Refactor dns_mgwm.sh for improved API interaction

Refactor MGWM API script to improve clarity and functionality. Update API endpoint and streamline credential handling.
4 days ago · 2ba615555c
1 changed files with 55 additions and 53 deletions
--- a/dnsapi/dns_mgwm.sh
+++ b/dnsapi/dns_mgwm.sh
@ -9,11 +9,12 @@ Options:
 MGWM_CUSTOMER Your customer number (username for Basic Auth).
 MGWM_API_HASH Your API Hash (password for Basic Auth).
 Issues: github.com/acmesh-official/acme.sh
-Author: (Your Name or generated by AI)
+Author: Generated by AI (with user input)
 '

-# Base endpoint for the MGW-MEDIA.DE API (parameters will be added as query strings)
-MGWM_API_ENDPOINT="https://ipv4.api.mgw-media.de/record"
+# Direct endpoint for the PHP script with query parameters
+# This variable replaces MGWM_API_BASE when using query-parameter-based URLs directly.
+MGWM_API_ENDPOINT="https://api.mgw-media.de/record.php"

 ########  Public functions #####################
 # This function is called by acme.sh to add a TXT record.
@ -25,34 +26,20 @@ dns_mgwm_add() {
  _debug "fulldomain: $fulldomain"
  _debug "txtvalue: $txtvalue"

-  # Load credentials from environment or acme.sh config
-  MGWM_CUSTOMER="${MGWM_CUSTOMER:-$(_readaccountconf_mutable MGWM_CUSTOMER)}"
-  MGWM_API_HASH="${MGWM_API_HASH:-$(_readaccountconf_mutable MGWM_API_HASH)}"
-
-  # Check if credentials are set
-  if [ -z "$MGWM_CUSTOMER" ] || [ -z "$MGWM_API_HASH" ]; then
-    _err "You didn't specify one or more of MGWM_CUSTOMER or MGWM_API_HASH."
-    _err "Please check these environment variables and try again."
+  # Call private function to load and save environment variables and set up the Basic Auth Header.
+  if ! _mgwm_init_env; then
    return 1
  fi

-  # Save credentials for automatic renewal and future calls
-  _saveaccountconf_mutable MGWM_CUSTOMER "$MGWM_CUSTOMER"
-  _saveaccountconf_mutable MGWM_API_HASH "$MGWM_API_HASH"
-
-  # Create the Basic Auth Header directly in this function's scope
-  _credentials="$(printf "%s:%s" "$MGWM_CUSTOMER" "$MGWM_API_HASH" | _base64)"
-  # Export _H1 so _get function can pick it up
-  export _H1="Authorization: Basic $_credentials"
-  _debug "Set Authorization Header: Basic <credentials_encoded>" # Log debug message without sensitive credentials
-
-  # Construct the API URL for adding a record with query parameters
-  _add_url="${MGWM_API_ENDPOINT}.php?action=add&fulldomain=${fulldomain}&type=txt&content=${txtvalue}"
+  # Construct the API URL using query parameters.
+  # This targets the record.php script directly, passing action, fulldomain, type, and content.
+  _add_url="${MGWM_API_ENDPOINT}?action=add&fulldomain=${fulldomain}&type=txt&content=${txtvalue}"
  _debug "Calling MGWM ADD URL: ${_add_url}"

-  # Execute the HTTP GET request with the Authorization Header (_H1)
-  # The 5th parameter of _get is where acme.sh expects custom HTTP headers like Authorization.
-  response="$(_get "" "$_add_url" "" "GET" "$_H1")"
+  # Execute the HTTP GET request.
+  # Correct parameters for _get(): url="$1", onlyheader="$2", t="$3"
+  # The Authorization Header (_H1) is automatically picked up by _get() from the environment.
+  response="$(_get "$_add_url" "" "")" # <-- KORRIGIERTER AUFRUF VON _get()
  _debug "MGWM add response: $response"

  # Check the API response for success. The API returns "OK" on success.
@ -69,12 +56,44 @@ dns_mgwm_add() {
 # This function is called by acme.sh to remove a TXT record after validation.
 dns_mgwm_rm() {
  fulldomain=$1
-  txtvalue=$2 # This value is not used by the RM API in this case.
+  txtvalue=$2 # This txtvalue is now used to identify the specific record to be removed.

