From e5a3b5ee2f9c152e729c2274198a4c4ee619ed57 Mon Sep 17 00:00:00 2001
From: Rahul Somasundaram <rahul.somasundaram@checkpt.com>
Date: Mon, 23 Aug 2021 09:03:24 +0530
Subject: [PATCH] added endpoint to download certificates

---
 backend/internal/certificate.js          | 45 ++++++++++++++++++++++++
 backend/package.json                     |  1 +
 backend/routes/api/nginx/certificates.js | 29 +++++++++++++++
 3 files changed, 75 insertions(+)

diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js
index 661950dc..7df9e93d 100644
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -13,6 +13,7 @@ const internalHost       = require('./host');
 const letsencryptStaging = process.env.NODE_ENV !== 'production';
 const letsencryptConfig  = '/etc/letsencrypt.ini';
 const certbotCommand     = 'certbot';
+const archiver = require('archiver');
 
 function omissions() {
 	return ['is_deleted'];
@@ -335,6 +336,50 @@ const internalCertificate = {
 			});
 	},
 
+		/**
+	 * @param   {Object}  data
+	 * @param   {Number}  data.id
+	 * @returns {Promise}
+	 */
+		 download: (data) => {
+			const downloadName = "npm-" + data.id + "-" + `${Date.now()}.zip`;
+			const opName = '/tmp/' + downloadName;
+			const zipDirectory = "/etc/letsencrypt/live/npm-" + data.id
+	
+			return new Promise((resolve, reject) => {
+				internalCertificate.zipDirectory(zipDirectory, opName)
+					.then(() => {
+						logger.debug("zip completed : ", opName)
+						const resp = {
+							fileName: opName
+						}
+						resolve(resp)
+					}).catch(err => {
+						reject(err)
+					})
+			});
+		},
+	
+		/**
+		 * @param {String} source
+		 * @param {String} out
+		 * @returns {Promise}
+		 */
+		zipDirectory(source, out) {
+			const archive = archiver('zip', { zlib: { level: 9 } });
+			const stream = fs.createWriteStream(out);
+	
+			return new Promise((resolve, reject) => {
+				archive
+					.directory(source, false)
+					.on('error', err => reject(err))
+					.pipe(stream);
+	
+				stream.on('close', () => resolve());
+				archive.finalize();
+			});
+		},
+	
 	/**
 	 * @param {Access}  access
 	 * @param {Object}  data
diff --git a/backend/package.json b/backend/package.json
index 2130c7b8..7d62b83b 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -5,6 +5,7 @@
 	"main": "js/index.js",
 	"dependencies": {
 		"ajv": "^6.12.0",
+		"archiver": "^5.3.0",
 		"batchflow": "^0.4.0",
 		"bcrypt": "^5.0.0",
 		"body-parser": "^1.19.0",
diff --git a/backend/routes/api/nginx/certificates.js b/backend/routes/api/nginx/certificates.js
index 553a0bba..e0824865 100644
--- a/backend/routes/api/nginx/certificates.js
+++ b/backend/routes/api/nginx/certificates.js
@@ -209,6 +209,35 @@ router
 			.catch(next);
 	});
 
+
+/**
+ * Download LE Certs
+ *
+ * /api/nginx/certificates/123/download
+ */
+router
+	.route('/:certificate_id/download')
+	.options((req, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+
+	/**
+	 * POST /api/nginx/certificates/123/download
+	 *
+	 * Renew certificate
+	 */
+	.get((req, res, next) => {
+		internalCertificate.download({
+			id: parseInt(req.params.certificate_id, 10)
+		})
+			.then((result) => {
+				res.status(200)
+					.download(result.fileName);
+			})
+			.catch(next);
+	});
+
 /**
  * Validate Certs before saving
  *