]>
Commit | Line | Data |
---|---|---|
5f944743 | 1 | #!/usr/bin/env sh |
2 | ||
3 | # | |
4 | #JD_ACCESS_KEY_ID="sdfsdfsdfljlbjkljlkjsdfoiwje" | |
5 | #JD_ACCESS_KEY_SECRET="xxxxxxx" | |
6 | #JD_REGION="cn-north-1" | |
7 | ||
8 | _JD_ACCOUNT="https://uc.jdcloud.com/account/accesskey" | |
9 | ||
10 | _JD_PROD="clouddnsservice" | |
11 | _JD_API="jdcloud-api.com" | |
12 | ||
13 | _JD_API_VERSION="v1" | |
14 | _JD_DEFAULT_REGION="cn-north-1" | |
15 | ||
16 | _JD_HOST="$_JD_PROD.$_JD_API" | |
17 | ||
18 | ######## Public functions ##################### | |
19 | ||
20 | #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
21 | dns_jd_add() { | |
22 | fulldomain=$1 | |
23 | txtvalue=$2 | |
24 | ||
25 | JD_ACCESS_KEY_ID="${JD_ACCESS_KEY_ID:-$(_readaccountconf_mutable JD_ACCESS_KEY_ID)}" | |
26 | JD_ACCESS_KEY_SECRET="${JD_ACCESS_KEY_SECRET:-$(_readaccountconf_mutable JD_ACCESS_KEY_SECRET)}" | |
27 | JD_REGION="${JD_REGION:-$(_readaccountconf_mutable JD_REGION)}" | |
28 | ||
29 | if [ -z "$JD_ACCESS_KEY_ID" ] || [ -z "$JD_ACCESS_KEY_SECRET" ]; then | |
30 | JD_ACCESS_KEY_ID="" | |
31 | JD_ACCESS_KEY_SECRET="" | |
32 | _err "You haven't specifed the jdcloud api key id or api key secret yet." | |
33 | _err "Please create your key and try again. see $(__green $_JD_ACCOUNT)" | |
34 | return 1 | |
35 | fi | |
36 | ||
37 | _saveaccountconf_mutable JD_ACCESS_KEY_ID "$JD_ACCESS_KEY_ID" | |
38 | _saveaccountconf_mutable JD_ACCESS_KEY_SECRET "$JD_ACCESS_KEY_SECRET" | |
39 | if [ -z "$JD_REGION" ]; then | |
40 | _debug "Using default region: $_JD_DEFAULT_REGION" | |
41 | JD_REGION="$_JD_DEFAULT_REGION" | |
42 | else | |
43 | _saveaccountconf_mutable JD_REGION "$JD_REGION" | |
44 | fi | |
45 | _JD_BASE_URI="$_JD_API_VERSION/regions/$JD_REGION" | |
46 | ||
47 | _debug "First detect the root zone" | |
48 | if ! _get_root "$fulldomain"; then | |
49 | _err "invalid domain" | |
50 | return 1 | |
51 | fi | |
52 | _debug _domain_id "$_domain_id" | |
53 | _debug _sub_domain "$_sub_domain" | |
54 | _debug _domain "$_domain" | |
55 | ||
56 | #_debug "Getting getViewTree" | |
57 | ||
58 | _debug "Adding records" | |
59 | ||
60 | _addrr="{\"req\":{\"hostRecord\":\"$_sub_domain\",\"hostValue\":\"$txtvalue\",\"ttl\":300,\"type\":\"TXT\",\"viewValue\":-1},\"regionId\":\"$JD_REGION\",\"domainId\":\"$_domain_id\"}" | |
61 | #_addrr='{"req":{"hostRecord":"xx","hostValue":"\"value4\"","jcloudRes":false,"mxPriority":null,"port":null,"ttl":300,"type":"TXT","weight":null,"viewValue":-1},"regionId":"cn-north-1","domainId":"8824"}' | |
62 | if jd_rest POST "domain/$_domain_id/RRAdd" "" "$_addrr"; then | |
63 | _rid="$(echo "$response" | tr '{},' '\n' | grep '"id":' | cut -d : -f 2)" | |
64 | if [ -z "$_rid" ]; then | |
65 | _err "Can not find record id from the result." | |
66 | return 1 | |
67 | fi | |
68 | _info "TXT record added successfully." | |
69 | _srid="$(_readdomainconf "JD_CLOUD_RIDS")" | |
70 | if [ "$_srid" ]; then | |
71 | _rid="$_srid,$_rid" | |
72 | fi | |
73 | _savedomainconf "JD_CLOUD_RIDS" "$_rid" | |
74 | return 0 | |
75 | fi | |
76 | ||
77 | return 1 | |
78 | } | |
79 | ||
80 | dns_jd_rm() { | |
81 | fulldomain=$1 | |
82 | txtvalue=$2 | |
83 | ||
84 | JD_ACCESS_KEY_ID="${JD_ACCESS_KEY_ID:-$(_readaccountconf_mutable JD_ACCESS_KEY_ID)}" | |
85 | JD_ACCESS_KEY_SECRET="${JD_ACCESS_KEY_SECRET:-$(_readaccountconf_mutable JD_ACCESS_KEY_SECRET)}" | |
86 | JD_REGION="${JD_REGION:-$(_readaccountconf_mutable JD_REGION)}" | |
87 | ||
