github
/
allinssl
mirror of https://github.com/allinssl/allinssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
allinssl/backend/internal/cert/deploy/client/aliyun/aliyunWaf.go

283 lines
7.9 KiB
Go
Raw Permalink Blame History

package aliyun
import (
"fmt"
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
openapiutil "github.com/alibabacloud-go/openapi-util/service"
util "github.com/alibabacloud-go/tea-utils/v2/service"
"github.com/alibabacloud-go/tea/tea"
aliyunwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client"
)
type AliyunWafClient struct {
aliyunwaf.Client
accessKey string
accessSecret string
region string
}
func ClientAliWaf(accessKey, accessSecret, region string) (_result *AliyunWafClient, err error) {
//region:[cn-hangzhou,ap-southeast-1]
config := &openapi.Config{
AccessKeyId: tea.String(accessKey),
AccessKeySecret: tea.String(accessSecret),
Endpoint: tea.String(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region)),
}
client, err := aliyunwaf.NewClient(config)
if err != nil {
return nil, err
}
aliyunwafClient := &AliyunWafClient{
Client: *client,
accessKey: accessKey,
accessSecret: accessSecret,
region: region,
}
return aliyunwafClient, nil
}
type CreateCertsResponseBody struct {
CertIdentifier *string `json:"CertIdentifier,omitempty" xml:"DomainInfo,omitempty"`
RequestId *string `json:"RequestId,omitempty" xml:"RequestId,omitempty"`
}
type CreateCertsResponse struct {
Headers map[string]*string `json:"headers,omitempty" xml:"headers,omitempty"`
StatusCode *int32 `json:"statusCode,omitempty" xml:"statusCode,omitempty"`
Body *CreateCertsResponseBody `json:"body,omitempty" xml:"body,omitempty"`
}
func (client *AliyunWafClient) ICreateCerts(certName, certContent, certKey, instanceId string) (certId *string, _err error) {
query := map[string]interface{}{
"CertName": certName,
"CertContent": certContent,
"CertKey": certKey,
"InstanceId": instanceId,
}
req := &openapi.OpenApiRequest{
Query: openapiutil.Query(query),
}
params := &openapi.Params{
Action: tea.String("CreateCerts"),
Version: tea.String("2021-10-01"),
Protocol: tea.String("HTTPS"),
Pathname: tea.String("/"),
Method: tea.String("POST"),
AuthType: tea.String("AK"),
Style: tea.String("RPC"),
ReqBodyType: tea.String("formData"),
BodyType: tea.String("json"),
}
createCertsResponse := &CreateCertsResponse{}
runtime := &util.RuntimeOptions{}
_body, _err := client.CallApi(params, req, runtime)
if _err != nil {
return nil, _err
}
_err = tea.Convert(_body, &createCertsResponse)
certId = createCertsResponse.Body.CertIdentifier
return certId, _err
}
func (client *AliyunWafClient) IGetInstanceId() (instanceId *string, _err error) {
req := &aliyunwaf.DescribeInstanceRequest{
RegionId: tea.String(client.region),
}
response, _err := client.DescribeInstance(req)
instanceId = response.Body.InstanceId
return instanceId, _err
}
func (client *AliyunWafClient) IDescribeDomainDetail(instanceId, domain string) (describeDomainDetailResponseBody *aliyunwaf.DescribeDomainDetailResponseBody, _err error) {
req := &aliyunwaf.DescribeDomainDetailRequest{
InstanceId: tea.String(instanceId),
RegionId: tea.String(client.region),
Domain: tea.String(domain),
}
response, _err := client.DescribeDomainDetail(req)
describeDomainDetailResponseBody = response.Body
return describeDomainDetailResponseBody, _err
}
func (client *AliyunWafClient) IUpdateDomain(domainDesc *aliyunwaf.DescribeDomainDetailResponseBody, instanceId, certId string) error {
modifyDomainReq := &aliyunwaf.ModifyDomainRequest{
InstanceId: tea.String(instanceId),
RegionId: tea.String(client.region),
Domain: domainDesc.Domain,
Listen: &aliyunwaf.ModifyDomainRequestListen{CertId: tea.String(certId)},
}
assignDomain(domainDesc, modifyDomainReq)
_, err := client.ModifyDomain(modifyDomainReq)
if err != nil {
return err
}
return nil
}
