CHALLENGE_MODULE
 | ||||
| if (!process.env.CHALLENGE_OPTIONS) { | ||||
| 	console.error( | ||||
| 		'Please create a .env in the format of examples/example.env to run the tests' | ||||
| 	); | ||||
| 	process.exit(1); | ||||
| } | ||||
| 
 | ||||
| var config = { | ||||
| 	env: process.env.ENV, | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user