refactor: re-impl sdk3rd
This commit is contained in:
Fu Diwei
@@ -3,15 +3,14 @@ package onepanelssl
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
|
||||
onepanelsdkv2 "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel/v2"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -28,7 +27,7 @@ type UploaderConfig struct {
|
||||
type UploaderProvider struct {
|
||||
config *UploaderConfig
|
||||
logger *slog.Logger
|
||||
sdkClient *onepanelsdk.Client
|
||||
sdkClient any
|
||||
}
|
||||
|
||||
var _ uploader.Uploader = (*UploaderProvider)(nil)
|
||||
@@ -72,23 +71,46 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
|
||||
|
||||
// 上传证书
|
||||
uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{
|
||||
Type: "paste",
|
||||
Description: certName,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err)
|
||||
switch sdkClient := u.sdkClient.(type) {
|
||||
case *onepanelsdk.Client:
|
||||
{
|
||||
uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{
|
||||
Type: "paste",
|
||||
Description: certName,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
case *onepanelsdkv2.Client:
|
||||
{
|
||||
uploadWebsiteSSLReq := &onepanelsdkv2.UploadWebsiteSSLRequest{
|
||||
Type: "paste",
|
||||
Description: certName,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
default:
|
||||
panic("sdk client is not implemented")
|
||||
}
|
||||
|
||||
// 遍历证书列表,获取刚刚上传证书 ID
|
||||
if res, err := u.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res == nil {
|
||||
return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage())
|
||||
return nil, fmt.Errorf("no ssl certificate found, may be upload failed")
|
||||
} else {
|
||||
return res, nil
|
||||
}
|
||||
@@ -97,6 +119,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) {
|
||||
searchWebsiteSSLPageNumber := int32(1)
|
||||
searchWebsiteSSLPageSize := int32(100)
|
||||
searchWebsiteSSLItemsCount := int32(0)
|
||||
for {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
@@ -104,28 +127,68 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string,
|
||||
default:
|
||||
}
|
||||
|
||||
searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{
|
||||
Page: searchWebsiteSSLPageNumber,
|
||||
PageSize: searchWebsiteSSLPageSize,
|
||||
}
|
||||
searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err)
|
||||
}
|
||||
switch sdkClient := u.sdkClient.(type) {
|
||||
case *onepanelsdk.Client:
|
||||
{
|
||||
searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{
|
||||
Page: searchWebsiteSSLPageNumber,
|
||||
PageSize: searchWebsiteSSLPageSize,
|
||||
}
|
||||
searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err)
|
||||
}
|
||||
|
||||
for _, sslItem := range searchWebsiteSSLResp.Data.Items {
|
||||
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
|
||||
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
|
||||
// 如果已存在相同证书,直接返回
|
||||
return &uploader.UploadResult{
|
||||
CertId: fmt.Sprintf("%d", sslItem.ID),
|
||||
CertName: sslItem.Description,
|
||||
}, nil
|
||||
if searchWebsiteSSLResp.Data != nil {
|
||||
for _, sslItem := range searchWebsiteSSLResp.Data.Items {
|
||||
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
|
||||
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
|
||||
// 如果已存在相同证书,直接返回
|
||||
return &uploader.UploadResult{
|
||||
CertId: fmt.Sprintf("%d", sslItem.ID),
|
||||
CertName: sslItem.Description,
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total
|
||||
}
|
||||
|
||||
case *onepanelsdkv2.Client:
|
||||
{
|
||||
searchWebsiteSSLReq := &onepanelsdkv2.SearchWebsiteSSLRequest{
|
||||
Page: searchWebsiteSSLPageNumber,
|
||||
PageSize: searchWebsiteSSLPageSize,
|
||||
}
|
||||
searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err)
|
||||
}
|
||||
|
||||
if searchWebsiteSSLResp.Data != nil {
|
||||
for _, sslItem := range searchWebsiteSSLResp.Data.Items {
|
||||
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
|
||||
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
|
||||
// 如果已存在相同证书,直接返回
|
||||
return &uploader.UploadResult{
|
||||
CertId: fmt.Sprintf("%d", sslItem.ID),
|
||||
CertName: sslItem.Description,
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total
|
||||
}
|
||||
|
||||
default:
|
||||
panic("sdk client is not implemented")
|
||||
}
|
||||
|
||||
if len(searchWebsiteSSLResp.Data.Items) < int(searchWebsiteSSLPageSize) {
|
||||
if searchWebsiteSSLItemsCount < searchWebsiteSSLPageSize {
|
||||
break
|
||||
} else {
|
||||
searchWebsiteSSLPageNumber++
|
||||
@@ -135,23 +198,35 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string,
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) {
|
||||
if _, err := url.Parse(serverUrl); err != nil {
|
||||
return nil, errors.New("invalid 1panel server url")
|
||||
const (
|
||||
sdkVersionV1 = "v1"
|
||||
sdkVersionV2 = "v2"
|
||||
)
|
||||
|
||||
func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) {
|
||||
if apiVersion == sdkVersionV1 {
|
||||
client, err := onepanelsdk.NewClient(serverUrl, apiKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if skipTlsVerify {
|
||||
client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true})
|
||||
}
|
||||
|
||||
return client, nil
|
||||
} else if apiVersion == sdkVersionV2 {
|
||||
client, err := onepanelsdkv2.NewClient(serverUrl, apiKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if skipTlsVerify {
|
||||
client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true})
|
||||
}
|
||||
|
||||
return client, nil
|
||||
}
|
||||
|
||||
if apiVersion == "" {
|
||||
return nil, errors.New("invalid 1panel api version")
|
||||
}
|
||||
|
||||
if apiKey == "" {
|
||||
return nil, errors.New("invalid 1panel api key")
|
||||
}
|
||||
|
||||
client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey)
|
||||
if skipTlsVerify {
|
||||
client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
