def _txt_challenge(
profile: Dict[str, Any],
token: str,
domain: str,
action: str = "create",
):
profile_name = profile["name"]
provider_name = profile["provider"]
provider_options = profile.get("provider_options", {})
if not provider_options:
print(f"No provider_options are defined for profile {profile_name}, "
"any call to the provider API is likely to fail.")
config_dict = {
"action": action,
"domain": domain,
"type": "TXT",
"name": "_acme-challenge.{0}.".format(domain),
"content": token,
"delegated": profile.get("delegated_subdomain"),
"provider_name": provider_name,
provider_name: provider_options,
}
ttl = profile.get("ttl")
if ttl:
config_dict["ttl"] = ttl
lexicon_config = ConfigResolver()
lexicon_config.with_dict(config_dict)
Client(lexicon_config).execute()
def delete_dns_record(self, record):
"""
Delete a record from the domain.
"""
lexicon_config = self._get_base_config()
lexicon_config['domain'] = record['domain']
lexicon_config['action'] = 'delete'
lexicon_config['name'] = record['name']
lexicon_config['type'] = record['type']
config = ConfigResolver()
config.with_dict(dict_object=lexicon_config)
client = Client(config)
result = False
try:
result = client.execute()
# Invalidate cache for the domain-cname pair
cache.delete(f"{record['domain']}-{record['type']}")
except Exception as e: # pylint: disable=broad-except
# This ugly checking of the exception message is needed
# as the library only throws an instance of the Exception class.
if 'Record identifier could not be found' in str(e):
result = True
else:
raise
return result
def authenticate(self):
"""
Launch the authentication process: for 'auto' provider, it means first to find the relevant
provider, then call its authenticate() method. Almost every subsequent operation will then
be delegated to that provider.
"""
mapping_override = self.config.resolve('lexicon:auto:mapping_override')
print(mapping_override)
mapping_override_processed = {}
if mapping_override:
for one_mapping in mapping_override.split(','):
one_mapping_processed = one_mapping.split(':')
mapping_override_processed[
one_mapping_processed[0]] = one_mapping_processed[1]
override_provider = mapping_override_processed.get(self.domain)
if override_provider:
provider = [
element for element in AVAILABLE_PROVIDERS.items()
if element[0] == override_provider
][0]
LOGGER.info('Provider authoritatively mapped for domain %s: %s.',
self.domain, provider.__name__)
(provider_name, provider_module) = provider
else:
(provider_name,
provider_module) = _relevant_provider_for_domain(self.domain)
LOGGER.info('Provider discovered for domain %s: %s.', self.domain,
provider_name)
new_config = ConfigResolver()
new_config.with_dict({'lexicon:provider_name': provider_name})
target_prefix = 'auto_{0}_'.format(provider_name)
for configSource in self.config._config_sources:
if not isinstance(configSource, ArgsConfigSource):
new_config.with_config_source(configSource)
else:
# ArgsConfigSource needs to be reprocessed to rescope the provided
# args to the delegate provider
new_dict = {}
for key, value in configSource._parameters.items():
if key.startswith(target_prefix):
new_param_name = re.sub('^{0}'.format(target_prefix),
'', key)
new_dict['lexicon:{0}:{1}'.format(
provider_name, new_param_name)] = value
elif not key.startswith('auto_'):
new_dict['lexicon:{0}'.format(key)] = value
new_config.with_dict(new_dict)
self.proxy_provider = provider_module.Provider(new_config)
self.proxy_provider.authenticate()
def txt_challenge(
certificate: Dict[str, Any],
profile: Dict[str, Any],
token: str,
domain: str,
action: str = "create",
):
profile_name = profile["name"]
provider_name = profile["provider"]
provider_options = profile.get("provider_options", {})
if not provider_options:
print(f"No provider_options are defined for profile {profile_name}, "
"any call to the provider API is likely to fail.")
challenge_name = f"_acme-challenge.{domain}."
if certificate.get("follow_cnames"):
print(
f"Trying to resolve the canonical challenge name for {challenge_name}"
)
canonical_challenge_name = resolve_canonical_challenge_name(
challenge_name)
print(
f"Canonical challenge name found for {challenge_name}: {canonical_challenge_name}"
)
challenge_name = canonical_challenge_name
extracted = tldextract.extract(challenge_name)
domain = ".".join([extracted.domain, extracted.suffix])
config_dict = {
"action": action,
"domain": domain,
"type": "TXT",
"name": challenge_name,
"content": token,
"delegated": profile.get("delegated_subdomain"),
"provider_name": provider_name,
provider_name: provider_options,
}
ttl = profile.get("ttl")
if ttl:
config_dict["ttl"] = ttl
lexicon_config = ConfigResolver()
lexicon_config.with_dict(config_dict)
Client(lexicon_config).execute()
def add_dns_record(self, record):
"""
Add a DNS record to the domain.
"""
lexicon_config = self._get_base_config()
lexicon_config['domain'] = record['domain']
lexicon_config['action'] = 'create'
lexicon_config['type'] = record['type']
lexicon_config['name'] = record['name']
lexicon_config['content'] = record['value']
lexicon_config['ttl'] = record['ttl']
config = ConfigResolver()
config.with_dict(dict_object=lexicon_config)
client = Client(config)
result = client.execute()
return result
def list_dns_records(self, record):
"""
List all records of a domain name for a given type.
"""
cached_result = cache.get(f"{record['domain']}-{record['type']}")
if cached_result:
return cached_result
lexicon_config = self._get_base_config()
lexicon_config['domain'] = record['domain']
lexicon_config['action'] = 'list'
lexicon_config['type'] = record['type']
config = ConfigResolver()
config.with_dict(dict_object=lexicon_config)
client = Client(config)
result = client.execute()
cache.set(f"{record['domain']}-{record['type']}", result)
return result