88 | if [ -z "$JD_REGION" ]; then | |
89 | _debug "Using default region: $_JD_DEFAULT_REGION" | |
90 | JD_REGION="$_JD_DEFAULT_REGION" | |
91 | fi | |
92 | ||
93 | _JD_BASE_URI="$_JD_API_VERSION/regions/$JD_REGION" | |
94 | ||
95 | _info "Getting existing records for $fulldomain" | |
96 | _srid="$(_readdomainconf "JD_CLOUD_RIDS")" | |
97 | _debug _srid "$_srid" | |
98 | ||
99 | if [ -z "$_srid" ]; then | |
100 | _err "Not rid skip" | |
101 | return 0 | |
102 | fi | |
103 | ||
104 | _debug "First detect the root zone" | |
105 | if ! _get_root "$fulldomain"; then | |
106 | _err "invalid domain" | |
107 | return 1 | |
108 | fi | |
109 | _debug _domain_id "$_domain_id" | |
110 | _debug _sub_domain "$_sub_domain" | |
111 | _debug _domain "$_domain" | |
112 | ||
113 | _cleardomainconf JD_CLOUD_RIDS | |
114 | ||
115 | _aws_tmpl_xml="{\"ids\":[$_srid],\"action\":\"del\",\"regionId\":\"$JD_REGION\",\"domainId\":\"$_domain_id\"}" | |
116 | ||
117 | if jd_rest POST "domain/$_domain_id/RROperate" "" "$_aws_tmpl_xml" && _contains "$response" "\"code\":\"OK\""; then | |
118 | _info "TXT record deleted successfully." | |
119 | return 0 | |
120 | fi | |
121 | return 1 | |
122 | ||
123 | } | |
124 | ||
125 | #################### Private functions below ################################## | |
126 | ||
127 | _get_root() { | |
128 | domain=$1 | |
129 | i=1 | |
130 | p=1 | |
131 | ||
132 | while true; do | |
133 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
134 | _debug2 "Checking domain: $h" | |
135 | if ! jd_rest GET "domain"; then | |
136 | _err "error get domain list" | |
137 | return 1 | |
138 | fi | |
139 | if [ -z "$h" ]; then | |
140 | #not valid | |
141 | _err "Invalid domain" | |
142 | return 1 | |
143 | fi | |
144 | ||
145 | if _contains "$response" "\"domainName\":\"$h\""; then | |
146 | hostedzone="$(echo "$response" | tr '{}' '\n' | grep "\"domainName\":\"$h\"")" | |
147 | _debug hostedzone "$hostedzone" | |
148 | if [ "$hostedzone" ]; then | |
149 | _domain_id="$(echo "$hostedzone" | tr ',' '\n' | grep "\"id\":" | cut -d : -f 2)" | |
150 | if [ "$_domain_id" ]; then | |
151 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) | |
152 | _domain=$h | |
153 | return 0 | |
154 | fi | |
155 | fi | |
156 | _err "Can't find domain with id: $h" | |
157 | return 1 | |
158 | fi | |
159 | p=$i | |
160 | i=$(_math "$i" + 1) | |
161 | done | |
162 | ||
163 | return 1 | |
164 | } | |
165 | ||
166 | #method uri qstr data | |
167 | jd_rest() { | |
168 | mtd="$1" | |
169 | ep="$2" | |
170 | qsr="$3" | |
171 | data="$4" | |
172 | ||
173 | _debug mtd "$mtd" | |
174 | _debug ep "$ep" | |
175 | _debug qsr "$qsr" | |
176 | _debug data "$data" | |
177 | ||
178 | CanonicalURI="/$_JD_BASE_URI/$ep" | |
179 | _debug2 CanonicalURI "$CanonicalURI" | |
180 | ||
181 | CanonicalQueryString="$qsr" | |
182 | _debug2 CanonicalQueryString "$CanonicalQueryString" | |
183 | ||
184 | RequestDate="$(date -u +"%Y%m%dT%H%M%SZ")" | |
185 | #RequestDate="20190713T082155Z" ###################################################### | |
186 | _debug2 RequestDate "$RequestDate" | |
187 | export _H1="X-Jdcloud-Date: $RequestDate" | |
188 | ||
189 | RequestNonce="2bd0852a-8bae-4087-b2d5-$(_time)" | |
190 | #RequestNonce="894baff5-72d4-4244-883a-7b2eb51e7fbe" ################################# | |
191 | _debug2 RequestNonce "$RequestNonce" | |
192 | export _H2="X-Jdcloud-Nonce: $RequestNonce" | |
193 | ||
194 | if [ "$data" ]; then | |
195 | CanonicalHeaders="content-type:application/json\n" | |
