mirror of
https://github.com/go-acme/lego.git
synced 2024-12-23 09:15:11 +02:00
222 lines
5.2 KiB
Go
222 lines
5.2 KiB
Go
package internal
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/go-acme/lego/v4/providers/dns/internal/errutils"
|
|
)
|
|
|
|
type Client struct {
|
|
username string
|
|
password string
|
|
domainName string
|
|
projectName string
|
|
|
|
IdentityEndpoint string
|
|
token string
|
|
muToken sync.Mutex
|
|
|
|
baseURL *url.URL
|
|
muBaseURL sync.Mutex
|
|
|
|
HTTPClient *http.Client
|
|
}
|
|
|
|
func NewClient(username string, password string, domainName string, projectName string) *Client {
|
|
return &Client{
|
|
username: username,
|
|
password: password,
|
|
domainName: domainName,
|
|
projectName: projectName,
|
|
IdentityEndpoint: DefaultIdentityEndpoint,
|
|
HTTPClient: &http.Client{Timeout: 5 * time.Second},
|
|
}
|
|
}
|
|
|
|
func (c *Client) GetZoneID(ctx context.Context, zone string) (string, error) {
|
|
zonesResp, err := c.getZones(ctx, zone)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if len(zonesResp.Zones) < 1 {
|
|
return "", fmt.Errorf("zone %s not found", zone)
|
|
}
|
|
|
|
for _, z := range zonesResp.Zones {
|
|
if z.Name == zone {
|
|
return z.ID, nil
|
|
}
|
|
}
|
|
|
|
return "", fmt.Errorf("zone %s not found", zone)
|
|
}
|
|
|
|
// https://docs.otc.t-systems.com/domain-name-service/api-ref/apis/public_zone_management/querying_public_zones.html
|
|
func (c *Client) getZones(ctx context.Context, zone string) (*ZonesResponse, error) {
|
|
c.muBaseURL.Lock()
|
|
endpoint := c.baseURL.JoinPath("zones")
|
|
c.muBaseURL.Unlock()
|
|
|
|
query := endpoint.Query()
|
|
query.Set("name", zone)
|
|
endpoint.RawQuery = query.Encode()
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var zones ZonesResponse
|
|
err = c.do(req, &zones)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &zones, nil
|
|
}
|
|
|
|
func (c *Client) GetRecordSetID(ctx context.Context, zoneID, fqdn string) (string, error) {
|
|
recordSetsRes, err := c.getRecordSet(ctx, zoneID, fqdn)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if len(recordSetsRes.RecordSets) < 1 {
|
|
return "", errors.New("record not found")
|
|
}
|
|
|
|
if len(recordSetsRes.RecordSets) > 1 {
|
|
return "", errors.New("to many records found")
|
|
}
|
|
|
|
if recordSetsRes.RecordSets[0].ID == "" {
|
|
return "", errors.New("id not found")
|
|
}
|
|
|
|
return recordSetsRes.RecordSets[0].ID, nil
|
|
}
|
|
|
|
// https://docs.otc.t-systems.com/domain-name-service/api-ref/apis/record_set_management/querying_all_record_sets.html
|
|
func (c *Client) getRecordSet(ctx context.Context, zoneID, fqdn string) (*RecordSetsResponse, error) {
|
|
c.muBaseURL.Lock()
|
|
endpoint := c.baseURL.JoinPath("zones", zoneID, "recordsets")
|
|
c.muBaseURL.Unlock()
|
|
|
|
query := endpoint.Query()
|
|
query.Set("type", "TXT")
|
|
query.Set("name", fqdn)
|
|
endpoint.RawQuery = query.Encode()
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var recordSetsRes RecordSetsResponse
|
|
err = c.do(req, &recordSetsRes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &recordSetsRes, nil
|
|
}
|
|
|
|
// CreateRecordSet creates a record.
|
|
// https://docs.otc.t-systems.com/domain-name-service/api-ref/apis/record_set_management/creating_a_record_set.html
|
|
func (c *Client) CreateRecordSet(ctx context.Context, zoneID string, record RecordSets) error {
|
|
c.muBaseURL.Lock()
|
|
endpoint := c.baseURL.JoinPath("zones", zoneID, "recordsets")
|
|
c.muBaseURL.Unlock()
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodPost, endpoint, record)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return c.do(req, nil)
|
|
}
|
|
|
|
// DeleteRecordSet delete a record set.
|
|
// https://docs.otc.t-systems.com/domain-name-service/api-ref/apis/record_set_management/deleting_a_record_set.html
|
|
func (c *Client) DeleteRecordSet(ctx context.Context, zoneID, recordID string) error {
|
|
c.muBaseURL.Lock()
|
|
endpoint := c.baseURL.JoinPath("zones", zoneID, "recordsets", recordID)
|
|
c.muBaseURL.Unlock()
|
|
|
|
req, err := newJSONRequest(ctx, http.MethodDelete, endpoint, nil)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return c.do(req, nil)
|
|
}
|
|
|
|
func (c *Client) do(req *http.Request, result any) error {
|
|
c.muToken.Lock()
|
|
if c.token != "" {
|
|
req.Header.Set("X-Auth-Token", c.token)
|
|
}
|
|
c.muToken.Unlock()
|
|
|
|
resp, err := c.HTTPClient.Do(req)
|
|
if err != nil {
|
|
return errutils.NewHTTPDoError(req, err)
|
|
}
|
|
|
|
defer func() { _ = resp.Body.Close() }()
|
|
|
|
if resp.StatusCode >= http.StatusBadRequest {
|
|
return errutils.NewUnexpectedResponseStatusCodeError(req, resp)
|
|
}
|
|
|
|
if result == nil {
|
|
return nil
|
|
}
|
|
|
|
raw, err := io.ReadAll(resp.Body)
|
|
if err != nil {
|
|
return errutils.NewReadResponseError(req, resp.StatusCode, err)
|
|
}
|
|
|
|
err = json.Unmarshal(raw, result)
|
|
if err != nil {
|
|
return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func newJSONRequest[T string | *url.URL](ctx context.Context, method string, endpoint T, payload interface{}) (*http.Request, error) {
|
|
buf := new(bytes.Buffer)
|
|
|
|
if payload != nil {
|
|
err := json.NewEncoder(buf).Encode(payload)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create request JSON body: %w", err)
|
|
}
|
|
}
|
|
|
|
req, err := http.NewRequestWithContext(ctx, method, fmt.Sprintf("%s", endpoint), buf)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("unable to create request: %w", err)
|
|
}
|
|
|
|
req.Header.Set("Accept", "application/json")
|
|
|
|
if payload != nil {
|
|
req.Header.Set("Content-Type", "application/json")
|
|
}
|
|
|
|
return req, nil
|
|
}
|