package internal import ( "bytes" "encoding/json" "errors" "fmt" "io" "net/http" "net/url" "time" ) const defaultBaseURL = "https://api.hyperone.com/v2" const defaultLocationID = "pl-waw-1" type signer interface { GetJWT() (string, error) } // Client the HyperOne client. type Client struct { HTTPClient *http.Client apiEndpoint *url.URL passport *Passport signer signer } // NewClient Creates a new HyperOne client. func NewClient(apiEndpoint, locationID string, passport *Passport) (*Client, error) { if passport == nil { return nil, errors.New("the passport is missing") } projectID, err := passport.ExtractProjectID() if err != nil { return nil, err } if apiEndpoint == "" { apiEndpoint = defaultBaseURL } baseURL, err := url.Parse(apiEndpoint) if err != nil { return nil, err } tokenSigner := &TokenSigner{ PrivateKey: passport.PrivateKey, KeyID: passport.CertificateID, Audience: apiEndpoint, Issuer: passport.Issuer, Subject: passport.SubjectID, } if locationID == "" { locationID = defaultLocationID } client := &Client{ HTTPClient: &http.Client{Timeout: 5 * time.Second}, apiEndpoint: baseURL.JoinPath("dns", locationID, "project", projectID), passport: passport, signer: tokenSigner, } return client, nil } // FindRecordset looks for recordset with given recordType and name and returns it. // In case if recordset is not found returns nil. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_list func (c *Client) FindRecordset(zoneID, recordType, name string) (*Recordset, error) { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset") req, err := c.createRequest(http.MethodGet, endpoint.String(), nil) if err != nil { return nil, err } var recordSets []Recordset err = c.do(req, &recordSets) if err != nil { return nil, fmt.Errorf("failed to get recordsets from server: %w", err) } for _, v := range recordSets { if v.RecordType == recordType && v.Name == name { return &v, nil } } // when recordset is not present returns nil, but error is not thrown return nil, nil } // CreateRecordset creates recordset and record with given value within one request. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_create func (c *Client) CreateRecordset(zoneID, recordType, name, recordValue string, ttl int) (*Recordset, error) { recordsetInput := Recordset{ RecordType: recordType, Name: name, TTL: ttl, Record: &Record{Content: recordValue}, } requestBody, err := json.Marshal(recordsetInput) if err != nil { return nil, fmt.Errorf("failed to marshal recordset: %w", err) } // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset") req, err := c.createRequest(http.MethodPost, endpoint.String(), bytes.NewBuffer(requestBody)) if err != nil { return nil, err } var recordsetResponse Recordset err = c.do(req, &recordsetResponse) if err != nil { return nil, fmt.Errorf("failed to create recordset: %w", err) } return &recordsetResponse, nil } // DeleteRecordset deletes a recordset. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_delete func (c *Client) DeleteRecordset(zoneID string, recordsetID string) error { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset/{recordsetId} endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset", recordsetID) req, err := c.createRequest(http.MethodDelete, endpoint.String(), nil) if err != nil { return err } return c.do(req, nil) } // GetRecords gets all records within specified recordset. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_record_list func (c *Client) GetRecords(zoneID string, recordsetID string) ([]Record, error) { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset/{recordsetId}/record endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset", recordsetID, "record") req, err := c.createRequest(http.MethodGet, endpoint.String(), nil) if err != nil { return nil, err } var records []Record err = c.do(req, &records) if err != nil { return nil, fmt.Errorf("failed to get records from server: %w", err) } return records, err } // CreateRecord creates a record. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_record_create func (c *Client) CreateRecord(zoneID, recordsetID, recordContent string) (*Record, error) { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset/{recordsetId}/record endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset", recordsetID, "record") requestBody, err := json.Marshal(Record{Content: recordContent}) if err != nil { return nil, fmt.Errorf("failed to marshal record: %w", err) } req, err := c.createRequest(http.MethodPost, endpoint.String(), bytes.NewBuffer(requestBody)) if err != nil { return nil, err } var recordResponse Record err = c.do(req, &recordResponse) if err != nil { return nil, fmt.Errorf("failed to set record: %w", err) } return &recordResponse, nil } // DeleteRecord deletes a record. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_recordset_record_delete func (c *Client) DeleteRecord(zoneID, recordsetID, recordID string) error { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone/{zoneId}/recordset/{recordsetId}/record/{recordId} endpoint := c.apiEndpoint.JoinPath("zone", zoneID, "recordset", recordsetID, "record", recordID) req, err := c.createRequest(http.MethodDelete, endpoint.String(), nil) if err != nil { return err } return c.do(req, nil) } // FindZone looks for DNS Zone and returns nil if it does not exist. func (c *Client) FindZone(name string) (*Zone, error) { zones, err := c.GetZones() if err != nil { return nil, err } for _, zone := range zones { if zone.DNSName == name { return &zone, nil } } return nil, fmt.Errorf("failed to find zone for %s", name) } // GetZones gets all user's zones. // https://api.hyperone.com/v2/docs#operation/dns_project_zone_list func (c *Client) GetZones() ([]Zone, error) { // https://api.hyperone.com/v2/dns/{locationId}/project/{projectId}/zone endpoint := c.apiEndpoint.JoinPath("zone") req, err := c.createRequest(http.MethodGet, endpoint.String(), nil) if err != nil { return nil, err } var zones []Zone err = c.do(req, &zones) if err != nil { return nil, fmt.Errorf("failed to fetch available zones: %w", err) } return zones, nil } func (c *Client) createRequest(method, endpoint string, body io.Reader) (*http.Request, error) { req, err := http.NewRequest(method, endpoint, body) if err != nil { return nil, err } jwt, err := c.signer.GetJWT() if err != nil { return nil, fmt.Errorf("failed to sign the request: %w", err) } req.Header.Set("Authorization", "Bearer "+jwt) req.Header.Set("Content-Type", "application/json") return req, nil } func (c *Client) do(req *http.Request, v interface{}) error { resp, err := c.HTTPClient.Do(req) if err != nil { return err } defer func() { _ = resp.Body.Close() }() err = checkResponse(resp) if err != nil { return err } if v == nil { return nil } raw, err := io.ReadAll(resp.Body) if err != nil { return fmt.Errorf("failed to read body: %w", err) } if err = json.Unmarshal(raw, v); err != nil { return fmt.Errorf("unmarshaling %T error: %w: %s", v, err, string(raw)) } return nil } func checkResponse(resp *http.Response) error { if resp.StatusCode/100 == 2 { return nil } var msg string if resp.StatusCode == http.StatusForbidden { msg = "forbidden: check if service account you are trying to use has permissions required for managing DNS" } else { msg = fmt.Sprintf("%d: unknown error", resp.StatusCode) } // add response body to error message if not empty responseBody, _ := io.ReadAll(resp.Body) if len(responseBody) > 0 { msg = fmt.Sprintf("%s: %s", msg, string(responseBody)) } return errors.New(msg) }