lego/providers/dns/cloudxns/internal/client.go

package internal

import (
	"bytes"
	"context"
	"crypto/md5"
	"encoding/hex"
	"encoding/json"
	"errors"
	"fmt"
	"io"
	"net/http"
	"net/url"
	"strconv"
	"time"

	"github.com/go-acme/lego/v4/challenge/dns01"
	"github.com/go-acme/lego/v4/providers/dns/internal/errutils"
)

const defaultBaseURL = "https://www.cloudxns.net/api2/"

// Client CloudXNS client.
type Client struct {
	apiKey    string
	secretKey string

	baseURL    *url.URL
	HTTPClient *http.Client
}

// NewClient creates a CloudXNS client.
func NewClient(apiKey, secretKey string) (*Client, error) {
	if apiKey == "" {
		return nil, errors.New("credentials missing: apiKey")
	}

	if secretKey == "" {
		return nil, errors.New("credentials missing: secretKey")
	}

	baseURL, _ := url.Parse(defaultBaseURL)

	return &Client{
		apiKey:     apiKey,
		secretKey:  secretKey,
		baseURL:    baseURL,
		HTTPClient: &http.Client{Timeout: 10 * time.Second},
	}, nil
}

// GetDomainInformation Get domain name information for a FQDN.
func (c *Client) GetDomainInformation(ctx context.Context, fqdn string) (*Data, error) {
	endpoint := c.baseURL.JoinPath("domain")

	req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil)
	if err != nil {
		return nil, err
	}

	authZone, err := dns01.FindZoneByFqdn(fqdn)
	if err != nil {
		return nil, fmt.Errorf("could not find zone: %w", err)
	}

	var domains []Data
	err = c.do(req, &domains)
	if err != nil {
		return nil, err
	}

	for _, data := range domains {
		if data.Domain == authZone {
			return &data, nil
		}
	}

	return nil, fmt.Errorf("zone %s not found for domain %s", authZone, fqdn)
}

// FindTxtRecord return the TXT record a zone ID and a FQDN.
func (c *Client) FindTxtRecord(ctx context.Context, zoneID, fqdn string) (*TXTRecord, error) {
	endpoint := c.baseURL.JoinPath("record", zoneID)

	query := endpoint.Query()
	query.Set("host_id", "0")
	query.Set("offset", "0")
	query.Set("row_num", "2000")
	endpoint.RawQuery = query.Encode()

	req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil)
	if err != nil {
		return nil, err
	}

	var records []TXTRecord
	err = c.do(req, &records)
	if err != nil {
		return nil, err
	}

	for _, record := range records {
		if record.Host == dns01.UnFqdn(fqdn) && record.Type == "TXT" {
			return &record, nil
		}
	}

	return nil, fmt.Errorf("no existing record found for %q", fqdn)
}

// AddTxtRecord add a TXT record.
func (c *Client) AddTxtRecord(ctx context.Context, info *Data, fqdn, value string, ttl int) error {
	id, err := strconv.Atoi(info.ID)
	if err != nil {
		return fmt.Errorf("invalid zone ID: %w", err)
	}

	endpoint := c.baseURL.JoinPath("record")

	subDomain, err := dns01.ExtractSubDomain(fqdn, info.Domain)
	if err != nil {
		return err
	}

	record := TXTRecord{
		ID:     id,
		Host:   subDomain,
		Value:  value,
		Type:   "TXT",
		LineID: 1,
		TTL:    ttl,
	}

	req, err := c.newRequest(ctx, http.MethodPost, endpoint, record)
	if err != nil {
		return err
	}

	return c.do(req, nil)
}

// RemoveTxtRecord remove a TXT record.
func (c *Client) RemoveTxtRecord(ctx context.Context, recordID, zoneID string) error {
	endpoint := c.baseURL.JoinPath("record", recordID, zoneID)

	req, err := c.newRequest(ctx, http.MethodDelete, endpoint, nil)
	if err != nil {
		return err
	}

	return c.do(req, nil)
}

func (c *Client) do(req *http.Request, result any) error {
	resp, err := c.HTTPClient.Do(req)
	if err != nil {
		return errutils.NewHTTPDoError(req, err)
	}

	defer func() { _ = resp.Body.Close() }()

	raw, err := io.ReadAll(resp.Body)
	if err != nil {
		return errutils.NewReadResponseError(req, resp.StatusCode, err)
	}

	var response apiResponse
	err = json.Unmarshal(raw, &response)
	if err != nil {
		return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
	}

