From 8ab0df92cc5f9b9073231bac87408bf25a94dd91 Mon Sep 17 00:00:00 2001 From: Tom Limoncelli Date: Wed, 21 Jul 2021 12:06:29 -0400 Subject: [PATCH] TRANSIP: Enable privatekey authentication (#1212) * Add PrivateKey authentication for TransIP * Remove space before comma * Re-enable CodeQL for Javascript (#1209) * Create codeql-config.yml * Update codeql-analysis.yml Add config to exclude certain files * deSEC implement pagination (#1208) * deSEC: Implement pagination for domain list #1177 * deSEC: add debug logging for pagination * deSEC: simplify get/post methods by allowing url / api endpoints as target * deSEC: implement pagination for getRecords function * deSEC: fix linter warnings * deSEC: replace domainIndexInitalized variable with checking if the domainIndex == nil * deSEC: add mutex for domainIndex Co-authored-by: Tom Limoncelli Co-authored-by: Vincent Hagen Co-authored-by: Jauder Ho Co-authored-by: Georg --- docs/_providers/transip.md | 18 +++++++++++++++++- providers/transip/transipProvider.go | 13 ++++++++++--- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/docs/_providers/transip.md b/docs/_providers/transip.md index d71974a62..c7749fa6a 100644 --- a/docs/_providers/transip.md +++ b/docs/_providers/transip.md @@ -9,7 +9,21 @@ jsId: TRANSIP ## Configuration -In your providers config json file you must include a TransIP personal access token: +In your providers config json file you must include your TransIP credentials + +You can login with your AccountName and a PrivateKey which can be generated in the TransIP control panel. The PrivateKey is a stringified version of the private key given by the API, see the example below, each newline is replaced by "\n". + +{% highlight json %} +{ + "transip":{ + "AccountName": "your-account-name" + "PrivateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp\nwmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5\n1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh\n3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2\npIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX\nGukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il\nAkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF\nL0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k\nX6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl\nU9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ\n37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=\n-----END RSA PRIVATE KEY-----" + } +} +{% endhighlight %} + +Or you can choose to have an AccessToken as credential. These can be generated in the TransIP control panel and have a limited lifetime + {% highlight json %} { @@ -19,6 +33,8 @@ In your providers config json file you must include a TransIP personal access to } {% endhighlight %} + + ## Metadata This provider does not recognize any special metadata fields unique to TransIP. diff --git a/providers/transip/transipProvider.go b/providers/transip/transipProvider.go index 34a845686..966c1c507 100644 --- a/providers/transip/transipProvider.go +++ b/providers/transip/transipProvider.go @@ -43,12 +43,19 @@ var features = providers.DocumentationNotes{ } func NewTransip(m map[string]string, metadata json.RawMessage) (providers.DNSServiceProvider, error) { - if m["AccessToken"] == "" { - return nil, fmt.Errorf("no TransIP token provided") + + if m["AccessToken"] == "" && m["PrivateKey"] == "" { + return nil, fmt.Errorf("no TransIP AccessToken or PrivateKey provided") + } + + if m["PrivateKey"] != "" && m["AccountName"] == "" { + return nil, fmt.Errorf("no AccountName given, required for authenticating with PrivateKey") } client, err := gotransip.NewClient(gotransip.ClientConfiguration{ - Token: m["AccessToken"], + Token: m["AccessToken"], + AccountName: m["AccountName"], + PrivateKeyReader: strings.NewReader(m["PrivateKey"]), }) if err != nil {