feat(deploy_ali_cdn): support Alibaba Cloud CDN deployment #5205
Conversation
| Ali_Key="${Ali_Key:-$(_readaccountconf_mutable Ali_Key)}" | ||
| Ali_Secret="${Ali_Secret:-$(_readaccountconf_mutable Ali_Secret)}" | ||
| if [ -z "$Ali_Key" ] || [ -z "$Ali_Secret" ]; then | ||
| Ali_Key="" | ||
| Ali_Secret="" | ||
| _err "You don't specify aliyun api key and secret yet." | ||
| return 1 | ||
| fi | ||
|
|
||
| #save the api key and secret to the account conf file. | ||
| _saveaccountconf_mutable Ali_Key "$Ali_Key" | ||
| _saveaccountconf_mutable Ali_Secret "$Ali_Secret" |
There was a problem hiding this comment.
Copy from
Lines 13 to 24 in 377a37e
| # stdin stdout | ||
| _url_encode_upper() { | ||
| encoded=$(_url_encode) | ||
|
|
||
| for match in $(echo "$encoded" | _egrep_o '%..' | sort -u); do | ||
| upper=$(echo "$match" | _upper_case) | ||
| encoded=$(echo "$encoded" | sed "s/$match/$upper/g") | ||
| done | ||
|
|
||
| echo "$encoded" | ||
| } |
There was a problem hiding this comment.
Alibaba Cloud API signature needs parameters encoded in upper-case.
_url_encode function from acme.sh can only encode with lower-case.
We have an ali_urlencode function from dns_ali.sh but it does not support multi-line strings.
Maybe we can add an argument to _url_encode function to make it support upper-case? (it only needs a very simple change in the *) case).
There was a problem hiding this comment.
Lines 884 to 887 in 0d8a314
Can we change it to:
*)
case "$1" in
'[uU]*') # for upper-case
printf '%%%s' "$_hex_code" | _upper_case
;;
*) # default to lower-case
printf '%%%s' "$_hex_code"
;;
esac
;;| _ali_urlencode() { | ||
| _str="$1" | ||
| _str_len=${#_str} | ||
| _u_i=1 | ||
| while [ "$_u_i" -le "$_str_len" ]; do | ||
| _str_c="$(printf "%s" "$_str" | cut -c "$_u_i")" | ||
| case $_str_c in [a-zA-Z0-9.~_-]) | ||
| printf "%s" "$_str_c" | ||
| ;; | ||
| *) | ||
| printf "%%%02X" "'$_str_c" | ||
| ;; | ||
| esac | ||
| _u_i="$(_math "$_u_i" + 1)" | ||
| done | ||
| } | ||
|
|
||
| _ali_nonce() { | ||
| #_head_n 1 </dev/urandom | _digest "sha256" hex | cut -c 1-31 | ||
| #Not so good... | ||
| date +"%s%N" | sed 's/%N//g' | ||
| } | ||
|
|
||
| _timestamp() { | ||
| date -u +"%Y-%m-%dT%H%%3A%M%%3A%SZ" | ||
| } |
There was a problem hiding this comment.
| # act ign mtd | ||
| _ali_rest() { | ||
| act="$1" | ||
| ign="$2" | ||
| mtd="$3" | ||
|
|
||
| signature=$(printf "%s" "$mtd&%2F&$(_ali_urlencode "$query")" | _hmac "sha1" "$(printf "%s" "$Ali_Secret&" | _hex_dump | tr -d " ")" | _base64) | ||
| signature=$(_ali_urlencode "$signature") | ||
| url="$Ali_API?$query&Signature=$signature" | ||
|
|
||
| if [ "$mtd" = "GET" ]; then | ||
| response="$(_get "$url")" | ||
| else | ||
| # post payload is not supported yet because of signature | ||
| response="$(_post "" "$url")" | ||
| fi | ||
|
|
||
| _ret="$?" | ||
| _debug2 response "$response" | ||
| if [ "$_ret" != "0" ]; then | ||
| _err "Error <$act>" | ||
| return 1 | ||
| fi | ||
|
|
||
| if [ -z "$ign" ]; then | ||
| message="$(echo "$response" | _egrep_o "\"Message\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \")" | ||
| if [ "$message" ]; then | ||
| _err "$message" | ||
| return 1 | ||
| fi | ||
| fi | ||
| } |
There was a problem hiding this comment.
Reference https://github.com/acmesh-official/acme.sh/blob/3.0.7/dnsapi/dns_ali.sh
However, the original method was hard coded with the GET method.
So, I made a new argument to specify the method.
Notice that Alibaba Cloud API supports passing the parameters by either query or body. (https://help.aliyun.com/zh/sdk/product-overview/rpc-mechanism#section-9x3-wo3-8l9)
But we must sign with all the parameters, in alphabetical order, regardless of where they come from.
So, I didn't support the post-payload yet.
|
Solve #1461 |
How to use this deploy script? |
For example: or using docker: |
Hope this PR merged ASAP. |
|
Great job man, thanks a lot. <3 |
|
@PMExtra Can DCDN be supported? Thanks. Great job. 是否可以支持DCDN? |
|
@ShirasawaSama 目前没有支持,但只要把这一行代码的 Line 145 in 945b7de |
|
@ShirasawaSama 哦,还漏了API版本,一共改两处,一个是 Lines 142 to 157 in 945b7de |
API Documents
zh-cn
en