196 | SignedHeaders="content-type;" | |
197 | else | |
198 | CanonicalHeaders="" | |
199 | SignedHeaders="" | |
200 | fi | |
201 | CanonicalHeaders="${CanonicalHeaders}host:$_JD_HOST\nx-jdcloud-date:$RequestDate\nx-jdcloud-nonce:$RequestNonce\n" | |
202 | SignedHeaders="${SignedHeaders}host;x-jdcloud-date;x-jdcloud-nonce" | |
203 | ||
204 | _debug2 CanonicalHeaders "$CanonicalHeaders" | |
205 | _debug2 SignedHeaders "$SignedHeaders" | |
206 | ||
207 | Hash="sha256" | |
208 | ||
209 | RequestPayload="$data" | |
210 | _debug2 RequestPayload "$RequestPayload" | |
211 | ||
212 | RequestPayloadHash="$(printf "%s" "$RequestPayload" | _digest "$Hash" hex | _lower_case)" | |
213 | _debug2 RequestPayloadHash "$RequestPayloadHash" | |
214 | ||
215 | CanonicalRequest="$mtd\n$CanonicalURI\n$CanonicalQueryString\n$CanonicalHeaders\n$SignedHeaders\n$RequestPayloadHash" | |
216 | _debug2 CanonicalRequest "$CanonicalRequest" | |
217 | ||
218 | HashedCanonicalRequest="$(printf "$CanonicalRequest%s" | _digest "$Hash" hex)" | |
219 | _debug2 HashedCanonicalRequest "$HashedCanonicalRequest" | |
220 | ||
221 | Algorithm="JDCLOUD2-HMAC-SHA256" | |
222 | _debug2 Algorithm "$Algorithm" | |
223 | ||
224 | RequestDateOnly="$(echo "$RequestDate" | cut -c 1-8)" | |
225 | _debug2 RequestDateOnly "$RequestDateOnly" | |
226 | ||
227 | Region="$JD_REGION" | |
228 | Service="$_JD_PROD" | |
229 | ||
230 | CredentialScope="$RequestDateOnly/$Region/$Service/jdcloud2_request" | |
231 | _debug2 CredentialScope "$CredentialScope" | |
232 | ||
233 | StringToSign="$Algorithm\n$RequestDate\n$CredentialScope\n$HashedCanonicalRequest" | |
234 | ||
235 | _debug2 StringToSign "$StringToSign" | |
236 | ||
237 | kSecret="JDCLOUD2$JD_ACCESS_KEY_SECRET" | |
238 | ||
239 | _secure_debug2 kSecret "$kSecret" | |
240 | ||
241 | kSecretH="$(printf "%s" "$kSecret" | _hex_dump | tr -d " ")" | |
242 | _secure_debug2 kSecretH "$kSecretH" | |
243 | ||
244 | kDateH="$(printf "$RequestDateOnly%s" | _hmac "$Hash" "$kSecretH" hex)" | |
245 | _debug2 kDateH "$kDateH" | |
246 | ||
247 | kRegionH="$(printf "$Region%s" | _hmac "$Hash" "$kDateH" hex)" | |
248 | _debug2 kRegionH "$kRegionH" | |
249 | ||
250 | kServiceH="$(printf "$Service%s" | _hmac "$Hash" "$kRegionH" hex)" | |
251 | _debug2 kServiceH "$kServiceH" | |
252 | ||
253 | kSigningH="$(printf "%s" "jdcloud2_request" | _hmac "$Hash" "$kServiceH" hex)" | |
254 | _debug2 kSigningH "$kSigningH" | |
255 | ||
256 | signature="$(printf "$StringToSign%s" | _hmac "$Hash" "$kSigningH" hex)" | |
257 | _debug2 signature "$signature" | |
258 | ||
259 | Authorization="$Algorithm Credential=$JD_ACCESS_KEY_ID/$CredentialScope, SignedHeaders=$SignedHeaders, Signature=$signature" | |
260 | _debug2 Authorization "$Authorization" | |
261 | ||
262 | _H3="Authorization: $Authorization" | |
263 | _debug _H3 "$_H3" | |
264 | ||
265 | url="https://$_JD_HOST$CanonicalURI" | |
266 | if [ "$qsr" ]; then | |
267 | url="https://$_JD_HOST$CanonicalURI?$qsr" | |
268 | fi | |
269 | ||
270 | if [ "$mtd" = "GET" ]; then | |
271 | response="$(_get "$url")" | |
272 | else | |
273 | response="$(_post "$data" "$url" "" "$mtd" "application/json")" | |
274 | fi | |
275 | ||
276 | _ret="$?" | |
277 | _debug2 response "$response" | |
278 | if [ "$_ret" = "0" ]; then | |
279 | if _contains "$response" "\"error\""; then | |
280 | _err "Response error:$response" | |
281 | return 1 | |
282 | fi | |
283 | fi | |
284 | ||
285 | return "$_ret" | |
286 | } |