mirror of
https://github.com/TeaOSLab/EdgeAPI.git
synced 2025-11-02 22:10:26 +08:00
DNS服务商中的密钥数据以掩码方式显示
This commit is contained in:
GoEdgeLab
@@ -42,6 +42,14 @@ func (this *AliDNSProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *AliDNSProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
params["accessKeySecret"] = MaskString(params.GetString("accessKeySecret"))
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *AliDNSProvider) GetDomains() (domains []string, err error) {
|
||||
var pageNumber = 1
|
||||
|
||||
@@ -66,6 +66,14 @@ func (this *CloudFlareProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *CloudFlareProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
params["apiKey"] = MaskString(params.GetString("apiKey"))
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *CloudFlareProvider) GetDomains() (domains []string, err error) {
|
||||
for page := 1; page <= 500; page++ {
|
||||
|
||||
@@ -53,6 +53,11 @@ func (this *CustomHTTPProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *CustomHTTPProvider) MaskParams(params maps.Map) {
|
||||
// 这里暂时不要掩码,避免用户忘记
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *CustomHTTPProvider) GetDomains() (domains []string, err error) {
|
||||
resp, err := this.post(maps.Map{
|
||||
|
||||
@@ -69,6 +69,19 @@ func (this *DNSPodProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *DNSPodProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
|
||||
if params.GetString("apiType") == "tencentDNS" {
|
||||
params["accessKeySecret"] = MaskString(params.GetString("accessKeySecret"))
|
||||
} else {
|
||||
params["token"] = MaskString(params.GetString("token"))
|
||||
}
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *DNSPodProvider) GetDomains() (domains []string, err error) {
|
||||
if this.tencentDNSProvider != nil {
|
||||
|
||||
@@ -71,6 +71,14 @@ func (this *EdgeDNSAPIProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *EdgeDNSAPIProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
params["accessKeySecret"] = MaskString(params.GetString("accessKeySecret"))
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *EdgeDNSAPIProvider) GetDomains() (domains []string, err error) {
|
||||
var offset = 0
|
||||
|
||||
@@ -71,6 +71,14 @@ func (this *HuaweiDNSProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *HuaweiDNSProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
params["accessKeySecret"] = MaskString(params.GetString("accessKeySecret"))
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *HuaweiDNSProvider) GetDomains() (domains []string, err error) {
|
||||
var resp = new(huaweidns.ZonesResponse)
|
||||
|
||||
@@ -10,6 +10,9 @@ type ProviderInterface interface {
|
||||
// Auth 认证
|
||||
Auth(params maps.Map) error
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
MaskParams(params maps.Map)
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
GetDomains() (domains []string, err error)
|
||||
|
||||
|
||||
@@ -47,6 +47,14 @@ func (this *TencentDNSProvider) Auth(params maps.Map) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// MaskParams 对参数进行掩码
|
||||
func (this *TencentDNSProvider) MaskParams(params maps.Map) {
|
||||
if params == nil {
|
||||
return
|
||||
}
|
||||
params["accessKeySecret"] = MaskString(params.GetString("accessKeySecret"))
|
||||
}
|
||||
|
||||
// GetDomains 获取所有域名列表
|
||||
func (this *TencentDNSProvider) GetDomains() (domains []string, err error) {
|
||||
var offset int64 = 0
|
||||
|
||||
67
internal/dnsclients/utils.go
Normal file
67
internal/dnsclients/utils.go
Normal file
@@ -0,0 +1,67 @@
|
||||
// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
|
||||
|
||||
package dnsclients
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"github.com/iwind/TeaGo/maps"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// MaskString 对字符串进行掩码
|
||||
func MaskString(s string) string {
|
||||
var l = len(s)
|
||||
if l == 0 {
|
||||
return ""
|
||||
}
|
||||
if l < 8 {
|
||||
return strings.Repeat("*", l)
|
||||
}
|
||||
return s[:4] + strings.Repeat("*", l-4)
|
||||
}
|
||||
|
||||
// IsMasked 判断字符串是否被掩码
|
||||
func IsMasked(s string) bool {
|
||||
if len(s) == 0 {
|
||||
return false
|
||||
}
|
||||
return s == strings.Repeat("*", len(s)) || strings.HasSuffix(s, "**")
|
||||
}
|
||||
|
||||
// UnmaskAPIParams 恢复API参数
|
||||
func UnmaskAPIParams(oldParamsJSON []byte, newParamsJSON []byte) (resultJSON []byte, err error) {
|
||||
var oldParams maps.Map
|
