Added fetching zone and TXT records helpers

2019-06-11 19:00:30 +05:45 · 2019-06-11 19:00:30 +05:45 · 5445aec893
parent 90b3d6bb64
commit 5445aec893
4 changed files with 135 additions and 108 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 node_modules/
--- a/lib/index.js
+++ b/lib/index.js
@ -11,108 +11,41 @@ module.exports.create = function(config) {
 	// config = { baseUrl, token }
 	var baseUrl = config.baseUrl || defaults.baseUrl;
 	var authtoken = config.token;
 	return {
 		set: function(data) {
 			var ch = data.challenge;
 			var domainname = ch.identifier.value;
 			// PROBLEM: zone != domain
 			// example.com, foo.example.com, and bar.foo.example.com are all in the example.com zone!!
 			// Need to get list of "domains" (zones) and *then* set "subdomains" (domain records)
 			// https://developers.digitalocean.com/documentation/v2/#domains
 			var zone = domainname;
 			// PROBLEM: dnsPrefix != dnsHost.split('.')[0]
 			// _greenlock-dryrun-2277.bar.foo.example.com => _greenlock-dryrun-2277.bar.foo
 			var dnsPrefix = ch.dnsHost.replace(new RegExp('.' + zone + '$'), '');
 			var txt = ch.dnsAuthorization;
 			// If the domain to be verified is
 			var url = baseUrl + '/v2/domains/' + zone + '/records';
-			console.log('adding txt', data);
+	var helpers = {
-			return request({
+		getDomain: function(identifier) {
-				method: 'POST',
+			var url = baseUrl + '/v2/domains/';
 				url: url,
 				headers: {
 					Authorization: 'Bearer ' + authtoken,
 					'Content-Type': 'application/json'
 				},
 				json: {
 					type: 'TXT',
 					name: dnsPrefix,
 					data: txt,
 					// PROBLEM (fixed) set a LOW ttl so that responses are not cached so long
 					ttl: 300
 				}
 			}).then(function(resp) {
 				resp = resp.body;
 				console.log(resp);
 				if (resp && resp.domain_record && resp.domain_record.data === txt) {
 					return true;
 				}
 				throw new Error('record did not set. check subdomain, api key, etc');
 			});
 		},
 		remove: function(data) {
 			var domainname = data.challenge.altname;
 			var zone = domainname;
 			// PROBLEM: domainname != zone
 			var url = baseUrl + '/v2/domains/' + zone + '/records';
 			// Digital ocean provides the api to remove records by ID. Since we do not have id, we fetch all the records,
 			// filter the required TXT record and pass its id to remove API
 			return request({
 				method: 'GET',
 				url: url,
 				// PROBLEM (fixed): Remember to set json: true (not need to JSON.parse)
 				json: true,
 				headers: {
 					Authorization: 'Bearer ' + authtoken,
 					'Content-Type': 'application/json'
-				}
+				},
 				json: true
 			})
 				.then(function(resp) {
-					resp = resp.body;
+					return resp.body.domains.map(function(x) {
-					var entries =
+						return x.name;
 						resp &&
 						resp.domain_records &&
 						resp.domain_records.filter(function(x) {
 							return x.type === 'TXT';
 					});
 					// PROBLEM entry[0] !== our entry
 					// (see solution for other entries, down below)
 					if (entries.length > 0) {
 						return entries[0].id;
 					} else {
 						throw new Error(
 							'Couldnt remove record. check subdomain, api key, etc'
 						);
 					}
 				})
-				.then(function(recordId) {
+				.then(function(domains) {
-					var domainname = data.challenge.altname;
+					for (var i = 0; i < domains.length; i++) {
-					var zone = domainname;
+						var domain = domains[i];
-					var url = baseUrl + '/v2/domains/' + zone + '/records/' + recordId;
+						var pattern = new RegExp(domain.replace('.', '.') + '$');
-
+						if (pattern.test(identifier)) {
-					return request({
+							return domain;
 						method: 'DELETE',
 						url: url,
 						headers: {
 							Authorization: 'Bearer ' + authtoken,
 							'Content-Type': 'application/json'
 						}
-					}).then(function(resp) {
+					}
-						resp = resp.body;
+					throw new Error('Domain not found for: ' + identifier);
-						console.log(resp);
+				})
 						return true;
 					});
 				});
 		},
-		get: function(data) {
+		getTXTRecord: function(data) {
-			var ch = data.challenge;
+			// data:{dnsPrefix:"_88-acme-challenge-0e.foo",zone:"example.com",txt:"_cdZWaclIbkP1qYpMkZIURTK--ydQIK6d9axFmftWz0"}
-			var domainname = data.challenge.altname;
+			var dnsPrefix = data.dnsPrefix;
-			var zone = domainname;
+			var txt = data.txt;
-			// PROBLEM: domainname != zone
+			var url = baseUrl + '/v2/domains/' + data.zone + '/records';
 			var url = baseUrl + '/v2/domains/' + zone + '/records';
 			console.log('getting txt', data);
 			// Digital ocean provides the api to fetch records by ID. Since we do not have id, we fetch all the records,
 			// filter the required TXT record
@ -132,21 +65,114 @@ module.exports.create = function(config) {
 					resp &&
 					resp.domain_records &&
 					resp.domain_records.filter(function(x) {
-						// PROBLEM should also check for prefix
+						return x.type === 'TXT' && x.name === dnsPrefix && x.data === txt;
 						return x.type === 'TXT';
 					});
-				// PROBLEM (fixed): entries[0] !== our entry
+				return entries && entries[0];
-				var entry = entries.filter(function(x) {
+			});
-					console.log('data', x.data);
+		}
-					console.log('dnsAuth', ch.dnsAuthorization, ch);
+	};
-					return x.data === ch.dnsAuthorization;
+
-				})[0];
+	return {
-				if (entry) {
+		set: function(data) {
 			var ch = data.challenge;
 			var domainRecord = ch.identifier.value;
 			// Note: zone != domain
 			// example.com, foo.example.com, and bar.foo.example.com are all in the example.com zone!!
