lego/providers/dns/websupport/internal/client.go
2024-09-16 19:04:08 +02:00

239 lines
5.4 KiB
Go

package internal
import (
"bytes"
"context"
"crypto/hmac"
"crypto/sha1"
"encoding/hex"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/url"
"strconv"
"time"
"github.com/go-acme/lego/v4/providers/dns/internal/errutils"
)
const defaultBaseURL = "https://rest.websupport.sk"
// StatusSuccess expected status text when success.
const StatusSuccess = "success"
// Client a Websupport DNS API client.
type Client struct {
apiKey string
secretKey string
baseURL *url.URL
HTTPClient *http.Client
}
// NewClient creates a new Client.
func NewClient(apiKey, secretKey string) (*Client, error) {
if apiKey == "" || secretKey == "" {
return nil, errors.New("credentials missing")
}
baseURL, _ := url.Parse(defaultBaseURL)
return &Client{
apiKey: apiKey,
secretKey: secretKey,
baseURL: baseURL,
HTTPClient: &http.Client{Timeout: 10 * time.Second},
}, nil
}
// GetUser gets a user detail.
// https://rest.websupport.sk/docs/v1.user#user
func (c *Client) GetUser(ctx context.Context, userID string) (*User, error) {
endpoint := c.baseURL.JoinPath("v1", "user", userID)
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
if err != nil {
return nil, fmt.Errorf("request payload: %w", err)
}
result := &User{}
err = c.do(req, result)
if err != nil {
return nil, err
}
return result, nil
}
// ListRecords lists all records.
// https://rest.websupport.sk/docs/v1.zone#records
func (c *Client) ListRecords(ctx context.Context, domainName string) (*ListResponse, error) {
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record")
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
if err != nil {
return nil, fmt.Errorf("request payload: %w", err)
}
result := &ListResponse{}
err = c.do(req, result)
if err != nil {
return nil, err
}
return result, nil
}
// GetRecords gets a DNS record.
func (c *Client) GetRecords(ctx context.Context, domainName string, recordID int) (*Record, error) {
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record", strconv.Itoa(recordID))
req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil)
if err != nil {
return nil, err
}
result := &Record{}
err = c.do(req, result)
if err != nil {
return nil, err
}
return result, nil
}
// AddRecord adds a DNS record.
// https://rest.websupport.sk/docs/v1.zone#post-record
func (c *Client) AddRecord(ctx context.Context, domainName string, record Record) (*Response, error) {
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record")
req, err := newJSONRequest(ctx, http.MethodPost, endpoint, record)
if err != nil {
return nil, fmt.Errorf("create request: %w", err)
}
result := &Response{}
err = c.do(req, result)
if err != nil {
return nil, err
}
return result, nil
}
// DeleteRecord deletes a DNS record.
// https://rest.websupport.sk/docs/v1.zone#delete-record
func (c *Client) DeleteRecord(ctx context.Context, domainName string, recordID int) (*Response, error) {
endpoint := c.baseURL.JoinPath("v1", "user", "self", "zone", domainName, "record", strconv.Itoa(recordID))
req, err := newJSONRequest(ctx, http.MethodDelete, endpoint, nil)
if err != nil {
return nil, fmt.Errorf("create request: %w", err)
}
result := &Response{}
err = c.do(req, result)
if err != nil {
return nil, err
}
return result, nil
}
func (c *Client) do(req *http.Request, result any) error {
req.Header.Set("Accept-Language", "en_us")
err := c.sign(req, time.Now().UTC())
if err != nil {
return fmt.Errorf("signature: %w", err)
}
resp, err := c.HTTPClient.Do(req)
if err != nil {
return errutils.NewHTTPDoError(req, err)
}
defer func() { _ = resp.Body.Close() }()
if resp.StatusCode > http.StatusBadRequest {
return parseError(req, resp)
}
raw, err := io.ReadAll(resp.Body)
if err != nil {
return errutils.NewReadResponseError(req, resp.StatusCode, err)
}
err = json.Unmarshal(raw, result)
if err != nil {
return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
}
return nil
}
func (c *Client) sign(req *http.Request, now time.Time) error {
if req.URL.Path == "" {
req.URL.Path += "/"
}
canonicalRequest := fmt.Sprintf("%s %s %d", req.Method, req.URL.Path, now.Unix())
mac := hmac.New(sha1.New, []byte(c.secretKey))
_, err := mac.Write([]byte(canonicalRequest))
if err != nil {
return err
}
hashed := mac.Sum(nil)
signature := hex.EncodeToString(hashed)
req.SetBasicAuth(c.apiKey, signature)
req.Header.Set("Date", now.Format(time.RFC3339))
return nil
}
func newJSONRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) {
buf := new(bytes.Buffer)
if payload != nil {
err := json.NewEncoder(buf).Encode(payload)
if err != nil {
return nil, fmt.Errorf("failed to create request JSON body: %w", err)
}
}
req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)
if err != nil {
return nil, fmt.Errorf("unable to create request: %w", err)
}
req.Header.Set("Accept", "application/json")
if payload != nil {
req.Header.Set("Content-Type", "application/json")
}
return req, nil
}
func parseError(req *http.Request, resp *http.Response) error {
raw, _ := io.ReadAll(resp.Body)
var errAPI APIError
err := json.Unmarshal(raw, &errAPI)
if err != nil {
return errutils.NewUnexpectedStatusCodeError(req, resp.StatusCode, raw)
}
return &errAPI
}