mirror of
https://github.com/go-acme/lego.git
synced 2024-12-23 17:21:50 +02:00
240 lines
5.4 KiB
Go
240 lines
5.4 KiB
Go
package internal
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"crypto/hmac"
|
|
"crypto/sha1"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/go-acme/lego/v4/providers/dns/internal/errutils"
|
|
)
|
|
|
|
const defaultBaseURL = "https://rest.websupport.sk"
|
|
|
|
// StatusSuccess expected status text when success.
|
|
const StatusSuccess = "success"
|
|
|
|
// Client a Websupport DNS API client.
|
|
type Client struct {
|
|
apiKey string
|
|
secretKey string
|
|
|
|
baseURL *url.URL
|
|
HTTPClient *http.Client
|
|
}
|
|
|
|
// NewClient creates a new Client.
|
|
func NewClient(apiKey, secretKey string) (*Client, error) {
|
|
if apiKey == "" || secretKey == "" {
|
|
return nil, errors.New("credentials missing")
|
|
}
|
|
|
|
baseURL, _ := url.Parse(defaultBaseURL)
|
|
|
|
return &Client{
|
|
apiKey: apiKey,
|
|
secretKey: secretKey,
|
|
baseURL: baseURL,
|
|
HTTPClient: &http.Client{Timeout: 10 * time.Second},
|
|
}, nil
|
|
}
|
|
|
|
// GetUser gets a user detail.
|
|
// https://rest.websupport.sk/docs/v1.user#user
|
|
func (c *Client) GetUser(ctx context.Context, userID string) (*User, error) {
|
|
endpoint := c.baseURL.JoinPath("v1", "user", userID)
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("request payload: %w", err)
|
|
}
|
|
|
|
result := &User{}
|
|
|
|
err = c.do(req, result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// ListRecords lists all records.
|
|
// https://rest.websupport.sk/docs/v1.zone#records
|
|
func (c *Client) ListRecords(ctx context.Context, domainName string) (*ListResponse, error) {
|
|
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record")
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("request payload: %w", err)
|
|
}
|
|
|
|
result := &ListResponse{}
|
|
|
|
err = c.do(req, result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// GetRecords gets a DNS record.
|
|
func (c *Client) GetRecords(ctx context.Context, domainName string, recordID int) (*Record, error) {
|
|
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record", strconv.Itoa(recordID))
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
result := &Record{}
|
|
|
|
err = c.do(req, result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// AddRecord adds a DNS record.
|
|
// https://rest.websupport.sk/docs/v1.zone#post-record
|
|
func (c *Client) AddRecord(ctx context.Context, domainName string, record Record) (*Response, error) {
|
|
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record")
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodPost, endpoint, record)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("create request: %w", err)
|
|
}
|
|
|
|
result := &Response{}
|
|
|
|
err = c.do(req, result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// DeleteRecord deletes a DNS record.
|
|
// https://rest.websupport.sk/docs/v1.zone#delete-record
|
|
func (c *Client) DeleteRecord(ctx context.Context, domainName string, recordID int) (*Response, error) {
|
|
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record", strconv.Itoa(recordID))
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodDelete, endpoint, nil)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("create request: %w", err)
|
|
}
|
|
|
|
result := &Response{}
|
|
|
|
err = c.do(req, result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
func (c *Client) do(req *http.Request, result any) error {
|
|
req.Header.Set("Accept-Language", "en_us")
|
|
|
|
err := c.sign(req, time.Now().UTC())
|
|
if err != nil {
|
|
return fmt.Errorf("signature: %w", err)
|
|
}
|
|
|
|
resp, err := c.HTTPClient.Do(req)
|
|
if err != nil {
|
|
return errutils.NewHTTPDoError(req, err)
|
|
}
|
|
|
|
defer func() { _ = resp.Body.Close() }()
|
|
|
|
if resp.StatusCode > http.StatusBadRequest {
|
|
return parseError(req, resp)
|
|
}
|
|
|
|
raw, err := io.ReadAll(resp.Body)
|
|
if err != nil {
|
|
return errutils.NewReadResponseError(req, resp.StatusCode, err)
|
|
}
|
|
|
|
err = json.Unmarshal(raw, result)
|
|
if err != nil {
|
|
return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) sign(req *http.Request, now time.Time) error {
|
|
if req.URL.Path == "" {
|
|
req.URL.Path += "/"
|
|
}
|
|
|
|
canonicalRequest := fmt.Sprintf("%s %s %d", req.Method, req.URL.Path, now.Unix())
|
|
|
|
mac := hmac.New(sha1.New, []byte(c.secretKey))
|
|
_, err := mac.Write([]byte(canonicalRequest))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
hashed := mac.Sum(nil)
|
|
signature := hex.EncodeToString(hashed)
|
|
|
|
req.SetBasicAuth(c.apiKey, signature)
|
|
|
|
req.Header.Set("Date", now.Format(time.RFC3339))
|
|
|
|
return nil
|
|
}
|
|
|
|
func newJSONRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) {
|
|
buf := new(bytes.Buffer)
|
|
|
|
if payload != nil {
|
|
err := json.NewEncoder(buf).Encode(payload)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create request JSON body: %w", err)
|
|
}
|
|
}
|
|
|
|
req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("unable to create request: %w", err)
|
|
}
|
|
|
|
req.Header.Set("Accept", "application/json")
|
|
|
|
if payload != nil {
|
|
req.Header.Set("Content-Type", "application/json")
|
|
}
|
|
|
|
return req, nil
|
|
}
|
|
|
|
func parseError(req *http.Request, resp *http.Response) error {
|
|
raw, _ := io.ReadAll(resp.Body)
|
|
|
|
var errAPI APIError
|
|
err := json.Unmarshal(raw, &errAPI)
|
|
if err != nil {
|
|
return errutils.NewUnexpectedStatusCodeError(req, resp.StatusCode, raw)
|
|
}
|
|
|
|
return &errAPI
|
|
}
|