From 64b3184b286fee996002d857b0de588452abdadd Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Tue, 28 Apr 2026 11:51:54 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E9=98=BF=E9=87=8C=E4=BA=91=E8=AF=81?= =?UTF-8?q?=E4=B9=A6=E8=AE=A2=E5=8D=95=E6=94=AF=E6=8C=81=E8=8E=B7=E5=8F=96?= =?UTF-8?q?2.0=E7=9A=84=E8=AE=A2=E5=8D=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../plugin/cert-plugin/getter/aliyun.ts | 174 +++++++++++++----- pnpm-lock.yaml | 155 +++++++++++----- 2 files changed, 235 insertions(+), 94 deletions(-) diff --git a/packages/ui/certd-server/src/plugins/plugin-cert/plugin/cert-plugin/getter/aliyun.ts b/packages/ui/certd-server/src/plugins/plugin-cert/plugin/cert-plugin/getter/aliyun.ts index 98c1374f5..15ba3820c 100644 --- a/packages/ui/certd-server/src/plugins/plugin-cert/plugin/cert-plugin/getter/aliyun.ts +++ b/packages/ui/certd-server/src/plugins/plugin-cert/plugin/cert-plugin/getter/aliyun.ts @@ -9,7 +9,7 @@ import dayjs from "dayjs"; icon: "ph:certificate", title: "获取阿里云订阅证书", group: pluginGroups.cert.key, - desc: "从阿里云拉取订阅模式的商用证书", + desc: "从阿里云拉取订阅模式的商用证书(支持 API 1.0 和 2.0)", default: { strategy: { runStrategy: RunStrategy.AlwaysRun, @@ -18,8 +18,8 @@ import dayjs from "dayjs"; }) export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { @TaskInput({ - title: "Access授权", - helper: "阿里云授权AccessKeyId、AccessKeySecret", + title: "Access 授权", + helper: "阿里云授权 AccessKeyId、AccessKeySecret", component: { name: "access-selector", type: "aliyun", @@ -28,34 +28,34 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { }) accessId!: string; - - @TaskInput( + @TaskInput( { - title:"订单类型", - value:"CPACK", - component:{ - name:"a-select", - vModel:"value", - options:[ + title: "证书API 版本", + value: "v1", + component: { + name: "a-select", + vModel: "value", + options: [ { - label:"资源虚拟订单(一般选这个)", - value:"CPACK", + label: "API 1.0 (旧版)", + value: "v1", }, { - label:"售卖订单", - value:"BUY", - } - ] - } + label: "API 2.0 (新版)", + value: "v2", + }, + ], + }, + helper: "选择阿里云证书 API 版本", } ) - orderType!: string; + apiVersion!: string; @TaskInput( createRemoteSelectInputDefine({ - title: "证书订单ID", - helper: "订阅模式的证书订单Id", + title: "证书订单 ID", + helper: "订阅模式的证书订单 Id", typeName: "CertApplyGetFormAliyun", pageSize: 50, component: { @@ -68,40 +68,53 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { ) orderId!: string; - async onInit(): Promise {} + async onInit(): Promise { } async doCertApply(): Promise { const access = await this.getAccess(this.accessId); const client = await access.getClient("cas.aliyuncs.com"); - this.logger.info(`开始获取证书,orderId:${this.orderId}`); + + if (this.apiVersion === "v2") { + return this.doCertApplyV2(client); + } else { + return this.doCertApplyV1(client); + } + } + + async doCertApplyV1(client: any): Promise { + this.logger.info(`开始获取证书 (API 1.0),orderId:${this.orderId}`); let orderId: any = this.orderId; if (!orderId) { - throw new Error("请先输入证书订单ID"); + throw new Error("请先输入证书订单 ID"); } if (typeof orderId !