  _info "Removing TXT record for $fulldomain using mgw-media.de DNS API"
  _debug "fulldomain: $fulldomain"
-  _debug "txtvalue: $txtvalue" # Still logging for completeness, but not used in URL
+  _debug "txtvalue: $txtvalue"
+
+  # Call private function to load and save environment variables and set up the Basic Auth Header.
+  if ! _mgwm_init_env; then
+    return 1
+  fi

+  # Construct the API URL for removing a record.
+  # This targets the record.php script directly, passing action, fulldomain, type, and content.
+  _rm_url="${MGWM_API_ENDPOINT}?action=rm&fulldomain=${fulldomain}&type=txt&content=${txtvalue}"
+  _debug "Calling MGWM RM URL: ${_rm_url}"
+
+  # Execute the HTTP GET request.
+  # Correct parameters for _get(): url="$1", onlyheader="$2", t="$3"
+  # The Authorization Header (_H1) is automatically picked up by _get() from the environment.
+  response="$(_get "$_rm_url" "" "")" # <-- KORRIGIERTER AUFRUF VON _get()
+  _debug "MGWM rm response: $response"
+
+  # Check the API response for success. The API returns "OK" on success.
+  if [ "$response" = "OK" ]; then
+      _info "TXT record for $fulldomain successfully removed via MGWM API."
+      return 0
+  else
+      _err "mgwm_rm: Failed to remove TXT record for $fulldomain. Unexpected API Response: '$response'"
+      return 1
+  fi
+}
+
+####################  Private functions below ##################################
+
+# _mgwm_init_env() loads the mgw-media.de API credentials (customer number and hash)
+# from environment variables or acme.sh's configuration, saves them, and
+# prepares the global _H1 variable for Basic Authorization header.
+_mgwm_init_env() {
  # Load credentials from environment or acme.sh config
  MGWM_CUSTOMER="${MGWM_CUSTOMER:-$(_readaccountconf_mutable MGWM_CUSTOMER)}"
  MGWM_API_HASH="${MGWM_API_HASH:-$(_readaccountconf_mutable MGWM_API_HASH)}"
@ -86,36 +105,19 @@ dns_mgwm_rm() {
    return 1
  fi

-  # Save credentials (important for future renewals if not saved by add function)
+  # Save credentials for automatic renewal and future calls
  _saveaccountconf_mutable MGWM_CUSTOMER "$MGWM_CUSTOMER"
  _saveaccountconf_mutable MGWM_API_HASH "$MGWM_API_HASH"

-  # Create the Basic Auth Header directly in this function's scope
+  # Create the Basic Auth Header. acme.sh's _base64 function is used for encoding.
  _credentials="$(printf "%s:%s" "$MGWM_CUSTOMER" "$MGWM_API_HASH" | _base64)"
-  # Export _H1 so _get function can pick it up
  export _H1="Authorization: Basic $_credentials"
  _debug "Set Authorization Header: Basic <credentials_encoded>" # Log debug message without sensitive credentials
-
-  # Construct the API URL for removing a record with query parameters
-  # The RM API from mgw-media.de does not expect a 'content' parameter.
-  _rm_url="${MGWM_API_ENDPOINT}.php?action=rm&fulldomain=${fulldomain}&type=txt"
-  _debug "Calling MGWM RM URL: ${_rm_url}"
-
-  # Execute the HTTP GET request with the Authorization Header (_H1)
-  response="$(_get "" "$_rm_url" "" "GET" "$_H1")"
-  _debug "MGWM rm response: $response"
-
-  # Check the API response for success. The API returns "OK" on success.
-  if [ "$response" = "OK" ]; then
-      _info "TXT record for $fulldomain successfully removed via MGWM API."
-      return 0
-  else
-      _err "mgwm_rm: Failed to remove TXT record for $fulldomain. Unexpected API Response: '$response'"
-      return 1
-  fi
+  return 0
 }

-####################  Private functions below ##################################
-# The _mgwm_init_env function has been inlined into dns_mgwm_add and dns_mgwm_rm
-# to ensure credentials and the Authorization header are set correctly within
-# each function's sub-shell context.
+# The _get_root function, often found in other acme.sh DNS API scripts,
+# is not necessary for the MGW-MEDIA.DE API.
+# The MGW-MEDIA.DE API directly accepts the complete FQDN (fulldomain)
+# in its URL path and handles the extraction of the subdomain and root domain internally.
+# Therefore, no custom _get_root implementation is needed here.