	if response.Code != 1 {
		return fmt.Errorf("[status code %d] invalid code (%v) error: %s", resp.StatusCode, response.Code, response.Message)
	}

	if result == nil {
		return nil
	}

	if len(response.Data) == 0 {
		return nil
	}

	err = json.Unmarshal(response.Data, result)
	if err != nil {
		return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
	}

	return nil
}

func (c *Client) newRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) {
	buf := new(bytes.Buffer)

	if payload != nil {
		err := json.NewEncoder(buf).Encode(payload)
		if err != nil {
			return nil, fmt.Errorf("failed to create request JSON body: %w", err)
		}
	}

	req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)
	if err != nil {
		return nil, fmt.Errorf("unable to create request: %w", err)
	}

	requestDate := time.Now().Format(time.RFC1123Z)

	req.Header.Set("API-KEY", c.apiKey)
	req.Header.Set("API-REQUEST-DATE", requestDate)
	req.Header.Set("API-HMAC", c.hmac(endpoint.String(), requestDate, buf.String()))
	req.Header.Set("API-FORMAT", "json")

	return req, nil
}

func (c *Client) hmac(endpoint, date, body string) string {
	sum := md5.Sum([]byte(c.apiKey + endpoint + body + date + c.secretKey))
	return hex.EncodeToString(sum[:])
}
chore: migrate to new org. (#824) 2019-03-11 16:56:48 +00:00			`package internal`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00
			`import (`
			`"bytes"`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`"context"`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`"crypto/md5"`
			`"encoding/hex"`
			`"encoding/json"`
chore: wrap errors. (#1070) 2020-02-27 18:14:46 +00:00			`"errors"`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`"fmt"`
chore: update Go (#1469) 2021-08-25 09:44:11 +00:00			`"io"`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`"net/http"`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`"net/url"`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`"strconv"`
			`"time"`

feat: changes module version. 2020-09-02 01:20:01 +00:00			`"github.com/go-acme/lego/v4/challenge/dns01"`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`"github.com/go-acme/lego/v4/providers/dns/internal/errutils"`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`)`

			`const defaultBaseURL = "https://www.cloudxns.net/api2/"`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`// Client CloudXNS client.`
			`type Client struct {`
			`apiKey string`
			`secretKey string`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`baseURL *url.URL`
			`HTTPClient *http.Client`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: update linter. (#1145) 2020-05-08 17:35:25 +00:00			`// NewClient creates a CloudXNS client.`
chore: update linter. (#1214) 2020-07-09 23:48:18 +00:00			`func NewClient(apiKey, secretKey string) (*Client, error) {`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if apiKey == "" {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, errors.New("credentials missing: apiKey")`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

			`if secretKey == "" {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, errors.New("credentials missing: secretKey")`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`baseURL, _ := url.Parse(defaultBaseURL)`

CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`return &Client{`
			`apiKey: apiKey,`
			`secretKey: secretKey,`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`baseURL: baseURL,`
			`HTTPClient: &http.Client{Timeout: 10 * time.Second},`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}, nil`
			`}`

chore: update linter. (#1145) 2020-05-08 17:35:25 +00:00			`// GetDomainInformation Get domain name information for a FQDN.`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c Client) GetDomainInformation(ctx context.Context, fqdn string) (Data, error) {`
			`endpoint := c.baseURL.JoinPath("domain")`

			`req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
			`return nil, err`
			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`authZone, err := dns01.FindZoneByFqdn(fqdn)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
feat: improve errors and logs related to DNS call (#2109) 2024-02-11 13:37:09 +00:00			`return nil, fmt.Errorf("could not find zone: %w", err)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

			`var domains []Data`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`err = c.do(req, &domains)`
			`if err != nil {`
			`return nil, err`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

			`for _, data := range domains {`
			`if data.Domain == authZone {`
			`return &data, nil`
			`}`
			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, fmt.Errorf("zone %s not found for domain %s", authZone, fqdn)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: update linter. (#1145) 2020-05-08 17:35:25 +00:00			`// FindTxtRecord return the TXT record a zone ID and a FQDN.`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c Client) FindTxtRecord(ctx context.Context, zoneID, fqdn string) (TXTRecord, error) {`
			`endpoint := c.baseURL.JoinPath("record", zoneID)`

			`query := endpoint.Query()`
			`query.Set("host_id", "0")`
			`query.Set("offset", "0")`
			`query.Set("row_num", "2000")`
			`endpoint.RawQuery = query.Encode()`

			`req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`var records []TXTRecord`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`err = c.do(req, &records)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, err`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

