mirrors/allinssl
1
0
Fork 0
mirror of https://github.com/allinssl/allinssl.git synced 2025-12-15 09:55:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
e939724f37e26cd5c5e80ce7bfdd85c2c554acdf
allinssl/backend/internal/cert/deploy/client/aliyun/aliyunWaf.go

293 lines
8.0 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package aliyun
import (
"fmt"
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
openapiutil "github.com/alibabacloud-go/openapi-util/service"
util "github.com/alibabacloud-go/tea-utils/v2/service"
"github.com/alibabacloud-go/tea/tea"
aliyunwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client"
)
type AliyunWafClient struct {
aliyunwaf.Client
accessKey string
accessSecret string
region string
}
func ClientAliWaf(accessKey, accessSecret, region string) (_result *AliyunWafClient, err error) {
//region:[cn-hangzhou,ap-southeast-1]
config := &openapi.Config{
AccessKeyId: tea.String(accessKey),
AccessKeySecret: tea.String(accessSecret),
Endpoint: tea.String(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region)),
}
client, err := aliyunwaf.NewClient(config)
if err != nil {
return nil, err
}
aliyunwafClient := &AliyunWafClient{
Client: *client,
accessKey: accessKey,
accessSecret: accessSecret,
region: region,
}
return aliyunwafClient, nil
}
type CreateCertsResponseBody struct {
CertIdentifier *string `json:"CertIdentifier,omitempty" xml:"DomainInfo,omitempty"`
RequestId *string `json:"RequestId,omitempty" xml:"RequestId,omitempty"`
}
type CreateCertsResponse struct {
Headers map[string]*string `json:"headers,omitempty" xml:"headers,omitempty"`
StatusCode *int32 `json:"statusCode,omitempty" xml:"statusCode,omitempty"`
Body *CreateCertsResponseBody `json:"body,omitempty" xml:"body,omitempty"`
}
func (client *AliyunWafClient) ICreateCerts(certName, certContent, certKey, instanceId string) (certId *string, _err error) {
query := map[string]interface{}{
"CertName": certName,
"CertContent": certContent,
"CertKey": certKey,
"InstanceId": instanceId,
}
req := &openapi.OpenApiRequest{
Query: openapiutil.Query(query),
}
params := &openapi.Params{
Action: tea.String("CreateCerts"),
Version: tea.String("2021-10-01"),
Protocol: tea.String("HTTPS"),
Pathname: tea.String("/"),
Method: tea.String("POST"),
AuthType: tea.String("AK"),
Style: tea.String("RPC"),
ReqBodyType: tea.String("formData"),
BodyType: tea.String("json"),
}
createCertsResponse := &CreateCertsResponse{}
runtime := &util.RuntimeOptions{}
_body, _err := client.CallApi(params, req, runtime)
if _err != nil {
return nil, _err
}
_err = tea.Convert(_body, &createCertsResponse)
certId = createCertsResponse.Body.CertIdentifier
return certId, _err
}
func (client *AliyunWafClient) IGetInstanceId() (instanceId *string, _err error) {
req := &aliyunwaf.DescribeInstanceRequest{
RegionId: tea.String(client.region),
}
response, _err := client.DescribeInstance(req)
if _err != nil {
return nil, _err
}
instanceId = response.Body.InstanceId
if instanceId == nil || *instanceId == "" {
_err = fmt.Errorf("未找到WAF实例ID请检查是否已创建WAF实例")
return nil, _err
}
return instanceId, _err
}
func (client *AliyunWafClient) IDescribeDomainDetail(instanceId, domain string) (describeDomainDetailResponseBody *aliyunwaf.DescribeDomainDetailResponseBody, _err error) {
req := &aliyunwaf.DescribeDomainDetailRequest{
InstanceId: tea.String(instanceId),
RegionId: tea.String(client.region),
Domain: tea.String(domain),
}
response, _err := client.DescribeDomainDetail(req)
if _err != nil {
return nil, _err
}
describeDomainDetailResponseBody = response.Body
return describeDomainDetailResponseBody, _err
}
func (client *AliyunWafClient) IUpdateDomain(domainDesc *aliyunwaf.DescribeDomainDetailResponseBody, instanceId, certId string) error {
modifyDomainReq := &aliyunwaf.ModifyDomainRequest{
InstanceId: tea.String(instanceId),
RegionId: tea.String(client.region),
Domain: domainDesc.Domain,
Listen: &aliyunwaf.ModifyDomainRequestListen{CertId: tea.String(certId)},
}
