mirror of
https://github.com/certd/certd.git
synced 2026-07-05 19:37:34 +08:00
chore: format
This commit is contained in:
@@ -1,10 +1,8 @@
|
||||
import {AccessInput, BaseAccess, IsAccess, Pager, PageSearch} from "@certd/pipeline";
|
||||
import {HttpRequestConfig} from "@certd/basic";
|
||||
import { AccessInput, BaseAccess, IsAccess, Pager, PageSearch } from "@certd/pipeline";
|
||||
import { HttpRequestConfig } from "@certd/basic";
|
||||
import crypto from "crypto";
|
||||
import url from "url";
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* AcePanel授权
|
||||
*/
|
||||
@@ -12,22 +10,21 @@ import url from "url";
|
||||
name: "acepanel",
|
||||
title: "AcePanel授权",
|
||||
desc: "",
|
||||
icon: "svg:icon-lucky"
|
||||
icon: "svg:icon-lucky",
|
||||
})
|
||||
export class AcePanelAccess extends BaseAccess {
|
||||
|
||||
@AccessInput({
|
||||
title: "AcePanel管理地址",
|
||||
component: {
|
||||
placeholder: "http://127.0.0.1:25475/entrance",
|
||||
},
|
||||
helper:"请输入AcePanel管理地址,格式为http://127.0.0.1:25475/entrance, 要带安全入口,最后面不要加/",
|
||||
helper: "请输入AcePanel管理地址,格式为http://127.0.0.1:25475/entrance, 要带安全入口,最后面不要加/",
|
||||
required: true,
|
||||
})
|
||||
endpoint = '';
|
||||
endpoint = "";
|
||||
|
||||
@AccessInput({
|
||||
title: '访问令牌ID',
|
||||
title: "访问令牌ID",
|
||||
component: {
|
||||
name: "a-input-number",
|
||||
vModel: "value",
|
||||
@@ -35,20 +32,20 @@ export class AcePanelAccess extends BaseAccess {
|
||||
helper: "AcePanel控制台->设置->用户->访问令牌->创建访问令牌",
|
||||
required: true,
|
||||
})
|
||||
tokenId :number;
|
||||
tokenId: number;
|
||||
|
||||
@AccessInput({
|
||||
title: '访问令牌',
|
||||
title: "访问令牌",
|
||||
component: {
|
||||
placeholder: 'AccessToken',
|
||||
placeholder: "AccessToken",
|
||||
},
|
||||
helper: "创建访问令牌后复制该令牌填到这里",
|
||||
required: true,
|
||||
encrypt: true,
|
||||
})
|
||||
accessToken = '';
|
||||
accessToken = "";
|
||||
|
||||
@AccessInput({
|
||||
@AccessInput({
|
||||
title: "忽略证书校验",
|
||||
value: true,
|
||||
component: {
|
||||
@@ -63,37 +60,38 @@ export class AcePanelAccess extends BaseAccess {
|
||||
title: "测试",
|
||||
component: {
|
||||
name: "api-test",
|
||||
action: "TestRequest"
|
||||
action: "TestRequest",
|
||||
},
|
||||
helper: "点击测试接口是否正常"
|
||||
helper: "点击测试接口是否正常",
|
||||
})
|
||||
testRequest = true;
|
||||
|
||||
async onTestRequest() {
|
||||
await this.testApi();
|
||||
return "ok"
|
||||
return "ok";
|
||||
}
|
||||
|
||||
/**
|
||||
* 计算字符串的SHA256哈希值
|
||||
*/
|
||||
sha256Hash(text: string) {
|
||||
return crypto
|
||||
.createHash("sha256")
|
||||
.update(text || "")
|
||||
.digest("hex");
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用HMAC-SHA256算法计算签名
|
||||
*/
|
||||
hmacSha256(key: string, message: string) {
|
||||
return crypto.createHmac("sha256", key).update(message).digest("hex");
|
||||
}
|
||||
|
||||
/**
|
||||
* 计算字符串的SHA256哈希值
|
||||
*/
|
||||
sha256Hash(text: string) {
|
||||
return crypto.createHash('sha256').update(text || '').digest('hex');
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用HMAC-SHA256算法计算签名
|
||||
*/
|
||||
hmacSha256(key: string, message: string) {
|
||||
return crypto.createHmac('sha256', key).update(message).digest('hex');
|
||||
}
|
||||
|
||||
/**
|
||||
* 为API请求生成签名
|
||||
*/
|
||||
signRequest(method: string, apiUrl: string, body: string, id: number, token: string) {
|
||||
/**
|
||||
* 为API请求生成签名
|
||||
*/
|
||||
signRequest(method: string, apiUrl: string, body: string, id: number, token: string) {
|
||||
// 解析URL
|
||||
const parsedUrl = new url.URL(apiUrl);
|
||||
const path = parsedUrl.pathname;
|
||||
@@ -101,61 +99,50 @@ export class AcePanelAccess extends BaseAccess {
|
||||
|
||||
// 规范化路径
|
||||
let canonicalPath = path;
|
||||
if (!path.startsWith('/api')) {
|
||||
const apiPos = path.indexOf('/api');
|
||||
if (apiPos !== -1) {
|
||||
canonicalPath = path.slice(apiPos);
|
||||
}
|
||||
if (!path.startsWith("/api")) {
|
||||
const apiPos = path.indexOf("/api");
|
||||
