| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  | "use strict"; | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | var accounts = module.exports; | 
					
						
							|  |  |  | var store = accounts; | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  | var U = require("./utils.js"); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  | var fs = require("fs"); | 
					
						
							|  |  |  | var path = require("path"); | 
					
						
							|  |  |  | var PromiseA = require("./promise.js"); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | var readFileAsync = PromiseA.promisify(fs.readFile); | 
					
						
							|  |  |  | var writeFileAsync = PromiseA.promisify(fs.writeFile); | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  | var mkdirpAsync = PromiseA.promisify(require("@root/mkdirp")); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | // Implement if you need the ACME account metadata elsewhere in the chain of events
 | 
					
						
							|  |  |  | //store.accounts.check = function (opts) {
 | 
					
						
							|  |  |  | //  console.log('accounts.check for', opts.account, opts.email);
 | 
					
						
							|  |  |  | //  return PromiseA.resolve(null);
 | 
					
						
							|  |  |  | //};
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Accounts.checkKeypair
 | 
					
						
							|  |  |  | //
 | 
					
						
							|  |  |  | // Use account.id, or email, if id hasn't been set, to find an account keypair.
 | 
					
						
							|  |  |  | // Return an object with string privateKeyPem and/or object privateKeyJwk (or null, not undefined)
 | 
					
						
							|  |  |  | accounts.checkKeypair = function(opts) { | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     var id = | 
					
						
							|  |  |  |         (opts.account && opts.account.id) || | 
					
						
							|  |  |  |         (opts.subscriberEmail || opts.email) || | 
					
						
							|  |  |  |         "single-user"; | 
					
						
							|  |  |  |     //console.log('accounts.checkKeypair for', id);
 | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     var pathname = path.join( | 
					
						
							|  |  |  |         accountsDir(store, opts), | 
					
						
							|  |  |  |         sanitizeFilename(id) + ".json" | 
					
						
							|  |  |  |     ); | 
					
						
							|  |  |  |     return readFileAsync(U._tameWild(pathname, opts.subject), "utf8") | 
					
						
							|  |  |  |         .then(function(blob) { | 
					
						
							|  |  |  |             // keypair can treated as an opaque object and just passed along,
 | 
					
						
							|  |  |  |             // but just to show you what it is...
 | 
					
						
							|  |  |  |             var keypair = JSON.parse(blob); | 
					
						
							|  |  |  |             return keypair; | 
					
						
							|  |  |  |             /* | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  |       { | 
					
						
							|  |  |  | 				privateKeyPem: keypair.privateKeyPem, // string PEM private key
 | 
					
						
							|  |  |  | 				privateKeyJwk: keypair.privateKeyJwk, // object JWK private key
 | 
					
						
							|  |  |  | 				private: keypair.private, | 
					
						
							|  |  |  | 				public: keypair.public | 
					
						
							|  |  |  | 			}; | 
					
						
							|  |  |  |       */ | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |         }) | 
					
						
							|  |  |  |         .catch(function(err) { | 
					
						
							|  |  |  |             if ("ENOENT" === err.code) { | 
					
						
							|  |  |  |                 return null; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |             throw err; | 
					
						
							|  |  |  |         }); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Accounts.setKeypair({ account, email, keypair, ... }):
 | 
					
						
							|  |  |  | //
 | 
					
						
							|  |  |  | // Use account.id (or email if no id is present) to save an account keypair
 | 
					
						
							|  |  |  | // Return null (not undefined) on success, or throw on error
 | 
					
						
							|  |  |  | accounts.setKeypair = function(opts) { | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     //console.log('accounts.setKeypair for', opts.account, opts.email, opts.keypair);
 | 
					
						
							|  |  |  |     var id = opts.account.id || opts.email || "single-user"; | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     // you can just treat the keypair as opaque and save and retrieve it as JSON
 | 
					
						
							|  |  |  |     var keyblob = JSON.stringify(opts.keypair); | 
					
						
							|  |  |  |     /* | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | 	var keyblob = JSON.stringify({ | 
					
						
							|  |  |  | 		privateKeyPem: opts.keypair.privateKeyPem, // string PEM
 | 
					
						
							|  |  |  | 		privateKeyJwk: opts.keypair.privateKeyJwk, // object JWK
 | 
					
						
							|  |  |  |     private: opts.keypair.private | 
					
						
							|  |  |  | 	}); | 
					
						
							|  |  |  |   */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     // Ignore.
 | 
					
						
							|  |  |  |     // Just implementation specific details here.
 | 
					
						
							|  |  |  |     return mkdirpAsync(accountsDir(store, opts)) | 
					
						
							|  |  |  |         .then(function() { | 
					
						
							|  |  |  |             var pathname = path.join( | 
					
						
							|  |  |  |                 accountsDir(store, opts), | 
					
						
							|  |  |  |                 sanitizeFilename(id) + ".json" | 
					
						
							|  |  |  |             ); | 
					
						
							|  |  |  |             return writeFileAsync( | 
					
						
							|  |  |  |                 U._tameWild(pathname, opts.subject), | 
					
						
							|  |  |  |                 keyblob, | 
					
						
							|  |  |  |                 "utf8" | 
					
						
							|  |  |  |             ); | 
					
						
							|  |  |  |         }) | 
					
						
							|  |  |  |         .then(function() { | 
					
						
							|  |  |  |             // This is your job: return null, not undefined
 | 
					
						
							|  |  |  |             return null; | 
					
						
							|  |  |  |         }); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Implement if you need the ACME account metadata elsewhere in the chain of events
 | 
					
						
							|  |  |  | //accounts.set = function (opts) {
 | 
					
						
							|  |  |  | //  console.log('account.set:', opts.account, opts.email, opts.receipt);
 | 
					
						
							|  |  |  | //  return PromiseA.resolve(null);
 | 
					
						
							|  |  |  | //};
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | function sanitizeFilename(id) { | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     return id.replace(/(\.\.)|\\|\//g, "_").replace(/[^!-~]/g, "_"); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | function accountsDir(store, opts) { | 
					
						
							| 
									
										
										
										
											2019-11-02 12:38:12 -06:00
										 |  |  |     var dir = U._tpl( | 
					
						
							|  |  |  |         store, | 
					
						
							|  |  |  |         opts, | 
					
						
							|  |  |  |         opts.accountsDir || store.options.accountsDir | 
					
						
							|  |  |  |     ); | 
					
						
							|  |  |  |     return U._tameWild(dir, opts.subject || ""); | 
					
						
							| 
									
										
										
										
											2019-10-27 04:01:42 -06:00
										 |  |  | } |