[mirror_acme.sh.git] / dnsapi / dns_curanet.sh

#!/usr/bin/env sh

#Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management.
#Requires api credentials with scope: dns
#Author: Peter L. Hansen <peter@r12.dk>
#Version 1.0

CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains"
CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token"
CURANET_ACCESS_TOKEN=""

########  Public functions #####################

#Usage: dns_curanet_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_curanet_add() {
  fulldomain=$1
  txtvalue=$2
  _info "Using curanet"
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"

  CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
  if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then
    CURANET_AUTHCLIENTID=""
    CURANET_AUTHSECRET=""
    _err "You don't specify curanet api client and secret."
    _err "Please create your auth info and try again."
    return 1
  fi

  #save the credentials to the account conf file.
  _saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID"
  _saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET"

  if ! _get_token; then
    _err "Unable to get token"
    return 1
  fi

  if ! _get_root "$fulldomain"; then
    _err "Invalid domain"
    return 1
  fi

  export _H1="Content-Type: application/json-patch+json"
  export _H2="Accept: application/json"
  export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}"
  response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")"

  if _contains "$response" "$txtvalue"; then
    _debug "TXT record added OK"
  else
    _err "Unable to add TXT record"
    return 1
  fi

  return 0
}

#Usage: fulldomain txtvalue
#Remove the txt record after validation.
dns_curanet_rm() {
  fulldomain=$1
  txtvalue=$2
  _info "Using curanet"
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"

  CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"

  if ! _get_token; then
    _err "Unable to get token"
    return 1
  fi

  if ! _get_root "$fulldomain"; then
    _err "Invalid domain"
    return 1
  fi

  _debug "Getting current record list to identify TXT to delete"

  export _H1="Content-Type: application/json"
  export _H2="Accept: application/json"
  export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"

  response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")"

  if ! _contains "$response" "$txtvalue"; then
    _err "Unable to delete record (does not contain $txtvalue )"
    return 1
  fi

  recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | _egrep_o "id\":[0-9]+" | cut -c 5-)

  if [ -z "$recordid" ]; then
    _err "Unable to get recordid"
    _debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue"
    _debug "response $response"
    return 1
  fi

  _debug "Deleting recordID $recordid"
  response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")"
  return 0
}

####################  Private functions below ##################################

_get_token() {
  response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")"
  if ! _contains "$response" "access_token"; then
    _err "Unable get access token"
    return 1
  fi
  CURANET_ACCESS_TOKEN=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]+" | cut -c 17-)

  if [ -z "$CURANET_ACCESS_TOKEN" ]; then
    _err "Unable to get token"
    return 1
  fi

  return 0

}

#_acme-challenge.www.domain.com
#returns
# _domain=domain.com
# _domain_id=sdjkglgdfewsdfg
_get_root() {
  domain=$1
  i=1

  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    _debug h "$h"
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi

    export _H1="Content-Type: application/json"
    export _H2="Accept: application/json"
    export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
    response="$(_get "$CURANET_REST_URL/$h/Records" "" "")"

    if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then
      _domain=$h
      return 0
    fi

