You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

165 lines
4.8 KiB

3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
  1. #!/usr/bin/env sh
  2. # shellcheck disable=SC2034
  3. dns_curanet_info='Curanet.dk
  4. Domains: scannet.dk wannafind.dk dandomain.dk
  5. Site: Curanet.dk
  6. Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_curanet
  7. Options:
  8. CURANET_AUTHCLIENTID Auth ClientID. Requires scope dns
  9. CURANET_AUTHSECRET Auth Secret
  10. Issues: github.com/acmesh-official/acme.sh/issues/3933
  11. Author: Peter L. Hansen <peter@r12.dk>
  12. '
  13. CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains"
  14. CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token"
  15. CURANET_ACCESS_TOKEN=""
  16. ######## Public functions #####################
  17. #Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  18. dns_curanet_add() {
  19. fulldomain=$1
  20. txtvalue=$2
  21. _info "Using curanet"
  22. _debug fulldomain "$fulldomain"
  23. _debug txtvalue "$txtvalue"
  24. CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  25. CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
  26. if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then
  27. CURANET_AUTHCLIENTID=""
  28. CURANET_AUTHSECRET=""
  29. _err "You don't specify curanet api client and secret."
  30. _err "Please create your auth info and try again."
  31. return 1
  32. fi
  33. #save the credentials to the account conf file.
  34. _saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID"
  35. _saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET"
  36. if ! _get_token; then
  37. _err "Unable to get token"
  38. return 1
  39. fi
  40. if ! _get_root "$fulldomain"; then
  41. _err "Invalid domain"
  42. return 1
  43. fi
  44. export _H1="Content-Type: application/json-patch+json"
  45. export _H2="Accept: application/json"
  46. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  47. data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}"
  48. response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")"
  49. if _contains "$response" "$txtvalue"; then
  50. _debug "TXT record added OK"
  51. else
  52. _err "Unable to add TXT record"
  53. return 1
  54. fi
  55. return 0
  56. }
  57. #Usage: fulldomain txtvalue
  58. #Remove the txt record after validation.
  59. dns_curanet_rm() {
  60. fulldomain=$1
  61. txtvalue=$2
  62. _info "Using curanet"
  63. _debug fulldomain "$fulldomain"
  64. _debug txtvalue "$txtvalue"
  65. CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  66. CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
  67. if ! _get_token; then
  68. _err "Unable to get token"
  69. return 1
  70. fi
  71. if ! _get_root "$fulldomain"; then
  72. _err "Invalid domain"
  73. return 1
  74. fi
  75. _debug "Getting current record list to identify TXT to delete"
  76. export _H1="Content-Type: application/json"
  77. export _H2="Accept: application/json"
  78. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  79. response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")"
  80. if ! _contains "$response" "$txtvalue"; then
  81. _err "Unable to delete record (does not contain $txtvalue )"
  82. return 1
  83. fi
  84. recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | _egrep_o "id\":[0-9]+" | cut -c 5-)
  85. if [ -z "$recordid" ]; then
  86. _err "Unable to get recordid"
  87. _debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue"
  88. _debug "response $response"
  89. return 1
  90. fi
  91. _debug "Deleting recordID $recordid"
  92. response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")"
  93. return 0
  94. }
  95. #################### Private functions below ##################################
  96. _get_token() {
  97. response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")"
  98. if ! _contains "$response" "access_token"; then
  99. _err "Unable get access token"
  100. return 1
  101. fi
  102. CURANET_ACCESS_TOKEN=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]+" | cut -c 17-)
  103. if [ -z "$CURANET_ACCESS_TOKEN" ]; then
  104. _err "Unable to get token"
  105. return 1
  106. fi
  107. return 0
  108. }
  109. #_acme-challenge.www.domain.com
  110. #returns
  111. # _domain=domain.com
  112. # _domain_id=sdjkglgdfewsdfg
  113. _get_root() {
  114. domain=$1
  115. i=1
  116. while true; do
  117. h=$(printf "%s" "$domain" | cut -d . -f $i-100)
  118. _debug h "$h"
  119. if [ -z "$h" ]; then
  120. #not valid
  121. return 1
  122. fi
  123. export _H1="Content-Type: application/json"
  124. export _H2="Accept: application/json"
  125. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  126. response="$(_get "$CURANET_REST_URL/$h/Records" "" "")"
  127. if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then
  128. _domain=$h
  129. return 0
  130. fi
  131. i=$(_math "$i" + 1)
  132. done
  133. return 1
  134. }