[mirror_acme.sh.git] / dnsapi / dns_websupport.sh

#!/usr/bin/env sh

# Acme.sh DNS API wrapper for websupport.sk
#
# Original author: trgo.sk (https://github.com/trgosk)
# Tweaks by: akulumbeg (https://github.com/akulumbeg)
# Report Bugs here: https://github.com/akulumbeg/acme.sh

# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey
#
# WS_ApiKey="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# (called "Identifier" in the WS Admin)
#
# WS_ApiSecret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
# (called "Secret key" in the WS Admin)

WS_Api="https://rest.websupport.sk"

########  Public functions #####################

dns_websupport_add() {
  fulldomain=$1
  txtvalue=$2

  WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
  WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"

  if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
    _saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
    _saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
  else
    WS_ApiKey=""
    WS_ApiSecret=""
    _err "You did not specify the API Key and/or API Secret"
    _err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey"
    return 1
  fi

  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  # For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
  # we can not use updating anymore.
  #  count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
  #  _debug count "$count"
  #  if [ "$count" = "0" ]; then
  _info "Adding record"
  if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
    if _contains "$response" "$txtvalue"; then
      _info "Added, OK"
      return 0
    elif _contains "$response" "The record already exists"; then
      _info "Already exists, OK"
      return 0
    else
      _err "Add txt record error."
      return 1
    fi
  fi
  _err "Add txt record error."
  return 1

}

dns_websupport_rm() {
  fulldomain=$1
  txtvalue=$2

  _debug2 fulldomain "$fulldomain"
  _debug2 txtvalue "$txtvalue"

  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi

  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  _debug "Getting txt records"
  _ws_rest GET "/v1/user/self/zone/$_domain/record"

  if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then
    _err "Error: $response"
    return 1
  fi

  record_line="$(_get_from_array "$response" "$txtvalue")"
  _debug record_line "$record_line"
  if [ -z "$record_line" ]; then
    _info "Don't need to remove."
  else
    record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
    _debug "record_id" "$record_id"
    if [ -z "$record_id" ]; then
      _err "Can not get record id to remove."
      return 1
    fi
    if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
      _err "Delete record error."
      return 1
    fi
    if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then
      return 1
    else
      return 0
    fi
  fi

}

####################  Private Functions ##################################

_get_root() {
  domain=$1
  i=1
  p=1

  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    _debug h "$h"
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi

    if ! _ws_rest GET "/v1/user/self/zone"; then
      return 1
    fi

    if _contains "$response" "\"name\":\"$h\""; then
      _domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
      if [ "$_domain_id" ]; then
        _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
        _domain=$h
        return 0
      fi
      return 1
    fi
    p=$i
    i=$(_math "$i" + 1)
  done
  return 1
}

_ws_rest() {
  me=$1
  pa="$2"
  da="$3"

  _debug2 api_key "$WS_ApiKey"
  _debug2 api_secret "$WS_ApiSecret"

  timestamp=$(_time)
  datez="$(_utc_date | sed "s/ /T/" | sed "s/$/+0000/")"
  canonical_request="${me} ${pa} ${timestamp}"
  signature_hash=$(printf "%s" "$canonical_request" | _hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex)
  basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)"

  _debug2 method "$me"
  _debug2 path "$pa"
  _debug2 data "$da"
  _debug2 timestamp "$timestamp"
  _debug2 datez "$datez"
  _debug2 canonical_request "$canonical_request"
  _debug2 signature_hash "$signature_hash"
  _debug2 basicauth "$basicauth"

  export _H1="Accept: application/json"
  export _H2="Content-Type: application/json"
  export _H3="Authorization: Basic ${basicauth}"
  export _H4="Date: ${datez}"

  _debug2 H1 "$_H1"
  _debug2 H2 "$_H2"
  _debug2 H3 "$_H3"
  _debug2 H4 "$_H4"

  if [ "$me" != "GET" ]; then
    _debug2 "${me} $WS_Api${pa}"
    _debug data "$da"
    response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
  else
    _debug2 "GET $WS_Api${pa}"
    response="$(_get "$WS_Api${pa}")"
  fi