assignDomain(domainDesc, modifyDomainReq)
_, err := client.ModifyDomain(modifyDomainReq)
if err != nil {
return err
}
return nil
}
func assignDomain(from *aliyunwaf.DescribeDomainDetailResponseBody, to *aliyunwaf.ModifyDomainRequest) *aliyunwaf.ModifyDomainRequest {
if from == nil {
return to
}
if from.Listen != nil {
if to.Listen == nil {
to.Listen = &aliyunwaf.ModifyDomainRequestListen{}
}
if from.Listen.CipherSuite != nil {
to.Listen.CipherSuite = tea.Int32(int32(*from.Listen.CipherSuite))
}
if from.Listen.CustomCiphers != nil {
to.Listen.CustomCiphers = from.Listen.CustomCiphers
}
if from.Listen.EnableTLSv3 != nil {
to.Listen.EnableTLSv3 = from.Listen.EnableTLSv3
}
if from.Listen.ExclusiveIp != nil {
to.Listen.ExclusiveIp = from.Listen.ExclusiveIp
}
if from.Listen.FocusHttps != nil {
to.Listen.FocusHttps = from.Listen.FocusHttps
}
if from.Listen.Http2Enabled != nil {
to.Listen.Http2Enabled = from.Listen.Http2Enabled
}
if from.Listen.IPv6Enabled != nil {
to.Listen.IPv6Enabled = from.Listen.IPv6Enabled
}
if from.Listen.ProtectionResource != nil {
to.Listen.ProtectionResource = from.Listen.ProtectionResource
}
if from.Listen.TLSVersion != nil {
to.Listen.TLSVersion = from.Listen.TLSVersion
}
if from.Listen.XffHeaderMode != nil {
to.Listen.XffHeaderMode = tea.Int32(int32(*from.Listen.XffHeaderMode))
}
if from.Listen.XffHeaders != nil {
to.Listen.XffHeaders = from.Listen.XffHeaders
}
if from.Listen.HttpPorts != nil {
to.Listen.HttpPorts = make([]*int32, len(from.Listen.HttpPorts))
for i, port := range from.Listen.HttpPorts {
if port != nil {
to.Listen.HttpPorts[i] = tea.Int32(int32(*port))
}
}
}
if from.Listen.HttpsPorts != nil {
to.Listen.HttpsPorts = make([]*int32, len(from.Listen.HttpsPorts))
for i, port := range from.Listen.HttpsPorts {
if port != nil {
to.Listen.HttpsPorts[i] = tea.Int32(int32(*port))
}
}
}
}
if from.Redirect != nil {
if to.Redirect == nil {
to.Redirect = &aliyunwaf.ModifyDomainRequestRedirect{}
}
if from.Redirect.ConnectTimeout != nil {
to.Redirect.ConnectTimeout = from.Redirect.ConnectTimeout
}
if from.Redirect.FocusHttpBackend != nil {
to.Redirect.FocusHttpBackend = from.Redirect.FocusHttpBackend
}
if from.Redirect.Keepalive != nil {
to.Redirect.Keepalive = from.Redirect.Keepalive
}
if from.Redirect.KeepaliveRequests != nil {
to.Redirect.KeepaliveRequests = from.Redirect.KeepaliveRequests
}
if from.Redirect.KeepaliveTimeout != nil {
to.Redirect.KeepaliveTimeout = from.Redirect.KeepaliveTimeout
}
if from.Redirect.Loadbalance != nil {
to.Redirect.Loadbalance = from.Redirect.Loadbalance
}
if from.Redirect.ReadTimeout != nil {
to.Redirect.ReadTimeout = from.Redirect.ReadTimeout
}
if from.Redirect.Retry != nil {
to.Redirect.Retry = from.Redirect.Retry
}
if from.Redirect.SniEnabled != nil {
to.Redirect.SniEnabled = from.Redirect.SniEnabled
}
if from.Redirect.SniHost != nil {
to.Redirect.SniHost = from.Redirect.SniHost
}
if from.Redirect.WriteTimeout != nil {
to.Redirect.WriteTimeout = from.Redirect.WriteTimeout
}
if from.Redirect.XffProto != nil {
to.Redirect.XffProto = from.Redirect.XffProto
}
if from.Redirect.Backends != nil {
to.Redirect.Backends = make([]*string, len(from.Redirect.Backends))
for i, backend := range from.Redirect.Backends {
if backend != nil {
to.Redirect.Backends[i] = backend.Backend
}
}
}
if from.Redirect.BackupBackends != nil {
to.Redirect.BackupBackends = make([]*string, len(from.Redirect.BackupBackends))
for i, backend := range from.Redirect.BackupBackends {
if backend != nil {
to.Redirect.BackupBackends[i] = backend.Backend
}
}
}
if from.Redirect.RequestHeaders != nil {
to.Redirect.RequestHeaders = make([]*aliyunwaf.ModifyDomainRequestRedirectRequestHeaders, len(from.Redirect.RequestHeaders))
for i, header := range from.Redirect.RequestHeaders {
if header != nil {
to.Redirect.RequestHeaders[i] = &aliyunwaf.ModifyDomainRequestRedirectRequestHeaders{
Key: header.Key,
Value: header.Value,
}
}
}
}
}
return to
}
Reference in New Issue View Git Blame Copy Permalink