update docs and examples for auth
This commit is contained in:
rodzic
e9368ab218
commit
e612d57912
12
README.md
12
README.md
|
@ -15,13 +15,21 @@ Implementation Details
|
|||
- https://cloud.google.com/service-usage/docs/getting-started#api
|
||||
- https://github.com/google/oauth2l
|
||||
|
||||
## Authenticating
|
||||
|
||||
Google has made things _way_ too complicated.
|
||||
|
||||
- Create a project
|
||||
- Create a Service Account and download the `service_account.json`
|
||||
- Create a managed public zone for your domain: <https://cloud.google.com/dns/docs/quickstart#create_a_managed_public_zone>
|
||||
|
||||
# Test This First!
|
||||
|
||||
Edit the file `oauth2l-test-token.sh`
|
||||
|
||||
Change the location of `service_account.json` to whatever it needs to be.
|
||||
|
||||
Change the `project` to the name of your project.
|
||||
Change the `PROJECT` to the name of your project.
|
||||
|
||||
If that doesn't work, something is wrong with your credentials, nothing else will work.
|
||||
|
||||
|
@ -33,7 +41,7 @@ First you create an instance with your credentials:
|
|||
var dns01 = require('acme-dns-01-googlecloud').create({
|
||||
baseUrl: 'https://www.googleapis.com/dns/v1/', // default
|
||||
|
||||
// contains private_key, private_key_id, project_id, and client_email
|
||||
// contains private_key, private_key_id, project_id, and client_email
|
||||
serviceAccountPath: __dirname + '/service_account.json'
|
||||
});
|
||||
```
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# NOT credentials.json
|
||||
GOOGLE_APPLICATION_CREDENTIALS=/Users/me/service_account.json
|
||||
TOKEN=yyyy.a.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
||||
ZONE=example.co.uk
|
||||
|
|
13
lib/index.js
13
lib/index.js
|
@ -1,6 +1,6 @@
|
|||
'use strict';
|
||||
|
||||
var auth = require('./auth.js');
|
||||
//var auth = require('./auth.js');
|
||||
var defaults = {
|
||||
baseUrl: 'https://www.googleapis.com/dns/v1/'
|
||||
};
|
||||
|
@ -8,6 +8,7 @@ var defaults = {
|
|||
module.exports.create = function(config) {
|
||||
var request;
|
||||
var baseUrl = (config.baseUrl || defaults.baseUrl).replace(/\/$/, '');
|
||||
var token = config.token;
|
||||
var sa = getServiceAccount(config);
|
||||
|
||||
return {
|
||||
|
@ -43,11 +44,11 @@ module.exports.create = function(config) {
|
|||
};
|
||||
|
||||
function api(opts) {
|
||||
return auth.getToken(sa).then(function(token) {
|
||||
opts.headers = opts.headers || {};
|
||||
opts.headers.Authorization = 'Bearer ' + token;
|
||||
return request(opts);
|
||||
});
|
||||
//return auth.getToken(sa).then(function(token) {
|
||||
opts.headers = opts.headers || {};
|
||||
opts.headers.Authorization = 'Bearer ' + token;
|
||||
return request(opts);
|
||||
//});
|
||||
}
|
||||
|
||||
function getServiceAccount(config) {
|
||||
|
|
|
@ -5,13 +5,16 @@
|
|||
|
||||
set -e
|
||||
|
||||
rm -f ~/.oauth2l
|
||||
|
||||
export GOOGLE_APPLICATION_CREDENTIALS=$HOME/Downloads/service_account.json
|
||||
project=example-change-me
|
||||