  _debug2 response "$response"
  return "$?"
}

_get_from_array() {
  va="$1"
  fi="$2"
  for i in $(echo "$va" | sed "s/{/ /g"); do
    if _contains "$i" "$fi"; then
      echo "$i"
      break
    fi
  done
}
Commit	Line	Data
9366f4b4 AK	1	#!/usr/bin/env sh
9366f4b4 AK	2
3014955e	3	# Acme.sh DNS API wrapper for websupport.sk
9366f4b4	4	#
0481f20c AK	5	# Original author: trgo.sk (https://github.com/trgosk)
0481f20c AK	6	# Tweaks by: akulumbeg (https://github.com/akulumbeg)
0481f20c	7	# Report Bugs here: https://github.com/akulumbeg/acme.sh
3014955e	8
0481f20c AK	9	# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey
	10	#
	11	# WS_ApiKey="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
	12	# (called "Identifier" in the WS Admin)
	13	#
	14	# WS_ApiSecret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
	15	# (called "Secret key" in the WS Admin)
9366f4b4 AK	16
	17	WS_Api="https://rest.websupport.sk"
	18
	19	######## Public functions #####################
	20
9366f4b4 AK	21	dns_websupport_add() {
	22	fulldomain=$1
	23	txtvalue=$2
	24
	25	WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
	26	WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"
	27
	28	if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
	29	_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
	30	_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
	31	else
	32	WS_ApiKey=""
	33	WS_ApiSecret=""
0481f20c	34	_err "You did not specify the API Key and/or API Secret"
051775b9	35	_err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey"
9366f4b4 AK	36	return 1
	37	fi
	38
	39	_debug "First detect the root zone"
	40	if ! _get_root "$fulldomain"; then
	41	_err "invalid domain"
	42	return 1
	43	fi
	44	_debug _sub_domain "$_sub_domain"
	45	_debug _domain "$_domain"
	46
	47	# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
	48	# we can not use updating anymore.
	49	# count=$(printf "%s\n" "$response" \| _egrep_o "\"count\":[^,]*" \| cut -d : -f 2)
	50	# _debug count "$count"
	51	# if [ "$count" = "0" ]; then
	52	_info "Adding record"
	53	if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
	54	if _contains "$response" "$txtvalue"; then
	55	_info "Added, OK"
	56	return 0
	57	elif _contains "$response" "The record already exists"; then
	58	_info "Already exists, OK"
	59	return 0
	60	else
	61	_err "Add txt record error."
	62	return 1
	63	fi
	64	fi
	65	_err "Add txt record error."
	66	return 1
	67
	68	}
	69
9366f4b4 AK	70	dns_websupport_rm() {
	71	fulldomain=$1
	72	txtvalue=$2
	73
	74	_debug2 fulldomain "$fulldomain"
	75	_debug2 txtvalue "$txtvalue"
	76
	77	_debug "First detect the root zone"
	78	if ! _get_root "$fulldomain"; then
	79	_err "invalid domain"
	80	return 1
	81	fi
	82
	83	_debug _sub_domain "$_sub_domain"
	84	_debug _domain "$_domain"
	85
	86	_debug "Getting txt records"
	87	_ws_rest GET "/v1/user/self/zone/$_domain/record"
	88
	89	if [ "$(printf "%s" "$response" \| tr -d " " \| grep -c \"items\")" -lt "1" ]; then
	90	_err "Error: $response"
	91	return 1
	92	fi
	93
	94	record_line="$(_get_from_array "$response" "$txtvalue")"
