root
/
cdn-go


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
							package server

import (
	cert "cfTest/cloudflareApi/certificate"
	"context"
	"github.com/cloudflare/cloudflare-go"
)

type CertificateServer struct {
	cert.UnimplementedCertificateCloudflareServer
}

func (s *CertificateServer) UniversalCertificate(ctx context.Context, requestCloudflare *cert.UniversalCertificateRequestCloudflare) (*cert.UniversalCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()
	editUniversalSSLSettings := cloudflare.UniversalSSLSetting{Enabled: requestCloudflare.GetEnable()}
	universalCertificate, err := api.EditUniversalSSLSetting(ctxAPI, id, editUniversalSSLSettings)

	if err != nil {
		return &cert.UniversalCertificateReplyCloudflare{
			Success: false, Enabled: false,
		}, err
	}
	return &cert.UniversalCertificateReplyCloudflare{
		Success: true,
		Enabled: universalCertificate.Enabled,
	}, err

}

func (s *CertificateServer) ListZoneCertificates(ctx context.Context, requestCloudflare *cert.ListZoneCertificatesRequestCloudflare) (*cert.ListZoneCertificatesReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()
	response, err := api.ListSSL(ctxAPI, requestCloudflare.GetZoneId())
	if err != nil {
		return &cert.ListZoneCertificatesReplyCloudflare{
			Result:  nil,
			Success: false,
		}, err
	}
	list := make([]*cert.ZoneCustomSSL, len(response))
	for i, detail := range response {
		list[i] = Go2ProtoCertificate(detail)
	}
	return &cert.ListZoneCertificatesReplyCloudflare{
		Result:  list,
		Success: true,
	}, err
}

func (s *CertificateServer) CreateCertificate(ctx context.Context, requestCloudflare *cert.CreateCertificateRequestCloudflare) (*cert.CreateCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()

	geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"}
	zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{}
	zoneCustomSSL.Certificate = requestCloudflare.GetCertificate()
	zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey()
	zoneCustomSSL.GeoRestrictions = &geoRestrictions
	zoneCustomSSL.BundleMethod = "ubiquitous"
	zoneCustomSSL.Type = "sni_custom"
	createCertificate, err := api.CreateSSL(ctxAPI, id, zoneCustomSSL)

	if err != nil {
		return &cert.CreateCertificateReplyCloudflare{
			Success: false,
		}, err
	}
	return &cert.CreateCertificateReplyCloudflare{
		Success: true,
		Id:      createCertificate.ID,
	}, err
}

func (s *CertificateServer) CreateCertificateV2(ctx context.Context, requestCloudflare *cert.CreateCertificateRequestCloudflareV2) (*cert.CreateCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()

	geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"}
	zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{}
	zoneCustomSSL.Certificate = requestCloudflare.GetCertificate()
	zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey()
	zoneCustomSSL.GeoRestrictions = &geoRestrictions
	zoneCustomSSL.BundleMethod = requestCloudflare.GetBundleMethod()
	if requestCloudflare.GetNoSni() {
		//默认方式
		zoneCustomSSL.Type = "legacy_custom"
	} else {
		zoneCustomSSL.Type = "sni_custom"
	}
	createCertificate, err := api.CreateSSL(ctxAPI, id, zoneCustomSSL)

	if err != nil {
		return &cert.CreateCertificateReplyCloudflare{
			Success: false,
		}, err
	}
	return &cert.CreateCertificateReplyCloudflare{
		Success: true,
		Id:      createCertificate.ID,
	}, err
}

func (s *CertificateServer) DeleteCertificate(ctx context.Context, requestCloudflare *cert.DeleteCertificateRequestCloudflare) (*cert.DeleteCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	err = api.DeleteSSL(ctxAPI, id, requestCloudflare.GetCertificateId())
	if err != nil {
		return &cert.DeleteCertificateReplyCloudflare{
			Success: false,
		}, err
	}
	return &cert.DeleteCertificateReplyCloudflare{
		Success: true,
		Id:      requestCloudflare.GetCertificateId(),
	}, err
}

func (s *CertificateServer) EditCertificate(ctx context.Context, requestCloudflare *cert.EditCertificateRequestCloudflare) (*cert.EditCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()

	geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"}
	zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{}
	zoneCustomSSL.Certificate = requestCloudflare.GetCertificate()
	zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey()
	zoneCustomSSL.GeoRestrictions = &geoRestrictions
	zoneCustomSSL.BundleMethod = "ubiquitous"
	zoneCustomSSL.Type = "sni_custom"
	editCertificate, err := api.UpdateSSL(ctxAPI, id, requestCloudflare.GetCertificateId(), zoneCustomSSL)
	if err != nil {
		return &cert.EditCertificateReplyCloudflare{
			Success: false,
		}, err
	}
	return &cert.EditCertificateReplyCloudflare{
		Success: true,
		Id:      editCertificate.ID,
	}, err
}

func (s *CertificateServer) EditCertificateV2(ctx context.Context, requestCloudflare *cert.EditCertificateRequestCloudflareV2) (*cert.EditCertificateReplyCloudflare, error) {
	api, err := cloudflare.New(requestCloudflare.GetApiKey(), requestCloudflare.GetApiEmail())
	if err != nil {
		return nil, err
	}
	id, err := api.ZoneIDByName(requestCloudflare.GetZoneName())
	if err != nil {
		return nil, err
	}
	ctxAPI := context.Background()
	geoRestrictions := cloudflare.ZoneCustomSSLGeoRestrictions{Label: "us"}
	zoneCustomSSL := cloudflare.ZoneCustomSSLOptions{}
	zoneCustomSSL.Certificate = requestCloudflare.GetCertificate()
	zoneCustomSSL.PrivateKey = requestCloudflare.GetPrivateKey()
	zoneCustomSSL.GeoRestrictions = &geoRestrictions
	// ubiquitous无处不在  optimal最佳的 force强制的
	zoneCustomSSL.BundleMethod = requestCloudflare.GetBundleMethod()
	if requestCloudflare.GetNoSni() {
		zoneCustomSSL.Type = "legacy_custom"
	} else {
		zoneCustomSSL.Type = "sni_custom"
	}
	editCertificate, err := api.UpdateSSL(ctxAPI, id, requestCloudflare.GetCertificateId(), zoneCustomSSL)
	if err != nil {
		return &cert.EditCertificateReplyCloudflare{
			Success: false,
		}, err
	}
	return &cert.EditCertificateReplyCloudflare{
		Success: true,
		Id:      editCertificate.ID,
	}, err
}