4 #OVH_AK="sdfsdfsdfljlbjkljlkjsdfoiwje"
7 #OVH_AS="sdfsafsdfsdfdsfsdfsa"
10 #OVH_CK="sdfsdfsdfsdfsdfdsf"
15 OVH_EU
='https://eu.api.ovh.com/1.0'
18 OVH_US
='https://api.us.ovhcloud.com/1.0'
21 OVH_CA
='https://ca.api.ovh.com/1.0'
24 KSF_EU
='https://eu.api.kimsufi.com/1.0'
27 KSF_CA
='https://ca.api.kimsufi.com/1.0'
30 SYS_EU
='https://eu.api.soyoustart.com/1.0'
33 SYS_CA
='https://ca.api.soyoustart.com/1.0'
35 wiki
="https://github.com/acmesh-official/acme.sh/wiki/How-to-use-OVH-domain-api"
37 ovh_success
="https://github.com/acmesh-official/acme.sh/wiki/OVH-Success"
56 kimsufi-eu | kimsufieu
)
60 kimsufi-ca | kimsufica
)
64 soyoustart-eu | soyoustarteu
)
68 soyoustart-ca | soyoustartca
)
72 # raw API url starts with https://
80 _err
"Unknown endpoint : $1"
87 OVH_AK
="${OVH_AK:-$(_readaccountconf_mutable OVH_AK)}"
88 OVH_AS
="${OVH_AS:-$(_readaccountconf_mutable OVH_AS)}"
90 if [ -z "$OVH_AK" ] ||
[ -z "$OVH_AS" ]; then
93 _err
"You don't specify OVH application key and application secret yet."
94 _err
"Please create you key and try again."
98 if [ "$OVH_AK" != "$(_readaccountconf OVH_AK)" ]; then
99 _info
"It seems that your ovh key is changed, let's clear consumer key first."
100 _clearaccountconf_mutable OVH_CK
102 _saveaccountconf_mutable OVH_AK
"$OVH_AK"
103 _saveaccountconf_mutable OVH_AS
"$OVH_AS"
105 OVH_END_POINT
="${OVH_END_POINT:-$(_readaccountconf_mutable OVH_END_POINT)}"
106 if [ -z "$OVH_END_POINT" ]; then
107 OVH_END_POINT
="ovh-eu"
109 _info
"Using OVH endpoint: $OVH_END_POINT"
110 if [ "$OVH_END_POINT" != "ovh-eu" ]; then
111 _saveaccountconf_mutable OVH_END_POINT
"$OVH_END_POINT"
114 OVH_API
="$(_ovh_get_api $OVH_END_POINT)"
115 _debug OVH_API
"$OVH_API"
117 OVH_CK
="${OVH_CK:-$(_readaccountconf_mutable OVH_CK)}"
118 if [ -z "$OVH_CK" ]; then
119 _info
"OVH consumer key is empty, Let's get one:"
120 if ! _ovh_authentication
; then
121 _err
"Can not get consumer key."
123 #return and wait for retry.
126 _saveaccountconf_mutable OVH_CK
"$OVH_CK"
128 _info
"Checking authentication"
130 if ! _ovh_rest GET
"domain" || _contains
"$response" "INVALID_CREDENTIAL" || _contains
"$response" "NOT_CREDENTIAL"; then
131 _err
"The consumer key is invalid: $OVH_CK"
132 _err
"Please retry to create a new one."
133 _clearaccountconf_mutable OVH_CK
136 _info
"Consumer key is ok."
140 ######## Public functions #####################
142 #Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
151 _debug
"First detect the root zone"
152 if ! _get_root
"$fulldomain"; then
153 _err
"invalid domain"
157 _debug _sub_domain
"$_sub_domain"
158 _debug _domain
"$_domain"
160 _info
"Adding record"
161 if _ovh_rest POST
"domain/zone/$_domain/record" "{\"fieldType\":\"TXT\",\"subDomain\":\"$_sub_domain\",\"target\":\"$txtvalue\",\"ttl\":60}"; then
162 if _contains
"$response" "$txtvalue"; then
163 _ovh_rest POST
"domain/zone/$_domain/refresh"
164 _debug
"Refresh:$response"
165 _info
"Added, sleep 10 seconds."
170 _err
"Add txt record error."
