chore: pr comments

packages/auto-tls/src/auto-tls.ts

@@ -36,17 +36,17 @@ export class AutoTLS implements AutoTLSInterface {
   private readonly privateKey: PrivateKey
   private readonly peerId: PeerId
   private readonly events: TypedEventTarget<Libp2pEvents>
-  private readonly forgeEndpoint: string
+  private readonly forgeEndpoint: URL
   private readonly forgeDomain: string
-  private readonly acmeDirectory: string
+  private readonly acmeDirectory: URL
   private readonly clientAuth: ClientAuth
   private readonly provisionTimeout: number
   private readonly renewThreshold: number
   private started: boolean
   private shutdownController?: AbortController
   public certificate?: Certificate
   private fetching: boolean
-  private readonly fetchCertificates: DebouncedFunction
+  private readonly onSelfPeerUpdate: DebouncedFunction
   private renewTimeout?: ReturnType<typeof setTimeout>
   private readonly accountPrivateKeyName: string
   private readonly accountPrivateKeyBits: number
@@ -65,9 +65,9 @@ export class AutoTLS implements AutoTLSInterface {
     this.events = components.events
     this.keychain = components.keychain
     this.datastore = components.datastore
-    this.forgeEndpoint = init.forgeEndpoint ?? DEFAULT_FORGE_ENDPOINT
+    this.forgeEndpoint = new URL(init.forgeEndpoint ?? DEFAULT_FORGE_ENDPOINT)
     this.forgeDomain = init.forgeDomain ?? DEFAULT_FORGE_DOMAIN
-    this.acmeDirectory = init.acmeDirectory ?? DEFAULT_ACME_DIRECTORY
+    this.acmeDirectory = new URL(init.acmeDirectory ?? DEFAULT_ACME_DIRECTORY)
     this.provisionTimeout = init.provisionTimeout ?? DEFAULT_PROVISION_TIMEOUT
     this.renewThreshold = init.renewThreshold ?? DEFAULT_RENEWAL_THRESHOLD
     this.accountPrivateKeyName = init.accountPrivateKeyName ?? DEFAULT_ACCOUNT_PRIVATE_KEY_NAME
@@ -78,7 +78,7 @@ export class AutoTLS implements AutoTLSInterface {
     this.clientAuth = new ClientAuth(this.privateKey)
     this.started = false
     this.fetching = false
-    this.fetchCertificates = debounce(this._fetchCertificates.bind(this), init.provisionDelay ?? DEFAULT_PROVISION_DELAY)
+    this.onSelfPeerUpdate = debounce(this._onSelfPeerUpdate.bind(this), init.provisionDelay ?? DEFAULT_PROVISION_DELAY)
 
     const base36EncodedPeer = base36.encode(this.peerId.toCID().bytes)
     this.domain = `${base36EncodedPeer}.${this.forgeDomain}`
@@ -103,20 +103,20 @@ export class AutoTLS implements AutoTLSInterface {
     }
 
     await start(this.domainMapper)
-    this.events.addEventListener('self:peer:update', this.fetchCertificates)
+    this.events.addEventListener('self:peer:update', this.onSelfPeerUpdate)
     this.shutdownController = new AbortController()
     this.started = true
   }
 
   async stop (): Promise<void> {
-    this.events.removeEventListener('self:peer:update', this.fetchCertificates)
+    this.events.removeEventListener('self:peer:update', this.onSelfPeerUpdate)
     this.shutdownController?.abort()
     clearTimeout(this.renewTimeout)
-    await stop(this.fetchCertificates, this.domainMapper)
+    await stop(this.onSelfPeerUpdate, this.domainMapper)
     this.started = false
   }
 
-  private _fetchCertificates (): void {
+  private _onSelfPeerUpdate (): void {
     const addresses = this.addressManager.getAddresses().filter(supportedAddressesFilter)
 
     if (addresses.length === 0) {
@@ -177,7 +177,7 @@ export class AutoTLS implements AutoTLSInterface {
       Promise.resolve()
         .then(async () => {
           this.certificate = undefined
-          this.fetchCertificates()
+          this.onSelfPeerUpdate()
         })
         .catch(err => {
           this.log.error('error renewing certificate - %e', err)
@@ -267,7 +267,7 @@ export class AutoTLS implements AutoTLSInterface {
 
   async fetchAcmeCertificate (csr: Buffer, multiaddrs: Multiaddr[], options?: AbortOptions): Promise<string> {
     const client = new acme.Client({
-      directoryUrl: this.acmeDirectory,
+      directoryUrl: this.acmeDirectory.toString(),
       accountKey: await loadOrCreateKey(this.keychain, this.accountPrivateKeyName, this.accountPrivateKeyBits)
     })
 

packages/auto-tls/src/constants.ts

@@ -1,9 +1,9 @@
 export const DEFAULT_FORGE_ENDPOINT = 'https://registration.libp2p.direct'
 export const DEFAULT_FORGE_DOMAIN = 'libp2p.direct'
 export const DEFAULT_ACME_DIRECTORY = 'https://acme-v02.api.letsencrypt.org/directory'
-export const DEFAULT_PROVISION_TIMEOUT = 10000
-export const DEFAULT_PROVISION_DELAY = 5000
-export const DEFAULT_RENEWAL_THRESHOLD = 60000
+export const DEFAULT_PROVISION_TIMEOUT = 10_000
+export const DEFAULT_PROVISION_DELAY = 5_000
+export const DEFAULT_RENEWAL_THRESHOLD = 86_400_000
 export const DEFAULT_ACCOUNT_PRIVATE_KEY_NAME = 'auto-tls-acme-account-private-key'
 export const DEFAULT_ACCOUNT_PRIVATE_KEY_BITS = 2048
 export const DEFAULT_CERTIFICATE_PRIVATE_KEY_NAME = 'auto-tls-certificate-private-key'

packages/auto-tls/src/index.ts

@@ -119,9 +119,10 @@ export interface AutoTLSInit {
   provisionDelay?: number
 
   /**
-   * How long before the expiry of the certificate to renew it in ms
+   * How long before the expiry of the certificate to renew it in ms, defaults
+   * to one day
    *
-   * @default 60000
+   * @default 86_400_000
    */
   renewThreshold?: number
 

packages/auto-tls/test/index.spec.ts

@@ -61,6 +61,22 @@ describe('auto-tls', () => {
     await stop(autoTLS)
   })
 
+  it('should error with an invalid forge endpoint', () => {
+    expect(() => {
+      return new AutoTLS(components, {
+        forgeEndpoint: 'not a valid url'
+      })
+    }).to.throw('Invalid URL')
+  })
+
+  it('should error with an invalid acme directory', () => {
+    expect(() => {
+      return new AutoTLS(components, {
+        acmeDirectory: 'not a valid url'
+      })
+    }).to.throw('Invalid URL')
+  })
+
   it('should provision a TLS certificate', async () => {
     autoTLS = new AutoTLS(components, {
       provisionDelay: 10
@@ -134,7 +150,7 @@ describe('auto-tls', () => {
     expect(autoTLS.fetchAcmeCertificate).to.have.property('called', true)
   })
 
-  it.skip('should provision a new TLS certificate when the existing one has expired', async () => {
+  it('should provision a new TLS certificate when the existing one has expired', async () => {
     autoTLS = new AutoTLS(components, {
       provisionDelay: 10
     })