github
/
allinssl
mirror of https://github.com/allinssl/allinssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(qiniu): 当在更新id时,已经存在绑定证书的情况下,无法正确更新新的证书ID

pull/236/head
guihouchang 2025-06-19 14:09:07 +08:00
parent b10013892c
commit e0702d739d
2 changed files with 109 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
backend/internal/cert/deploy/qiniu.go
View File

@ -5,11 +5,10 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http"
"strconv"
"github.com/qiniu/go-sdk/v7/auth" "github.com/qiniu/go-sdk/v7/auth"
"github.com/qiniu/go-sdk/v7/client" "github.com/qiniu/go-sdk/v7/client"
"net/http"
"strconv"
) )
type commonResponse struct { type commonResponse struct {
@ -51,7 +50,6 @@ func requestQiniu(cfg map[string]any, path string, m map[string]any, method stri
return err return err
} }
func DeployQiniuCdn(cfg map[string]any) error { func DeployQiniuCdn(cfg map[string]any) error {
_, ok := cfg["certificate"].(map[string]any) _, ok := cfg["certificate"].(map[string]any)
if !ok { if !ok {
@ -75,6 +73,43 @@ func DeployQiniuCdn(cfg map[string]any) error {
return err return err
} }
func updateQiniuDomainCert(cfg map[string]any) error {
_, ok := cfg["certificate"].(map[string]any)
if !ok {
return fmt.Errorf("证书不存在")
}
domain, ok := cfg["domain"].(string)
if !ok {
return fmt.Errorf("参数错误domain")
}
forceHttps, ok := cfg["force_https"].(bool)
if !ok {
forceHttps = true
}
http2Enable, ok := cfg["http2_enable"].(bool)
if !ok {
http2Enable = true
}
certId, err := uploadQiniuCert(cfg)
if err != nil {
return err
}
m := map[string]any{
"certid": certId,
"domain": domain,
"forceHttps": forceHttps,
"http2Enable": http2Enable,
}
var response commonResponse
err = requestQiniu(cfg, fmt.Sprintf("domain/%s/httpsconf", domain), m, "PUT", &response)
return err
}
func DeployQiniuOss(cfg map[string]any) error { func DeployQiniuOss(cfg map[string]any) error {
_, ok := cfg["certificate"].(map[string]any) _, ok := cfg["certificate"].(map[string]any)
if !ok { if !ok {
@ -85,10 +120,38 @@ func DeployQiniuOss(cfg map[string]any) error {
return fmt.Errorf("参数错误domain") return fmt.Errorf("参数错误domain")
} }
// 判断域名是否已开启HTTPS
// {
// "certId": <CertID>,
// "forceHttps": <ForceHttps>,
// "http2Enable": <Http2Enable>
// }
var httpsConfig struct {
Https struct {
CertID string `json:"certId"`
ForceHttps bool `json:"forceHttps"`
Http2Enable bool `json:"http2Enable"`
} `json:"https"`
}
err := requestQiniu(cfg, fmt.Sprintf("domain/%s", domain), nil, "GET", &httpsConfig)
if err != nil {
return fmt.Errorf("获取域名HTTPS配置失败: %v", err)
}
certId, err := uploadQiniuCert(cfg) certId, err := uploadQiniuCert(cfg)
if err != nil { if err != nil {
return err return err
} }
if httpsConfig.Https.CertID != "" {
// 如果已开启HTTPS则调用updateQiniuDomainCert更新证书
cfg["cert_id"] = certId
cfg["force_https"] = httpsConfig.Https.ForceHttps
cfg["http2_enable"] = httpsConfig.Https.Http2Enable
err = updateQiniuDomainCert(cfg)
return err
} else {
// 如果未开启HTTPS则使用POST请求绑定证书
m := map[string]any{ m := map[string]any{
"certid": certId, "certid": certId,
"domain": domain, "domain": domain,
@ -97,6 +160,18 @@ func DeployQiniuOss(cfg map[string]any) error {
err = requestQiniu(cfg, "cert/bind", m, "POST", &response) err = requestQiniu(cfg, "cert/bind", m, "POST", &response)
return err return err
} }
}
func delQiniuCert(cfg map[string]any) error {
certId, ok := cfg["old_cert_id"].(string)
if !ok {
return fmt.Errorf("参数错误cert_id")
}
m := map[string]any{}
var response commonResponse
err := requestQiniu(cfg, fmt.Sprintf("sslcert/%v", certId), m, "DELETE", &response)
return err
}
func uploadQiniuCert(cfg map[string]any) (string, error) { func uploadQiniuCert(cfg map[string]any) (string, error) {
cert, ok := cfg["certificate"].(map[string]any) cert, ok := cfg["certificate"].(map[string]any)

23
backend/internal/cert/deploy/qiniu_test.go
View File

File diff suppressed because one or more lines are too long