 			// Need to get list of "domains" (zones) and *then* set "subdomains" (domain records)
 			// https://developers.digitalocean.com/documentation/v2/#domains
 			return helpers.getDomain(domainRecord).then(function(zone) {
 				// Note: dnsPrefix != dnsHost.split('.')[0]
 				// _greenlock-dryrun-2277.bar.foo.example.com => _greenlock-dryrun-2277.bar.foo
 				var dnsPrefix = ch.dnsHost.replace(new RegExp('.' + zone + '$'), '');
 				var txt = ch.dnsAuthorization;
 				var url = baseUrl + '/v2/domains/' + zone + '/records';
 				console.info('Adding TXT', data);
 				return request({
 					method: 'POST',
 					url: url,
 					headers: {
 						Authorization: 'Bearer ' + authtoken,
 						'Content-Type': 'application/json'
 					},
 					json: {
 						type: 'TXT',
 						name: dnsPrefix,
 						data: txt,
 						// Note: set a LOW ttl so that responses are not cached so long
 						ttl: 300
 					}
 				}).then(function(resp) {
 					resp = resp.body;
 					if (resp && resp.domain_record && resp.domain_record.data === txt) {
 						return true;
 					}
 					throw new Error('record did not set. check subdomain, api key, etc');
 				});
 			});
 		},
 		remove: function(data) {
 			var ch = data.challenge;
 			var zone = ch.identifier.value;
 			var dnsPrefix = ch.dnsHost.replace(new RegExp('.' + zone + '$'), '');
 			var txt = ch.dnsAuthorization;
 			var url = baseUrl + '/v2/domains/' + zone + '/records';
 			// Digital ocean provides the api to remove records by ID. So we first get the recordId and use it to remove the domain record
 			return helpers.getDomain(domainRecord).then(function(zone) {
 				var dnsPrefix = ch.dnsHost.replace(new RegExp('.' + zone + '$'), '');
 				var payload = {
 					dnsPrefix: dnsPrefix,
 					zone: zone,
 					txt: data.dnsAuthorization
 				};
 				return helpers.getTXTRecord(payload).then(function(txtRecord) {
 					if (txtRecord) {
 						var url =
 							baseUrl + '/v2/domains/' + zone + '/records/' + txtRecord.id;
 						return request({
 							method: 'DELETE',
 							url: url,
 							headers: {
 								Authorization: 'Bearer ' + authtoken,
 								'Content-Type': 'application/json'
 							}
 						}).then(function(resp) {
 							resp = resp.body;
 							console.log(resp);
 							return true;
 						});
 					} else {
 						throw new Error('Txt Record not found for removal');
 					}
 				});
 			});
 		},
 		get: function(data) {
 			var ch = data.challenge;
 			var domainRecord = data.challenge.altname;
 			console.log('DATA:xx', data);
 			return helpers.getDomain(domainRecord).then(function(zone) {
 				var dnsPrefix = ch.dnsHost.replace(new RegExp('.' + zone + '$'), '');
 				console.info('Fetching TXT', data);
 				var payload = {
 					dnsPrefix: dnsPrefix,
 					zone: zone,
 					txt: data.dnsAuthorization
 				};
 				return helpers.getTXTRecord(payload).then(function(txtRecord) {
 					if (txtRecord) {
 						return { dnsAuthorization: entry.data };
 					} else {
 						return null;
 					}
 				});
 			});
 		}
 	};
 };
--- a/package-lock.json
+++ b/package-lock.json
@ -10,9 +10,9 @@
      "integrity": "sha512-3a4Eeghcjsfe6zh7EJ+ni1l8OK9Fz2wL1OjP4UCa0YdvtH39kdXB9RGWuzyNv7dZi0+Ffkc83KfH0WbPMiuJFw=="
    },
    "acme-challenge-test": {
-      "version": "3.1.0",
+      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.1.2.tgz",
-      "integrity": "sha512-k+2hNED8P245BdJh44+eJjmVr7oNcuxigMbfz2/7Emc5h4ZAI7iuRZ2M6t4Qui+q5YgiPPjnILDzCZTHLzb1Ag==",
+      "integrity": "sha512-/FLQ35C96sexz3qLzEOAAImsnj/5PRND4DieduFvp6E1rKWTxmKMSPPP7gNmZqoU58MbGrpwYieYzB9KQiqMUw==",
      "dev": true
    }
  }
--- a/package.json
+++ b/package.json
@ -25,6 +25,6 @@
    "@root/request": "^1.3.11"
  },
  "devDependencies": {
-    "acme-challenge-test": "^3.1.0"
+    "acme-challenge-test": "^3.1.2"
  }
 }