== "string") { orderId = parseInt(orderId); } const certState = await this.getCertificateState(client, orderId); - this.logger.info(`获取到证书Id:${JSON.stringify(certState.CertId)}`); + this.logger.info(`获取到证书 Id:${JSON.stringify(certState.CertId)}`); const certDetail = await this.getCertDetail(client, certState.CertId); this.logger.info(`获取到证书:${certDetail.getAllDomains()}, 过期时间:${dayjs(certDetail.expires).format("YYYY-MM-DD HH:mm:ss")}`); return certDetail; } + async doCertApplyV2(client: any): Promise { + this.logger.info(`开始获取证书 (API 2.0),instanceId:${this.orderId}`); + if (!this.orderId) { + throw new Error("请先输入证书实例 ID"); + } + const certDetail = await this.getCertDetailV2(client, this.orderId); + this.logger.info(`获取到证书:${certDetail.getAllDomains()}, 过期时间:${dayjs(certDetail.expires).format("YYYY-MM-DD HH:mm:ss")}`); + return certDetail; + } + async getCertDetail(client: any, certId: any) { const res = await client.doRequest({ - // 接口名称 - // 接口名称 action: "GetUserCertificateDetail", - // 接口版本 version: "2020-04-07", - // 接口协议 protocol: "HTTPS", - // 接口 HTTP 方法 method: "POST", authType: "AK", style: "RPC", - // 接口 PATH pathname: `/`, data: { query: { @@ -120,19 +133,40 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { }); } - async getCertificateState(client: any, orderId: any): Promise<{ CertId: string; Type: string; Domain: string }> { + async getCertDetailV2(client: any, instanceId: string) { const res = await client.doRequest({ - // 接口名称 - action: "DescribeCertificateState", - // 接口版本 + action: "GetUserCertificateDetail", + version: "2020-04-07", + protocol: "HTTPS", + method: "POST", + authType: "AK", + style: "RPC", + pathname: `/`, + data: { + query: { + CertId: instanceId, + }, + }, + }); + + const crt = res.Cert; + const key = res.Key; + + return new CertReader({ + crt, + key, + csr: "", + }); + } + + async getCertificateState(client: any, orderId: any): Promise<{ CertId: string; Type: string; Domain: string }> { + const res = await client.doRequest({ + action: "DescribeCertificateState", version: "2020-04-07", - // 接口协议 protocol: "HTTPS", - // 接口 HTTP 方法 method: "POST", authType: "AK", style: "RPC", - // 接口 PATH pathname: `/`, data: { query: { @@ -146,35 +180,41 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { async onGetOrderList(req: PageSearch) { if (!this.accessId) { - throw new Error("请先选择Access授权"); + throw new Error("请先选择 Access 授权"); } const access = await this.getAccess(this.accessId); const client = await access.getClient("cas.aliyuncs.com"); - const pager = new Pager(req) + const pager = new Pager(req); + + if (this.apiVersion === "v2") { + return this.onGetOrderListV2(client, pager); + } else { + return this.onGetOrderListV1(client, pager); + } + } + + async onGetOrderListV1(client: any, pager: Pager) { const res = await client.doRequest({ - // 接口名称 action: "ListUserCertificateOrder", - // 接口版本 version: "2020-04-07", method: "POST", authType: "AK", style: "RPC", - // 接口 PATH pathname: `/`, data: { query: { - OrderType: this.orderType, + OrderType: "CPACK", Status: "ISSUED", CurrentPage: pager.pageNo, - ShowSize : pager.pageSize, + ShowSize: pager.pageSize, }, }, }); const list = res?.CertificateOrderList || []; if (!list || list.length === 0) { - return [] + return []; } const total = res.TotalCount || 0; @@ -195,9 +235,49 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin { }; }); return { - list:records, + list: records, total, + }; + } + + async onGetOrderListV2(client: any, pager: Pager) { + const res = await client.doRequest({ + action: "ListInstances", + version: "2020-04-07", + method: "POST", + authType: "AK", + style: "RPC", + pathname: `/`, + data: { + query: { + Status: "normal", + CurrentPage: pager.pageNo, + ShowSize: pager.pageSize, + }, + }, + }); + + const list = res?.InstanceList || []; + if (!list || list.length === 0) { + return []; } + + const total = res.TotalCount || 0; + + const records = list.map((item: any) => { + const value = item.InstanceId; + const domain = item.Domain; + const label = `${item.Domain}<${item.CertificateName}>`; + return { + label: label, + value: value, + Domain: domain, + }; + }); + return { + list: records, + total, + }; } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index b86e3f9b5..c91f6010c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -49,7 +49,7 @@ importers: packages/core/acme-client: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../basic '@peculiar/x509': specifier: ^1.11.0 @@ -213,11 +213,11 @@ importers: packages/core/pipeline: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../basic '@certd/plus-core': - specifier: ^1.39.10 - version: link:../../pro/plus-core + specifier: ^1.39.11 + version: 1.39.11 dayjs: specifier: ^1.11.7 version: 1.11.13 @@ -412,7 +412,7 @@ importers: packages/libs/lib-k8s: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/basic '@kubernetes/client-node': specifier: 0.21.0 @@ -452,20 +452,20 @@ importers: packages/libs/lib-server: dependencies: '@certd/acme-client': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/pipeline '@certd/plugin-lib': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../plugins/plugin-lib '@certd/plus-core': - specifier: ^1.39.10 - version: link:../../pro/plus-core + specifier: ^1.39.11 + version: 1.39.11 '@midwayjs/cache': specifier: 3.14.0 version: 3.14.0 @@ -610,16 +610,16 @@ importers: packages/plugins/plugin-cert: dependencies: '@certd/acme-client': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/pipeline '@certd/plugin-lib': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../plugin-lib psl: specifier: ^1.9.0 @@ -683,17 +683,17 @@ importers: specifier: ^3.964.0 version: 3.964.0(aws-crt@1.26.2) '@certd/acme-client': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/pipeline '@certd/plus-core': - specifier: ^1.39.10 - version: link:../../pro/plus-core + specifier: ^1.39.11 + version: 1.39.11 '@kubernetes/client-node': specifier: 0.21.0 version: 0.21.0 @@ -783,16 +783,16 @@ importers: packages/pro/commercial-core: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../core/basic '@certd/lib-server': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../libs/lib-server '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../core/pipeline '@certd/plus-core': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../plus-core '@midwayjs/core': specifier: 3.20.11 @@ -868,16 +868,16 @@ importers: packages/pro/plugin-plus: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../core/pipeline '@certd/plugin-lib': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../plugins/plugin-lib '@certd/plus-core': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../plus-core crypto-js: specifier: ^4.2.0 @@ -953,7 +953,7 @@ importers: packages/pro/plus-core: dependencies: '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.7 version: link:../../core/basic dayjs: specifier: ^1.11.7 @@ -1249,10 +1249,10 @@ importers: version: 0.1.3(zod@3.24.4) devDependencies: '@certd/lib-iframe': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/lib-iframe '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/pipeline '@rollup/plugin-commonjs': specifier: ^25.0.7 @@ -1453,47 +1453,47 @@ importers: specifier: ^4.13.1 version: 4.13.1 '@certd/acme-client': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/basic '@certd/commercial-core': - specifier: ^1.39.10 - version: link:../../pro/commercial-core + specifier: ^1.39.11 + version: 1.39.11(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3)) '@certd/cv4pve-api-javascript': specifier: ^8.4.2 version: 8.4.2 '@certd/jdcloud': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/lib-jdcloud '@certd/lib-huawei': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/lib-huawei '@certd/lib-k8s': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/lib-k8s '@certd/lib-server': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/lib-server '@certd/midway-flyway-js': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../libs/midway-flyway-js '@certd/pipeline': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../core/pipeline '@certd/plugin-cert': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../plugins/plugin-cert '@certd/plugin-lib': - specifier: ^1.39.10 + specifier: ^1.39.11 version: link:../../plugins/plugin-lib '@certd/plugin-plus': - specifier: ^1.39.10 - version: link:../../pro/plugin-plus + specifier: ^1.39.11 + version: 1.39.11 '@certd/plus-core': - specifier: ^1.39.10 - version: link:../../pro/plus-core + specifier: ^1.39.11 + version: 1.39.11 '@google-cloud/dns': specifier: ^5.3.1 version: 5.3.1 @@ -2907,9 +2907,18 @@ packages: '@better-scroll/zoom@2.5.1': resolution: {integrity: sha512-aGvFY5ooeZWS4RcxQLD+pGLpQHQxpPy0sMZV3yadcd2QK53PK9gS4Dp+BYfRv8lZ4/P2LoNEhr6Wq1DN6+uPlA==} + '@certd/commercial-core@1.39.11': + resolution: {integrity: sha512-sX0WOF+FflGcx3aeBt1f/meu8plnHqC7UnPivJr9gMx54PRdyTC/zQ5jKvcSTUlivp8xX9Mm2qLmevb5XlN8uQ==} + '@certd/cv4pve-api-javascript@8.4.2': resolution: {integrity: sha512-udGce7ewrVl4DmZvX+17PjsnqsdDIHEDatr8QP0AVrY2p+8JkaSPW4mXCKiLGf82C9K2+GXgT+qNIqgW7tfF9Q==} + '@certd/plugin-plus@1.39.11': + resolution: {integrity: sha512-oi3+0gcyHswI97+cAY7dNXPP66sQga9n98STQYtaDQ5d2LY8dXYpXQl9V1L7IvfAafc1ZAcQLTrfwKA+b9kAZg==} + + '@certd/plus-core@1.39.11': + resolution: {integrity: sha512-DOi7mTUTEK4iFhfLjmxSL7gcF/LMlFguERBPyd7YHI7QBkkufTodLu3l8SuXYwFtp3O883XzlDkcBlnQNAdkwA==} + '@certd/vue-js-cron-core@6.0.3': resolution: {integrity: sha512-kqzoAMhYz9j6FGNWEODRYtt4NpUEUwjpkU89z5WVg2tCtOcI5VhwyUGOd8AxiBCRfd6PtXvzuqw85PaOps9wrQ==} @@ -15455,12 +15464,64 @@ snapshots: dependencies: '@better-scroll/core': 2.5.1 + '@certd/commercial-core@1.39.11(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3))': + dependencies: + '@certd/basic': link:packages/core/basic + '@certd/lib-server': link:packages/libs/lib-server + '@certd/pipeline': link:packages/core/pipeline + '@certd/plus-core': 1.39.11 + '@midwayjs/core': 3.20.11 + '@midwayjs/koa': 3.20.13 + '@midwayjs/logger': 3.4.2 + '@midwayjs/swagger': 3.20.11 + '@midwayjs/typeorm': 3.20.11 + dayjs: 1.11.13 + typeorm: 0.3.24(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3)) + transitivePeerDependencies: + - '@google-cloud/spanner' + - '@sap/hana-client' + - babel-plugin-macros + - better-sqlite3 + - hdb-pool + - ioredis + - mongodb + - mssql + - mysql2 + - oracledb + - pg + - pg-native + - pg-query-stream + - redis + - reflect-metadata + - sql.js + - sqlite3 + - supports-color + - ts-node + - typeorm-aurora-data-api-driver + '@certd/cv4pve-api-javascript@8.4.2': dependencies: debug: 4.4.3(supports-color@8.1.1) transitivePeerDependencies: - supports-color + '@certd/plugin-plus@1.39.11': + dependencies: + '@certd/basic': link:packages/core/basic + '@certd/pipeline': link:packages/core/pipeline + '@certd/plugin-lib': link:packages/plugins/plugin-lib + '@certd/plus-core': 1.39.11 + crypto-js: 4.2.0 + dayjs: 1.11.13 + form-data: 4.0.2 + jsrsasign: 11.1.0 + querystring: 0.2.1 + + '@certd/plus-core@1.39.11': + dependencies: + '@certd/basic': link:packages/core/basic + dayjs: 1.11.13 + '@certd/vue-js-cron-core@6.0.3': dependencies: mustache: 4.2.0