chore:

packages/ui/certd-server/src/configuration.ts

@@ -19,7 +19,6 @@ import * as libServer from '@certd/lib-server';
 import * as commercial from '@certd/commercial-core';
 import * as upload from '@midwayjs/upload';
 import { setLogger } from '@certd/acme-client';
-
 process.on('uncaughtException', error => {
   console.error('未捕获的异常：', error);
   // 在这里可以添加日志记录、发送错误通知等操作

packages/ui/certd-server/src/controller/openapi/base-open-controller.ts

@@ -10,6 +10,6 @@ export class BaseOpenController extends BaseController {
       const encrypted = encryptor.encrypt(data);
       return this.ok(encrypted);
     }
-    super.ok(res);
+    return super.ok(res);
   }
 }

packages/ui/certd-server/src/controller/openapi/v1/cert-controller.ts

@@ -6,7 +6,8 @@ import { OpenKey } from '../../../modules/open/service/open-key-service.js';
 import { BaseOpenController } from '../base-open-controller.js';
 
 export type CertGetReq = {
-  domains: string;
+  domains?: string;
+  certId: number;
 };
 
 /**
@@ -25,17 +26,13 @@ export class OpenCertController extends BaseOpenController {
     const openKey: OpenKey = this.ctx.openKey;
     const userId = openKey.userId;
     if (!userId) {
-      return Constants.res.openKeyError;
+      throw new CodeException(Constants.res.openKeyError);
     }
 
-    const domains = bean.domains || query.domains;
-    if (!domains) {
-      throw new CodeException(Constants.res.openParamError);
-    }
-    const domainArr = domains.split(',');
     const res: CertInfo = await this.certInfoService.getCertInfo({
       userId,
-      domains: domainArr,
+      domains: bean.domains || query.domains,
+      certId: bean.certId || query.certId,
     });
     return this.ok(res);
   }

packages/ui/certd-server/src/controller/user/open/open-key-controller.ts

@@ -62,4 +62,11 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
     await this.service.checkUserId(id, this.getUserId());
     return await super.delete(id);
   }
+
+  @Post('/getApiToken', { summary: Constants.per.authOnly })
+  async getApiToken(@Query('id') id: number) {
+    await this.service.checkUserId(id, this.getUserId());
+    const token = await this.service.getApiToken(id);
+    return this.ok(token);
+  }
 }

packages/ui/certd-server/src/middleware/authority.ts

@@ -88,8 +88,7 @@ export class AuthorityMiddleware implements IWebMiddleware {
 
   async doOpenHandler(ctx: IMidwayKoaContext, next: Next) {
     //开放接口
-    let openKey = ctx.get('Authorization') || '';
-    openKey = openKey.replace('Bearer ', '').trim();
+    const openKey = ctx.get('x-api-token') || '';
     if (!openKey) {
       ctx.status = 401;
       ctx.body = Constants.res.auth;

packages/ui/certd-server/src/modules/monitor/service/cert-info-service.ts

@@ -72,10 +72,29 @@ export class CertInfoService extends BaseService<CertInfoEntity> {
     });
   }
 
-  async getCertInfo(param: { domains: string[]; userId: number }) {
-    const { domains, userId } = param;
+  async getCertInfo(params: { domains?: string; certId?: number; userId: number }) {
+    const { domains, certId, userId } = params;
+    if (certId) {
+      return await this.getCertInfoById({ id: certId, userId });
+    }
+    return await this.getCertInfoByDomains({
+      domains,
+      userId,
+    });
+  }
+
+  private async getCertInfoByDomains(params: { domains: string; userId: number }) {
+    const { domains, userId } = params;
+    if (!domains) {
+      throw new CodeException(Constants.res.openCertNotFound);
+    }
+    const domainArr = domains.split(',');
 
     const list = await this.find({
+      select: {
+        id: true,
+        domains: true,
+      },
       where: {
         userId,
       },
@@ -83,12 +102,25 @@ export class CertInfoService extends BaseService<CertInfoEntity> {
     //遍历查找
     const matched = list.find(item => {
       const itemDomains = item.domains.split(',');
-      return utils.domain.match(domains, itemDomains);
+      return utils.domain.match(domainArr, itemDomains);
     });
-    if (!matched || !matched.certInfo) {
+    if (!matched) {
       throw new CodeException(Constants.res.openCertNotFound);
     }
-    const certInfo = JSON.parse(matched.certInfo) as CertInfo;
+
+    return await this.getCertInfoById({ id: matched.id, userId: userId });
+  }
+
+  async getCertInfoById(req: { id: number; userId: number }) {
+    const entity = await this.info(req.id);
+    if (!entity || entity.userId !== req.userId) {
+      throw new CodeException(Constants.res.openCertNotFound);
+    }
+
+    if (!entity.certInfo) {
+      throw new CodeException(Constants.res.openCertNotReady);
+    }
+    const certInfo = JSON.parse(entity.certInfo) as CertInfo;
     const certReader = new CertReader(certInfo);
     return certReader.toCertInfo();
   }

packages/ui/certd-server/src/modules/open/service/open-key-service.ts

@@ -5,6 +5,7 @@ import { Repository } from 'typeorm';
 import { OpenKeyEntity } from '../entity/open-key.js';
 import { utils } from '@certd/basic';
 import crypto from 'crypto';
+import dayjs from 'dayjs';
 
 export type OpenKey = {
   userId: number;
@@ -85,4 +86,21 @@ export class OpenKeyService extends BaseService<OpenKeyEntity> {
       encrypt: encrypt,
     };
   }
+
+  async getApiToken(id: number) {
+    const entity = await this.repository.findOne({ where: { id } });
+    if (!entity) {
+      throw new Error('id不存在');
+    }
+    const { keyId, keySecret } = entity;
+    const openKey = {
+      keyId,
+      t: dayjs().unix(),
+      encrypt: false,
+      signType: 'md5',
+    };
+    const content = JSON.stringify(openKey);
+    const sign = utils.hash.md5(content + keySecret);
+    return Buffer.from(content).toString('base64') + '.' + sign;
+  }
 }