func assignDomain(from *aliyunwaf.DescribeDomainDetailResponseBody, to *aliyunwaf.ModifyDomainRequest) *aliyunwaf.ModifyDomainRequest {
if from == nil {
return to
}
if from.Listen != nil {
if to.Listen == nil {
to.Listen = &aliyunwaf.ModifyDomainRequestListen{}
}
if from.Listen.CipherSuite != nil {
to.Listen.CipherSuite = tea.Int32(int32(*from.Listen.CipherSuite))
}
if from.Listen.CustomCiphers != nil {
to.Listen.CustomCiphers = from.Listen.CustomCiphers
}
if from.Listen.EnableTLSv3 != nil {
to.Listen.EnableTLSv3 = from.Listen.EnableTLSv3
}
if from.Listen.ExclusiveIp != nil {
to.Listen.ExclusiveIp = from.Listen.ExclusiveIp
}
if from.Listen.FocusHttps != nil {
to.Listen.FocusHttps = from.Listen.FocusHttps
}
if from.Listen.Http2Enabled != nil {
to.Listen.Http2Enabled = from.Listen.Http2Enabled
}
if from.Listen.IPv6Enabled != nil {
to.Listen.IPv6Enabled = from.Listen.IPv6Enabled
}
if from.Listen.ProtectionResource != nil {
to.Listen.ProtectionResource = from.Listen.ProtectionResource
}
if from.Listen.TLSVersion != nil {
to.Listen.TLSVersion = from.Listen.TLSVersion
}
if from.Listen.XffHeaderMode != nil {
to.Listen.XffHeaderMode = tea.Int32(int32(*from.Listen.XffHeaderMode))
}
if from.Listen.XffHeaders != nil {
to.Listen.XffHeaders = from.Listen.XffHeaders
}
if from.Listen.HttpPorts != nil {
to.Listen.HttpPorts = make([]*int32, len(from.Listen.HttpPorts))
for i, port := range from.Listen.HttpPorts {
if port != nil {
to.Listen.HttpPorts[i] = tea.Int32(int32(*port))
}
}
}
if from.Listen.HttpsPorts != nil {
to.Listen.HttpsPorts = make([]*int32, len(from.Listen.HttpsPorts))
for i, port := range from.Listen.HttpsPorts {
if port != nil {
to.Listen.HttpsPorts[i] = tea.Int32(int32(*port))
}
}
}
}
if from.Redirect != nil {
if to.Redirect == nil {
to.Redirect = &aliyunwaf.ModifyDomainRequestRedirect{}
}
if from.Redirect.ConnectTimeout != nil {
to.Redirect.ConnectTimeout = from.Redirect.ConnectTimeout
}
if from.Redirect.FocusHttpBackend != nil {
to.Redirect.FocusHttpBackend = from.Redirect.FocusHttpBackend
}
if from.Redirect.Keepalive != nil {
to.Redirect.Keepalive = from.Redirect.Keepalive
}
if from.Redirect.KeepaliveRequests != nil {
to.Redirect.KeepaliveRequests = from.Redirect.KeepaliveRequests
}
if from.Redirect.KeepaliveTimeout != nil {
to.Redirect.KeepaliveTimeout = from.Redirect.KeepaliveTimeout
}
if from.Redirect.Loadbalance != nil {
to.Redirect.Loadbalance = from.Redirect.Loadbalance
}
if from.Redirect.ReadTimeout != nil {
to.Redirect.ReadTimeout = from.Redirect.ReadTimeout
}
if from.Redirect.Retry != nil {
to.Redirect.Retry = from.Redirect.Retry
}
if from.Redirect.SniEnabled != nil {
to.Redirect.SniEnabled = from.Redirect.SniEnabled
}
if from.Redirect.SniHost != nil {
to.Redirect.SniHost = from.Redirect.SniHost
}
if from.Redirect.WriteTimeout != nil {
to.Redirect.WriteTimeout = from.Redirect.WriteTimeout
}
if from.Redirect.XffProto != nil {
to.Redirect.XffProto = from.Redirect.XffProto
}
if from.Redirect.Backends != nil {
to.Redirect.Backends = make([]*string, len(from.Redirect.Backends))
for i, backend := range from.Redirect.Backends {
if backend != nil {
to.Redirect.Backends[i] = backend.Backend
}
}
}
if from.Redirect.BackupBackends != nil {
to.Redirect.BackupBackends = make([]*string, len(from.Redirect.BackupBackends))
for i, backend := range from.Redirect.BackupBackends {
if backend != nil {
to.Redirect.BackupBackends[i] = backend.Backend
}
}
}
if from.Redirect.RequestHeaders != nil {
to.Redirect.RequestHeaders = make([]*aliyunwaf.ModifyDomainRequestRedirectRequestHeaders, len(from.Redirect.RequestHeaders))
for i, header := range from.Redirect.RequestHeaders {
if header != nil {
to.Redirect.RequestHeaders[i] = &aliyunwaf.ModifyDomainRequestRedirectRequestHeaders{
Key: header.Key,
Value: header.Value,
}
}
}
}
}
return to
}
Reference in New Issue View Git Blame Copy Permalink