mirror of
https://github.com/StackExchange/dnscontrol.git
synced 2025-12-18 06:39:44 +08:00
151 lines
7.3 KiB
Go
151 lines
7.3 KiB
Go
package cloudflare
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/goccy/go-json"
|
|
)
|
|
|
|
// PerZoneAuthenticatedOriginPullsSettings represents the settings for Per Zone AuthenticatedOriginPulls.
|
|
type PerZoneAuthenticatedOriginPullsSettings struct {
|
|
Enabled bool `json:"enabled"`
|
|
}
|
|
|
|
// PerZoneAuthenticatedOriginPullsSettingsResponse represents the response from the Per Zone AuthenticatedOriginPulls settings endpoint.
|
|
type PerZoneAuthenticatedOriginPullsSettingsResponse struct {
|
|
Response
|
|
Result PerZoneAuthenticatedOriginPullsSettings `json:"result"`
|
|
}
|
|
|
|
// PerZoneAuthenticatedOriginPullsCertificateDetails represents the metadata for a Per Zone AuthenticatedOriginPulls client certificate.
|
|
type PerZoneAuthenticatedOriginPullsCertificateDetails struct {
|
|
ID string `json:"id"`
|
|
Certificate string `json:"certificate"`
|
|
Issuer string `json:"issuer"`
|
|
Signature string `json:"signature"`
|
|
ExpiresOn time.Time `json:"expires_on"`
|
|
Status string `json:"status"`
|
|
UploadedOn time.Time `json:"uploaded_on"`
|
|
}
|
|
|
|
// PerZoneAuthenticatedOriginPullsCertificateResponse represents the response from endpoints relating to creating and deleting a per zone AuthenticatedOriginPulls certificate.
|
|
type PerZoneAuthenticatedOriginPullsCertificateResponse struct {
|
|
Response
|
|
Result PerZoneAuthenticatedOriginPullsCertificateDetails `json:"result"`
|
|
}
|
|
|
|
// PerZoneAuthenticatedOriginPullsCertificatesResponse represents the response from the per zone AuthenticatedOriginPulls certificate list endpoint.
|
|
type PerZoneAuthenticatedOriginPullsCertificatesResponse struct {
|
|
Response
|
|
Result []PerZoneAuthenticatedOriginPullsCertificateDetails `json:"result"`
|
|
}
|
|
|
|
// PerZoneAuthenticatedOriginPullsCertificateParams represents the required data related to the client certificate being uploaded to be used in Per Zone AuthenticatedOriginPulls.
|
|
type PerZoneAuthenticatedOriginPullsCertificateParams struct {
|
|
Certificate string `json:"certificate"`
|
|
PrivateKey string `json:"private_key"`
|
|
}
|
|
|
|
// GetPerZoneAuthenticatedOriginPullsStatus returns whether per zone AuthenticatedOriginPulls is enabled or not. It is false by default.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-get-enablement-setting-for-zone
|
|
func (api *API) GetPerZoneAuthenticatedOriginPullsStatus(ctx context.Context, zoneID string) (PerZoneAuthenticatedOriginPullsSettings, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth/settings", zoneID)
|
|
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
|
|
if err != nil {
|
|
return PerZoneAuthenticatedOriginPullsSettings{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsSettingsResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return PerZoneAuthenticatedOriginPullsSettings{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|
|
|
|
// SetPerZoneAuthenticatedOriginPullsStatus will update whether Per Zone AuthenticatedOriginPulls is enabled for the zone.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-set-enablement-for-zone
|
|
func (api *API) SetPerZoneAuthenticatedOriginPullsStatus(ctx context.Context, zoneID string, enable bool) (PerZoneAuthenticatedOriginPullsSettings, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth/settings", zoneID)
|
|
params := struct {
|
|
Enabled bool `json:"enabled"`
|
|
}{
|
|
Enabled: enable,
|
|
}
|
|
res, err := api.makeRequestContext(ctx, http.MethodPut, uri, params)
|
|
if err != nil {
|
|
return PerZoneAuthenticatedOriginPullsSettings{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsSettingsResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return PerZoneAuthenticatedOriginPullsSettings{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|
|
|
|
// UploadPerZoneAuthenticatedOriginPullsCertificate will upload a provided client certificate and enable it to be used in all AuthenticatedOriginPulls requests for the zone.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-upload-certificate
|
|
func (api *API) UploadPerZoneAuthenticatedOriginPullsCertificate(ctx context.Context, zoneID string, params PerZoneAuthenticatedOriginPullsCertificateParams) (PerZoneAuthenticatedOriginPullsCertificateDetails, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth", zoneID)
|
|
res, err := api.makeRequestContext(ctx, http.MethodPost, uri, params)
|
|
if err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsCertificateResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|
|
|
|
// ListPerZoneAuthenticatedOriginPullsCertificates returns a list of all user uploaded client certificates to Per Zone AuthenticatedOriginPulls.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-list-certificates
|
|
func (api *API) ListPerZoneAuthenticatedOriginPullsCertificates(ctx context.Context, zoneID string) ([]PerZoneAuthenticatedOriginPullsCertificateDetails, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth", zoneID)
|
|
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
|
|
if err != nil {
|
|
return []PerZoneAuthenticatedOriginPullsCertificateDetails{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsCertificatesResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return []PerZoneAuthenticatedOriginPullsCertificateDetails{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|
|
|
|
// GetPerZoneAuthenticatedOriginPullsCertificateDetails returns the metadata associated with a user uploaded client certificate to Per Zone AuthenticatedOriginPulls.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-get-certificate-details
|
|
func (api *API) GetPerZoneAuthenticatedOriginPullsCertificateDetails(ctx context.Context, zoneID, certificateID string) (PerZoneAuthenticatedOriginPullsCertificateDetails, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth/%s", zoneID, certificateID)
|
|
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
|
|
if err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsCertificateResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|
|
|
|
// DeletePerZoneAuthenticatedOriginPullsCertificate removes the specified client certificate from the edge.
|
|
//
|
|
// API reference: https://api.cloudflare.com/#zone-level-authenticated-origin-pulls-delete-certificate
|
|
func (api *API) DeletePerZoneAuthenticatedOriginPullsCertificate(ctx context.Context, zoneID, certificateID string) (PerZoneAuthenticatedOriginPullsCertificateDetails, error) {
|
|
uri := fmt.Sprintf("/zones/%s/origin_tls_client_auth/%s", zoneID, certificateID)
|
|
res, err := api.makeRequestContext(ctx, http.MethodDelete, uri, nil)
|
|
if err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, err
|
|
}
|
|
var r PerZoneAuthenticatedOriginPullsCertificateResponse
|
|
if err := json.Unmarshal(res, &r); err != nil {
|
|
return PerZoneAuthenticatedOriginPullsCertificateDetails{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
|
|
}
|
|
return r.Result, nil
|
|
}
|