lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-14 20:40:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a248367b154c38661a6797ef64e37ec99d4e2abf
certd/packages/ui/certd-server/src/plugins/plugin-ucloud/access.ts
xiaojunnuo a248367b15 perf: 支持ucloud waf(未测试)
2025-12-27 22:57:26 +08:00

227 lines
6.0 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import { IsAccess, AccessInput, BaseAccess } from '@certd/pipeline';
import { CertInfo, CertReader } from '@certd/plugin-cert';
/**
* 这个注解将注册一个授权配置
* 在certd的后台管理系统中用户可以选择添加此类型的授权
*/
@IsAccess({
name: 'ucloud',
title: 'UCloud授权',
icon: 'svg:icon-ucloud',
desc: '优刻得授权',
})
export class UCloudAccess extends BaseAccess {
/**
* 授权属性配置
*/
@AccessInput({
title: '项目Id',
component: {
placeholder: '项目Id',
},
helper: "[项目管理](https://console.ucloud.cn/uaccount/iam/project_manage)项目ID列获取",
required: true,
encrypt: false,
})
projectId = '';
/**
* 授权属性配置
*/
@AccessInput({
title: '公钥',
component: {
placeholder: '公钥',
},
helper: "[Api管理](https://console.ucloud.cn/uaccount/api_manage)获取",
required: true,
encrypt: false,
})
publicKey = '';
@AccessInput({
title: '私钥',
component: {
name: "a-input-password",
vModel: "value",
placeholder: '私钥',
},
required: true,
encrypt: true,
})
privateKey = '';
@AccessInput({
title: "测试",
component: {
name: "api-test",
action: "TestRequest"
},
helper: "点击测试接口是否正常"
})
testRequest = true;
client: any;
async onTestRequest() {
await this.ProjectList();
return "ok";
}
async getClient() {
if (this.client) {
return this.client;
}
const { Client } = await import('@ucloud-sdks/ucloud-sdk-js');
const client = new Client({
config: {
region: 'cn-bj2',
projectId: this.projectId || "",
baseUrl: "https://api.ucloud.cn"
},
credential: {
publicKey: this.publicKey,
privateKey: this.privateKey,
}
});
this.client = client;
return client
}
async ProjectList() {
const client = await this.getClient();
const resp = await client.uaccount().getProjectList({
"Action": "GetProjectList"
});
this.ctx.logger.info(`获取到项目列表:${JSON.stringify(resp)}`);
return resp;
}
async GetRegion() {
const client = await this.getClient();
const res = await client.uaccount().getRegion({
"Action": "GetRegion"
});
this.ctx.logger.info(`获取到区域列表:${JSON.stringify(res)}`);
return res;
}
async CdnDominList(req: { PageNo: number, PageSize: number }) {
const client = await this.getClient();
const resp = await client.ucdn().getUcdnDomainInfoList({
"Action": "GetUcdnDomainInfoList",
"ProjectId": this.projectId || "",
"PageNo": req.PageNo,
"PageSize": req.PageSize,
});
this.ctx.logger.info(`获取到CDN域名列表:${JSON.stringify(resp)}`);
return resp;
}
async CdnAddCert(req: { certName: string, cert: CertInfo }) {
const client = await this.getClient();
const resp = await client.ucdn().addCertificate({
"Action": "AddCertificate",
"ProjectId": this.projectId || "",
"CertName": req.certName,
"UserCert": req.cert.crt,
"PrivateKey": req.cert.key
});
this.ctx.logger.info(`添加CDN证书:${JSON.stringify(resp)}`);
return resp;
}
async SslUploadCert(req: { cert: CertInfo }) {
const { cert } = req
/**
&SslPublicKey=lXUzWbSR
&SslCaKey=lXUzWbSR
&SslMD5=lXUzWbSR
&CertificateName=GoodCertcification
*/
const certReader = new CertReader(cert)
const certName = certReader.buildCertName()
const crtBase64 = this.ctx.utils.hash.base64(cert.crt)
const keyBase64 = this.ctx.utils.hash.base64(cert.key)
const allDomains = certReader.getAllDomains().join(",")
this.ctx.logger.info(`----------- 上传USSL证书certName:${certName},domains:${allDomains}`);
try {
const resp = await this.invoke({
Action: "UploadNormalCertificate",
"SslPublicKey": crtBase64,
"SslPrivateKey": keyBase64,
"CertificateName": certName,
"SslMD5": this.ctx.utils.hash.md5(crtBase64 + keyBase64)
});
this.ctx.logger.info(`----------- 上传USSL证书成功certId:${resp.CertificateID}`);
return { type: "ussl", id: resp.CertificateID, name: certName, resourceId: resp.LongResourceID, domains: allDomains }
} catch (err) {
if (err.message.includes("重复上传证书")) {
//查找证书
const certList = await this.SslGetCertList(certReader.getMainDomain());
const cert = certList.find((item: any) => item.Domains === allDomains)
if (cert) {
this.ctx.logger.info(`----------- 找到已存在证书certId:${cert.CertificateID}`);
return { type: "ussl", id: cert.CertificateID, name: certName, domains: cert.Domains }
}
}
this.ctx.logger.error(`上传USSL证书失败:${err}`);
throw err;
}
}
async SslGetCertList(domain: string) {
const resp = await this.invoke({
Action: "GetCertificateList",
Mode: "trust",
Domain: domain,
Sort: "2"
});
return resp.CertificateList || [];
}
async WafSiteList(req: { PageNo: number, PageSize: number , FullDomain?: string }):Promise<{DomainHostList?:{RecordId:string,FullDomain:string}[],TotalCount:number}> {
const resp = await this.invoke({
"Action": "DescribeWafDomainHostInfo",
"ProjectId": this.projectId,
"Limit": req.PageSize,
"Offset": (req.PageNo - 1) * req.PageSize,
"FullDomain": req.FullDomain || undefined
});
this.ctx.logger.info(`获取到WAF站点列表:${JSON.stringify(resp)}`);
return resp;
}
async invoke(req: { Action: string, [key: string]: any }) {
const { Request } = await import('@ucloud-sdks/ucloud-sdk-js');
const client = await this.getClient();
const resp = await client.invoke(new Request({
...req
}));
this.ctx.logger.info(`请求UCloud API:${JSON.stringify(resp)}`);
const res = resp.data || {}
if (res.RetCode !== 0) {
throw new Error(res.Message)
}
return res;
}
}
new UCloudAccess();
Reference in New Issue View Git Blame Copy Permalink