    i=$(_math "$i" + 1)
  done
  return 1
}
Commit	Line	Data
38a19fa5	1	#!/usr/bin/env sh
	2
	3	#Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management.
dc61c9e2	4	#Requires api credentials with scope: dns
38a19fa5	5	#Author: Peter L. Hansen <peter@r12.dk>
2c0cc87b	6	#Version 1.0
38a19fa5	7
	8	CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains"
	9	CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token"
	10	CURANET_ACCESS_TOKEN=""
	11
	12	######## Public functions #####################
	13
	14	#Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
	15	dns_curanet_add() {
	16	fulldomain=$1
	17	txtvalue=$2
	18	_info "Using curanet"
	19	_debug fulldomain "$fulldomain"
	20	_debug txtvalue "$txtvalue"
	21
	22	CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
	23	CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
	24	if [ -z "$CURANET_AUTHCLIENTID" ] \|\| [ -z "$CURANET_AUTHSECRET" ]; then
	25	CURANET_AUTHCLIENTID=""
	26	CURANET_AUTHSECRET=""
	27	_err "You don't specify curanet api client and secret."
	28	_err "Please create your auth info and try again."
	29	return 1
	30	fi
	31
	32	#save the credentials to the account conf file.
	33	_saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID"
	34	_saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET"
	35
aaae83ef	36	if ! _get_token; then
	37	_err "Unable to get token"
	38	return 1
	39	fi
38a19fa5	40
aaae83ef	41	if ! _get_root "$fulldomain"; then
	42	_err "Invalid domain"
	43	return 1
	44	fi
af5c36e4	45
38a19fa5	46	export _H1="Content-Type: application/json-patch+json"
	47	export _H2="Accept: application/json"
	48	export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
	49	data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}"
	50	response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")"
	51
	52	if _contains "$response" "$txtvalue"; then
af5c36e4	53	_debug "TXT record added OK"
38a19fa5	54	else
	55	_err "Unable to add TXT record"
	56	return 1
	57	fi
	58
	59	return 0
	60	}
	61
	62	#Usage: fulldomain txtvalue
	63	#Remove the txt record after validation.
	64	dns_curanet_rm() {
	65	fulldomain=$1
	66	txtvalue=$2
	67	_info "Using curanet"
	68	_debug fulldomain "$fulldomain"
	69	_debug txtvalue "$txtvalue"
af5c36e4	70
38a19fa5	71	CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
	72	CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
	73
aaae83ef	74	if ! _get_token; then
	75	_err "Unable to get token"
	76	return 1
	77	fi
38a19fa5	78
aaae83ef	79	if ! _get_root "$fulldomain"; then
	80	_err "Invalid domain"
	81	return 1
	82	fi
af5c36e4	83
38a19fa5	84	_debug "Getting current record list to identify TXT to delete"
	85
	86	export _H1="Content-Type: application/json"
	87	export _H2="Accept: application/json"
	88	export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
	89
	90	response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")"
	91
	92	if ! _contains "$response" "$txtvalue"; then
	93	_err "Unable to delete record (does not contain $txtvalue )"
	94	return 1
	95	fi
	96
0c9a6da6	97	recordid=$(echo "$response" \| _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" \| _egrep_o "id\":[0-9]+" \| cut -c 5-)
9a677534	98
	99	if [ -z "$recordid" ]; then
	100	_err "Unable to get recordid"
	101	_debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue"
	102	_debug "response $response"
	103	return 1
	104	fi
	105
38a19fa5	106	_debug "Deleting recordID $recordid"
38a19fa5	107	response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")"
ee0fadf2	108	return 0
38a19fa5	109	}
	110
	111	#################### Private functions below ##################################
	112
aaae83ef	113	_get_token() {
a2bb6a4f	114	response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")"
a2bb6a4f	115	if ! _contains "$response" "access_token"; then
	116	_err "Unable get access token"
	117	return 1
	118	fi
fac4e151	119	CURANET_ACCESS_TOKEN=$(echo "$response" \| _egrep_o "\"access_token\":\"[^\"]+" \| cut -c 17-)
aaae83ef	120
	121	if [ -z "$CURANET_ACCESS_TOKEN" ]; then
	122	_err "Unable to get token"
	123	return 1
	124	fi
	125
af08d67f	126	return 0
a2901d61	127
38a19fa5	128	}
38a19fa5	129
38a19fa5	130	#_acme-challenge.www.domain.com
38a19fa5	131	#returns
38a19fa5	132	# _domain=domain.com
	133	# _domain_id=sdjkglgdfewsdfg
	134	_get_root() {
	135	domain=$1
	136	i=1
38a19fa5	137
	138	while true; do
	139	h=$(printf "%s" "$domain" \| cut -d . -f $i-100)
	140	_debug h "$h"
	141	if [ -z "$h" ]; then
	142	#not valid
	143	return 1
	144	fi
	145
	146	export _H1="Content-Type: application/json"
	147	export _H2="Accept: application/json"
	148	export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
	149	response="$(_get "$CURANET_REST_URL/$h/Records" "" "")"
	150
	151	if [ ! "$(echo "$response" \| _egrep_o "Entity not found")" ]; then
38a19fa5	152	_domain=$h
	153	return 0
	154	fi
af5c36e4	155
38a19fa5	156	i=$(_math "$i" + 1)
	157	done
	158	return 1
ee0fadf2	159	}