			`for _, record := range records {`
Refactor the core of the lib (#700) - Packages - Isolate code used by the CLI into the package `cmd` - (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) - Support non-ascii domain name (punnycode) - Check all challenges in a predictable order - No more global exported variables - Archive revoked certificates - Fixes revocation for subdomains and non-ascii domains - Disable pending authorizations - use pointer for RemoteError/ProblemDetails - Poll authz URL instead of challenge URL - The ability for a DNS provider to solve the challenge sequentially - Check all nameservers in a predictable order - Option to disable the complete propagation Requirement - CLI, support for renew with CSR - CLI, add SAN on renew - Add command to list certificates. - Logs every iteration of waiting for the propagation - update DNSimple client - update github.com/miekg/dns 2018-12-06 21:50:17 +00:00			`if record.Host == dns01.UnFqdn(fqdn) && record.Type == "TXT" {`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`return &record, nil`
			`}`
			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, fmt.Errorf("no existing record found for %q", fqdn)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: update linter. (#1145) 2020-05-08 17:35:25 +00:00			`// AddTxtRecord add a TXT record.`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c Client) AddTxtRecord(ctx context.Context, info Data, fqdn, value string, ttl int) error {`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`id, err := strconv.Atoi(info.ID)`
			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return fmt.Errorf("invalid zone ID: %w", err)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`endpoint := c.baseURL.JoinPath("record")`

fix: return an error when extracting record name (#1778) 2022-12-04 15:11:27 +00:00			`subDomain, err := dns01.ExtractSubDomain(fqdn, info.Domain)`
			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return err`
fix: return an error when extracting record name (#1778) 2022-12-04 15:11:27 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`record := TXTRecord{`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`ID: id,`
fix: return an error when extracting record name (#1778) 2022-12-04 15:11:27 +00:00			`Host: subDomain,`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`Value: value,`
			`Type: "TXT",`
			`LineID: 1,`
			`TTL: ttl,`
			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`req, err := c.newRequest(ctx, http.MethodPost, endpoint, record)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return err`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return c.do(req, nil)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: update linter. (#1145) 2020-05-08 17:35:25 +00:00			`// RemoveTxtRecord remove a TXT record.`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c *Client) RemoveTxtRecord(ctx context.Context, recordID, zoneID string) error {`
			`endpoint := c.baseURL.JoinPath("record", recordID, zoneID)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`req, err := c.newRequest(ctx, http.MethodDelete, endpoint, nil)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return err`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return c.do(req, nil)`
			`}`

			`func (c Client) do(req http.Request, result any) error {`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`resp, err := c.HTTPClient.Do(req)`
			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return errutils.NewHTTPDoError(req, err)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`defer func() { _ = resp.Body.Close() }()`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`raw, err := io.ReadAll(resp.Body)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return errutils.NewReadResponseError(req, resp.StatusCode, err)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`var response apiResponse`
			`err = json.Unmarshal(raw, &response)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)`
			`}`

			`if response.Code != 1 {`
			`return fmt.Errorf("[status code %d] invalid code (%v) error: %s", resp.StatusCode, response.Code, response.Message)`
			`}`

			`if result == nil {`
			`return nil`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`if len(response.Data) == 0 {`
			`return nil`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00
			`err = json.Unmarshal(response.Data, result)`
			`if err != nil {`
			`return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)`
			`}`

			`return nil`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c Client) newRequest(ctx context.Context, method string, endpoint url.URL, payload any) (*http.Request, error) {`
			`buf := new(bytes.Buffer)`

			`if payload != nil {`
			`err := json.NewEncoder(buf).Encode(payload)`
			`if err != nil {`
			`return nil, fmt.Errorf("failed to create request JSON body: %w", err)`
			`}`
			`}`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`if err != nil {`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`return nil, fmt.Errorf("unable to create request: %w", err)`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`}`

			`requestDate := time.Now().Format(time.RFC1123Z)`

			`req.Header.Set("API-KEY", c.apiKey)`
			`req.Header.Set("API-REQUEST-DATE", requestDate)`
chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`req.Header.Set("API-HMAC", c.hmac(endpoint.String(), requestDate, buf.String()))`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`req.Header.Set("API-FORMAT", "json")`

			`return req, nil`
			`}`

chore: refactor clients (#1868) 2023-05-05 07:49:38 +00:00			`func (c *Client) hmac(endpoint, date, body string) string {`
			`sum := md5.Sum([]byte(c.apiKey + endpoint + body + date + c.secretKey))`
CloudXNS: client isolation. (#629) 2018-09-15 17:26:45 +00:00			`return hex.EncodeToString(sum[:])`
			`}`