|
||||
}
|
||||
|
||||
return client, nil
|
||||
return nil, fmt.Errorf("invalid 1panel api version")
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@ import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common"
|
||||
azenv "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/env"
|
||||
xcert "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
@@ -176,7 +176,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
}
|
||||
|
||||
func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) {
|
||||
env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName)
|
||||
env, err := azenv.GetCloudEnvConfiguration(cloudName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -189,9 +189,9 @@ func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName s
|
||||
}
|
||||
|
||||
endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName)
|
||||
if azcommon.IsEnvironmentGovernment(cloudName) {
|
||||
if azenv.IsUSGovernmentEnv(cloudName) {
|
||||
endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName)
|
||||
} else if azcommon.IsEnvironmentChina(cloudName) {
|
||||
} else if azenv.IsChinaEnv(cloudName) {
|
||||
endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName)
|
||||
}
|
||||
|
||||
|
||||
@@ -58,8 +58,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
|
||||
// 上传新证书
|
||||
// REF: https://docs.dogecloud.com/cdn/api-cert-upload
|
||||
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM)
|
||||
u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp))
|
||||
uploadSslCertReq := &dogesdk.UploadCdnCertRequest{
|
||||
Note: certName,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(uploadSslCertReq)
|
||||
u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("request", uploadSslCertReq), slog.Any("response", uploadSslCertResp))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err)
|
||||
}
|
||||
@@ -72,6 +77,5 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
}
|
||||
|
||||
func createSdkClient(accessKey, secretKey string) (*dogesdk.Client, error) {
|
||||
client := dogesdk.NewClient(accessKey, secretKey)
|
||||
return client, nil
|
||||
return dogesdk.NewClient(accessKey, secretKey)
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ import (
|
||||
"github.com/G-Core/gcorelabscdn-go/sslcerts"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common"
|
||||
gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
|
||||
@@ -24,7 +24,7 @@ type UploaderConfig struct {
|
||||
type UploaderProvider struct {
|
||||
config *UploaderConfig
|
||||
logger *slog.Logger
|
||||
sdkClient *qiniusdk.Client
|
||||
sdkClient *qiniusdk.CdnManager
|
||||
}
|
||||
|
||||
var _ uploader.Uploader = (*UploaderProvider)(nil)
|
||||
@@ -81,7 +81,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
}, nil
|
||||
}
|
||||
|
||||
func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) {
|
||||
func createSdkClient(accessKey, secretKey string) (*qiniusdk.CdnManager, error) {
|
||||
if secretKey == "" {
|
||||
return nil, errors.New("invalid qiniu access key")
|
||||
}
|
||||
@@ -91,6 +91,6 @@ func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) {
|
||||
}
|
||||
|
||||
credential := auth.New(accessKey, secretKey)
|
||||
client := qiniusdk.NewClient(credential)
|
||||
client := qiniusdk.NewCdnManager(credential)
|
||||
return client, nil
|
||||
}
|
||||
|
||||
@@ -76,7 +76,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
if res, err := u.findCertIfExists(ctx, certPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res == nil {
|
||||
return nil, errors.New("rainyun sslcenter: no certificate found")
|
||||
return nil, errors.New("no ssl certificate found, may be upload failed")
|
||||
} else {
|
||||
return res, nil
|
||||
}
|
||||
@@ -166,10 +166,5 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string)
|
||||
}
|
||||
|
||||
func createSdkClient(apiKey string) (*rainyunsdk.Client, error) {
|
||||
if apiKey == "" {
|
||||
return nil, errors.New("invalid rainyun api key")
|
||||
}
|
||||
|
||||
client := rainyunsdk.NewClient(apiKey)
|
||||
return client, nil
|
||||
return rainyunsdk.NewClient(apiKey)
|
||||
}
|
||||
|
||||
@@ -2,7 +2,6 @@ package upyunssl
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
|
||||
@@ -69,14 +68,5 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
}
|
||||
|
||||
func createSdkClient(username, password string) (*upyunsdk.Client, error) {
|
||||
if username == "" {
|
||||
return nil, errors.New("invalid upyun username")
|
||||
}
|
||||
|
||||
if password == "" {
|
||||
return nil, errors.New("invalid upyun password")
|
||||
}
|
||||
|
||||
client := upyunsdk.NewClient(username, password)
|
||||
return client, nil
|
||||
return upyunsdk.NewClient(username, password)
|
||||
}
|
||||
|
||||
@@ -2,7 +2,6 @@ package wangsucertificate
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"regexp"
|
||||
@@ -116,7 +115,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
// 网宿云证书 URL 中包含证书 ID
|
||||
// 格式:
|
||||
// https://open.chinanetcenter.com/api/certificate/100001
|
||||
wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateUrl)
|
||||
wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateLocation)
|
||||
if len(wangsuCertIdMatches) > 1 {
|
||||
certId = wangsuCertIdMatches[1]
|
||||
} else {
|
||||
@@ -130,13 +129,5 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE
|
||||
}
|
||||
|
||||
func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) {
|
||||
if accessKeyId == "" {
|
||||
return nil, errors.New("invalid wangsu access key id")
|
||||
}
|
||||
|
||||
if accessKeySecret == "" {
|
||||
return nil, errors.New("invalid wangsu access key secret")
|
||||
}
|
||||
|
||||
return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil
|
||||
return wangsusdk.NewClient(accessKeyId, accessKeySecret)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user