if (apiPos !== -1) {
|
||||
canonicalPath = path.slice(apiPos);
|
||||
}
|
||||
}
|
||||
|
||||
// 构造规范化请求
|
||||
const canonicalRequest = [
|
||||
method,
|
||||
canonicalPath,
|
||||
query,
|
||||
this.sha256Hash(body || '')
|
||||
].join('\n');
|
||||
const canonicalRequest = [method, canonicalPath, query, this.sha256Hash(body || "")].join("\n");
|
||||
|
||||
// 获取当前时间戳
|
||||
const timestamp = Math.floor(Date.now() / 1000);
|
||||
|
||||
// 构造待签名字符串
|
||||
const stringToSign = [
|
||||
'HMAC-SHA256',
|
||||
timestamp,
|
||||
this.sha256Hash(canonicalRequest)
|
||||
].join('\n');
|
||||
const stringToSign = ["HMAC-SHA256", timestamp, this.sha256Hash(canonicalRequest)].join("\n");
|
||||
|
||||
// 计算签名
|
||||
const signature = this.hmacSha256(token, stringToSign);
|
||||
|
||||
return {
|
||||
timestamp,
|
||||
signature,
|
||||
id
|
||||
timestamp,
|
||||
signature,
|
||||
id,
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
async doRequest(req: HttpRequestConfig) {
|
||||
let endpoint = this.endpoint
|
||||
if (endpoint.endsWith('/')) {
|
||||
let endpoint = this.endpoint;
|
||||
if (endpoint.endsWith("/")) {
|
||||
endpoint = endpoint.slice(0, -1);
|
||||
}
|
||||
const fullUrl = endpoint + req.url;
|
||||
|
||||
|
||||
const method = req.method || 'GET';
|
||||
const body = req.data ? JSON.stringify(req.data) : '';
|
||||
const method = req.method || "GET";
|
||||
const body = req.data ? JSON.stringify(req.data) : "";
|
||||
const token = this.accessToken;
|
||||
const tokenId = this.tokenId;
|
||||
const signingData = this.signRequest(method, fullUrl, body, tokenId, token);
|
||||
|
||||
// 准备HTTP请求头
|
||||
const headers = {
|
||||
'Content-Type': 'application/json',
|
||||
'X-Timestamp': signingData.timestamp,
|
||||
'Authorization': `HMAC-SHA256 Credential=${signingData.id}, Signature=${signingData.signature}`
|
||||
"Content-Type": "application/json",
|
||||
"X-Timestamp": signingData.timestamp,
|
||||
Authorization: `HMAC-SHA256 Credential=${signingData.id}, Signature=${signingData.signature}`,
|
||||
};
|
||||
|
||||
// 发送请求
|
||||
@@ -170,17 +157,15 @@ export class AcePanelAccess extends BaseAccess {
|
||||
});
|
||||
|
||||
return res;
|
||||
|
||||
}
|
||||
|
||||
async testApi() {
|
||||
|
||||
await this.getWebSiteList({
|
||||
pageNo: 1,
|
||||
pageSize: 1,
|
||||
})
|
||||
});
|
||||
|
||||
return "ok"
|
||||
return "ok";
|
||||
}
|
||||
|
||||
async getWebSiteList(opts: PageSearch) {
|
||||
@@ -198,8 +183,8 @@ export class AcePanelAccess extends BaseAccess {
|
||||
method: "POST",
|
||||
data: {
|
||||
cert,
|
||||
key
|
||||
}
|
||||
key,
|
||||
},
|
||||
};
|
||||
return await this.doRequest(req);
|
||||
}
|
||||
@@ -210,14 +195,13 @@ export class AcePanelAccess extends BaseAccess {
|
||||
method: "POST",
|
||||
data: {
|
||||
id: certId,
|
||||
website_id: websiteId
|
||||
}
|
||||
website_id: websiteId,
|
||||
},
|
||||
};
|
||||
return await this.doRequest(req);
|
||||
}
|
||||
|
||||
async updatePanelCert(cert: string, key: string) {
|
||||
|
||||
const oldSettingRes = await this.doRequest({
|
||||
url: "/api/setting",
|
||||
method: "GET",
|
||||
@@ -232,12 +216,11 @@ export class AcePanelAccess extends BaseAccess {
|
||||
acme: false,
|
||||
https: true,
|
||||
cert,
|
||||
key
|
||||
}
|
||||
key,
|
||||
},
|
||||
};
|
||||
return await this.doRequest(req);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
new AcePanelAccess();
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
export * from "./plugins/index.js";
|
||||
export * from "./access.js";
|
||||
export * from "./access.js";
|
||||
|
||||
@@ -1,3 +1,2 @@
|
||||
export * from "./plugin-deploy-to-website.js";
|
||||
export * from "./plugin-panel-cert.js";
|
||||
|
||||
|
||||
+12
-14
@@ -13,19 +13,18 @@ import { AcePanelAccess } from "../access.js";
|
||||
needPlus: true,
|
||||
default: {
|
||||
strategy: {
|
||||
runStrategy: RunStrategy.SkipWhenSucceed
|
||||
}
|
||||
}
|
||||
runStrategy: RunStrategy.SkipWhenSucceed,