PROJECT=even-flight-244020
|
||||
|
||||
token=$(oauth2l fetch ndev.clouddns.readwrite)
|
||||
echo $token
|
||||
curl -fL "https://www.googleapis.com/dns/v1/projects/$project/managedZones" -H "Authorization: Bearer $token"
|
||||
echo API Token: $token
|
||||
curl -fL "https://www.googleapis.com/dns/v1/projects/$PROJECT/managedZones" -H "Authorization: Bearer $token"
|
||||
|
||||
token=$(oauth2l fetch --jwt https://www.googleapis.com/auth/ndev.clouddns.readwrite)
|
||||
echo $token
|
||||
curl -fL "https://www.googleapis.com/dns/v1/projects/$project/managedZones" -H "Authorization: Bearer $token"
|
||||
#token=$(oauth2l fetch --jwt ndev.clouddns.readwrite)
|
||||
#token=$(oauth2l fetch --jwt https://www.googleapis.com/auth/ndev.clouddns.readwrite)
|
||||
#echo JWT: $token
|
||||
#curl -fL "https://www.googleapis.com/dns/v1/projects/$PROJECT/managedZones" -H "Authorization: Bearer $token"
|
||||
|
|
|
@ -1,57 +1,48 @@
|
|||
{
|
||||
"name": "acme-dns-01-googlecloud",
|
||||
"version": "0.0.1",
|
||||
"lockfileVersion": 1,
|
||||
"requires": true,
|
||||
"dependencies": {
|
||||
"@root/request": {
|
||||
"version": "1.3.11",
|
||||
"resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.11.tgz",
|
||||
"integrity": "sha512-3a4Eeghcjsfe6zh7EJ+ni1l8OK9Fz2wL1OjP4UCa0YdvtH39kdXB9RGWuzyNv7dZi0+Ffkc83KfH0WbPMiuJFw==",
|
||||
"dev": true
|
||||
},
|
||||
"acme-challenge-test": {
|
||||
"version": "3.3.2",
|
||||
"resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.3.2.tgz",
|
||||
"integrity": "sha512-0AbMcaON20wpI5vzFDAqwcv2VerY4xIlNCqX0w1xEJUIu/EQtQNmkje+rKNuy2TUl2KBMdIaR6YBbJUdaEiC4w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@root/request": "^1.3.11"
|
||||
}
|
||||
},
|
||||
"acme-dns-01-test": {
|
||||
"version": "3.3.1",
|
||||
"resolved": "https://registry.npmjs.org/acme-dns-01-test/-/acme-dns-01-test-3.3.1.tgz",
|
||||
"integrity": "sha512-di2/n19FDLc/pe4CDxd/FpxuuCZG7CHEQVjWr96vvtxe5XNNgdHi2eJqVP0z9WBf9s61zxslyRPrAWzTN8ZVWw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"acme-challenge-test": "^3.3.1"
|
||||
}
|
||||
},
|
||||
"dotenv": {
|
||||
"version": "8.0.0",
|
||||
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.0.0.tgz",
|
||||
"integrity": "sha512-30xVGqjLjiUOArT4+M5q9sYdvuR4riM6yK9wMcas9Vbp6zZa+ocC9dp6QoftuhTPhFAiLK/0C5Ni2nou/Bk8lg==",
|
||||
"dev": true
|
||||
},
|
||||
"eckles": {
|
||||
"version": "1.4.1",
|
||||
"resolved": "https://registry.npmjs.org/eckles/-/eckles-1.4.1.tgz",
|
||||
"integrity": "sha512-auWyk/k8oSkVHaD4RxkPadKsLUcIwKgr/h8F7UZEueFDBO7BsE4y+H6IMUDbfqKIFPg/9MxV6KcBdJCmVVcxSA=="
|
||||
},
|
||||
"keypairs": {
|
||||
"version": "1.2.14",
|
||||
"resolved": "https://registry.npmjs.org/keypairs/-/keypairs-1.2.14.tgz",
|
||||
"integrity": "sha512-ZoZfZMygyB0QcjSlz7Rh6wT2CJasYEHBPETtmHZEfxuJd7bnsOG5AdtPZqHZBT+hoHvuWCp/4y8VmvTvH0Y9uA==",
|
||||
"requires": {
|
||||
"eckles": "^1.4.1",
|
||||
"rasha": "^1.2.4"
|
||||
}
|
||||
},
|
||||
"rasha": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/rasha/-/rasha-1.2.5.tgz",
|
||||