||||
var newParams maps.Map
|
||||
|
||||
if len(oldParamsJSON) == 0 || len(newParamsJSON) == 0 {
|
||||
return newParamsJSON, nil
|
||||
}
|
||||
err = json.Unmarshal(oldParamsJSON, &oldParams)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = json.Unmarshal(newParamsJSON, &newParams)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if oldParams == nil || newParams == nil {
|
||||
return newParamsJSON, nil
|
||||
}
|
||||
|
||||
for k, v := range newParams {
|
||||
if v != nil {
|
||||
s, ok := v.(string)
|
||||
if ok && IsMasked(s) {
|
||||
var oldV = oldParams.GetString(k)
|
||||
if len(oldV) > 0 {
|
||||
newParams[k] = oldV
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resultJSON, err = json.Marshal(newParams)
|
||||
return
|
||||
}
|
||||
35
internal/dnsclients/utils_test.go
Normal file
35
internal/dnsclients/utils_test.go
Normal file
@@ -0,0 +1,35 @@
|
||||
// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
|
||||
|
||||
package dnsclients_test
|
||||
|
||||
import (
|
||||
"github.com/TeaOSLab/EdgeAPI/internal/dnsclients"
|
||||
"github.com/iwind/TeaGo/assert"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestIsMasked(t *testing.T) {
|
||||
var a = assert.NewAssertion(t)
|
||||
a.IsFalse(dnsclients.IsMasked(""))
|
||||
a.IsFalse(dnsclients.IsMasked("abc"))
|
||||
a.IsFalse(dnsclients.IsMasked("abc*"))
|
||||
a.IsTrue(dnsclients.IsMasked("*"))
|
||||
a.IsTrue(dnsclients.IsMasked("**"))
|
||||
a.IsTrue(dnsclients.IsMasked("***"))
|
||||
a.IsTrue(dnsclients.IsMasked("*******"))
|
||||
a.IsTrue(dnsclients.IsMasked("abc**"))
|
||||
a.IsTrue(dnsclients.IsMasked("abcd*********"))
|
||||
}
|
||||
|
||||
func TestUnmaskAPIParams(t *testing.T) {
|
||||
data, err := dnsclients.UnmaskAPIParams([]byte(`{
|
||||
"key": "a",
|
||||
"secret": "abc12"
|
||||
}`), []byte(`{
|
||||
"secret": "abc**"
|
||||
}`))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
t.Log(string(data))
|
||||
}
|
||||
@@ -2,9 +2,11 @@ package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"github.com/TeaOSLab/EdgeAPI/internal/db/models/dns"
|
||||
"github.com/TeaOSLab/EdgeAPI/internal/dnsclients"
|
||||
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
||||
"github.com/iwind/TeaGo/maps"
|
||||
)
|
||||
|
||||
// DNSProviderService DNS服务商相关服务
|
||||
@@ -42,6 +44,21 @@ func (this *DNSProviderService) UpdateDNSProvider(ctx context.Context, req *pb.U
|
||||
|
||||
var tx = this.NullTx()
|
||||
|
||||
provider, err := dns.SharedDNSProviderDAO.FindEnabledDNSProvider(tx, req.DnsProviderId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if provider == nil {
|
||||
// do nothing here
|
||||
return this.Success()
|
||||
}
|
||||
|
||||
// 恢复被掩码的数据
|
||||
req.ApiParamsJSON, err = dnsclients.UnmaskAPIParams(provider.ApiParams, req.ApiParamsJSON)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = dns.SharedDNSProviderDAO.UpdateDNSProvider(tx, req.DnsProviderId, req.Name, req.ApiParamsJSON)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -175,14 +192,34 @@ func (this *DNSProviderService) FindEnabledDNSProvider(ctx context.Context, req
|
||||
return &pb.FindEnabledDNSProviderResponse{DnsProvider: nil}, nil
|
||||
}
|
||||
|
||||
return &pb.FindEnabledDNSProviderResponse{DnsProvider: &pb.DNSProvider{
|
||||
Id: int64(provider.Id),
|
||||
Name: provider.Name,
|
||||
Type: provider.Type,
|
||||
TypeName: dnsclients.FindProviderTypeName(provider.Type),
|
||||
ApiParamsJSON: provider.ApiParams,
|
||||
DataUpdatedAt: int64(provider.DataUpdatedAt),
|
||||
}}, nil
|
||||
if req.MaskParams {
|
||||
var providerObj = dnsclients.FindProvider(provider.Type, int64(provider.Id))
|
||||
if providerObj != nil {
|
||||
var paramsMap = maps.Map{}
|
||||
if len(provider.ApiParams) > 0 {
|
||||
err = json.Unmarshal(provider.ApiParams, ¶msMap)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
providerObj.MaskParams(paramsMap)
|
||||
provider.ApiParams, err = json.Marshal(paramsMap)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return &pb.FindEnabledDNSProviderResponse{
|
||||
DnsProvider: &pb.DNSProvider{
|
||||
Id: int64(provider.Id),
|
||||
Name: provider.Name,
|
||||
Type: provider.Type,
|
||||
TypeName: dnsclients.FindProviderTypeName(provider.Type),
|
||||
ApiParamsJSON: provider.ApiParams,
|
||||
DataUpdatedAt: int64(provider.DataUpdatedAt),
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
// FindAllDNSProviderTypes 取得所有服务商类型
|
||||
|
||||
Reference in New Issue
Block a user