coolaj86/acme-dns-01-googlecloud.js
1
0
派生 0
代码 工单 合并请求 版本发布 百科 动态

update docs and examples for auth

浏览代码
这个提交包含在:
AJ ONeal 2019-07-23 20:39:46 -06:00
父节点 e9368ab218
当前提交 e612d57912
共有 6 个文件被更改,包括 77 次插入72 次删除
显示统计 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

10
README.md
查看文件

@ -15,13 +15,21 @@ Implementation Details
- https://cloud.google.com/service-usage/docs/getting-started#api - https://cloud.google.com/service-usage/docs/getting-started#api
- https://github.com/google/oauth2l - https://github.com/google/oauth2l
## Authenticating
Google has made things _way_ too complicated.
- Create a project
- Create a Service Account and download the `service_account.json`
- Create a managed public zone for your domain: <https://cloud.google.com/dns/docs/quickstart#create_a_managed_public_zone>
# Test This First! # Test This First!
Edit the file `oauth2l-test-token.sh` Edit the file `oauth2l-test-token.sh`
Change the location of `service_account.json` to whatever it needs to be. Change the location of `service_account.json` to whatever it needs to be.
Change the `project` to the name of your project. Change the `PROJECT` to the name of your project.
If that doesn't work, something is wrong with your credentials, nothing else will work. If that doesn't work, something is wrong with your credentials, nothing else will work.

1
example.env
查看文件

@ -1,3 +1,4 @@
# NOT credentials.json # NOT credentials.json
GOOGLE_APPLICATION_CREDENTIALS=/Users/me/service_account.json GOOGLE_APPLICATION_CREDENTIALS=/Users/me/service_account.json
TOKEN=yyyy.a.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ZONE=example.co.uk ZONE=example.co.uk

7
lib/index.js
查看文件

@ -1,6 +1,6 @@
'use strict'; 'use strict';
var auth = require('./auth.js'); //var auth = require('./auth.js');
var defaults = { var defaults = {
baseUrl: 'https://www.googleapis.com/dns/v1/' baseUrl: 'https://www.googleapis.com/dns/v1/'
}; };
@ -8,6 +8,7 @@ var defaults = {
module.exports.create = function(config) { module.exports.create = function(config) {
var request; var request;
var baseUrl = (config.baseUrl || defaults.baseUrl).replace(/\/$/, ''); var baseUrl = (config.baseUrl || defaults.baseUrl).replace(/\/$/, '');
var token = config.token;
var sa = getServiceAccount(config); var sa = getServiceAccount(config);
return { return {
@ -43,11 +44,11 @@ module.exports.create = function(config) {
}; };
function api(opts) { function api(opts) {
return auth.getToken(sa).then(function(token) { //return auth.getToken(sa).then(function(token) {
opts.headers = opts.headers || {}; opts.headers = opts.headers || {};
opts.headers.Authorization = 'Bearer ' + token; opts.headers.Authorization = 'Bearer ' + token;
return request(opts); return request(opts);
}); //});
} }
function getServiceAccount(config) { function getServiceAccount(config) {

15
oauth2l-test-token.sh
查看文件

@ -5,13 +5,16 @@
set -e set -e
rm -f ~/.oauth2l
export GOOGLE_APPLICATION_CREDENTIALS=$HOME/Downloads/service_account.json export GOOGLE_APPLICATION_CREDENTIALS=$HOME/Downloads/service_account.json
project=example-change-me PROJECT=even-flight-244020
token=$(oauth2l fetch ndev.clouddns.readwrite) token=$(oauth2l fetch ndev.clouddns.readwrite)
echo $token echo API Token: $token
curl -fL "https://www.googleapis.com/dns/v1/projects/$project/managedZones" -H "Authorization: Bearer $token" curl -fL "https://www.googleapis.com/dns/v1/projects/$PROJECT/managedZones" -H "Authorization: Bearer $token"
token=$(oauth2l fetch --jwt https://www.googleapis.com/auth/ndev.clouddns.readwrite) #token=$(oauth2l fetch --jwt ndev.clouddns.readwrite)
echo $token #token=$(oauth2l fetch --jwt https://www.googleapis.com/auth/ndev.clouddns.readwrite)
curl -fL "https://www.googleapis.com/dns/v1/projects/$project/managedZones" -H "Authorization: Bearer $token" #echo JWT: $token
#curl -fL "https://www.googleapis.com/dns/v1/projects/$PROJECT/managedZones" -H "Authorization: Bearer $token"

9
package-lock.json 自动生成的
查看文件

@ -19,15 +19,6 @@
"@root/request": "^1.3.11" "@root/request": "^1.3.11"
} }
}, },
"acme-dns-01-test": {
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/acme-dns-01-test/-/acme-dns-01-test-3.3.1.tgz",
"integrity": "sha512-di2/n19FDLc/pe4CDxd/FpxuuCZG7CHEQVjWr96vvtxe5XNNgdHi2eJqVP0z9WBf9s61zxslyRPrAWzTN8ZVWw==",
"dev": true,
"requires": {
"acme-challenge-test": "^3.3.1"
}
},
"dotenv": { "dotenv": {
"version": "8.0.0", "version": "8.0.0",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.0.0.tgz", "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.0.0.tgz",

7
test.js
查看文件

@ -9,7 +9,8 @@ require('dotenv').config();
var zone = process.argv[2] || process.env.ZONE; var zone = process.argv[2] || process.env.ZONE;
var config = { var config = {
serviceAccountPath: serviceAccountPath:
process.argv[3] || process.env.GOOGLE_APPLICATION_CREDENTIALS process.argv[3] || process.env.GOOGLE_APPLICATION_CREDENTIALS,
token: process.argv[4] || process.env.TOKEN
}; };
var challenger = require('./index.js').create(config); var challenger = require('./index.js').create(config);
@ -17,8 +18,8 @@ var challenger = require('./index.js').create(config);
var sa = require(config.serviceAccountPath); var sa = require(config.serviceAccountPath);
require('./lib/auth.js') require('./lib/auth.js')
.getToken(sa) .getToken(sa)
.then(function(jwt) { .then(function(/*jwt*/) {
console.info('\nAuthorization: Bearer ' + jwt + '\n'); //console.info('\nAuthorization: Bearer ' + jwt + '\n');
// The dry-run tests can pass on, literally, 'example.com' // The dry-run tests can pass on, literally, 'example.com'
// but the integration tests require that you have control over the domain // but the integration tests require that you have control over the domain