"integrity": "sha512-KxtX+/fBk+wM7O3CNgwjSh5elwFilLvqWajhr6wFr2Hd63JnKTTi43Tw+Jb1hxJQWOwoya+NZWR2xztn3hCrTw=="
|
||||
}
|
||||
}
|
||||
"name": "acme-dns-01-googlecloud",
|
||||
"version": "0.0.1",
|
||||
"lockfileVersion": 1,
|
||||
"requires": true,
|
||||
"dependencies": {
|
||||
"@root/request": {
|
||||
"version": "1.3.11",
|
||||
"resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.11.tgz",
|
||||
"integrity": "sha512-3a4Eeghcjsfe6zh7EJ+ni1l8OK9Fz2wL1OjP4UCa0YdvtH39kdXB9RGWuzyNv7dZi0+Ffkc83KfH0WbPMiuJFw==",
|
||||
"dev": true
|
||||
},
|
||||
"acme-challenge-test": {
|
||||
"version": "3.3.2",
|
||||
"resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.3.2.tgz",
|
||||
"integrity": "sha512-0AbMcaON20wpI5vzFDAqwcv2VerY4xIlNCqX0w1xEJUIu/EQtQNmkje+rKNuy2TUl2KBMdIaR6YBbJUdaEiC4w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@root/request": "^1.3.11"
|
||||
}
|
||||
},
|
||||
"dotenv": {
|
||||
"version": "8.0.0",
|
||||
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.0.0.tgz",
|
||||
"integrity": "sha512-30xVGqjLjiUOArT4+M5q9sYdvuR4riM6yK9wMcas9Vbp6zZa+ocC9dp6QoftuhTPhFAiLK/0C5Ni2nou/Bk8lg==",
|
||||
"dev": true
|
||||
},
|
||||
"eckles": {
|
||||
"version": "1.4.1",
|
||||
"resolved": "https://registry.npmjs.org/eckles/-/eckles-1.4.1.tgz",
|
||||
"integrity": "sha512-auWyk/k8oSkVHaD4RxkPadKsLUcIwKgr/h8F7UZEueFDBO7BsE4y+H6IMUDbfqKIFPg/9MxV6KcBdJCmVVcxSA=="
|
||||
},
|
||||
"keypairs": {
|
||||
"version": "1.2.14",
|
||||
"resolved": "https://registry.npmjs.org/keypairs/-/keypairs-1.2.14.tgz",
|
||||
"integrity": "sha512-ZoZfZMygyB0QcjSlz7Rh6wT2CJasYEHBPETtmHZEfxuJd7bnsOG5AdtPZqHZBT+hoHvuWCp/4y8VmvTvH0Y9uA==",
|
||||
"requires": {
|
||||
"eckles": "^1.4.1",
|
||||
"rasha": "^1.2.4"
|
||||
}
|
||||
},
|
||||
"rasha": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/rasha/-/rasha-1.2.5.tgz",
|
||||
"integrity": "sha512-KxtX+/fBk+wM7O3CNgwjSh5elwFilLvqWajhr6wFr2Hd63JnKTTi43Tw+Jb1hxJQWOwoya+NZWR2xztn3hCrTw=="
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
7
test.js
7
test.js
|
@ -9,7 +9,8 @@ require('dotenv').config();
|
|||
var zone = process.argv[2] || process.env.ZONE;
|
||||
var config = {
|
||||
serviceAccountPath:
|
||||
process.argv[3] || process.env.GOOGLE_APPLICATION_CREDENTIALS
|
||||
process.argv[3] || process.env.GOOGLE_APPLICATION_CREDENTIALS,
|
||||
token: process.argv[4] || process.env.TOKEN
|
||||
};
|
||||
var challenger = require('./index.js').create(config);
|
||||
|
||||
|
@ -17,8 +18,8 @@ var challenger = require('./index.js').create(config);
|
|||
var sa = require(config.serviceAccountPath);
|
||||
require('./lib/auth.js')
|
||||
.getToken(sa)
|
||||
.then(function(jwt) {
|
||||
console.info('\nAuthorization: Bearer ' + jwt + '\n');
|
||||
.then(function(/*jwt*/) {
|
||||
//console.info('\nAuthorization: Bearer ' + jwt + '\n');
|
||||
|
||||
// The dry-run tests can pass on, literally, 'example.com'
|
||||
// but the integration tests require that you have control over the domain
|
||||
|
|
Ładowanie…
Reference in New Issue