	95	_debug record_line "$record_line"
	96	if [ -z "$record_line" ]; then
	97	_info "Don't need to remove."
	98	else
	99	record_id=$(echo "$record_line" \| _egrep_o "\"id\": [^,]" \| _head_n 1 \| cut -d : -f 2 \| tr -d \" \| tr -d " ")
	100	_debug "record_id" "$record_id"
	101	if [ -z "$record_id" ]; then
	102	_err "Can not get record id to remove."
	103	return 1
	104	fi
	105	if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
	106	_err "Delete record error."
	107	return 1
	108	fi
	109	if [ "$(printf "%s" "$response" \| tr -d " " \| grep -c \"success\")" -lt "1" ]; then
	110	return 1
	111	else
	112	return 0
	113	fi
	114	fi
	115
	116	}
	117
0481f20c AK	118	#################### Private Functions ##################################
0481f20c AK	119
9366f4b4 AK	120	_get_root() {
	121	domain=$1
	122	i=1
	123	p=1
	124
	125	while true; do
	126	h=$(printf "%s" "$domain" \| cut -d . -f $i-100)
	127	_debug h "$h"
	128	if [ -z "$h" ]; then
	129	#not valid
	130	return 1
	131	fi
	132
	133	if ! _ws_rest GET "/v1/user/self/zone"; then
	134	return 1
	135	fi
	136
	137	if _contains "$response" "\"name\":\"$h\""; then
	138	_domain_id=$(echo "$response" \| _egrep_o "\[.\"id\": [^,]" \| _head_n 1 \| cut -d : -f 2 \| tr -d \" \| tr -d " ")
	139	if [ "$_domain_id" ]; then
	140	_sub_domain=$(printf "%s" "$domain" \| cut -d . -f 1-$p)
	141	_domain=$h
	142	return 0
	143	fi
	144	return 1
	145	fi
	146	p=$i
	147	i=$(_math "$i" + 1)
	148	done
	149	return 1
	150	}
	151
	152	_ws_rest() {
	153	me=$1
	154	pa="$2"
	155	da="$3"
	156
	157	_debug2 api_key "$WS_ApiKey"
	158	_debug2 api_secret "$WS_ApiSecret"
	159
dadc7063	160	timestamp=$(_time)
9e146a8a	161	datez="$(_utc_date \| sed "s/ /T/" \| sed "s/$/+0000/")"
9366f4b4	162	canonical_request="${me} ${pa} ${timestamp}"
0021fb8a	163	signature_hash=$(printf "%s" "$canonical_request" \| _hmac sha1 "$(printf "%s" "$WS_ApiSecret" \| _hex_dump \| tr -d " ")" hex)
9366f4b4 AK	164	basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" \| _base64)"
	165
	166	_debug2 method "$me"
	167	_debug2 path "$pa"
	168	_debug2 data "$da"
	169	_debug2 timestamp "$timestamp"
	170	_debug2 datez "$datez"
	171	_debug2 canonical_request "$canonical_request"
9366f4b4 AK	172	_debug2 signature_hash "$signature_hash"
	173	_debug2 basicauth "$basicauth"
	174
	175	export _H1="Accept: application/json"
	176	export _H2="Content-Type: application/json"
	177	export _H3="Authorization: Basic ${basicauth}"
	178	export _H4="Date: ${datez}"
	179
	180	_debug2 H1 "$_H1"
	181	_debug2 H2 "$_H2"
	182	_debug2 H3 "$_H3"
	183	_debug2 H4 "$_H4"
	184
	185	if [ "$me" != "GET" ]; then
	186	_debug2 "${me} $WS_Api${pa}"
	187	_debug data "$da"
	188	response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
	189	else
	190	_debug2 "GET $WS_Api${pa}"
	191	response="$(_get "$WS_Api${pa}")"
	192	fi
	193
	194	_debug2 response "$response"
	195	return "$?"
	196	}
	197
	198	_get_from_array() {
	199	va="$1"
	200	fi="$2"
	201	for i in $(echo "$va" \| sed "s/{/ /g"); do
	202	if _contains "$i" "$fi"; then
	203	echo "$i"
	204	break
	205	fi
	206	done
	207	}