diff --git a/dnsapi/dns_aruba.sh b/dnsapi/dns_aruba.sh new file mode 100644 index 00000000..1ff3e2a6 --- /dev/null +++ b/dnsapi/dns_aruba.sh @@ -0,0 +1,248 @@ +#!/bin/bash + +#Original Author: Gerardo Trotta + +#Application username +#ARUBA_AK="username" +# +#Application password +#ARUBA_AS="password" +# +#API key +#ARUBA_TK="token" +# +#Consumer Key +#ARUBA_CK="sdfsdfsdfsdfsdfdsf" + +#ARUBA_END_POINT=aruba-it + +#'aruba-it' +ARUBA_IT='https://api.arubabusiness.it' + +_aruba_get_api() { + _ogaep="$1" + + case "${_ogaep}" in + + aruba-it | arubait) + printf "%s" $ARUBA_IT + return + ;; + + *) + _err "Unknown parameter : $1" + return 1 + ;; + esac +} + +_initAuth() { + ARUBA_AK="${ARUBA_AK:-$(_readaccountconf_mutable ARUBA_AK)}" + ARUBA_AS="${ARUBA_AS:-$(_readaccountconf_mutable ARUBA_AS)}" + ARUBA_TK="${ARUBA_TK:-$(_readaccountconf_mutable ARUBA_TK)}" + + if [ -z "$ARUBA_AK" ] || [ -z "$ARUBA_AS" ] || [ -z "$ARUBA_TK" ]; then + ARUBA_AK="" + ARUBA_AS="" + ARUBA_TK="" + _err "You don't specify ARUBA application key or application secret yet." + _err "Please create you key and try again." + return 1 + fi + + if [ "$ARUBA_TK" != "$(_readaccountconf ARUBA_TK)" ]; then + _info "It seems that your aruba key is changed, let's clear consumer key first." + _clearaccountconf ARUBA_TK + _clearaccountconf ARUBA_CK + fi + _saveaccountconf_mutable ARUBA_AK "$ARUBA_AK" + _saveaccountconf_mutable ARUBA_AS "$ARUBA_AS" + _saveaccountconf_mutable ARUBA_TK "$ARUBA_TK" + + ARUBA_END_POINT="${ARUBA_END_POINT:-$(_readaccountconf_mutable ARUBA_END_POINT)}" + if [ -z "$ARUBA_END_POINT" ]; then + ARUBA_END_POINT="aruba-it" + fi + _info "Using ARUBA endpoint: $ARUBA_END_POINT" + if [ "$ARUBA_END_POINT" != "aruba-it" ]; then + _saveaccountconf_mutable ARUBA_END_POINT "$ARUBA_END_POINT" + fi + + ARUBA_API="$(_aruba_get_api $ARUBA_END_POINT)" + _debug ARUBA_API "$ARUBA_API" + + ARUBA_CK="${ARUBA_CK:-$(_readaccountconf_mutable ARUBA_CK)}" + if [ -z "$ARUBA_CK" ]; then + _info "ARUBA consumer key is empty, Let's get one:" + if ! _aruba_authentication; then + _err "Can not get consumer key." + fi + #return and wait for retry. + return 1 + fi + + _info "Checking authentication and get domain details" + + if ! _aruba_rest GET "api/domains/dns/$_domain/details" || _contains "$response" "error" || _contains "$response" "denied"; then + _err "The consumer key is invalid: $ARUBA_CK" + _err "Please retry to create a new one." + _clearaccountconf ARUBA_CK + return 1 + fi + + domainData=$(echo "$response" | tr -d '\r' ) + + # get all Ids and peek only values + temp="$(echo "$domainData" | grep -oP "Id\": \d{1,}" | cut -d : -f 2)" + read -ra ADDR <<< "$temp" #put Ids into array + domain_id="${ADDR[0]}" # first element is zone Id + + _info "DomainId is: $domain_id" + _info "Consumer key is ok." + return 0 +} + +######## Public functions ##################### + +#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns_aruba_add() { + fulldomain=$1 + txtvalue=$2 + + if ! _initAuth; then + return 1 + fi + + _debug "Check if _acme-challenge record exists" + if ! _get_zone_id "$_domain"; then + _err "invalid domain" + return 1 + fi + + _debug _domain "$_domain" + _sub_domain="_acme-challenge" + + _payload="{ \"IdDomain\": $domain_id, \"Type\": \"TXT\", \"Name\": \"$_sub_domain\", \"Content\": \"\\\"$txtvalue\\\"\" }" + + _info "Adding record" + if _aruba_rest POST "api/domains/dns/record" "$_payload"; then + if _contains "$response" "$txtvalue"; then + _aruba_rest GET "api/domains/dns/$_domain/details" + _debug "Refresh:$response" + _info "Added, sleep 10 seconds." + _sleep 10 + return 0 + fi + fi + _err "Add txt record error." + return 1 +} + +#fulldomain +dns_aruba_rm() { + fulldomain=$1 + txtvalue=$2 + + if ! _initAuth; then + return 1 + fi + + _sub_domain="_acme-challenge.${_domain}" + _debug _sub_domain "$_sub_domain" + _debug "Getting TXT record to delete" + + if ! _extract_record_id $_sub_domain; then + return 1 + fi + + if ! _ovh_rest DELETE "api/domains/dns/record/$_recordId"; then + return 1 + fi + + return 0 +} + +#################### Private functions below ################################## + +# returns TXT record and put it in_record_id, if esists +_extract_record_id() { + subdomain=$1 + _arrayid=0 + _ids="$(echo $domainData | grep -oP '(?<="Id": )[^,]+')" + _names="$(echo $domainData | grep -oP '(?<="Name": ")[^"]+')" + ARRAY_IDS=($(echo $_ids | tr ", " "\n")) + ARRAY_NAMES=($_names) + + for i in "${!ARRAY_NAMES[@]}" + do + if [[ ${ARRAY_NAMES[$i]} = $subdomain ]]; then + _debug printf "%s\t%s\n" "$i" "${ARRAY_NAMES[$i]}" + _arrayid=$i + _debug"Found txt record id: ${ARRAY_IDS[$_arrayid]}" + _recordId=${ARRAY_IDS[$_arrayid} + #printf "%s" ${ARRAY_IDS[$_arrayid} + return 0 + fi + done + + return 1 +} + + +_aruba_authentication() { + export _H1="Content-Type: application/x-www-form-urlencoded" + export _H2="Authorization-Key: $ARUBA_TK" + _H3="" + _H4="" + + _arubadata="grant_type=password&username=$ARUBA_AK&password=$ARUBA_AS" + + response="$(_post "$_arubadata" "$ARUBA_API/auth/token")" + + _debug3 response "$response" + + access_token="$(echo "$response" | _egrep_o "access_token\":\"[^\"]*\"" | cut -d : -f 2 | tr -d '"')" + if [ -z "$access_token" ]; then + _err "Unable to get access_token" + return 1 + fi + _secure_debug access_token "$access_token" + + ARUBA_CK="$access_token" + _saveaccountconf ARUBA_CK "$ARUBA_CK" + + return 0 +} + + +_aruba_rest() { + m=$1 + ep="$2" + data="$3" + _debug "$ep" + + _aruba_url="$ARUBA_API/$ep" + _debug2 _aruba_url "$_aruba_url" + + export _H1="Content-type: application/json" + export _H2="Accept: application/json" + export _H3="Authorization: Bearer $ARUBA_CK" + export _H4="Authorization-Key: $ARUBA_TK" + export _H5="Accept: application/json" + + _debug3 _H3 "$_H3" + _debug3 _H4 "$_H4" + if [ "$data" ] || [ "$m" = "POST" ] || [ "$m" = "PUT" ] || [ "$m" = "DELETE" ]; then + _debug data "$data" + response="$(_post "$data" "$_aruba_url" "" "$m")" + else + response="$(_get "$_aruba_url")" + fi + + if [ "$?" != "0" ] || _contains "$response" "wrong credentials" || _contains "$response" "Unprocessable"; then + _err "Response error $response" + return 1 + fi + _debug2 response "$response" + return 0 +}