package server import ( cert "cfTest/cloudflareApi/certificate" "context" "github.com/cloudflare/cloudflare-go" "strings" ) type CertificateServer struct { cert.UnimplementedCertificateCloudflareServer } func (s *CertificateServer) UniversalCertificate(ctx context.Context, requestCloudflare *cert.UniversalCertificateRequestCloudflare) (*cert.UniversalCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } ctxAPI := context.Background() editUniversalSSLSettings := cloudflare.UniversalSSLSetting{Enabled: requestCloudflare.GetEnable()} universalCertificate, err := api.EditUniversalSSLSetting(ctxAPI, id, editUniversalSSLSettings) if err != nil { return &cert.UniversalCertificateReplyCloudflare{ Success: false, Enabled: false, }, err } return &cert.UniversalCertificateReplyCloudflare{ Success: true, Enabled: universalCertificate.Enabled, }, err } func (s *CertificateServer) ListZoneCertificates(ctx context.Context, requestCloudflare *cert.ListZoneCertificatesRequestCloudflare) (*cert.ListZoneCertificatesReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } ctxAPI := context.Background() response, err := api.ListSSL(ctxAPI, requestCloudflare.GetZoneId()) if err != nil { return &cert.ListZoneCertificatesReplyCloudflare{ Result: nil, Success: false, }, err } list := make([]*cert.ZoneCustomSSL, len(response)) for i, detail := range response { list[i] = Go2ProtoCertificate(detail) } return &cert.ListZoneCertificatesReplyCloudflare{ Result: list, Success: true, }, err } func (s *CertificateServer) CreateCertificate(ctx context.Context, requestCloudflare *cert.CreateCertificateRequestCloudflare) (*cert.CreateCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } ctxAPI := context.Background() geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"} zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{} zoneCustomSSL.Certificate = requestCloudflare.GetCertificate() zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey() zoneCustomSSL.GeoRestrictions = &geoRestrictions zoneCustomSSL.BundleMethod = "ubiquitous" zoneCustomSSL.Type = "sni_custom" createCertificate, err := api.CreateSSL(ctxAPI, id, zoneCustomSSL) if err != nil { return &cert.CreateCertificateReplyCloudflare{ Success: false, }, err } return &cert.CreateCertificateReplyCloudflare{ Success: true, Id: createCertificate.ID, }, err } func (s *CertificateServer) CreateCertificateV2(ctx context.Context, requestCloudflare *cert.CreateCertificateRequestCloudflareV2) (*cert.CreateCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } ctxAPI := context.Background() geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"} zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{} zoneCustomSSL.Certificate = requestCloudflare.GetCertificate() zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey() zoneCustomSSL.GeoRestrictions = &geoRestrictions zoneCustomSSL.BundleMethod = requestCloudflare.GetBundleMethod() if requestCloudflare.GetNoSni() { //默认方式 zoneCustomSSL.Type = "legacy_custom" } else { zoneCustomSSL.Type = "sni_custom" } createCertificate, err := api.CreateSSL(ctxAPI, id, zoneCustomSSL) if err != nil { return &cert.CreateCertificateReplyCloudflare{ Success: false, }, err } return &cert.CreateCertificateReplyCloudflare{ Success: true, Id: createCertificate.ID, }, err } func (s *CertificateServer) DeleteCertificate(ctx context.Context, requestCloudflare *cert.DeleteCertificateRequestCloudflare) (*cert.DeleteCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } ctxAPI := context.Background() id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } err = api.DeleteSSL(ctxAPI, id, requestCloudflare.GetCertificateId()) if err != nil { return &cert.DeleteCertificateReplyCloudflare{ Success: false, }, err } return &cert.DeleteCertificateReplyCloudflare{ Success: true, Id: requestCloudflare.GetCertificateId(), }, err } func (s *CertificateServer) EditCertificate(ctx context.Context, requestCloudflare *cert.EditCertificateRequestCloudflare) (*cert.EditCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } ctxAPI := context.Background() geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"} zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{} zoneCustomSSL.Certificate = requestCloudflare.GetCertificate() zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey() zoneCustomSSL.GeoRestrictions = &geoRestrictions zoneCustomSSL.BundleMethod = "ubiquitous" zoneCustomSSL.Type = "sni_custom" editCertificate, err := api.UpdateSSL(ctxAPI, id, requestCloudflare.GetCertificateId(), zoneCustomSSL) if err != nil { return &cert.EditCertificateReplyCloudflare{ Success: false, }, err } return &cert.EditCertificateReplyCloudflare{ Success: true, Id: editCertificate.ID, }, err } func (s *CertificateServer) EditCertificateV2(ctx context.Context, requestCloudflare *cert.EditCertificateRequestCloudflareV2) (*cert.EditCertificateReplyCloudflare, error) { if strings.HasPrefix(requestCloudflare.GetApiKey(), TOKEN_PREFIX) { api, err = cloudflare.NewWithAPIToken(requestCloudflare.GetApiKey()[3:]) } else { api, err = cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail()) } if err != nil { return nil, err } id, err := api.ZoneIDByName(requestCloudflare.GetZoneName()) if err != nil { return nil, err } ctxAPI := context.Background() geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"} zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{} zoneCustomSSL.Certificate = requestCloudflare.GetCertificate() zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey() zoneCustomSSL.GeoRestrictions = &geoRestrictions // ubiquitous无处不在 optimal最佳的 force强制的 zoneCustomSSL.BundleMethod = requestCloudflare.GetBundleMethod() if requestCloudflare.GetNoSni() { zoneCustomSSL.Type = "legacy_custom" } else { zoneCustomSSL.Type = "sni_custom" } editCertificate, err := api.UpdateSSL(ctxAPI, id, requestCloudflare.GetCertificateId(), zoneCustomSSL) if err != nil { return &cert.EditCertificateReplyCloudflare{ Success: false, }, err } return &cert.EditCertificateReplyCloudflare{ Success: true, Id: editCertificate.ID, }, err }