|
||||
},
|
||||
},
|
||||
})
|
||||
|
||||
export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
|
||||
@TaskInput({
|
||||
title: "域名证书",
|
||||
helper: "请选择前置任务输出的域名证书",
|
||||
component: {
|
||||
name: "output-selector",
|
||||
from: [...CertApplyPluginNames]
|
||||
}
|
||||
from: [...CertApplyPluginNames],
|
||||
},
|
||||
})
|
||||
cert!: CertInfo;
|
||||
|
||||
@@ -36,9 +35,9 @@ export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
|
||||
title: "ACEPanel授权",
|
||||
component: {
|
||||
name: "access-selector",
|
||||
type: "acepanel"
|
||||
type: "acepanel",
|
||||
},
|
||||
required: true
|
||||
required: true,
|
||||
})
|
||||
accessId!: string;
|
||||
|
||||
@@ -48,13 +47,12 @@ export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
|
||||
helper: "选择需要部署证书的网站",
|
||||
action: AcePanelDeployToWebsite.prototype.onGetWebsiteList.name,
|
||||
pager: false,
|
||||
search: false
|
||||
search: false,
|
||||
})
|
||||
)
|
||||
websiteList!: number[];
|
||||
|
||||
async onInstance() {
|
||||
}
|
||||
async onInstance() {}
|
||||
|
||||
async onGetWebsiteList(data: PageSearch = {}) {
|
||||
const access = await this.getAccess<AcePanelAccess>(this.accessId);
|
||||
@@ -65,9 +63,9 @@ export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
|
||||
}
|
||||
const options = items.map((item: any) => {
|
||||
return {
|
||||
label: `${item.name} (${item.domains.join(', ')})`,
|
||||
label: `${item.name} (${item.domains.join(", ")})`,
|
||||
value: item.id,
|
||||
domain: item.domains
|
||||
domain: item.domains,
|
||||
};
|
||||
});
|
||||
return {
|
||||
@@ -83,7 +81,7 @@ export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
|
||||
const result = await access.uploadCert(this.cert.crt, this.cert.key);
|
||||
const certId = result.data.id;
|
||||
this.logger.info(`证书上传成功,证书ID:${certId}`);
|
||||
this.logger.info(`证书域名:${result.data.domains.join(', ')}`);
|
||||
this.logger.info(`证书域名:${result.data.domains.join(", ")}`);
|
||||
|
||||
// 部署证书到选择的网站
|
||||
if (this.websiteList && this.websiteList.length > 0) {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import {IsTaskPlugin, pluginGroups, RunStrategy, TaskInput} from "@certd/pipeline";
|
||||
import {CertApplyPluginNames, CertInfo} from "@certd/plugin-cert";
|
||||
import {AcePanelAccess} from "../access.js";
|
||||
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
|
||||
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
|
||||
import { AcePanelAccess } from "../access.js";
|
||||
import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
|
||||
|
||||
@IsTaskPlugin({
|
||||
@@ -12,19 +12,18 @@ import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
|
||||
needPlus: true,
|
||||
default: {
|
||||
strategy: {
|
||||
runStrategy: RunStrategy.SkipWhenSucceed
|
||||
}
|
||||
}
|
||||
runStrategy: RunStrategy.SkipWhenSucceed,
|
||||
},
|
||||
},
|
||||
})
|
||||
|
||||
export class AcePanelPanelCert extends AbstractPlusTaskPlugin {
|
||||
@TaskInput({
|
||||
title: "域名证书",
|
||||
helper: "请选择前置任务输出的域名证书",
|
||||
component: {
|
||||
name: "output-selector",
|
||||
from: [...CertApplyPluginNames]
|
||||
}
|
||||
from: [...CertApplyPluginNames],
|
||||
},
|
||||
})
|
||||
cert!: CertInfo;
|
||||
|
||||
@@ -32,14 +31,13 @@ export class AcePanelPanelCert extends AbstractPlusTaskPlugin {
|
||||
title: "ACEPanel授权",
|
||||
component: {
|
||||
name: "access-selector",
|
||||
type: "acepanel"
|
||||
type: "acepanel",
|
||||
},
|
||||
required: true
|
||||
required: true,
|
||||
})
|
||||
accessId!: string;
|
||||
|
||||
async onInstance() {
|
||||
}
|
||||
async onInstance() {}
|
||||
|
||||
async execute(): Promise<void> {
|
||||
const access = await this.getAccess<AcePanelAccess>(this.accessId);
|
||||
@@ -50,4 +48,4 @@ export class AcePanelPanelCert extends AbstractPlusTaskPlugin {
|
||||
}
|
||||
}
|
||||
|
||||
new AcePanelPanelCert();
|
||||
new AcePanelPanelCert();
|
||||
|
||||
Reference in New Issue
Block a user