def _txt_challenge( profile: Dict[str, Any], token: str, domain: str, action: str = "create", ): profile_name = profile["name"] provider_name = profile["provider"] provider_options = profile.get("provider_options", {}) if not provider_options: print(f"No provider_options are defined for profile {profile_name}, " "any call to the provider API is likely to fail.") config_dict = { "action": action, "domain": domain, "type": "TXT", "name": "_acme-challenge.{0}.".format(domain), "content": token, "delegated": profile.get("delegated_subdomain"), "provider_name": provider_name, provider_name: provider_options, } ttl = profile.get("ttl") if ttl: config_dict["ttl"] = ttl lexicon_config = ConfigResolver() lexicon_config.with_dict(config_dict) Client(lexicon_config).execute()
def delete_dns_record(self, record): """ Delete a record from the domain. """ lexicon_config = self._get_base_config() lexicon_config['domain'] = record['domain'] lexicon_config['action'] = 'delete' lexicon_config['name'] = record['name'] lexicon_config['type'] = record['type'] config = ConfigResolver() config.with_dict(dict_object=lexicon_config) client = Client(config) result = False try: result = client.execute() # Invalidate cache for the domain-cname pair cache.delete(f"{record['domain']}-{record['type']}") except Exception as e: # pylint: disable=broad-except # This ugly checking of the exception message is needed # as the library only throws an instance of the Exception class. if 'Record identifier could not be found' in str(e): result = True else: raise return result
def authenticate(self): """ Launch the authentication process: for 'auto' provider, it means first to find the relevant provider, then call its authenticate() method. Almost every subsequent operation will then be delegated to that provider. """ mapping_override = self.config.resolve('lexicon:auto:mapping_override') print(mapping_override) mapping_override_processed = {} if mapping_override: for one_mapping in mapping_override.split(','): one_mapping_processed = one_mapping.split(':') mapping_override_processed[ one_mapping_processed[0]] = one_mapping_processed[1] override_provider = mapping_override_processed.get(self.domain) if override_provider: provider = [ element for element in AVAILABLE_PROVIDERS.items() if element[0] == override_provider ][0] LOGGER.info('Provider authoritatively mapped for domain %s: %s.', self.domain, provider.__name__) (provider_name, provider_module) = provider else: (provider_name, provider_module) = _relevant_provider_for_domain(self.domain) LOGGER.info('Provider discovered for domain %s: %s.', self.domain, provider_name) new_config = ConfigResolver() new_config.with_dict({'lexicon:provider_name': provider_name}) target_prefix = 'auto_{0}_'.format(provider_name) for configSource in self.config._config_sources: if not isinstance(configSource, ArgsConfigSource): new_config.with_config_source(configSource) else: # ArgsConfigSource needs to be reprocessed to rescope the provided # args to the delegate provider new_dict = {} for key, value in configSource._parameters.items(): if key.startswith(target_prefix): new_param_name = re.sub('^{0}'.format(target_prefix), '', key) new_dict['lexicon:{0}:{1}'.format( provider_name, new_param_name)] = value elif not key.startswith('auto_'): new_dict['lexicon:{0}'.format(key)] = value new_config.with_dict(new_dict) self.proxy_provider = provider_module.Provider(new_config) self.proxy_provider.authenticate()
def txt_challenge( certificate: Dict[str, Any], profile: Dict[str, Any], token: str, domain: str, action: str = "create", ): profile_name = profile["name"] provider_name = profile["provider"] provider_options = profile.get("provider_options", {}) if not provider_options: print(f"No provider_options are defined for profile {profile_name}, " "any call to the provider API is likely to fail.") challenge_name = f"_acme-challenge.{domain}." if certificate.get("follow_cnames"): print( f"Trying to resolve the canonical challenge name for {challenge_name}" ) canonical_challenge_name = resolve_canonical_challenge_name( challenge_name) print( f"Canonical challenge name found for {challenge_name}: {canonical_challenge_name}" ) challenge_name = canonical_challenge_name extracted = tldextract.extract(challenge_name) domain = ".".join([extracted.domain, extracted.suffix]) config_dict = { "action": action, "domain": domain, "type": "TXT", "name": challenge_name, "content": token, "delegated": profile.get("delegated_subdomain"), "provider_name": provider_name, provider_name: provider_options, } ttl = profile.get("ttl") if ttl: config_dict["ttl"] = ttl lexicon_config = ConfigResolver() lexicon_config.with_dict(config_dict) Client(lexicon_config).execute()
def add_dns_record(self, record): """ Add a DNS record to the domain. """ lexicon_config = self._get_base_config() lexicon_config['domain'] = record['domain'] lexicon_config['action'] = 'create' lexicon_config['type'] = record['type'] lexicon_config['name'] = record['name'] lexicon_config['content'] = record['value'] lexicon_config['ttl'] = record['ttl'] config = ConfigResolver() config.with_dict(dict_object=lexicon_config) client = Client(config) result = client.execute() return result
def list_dns_records(self, record): """ List all records of a domain name for a given type. """ cached_result = cache.get(f"{record['domain']}-{record['type']}") if cached_result: return cached_result lexicon_config = self._get_base_config() lexicon_config['domain'] = record['domain'] lexicon_config['action'] = 'list' lexicon_config['type'] = record['type'] config = ConfigResolver() config.with_dict(dict_object=lexicon_config) client = Client(config) result = client.execute() cache.set(f"{record['domain']}-{record['type']}", result) return result