accounts.js
3.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
"use strict";
var accounts = module.exports;
var store = accounts;
var U = require("./utils.js");
var fs = require("fs");
var path = require("path");
var PromiseA = require("./promise.js");
var readFileAsync = PromiseA.promisify(fs.readFile);
var writeFileAsync = PromiseA.promisify(fs.writeFile);
var mkdirpAsync = PromiseA.promisify(require("@root/mkdirp"));
// Implement if you need the ACME account metadata elsewhere in the chain of events
//store.accounts.check = function (opts) {
// console.log('accounts.check for', opts.account, opts.email);
// return PromiseA.resolve(null);
//};
// Accounts.checkKeypair
//
// Use account.id, or email, if id hasn't been set, to find an account keypair.
// Return an object with string privateKeyPem and/or object privateKeyJwk (or null, not undefined)
accounts.checkKeypair = function(opts) {
var id =
(opts.account && opts.account.id) ||
(opts.subscriberEmail || opts.email) ||
"single-user";
//console.log('accounts.checkKeypair for', id);
var pathname = path.join(
accountsDir(store, opts),
sanitizeFilename(id) + ".json"
);
return readFileAsync(U._tameWild(pathname, opts.subject), "utf8")
.then(function(blob) {
// keypair can treated as an opaque object and just passed along,
// but just to show you what it is...
var keypair = JSON.parse(blob);
return keypair;
/*
{
privateKeyPem: keypair.privateKeyPem, // string PEM private key
privateKeyJwk: keypair.privateKeyJwk, // object JWK private key
private: keypair.private,
public: keypair.public
};
*/
})
.catch(function(err) {
if ("ENOENT" === err.code) {
return null;
}
throw err;
});
};
// Accounts.setKeypair({ account, email, keypair, ... }):
//
// Use account.id (or email if no id is present) to save an account keypair
// Return null (not undefined) on success, or throw on error
accounts.setKeypair = function(opts) {
//console.log('accounts.setKeypair for', opts.account, opts.email, opts.keypair);
var id = opts.account.id || opts.email || "single-user";
// you can just treat the keypair as opaque and save and retrieve it as JSON
var keyblob = JSON.stringify(opts.keypair);
/*
var keyblob = JSON.stringify({
privateKeyPem: opts.keypair.privateKeyPem, // string PEM
privateKeyJwk: opts.keypair.privateKeyJwk, // object JWK
private: opts.keypair.private
});
*/
// Ignore.
// Just implementation specific details here.
return mkdirpAsync(accountsDir(store, opts))
.then(function() {
var pathname = path.join(
accountsDir(store, opts),
sanitizeFilename(id) + ".json"
);
return writeFileAsync(
U._tameWild(pathname, opts.subject),
keyblob,
"utf8"
);
})
.then(function() {
// This is your job: return null, not undefined
return null;
});
};
// Implement if you need the ACME account metadata elsewhere in the chain of events
//accounts.set = function (opts) {
// console.log('account.set:', opts.account, opts.email, opts.receipt);
// return PromiseA.resolve(null);
//};
function sanitizeFilename(id) {
return id.replace(/(\.\.)|\\|\//g, "_").replace(/[^!-~]/g, "_");
}
function accountsDir(store, opts) {
var dir = U._tpl(
store,
opts,
opts.accountsDir || store.options.accountsDir
);
return U._tameWild(dir, opts.subject || "");
}