184 _debug
"First detect the root zone"
185 if ! _get_root
"$fulldomain"; then
186 _err
"invalid domain"
190 _debug _sub_domain
"$_sub_domain"
191 _debug _domain
"$_domain"
192 _debug
"Getting txt records"
193 if ! _ovh_rest GET
"domain/zone/$_domain/record?fieldType=TXT&subDomain=$_sub_domain"; then
197 for rid
in $
(echo "$response" |
tr '][,' ' '); do
199 if ! _ovh_rest GET
"domain/zone/$_domain/record/$rid"; then
202 if _contains
"$response" "\"target\":\"$txtvalue\""; then
203 _debug
"Found txt id:$rid"
204 if ! _ovh_rest DELETE
"domain/zone/$_domain/record/$rid"; then
207 _ovh_rest POST
"domain/zone/$_domain/refresh"
208 _debug
"Refresh:$response"
216 #################### Private functions below ##################################
218 _ovh_authentication
() {
220 _H1
="X-Ovh-Application: $OVH_AK"
221 _H2
="Content-type: application/json"
225 _ovhdata
='{"accessRules": [{"method": "GET","path": "/auth/time"},{"method": "GET","path": "/domain"},{"method": "GET","path": "/domain/zone/*"},{"method": "GET","path": "/domain/zone/*/record"},{"method": "POST","path": "/domain/zone/*/record"},{"method": "POST","path": "/domain/zone/*/refresh"},{"method": "PUT","path": "/domain/zone/*/record/*"},{"method": "DELETE","path": "/domain/zone/*/record/*"}],"redirection":"'$ovh_success'"}'
227 response
="$(_post "$_ovhdata" "$OVH_API/auth
/credential
")"
228 _debug3 response
"$response"
229 validationUrl
="$(echo "$response" | _egrep_o "validationUrl
\":\"[^
\"]*\"" | _egrep_o "http.
*\"" | tr -d '"')"
230 if [ -z "$validationUrl" ]; then
231 _err "Unable to get validationUrl"
234 _debug validationUrl "$validationUrl"
236 consumerKey="$(echo "$response" | _egrep_o "consumerKey\":\"[^\"]*\"" | cut -d : -f 2 | tr -d '"')"
237 if [ -z "$consumerKey" ]; then
238 _err
"Unable to get consumerKey"
241 _secure_debug consumerKey
"$consumerKey"
243 OVH_CK
="$consumerKey"
244 _saveaccountconf_mutable OVH_CK
"$OVH_CK"
245 _info
"Please open this link to do authentication: $(__green "$validationUrl")"
247 _info
"Here is a guide for you: $(__green "$wiki")"
248 _info
"Please retry after the authentication is done."
252 #_acme-challenge.www.domain.com
254 # _sub_domain=_acme-challenge.www
261 h
=$
(printf "%s" "$domain" | cut
-d .
-f $i-100)
267 if ! _ovh_rest GET
"domain/zone/$h"; then
271 if ! _contains
"$response" "This service does not exist" >/dev
/null
&&
272 ! _contains
"$response" "This call has not been granted" >/dev
/null
&&
273 ! _contains
"$response" "NOT_GRANTED_CALL" >/dev
/null
; then
274 _sub_domain
=$
(printf "%s" "$domain" | cut
-d .
-f 1-$p)
290 _get
"$OVH_API/auth/time" "" 30
299 _ovh_url
="$OVH_API/$ep"
300 _debug2 _ovh_url
"$_ovh_url"
301 _ovh_t
="$(_ovh_timestamp)"
302 _debug2 _ovh_t
"$_ovh_t"
303 _ovh_p
="$OVH_AS+$OVH_CK+$m+$_ovh_url+$data+$_ovh_t"
304 _secure_debug _ovh_p
"$_ovh_p"
305 _ovh_hex
="$(printf "%s
" "$_ovh_p" | _digest sha1 hex)"
306 _debug2 _ovh_hex
"$_ovh_hex"
308 export _H1
="X-Ovh-Application: $OVH_AK"
309 export _H2
="X-Ovh-Signature: \$1\$$_ovh_hex"
311 export _H3
="X-Ovh-Timestamp: $_ovh_t"
312 export _H4
="X-Ovh-Consumer: $OVH_CK"
313 export _H5
="Content-Type: application/json;charset=utf-8"
314 if [ "$data" ] ||
[ "$m" = "POST" ] ||
[ "$m" = "PUT" ] ||
[ "$m" = "DELETE" ]; then
316 response
="$(_post "$data" "$_ovh_url" "" "$m")"
318 response
="$(_get "$_ovh_url")"
321 if [ "$?" != "0" ] || _contains
"$response" "INVALID_CREDENTIAL"; then
322 _err
"error $response"
325 _debug2 response
"$response"