acme.sh/dnsapi/dns_active24.sh

#!/usr/bin/env sh
# shellcheck disable=SC2034
dns_active24_info='Active24.cz
Site: Active24.cz
Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_active24
Options:
 Active24_ApiKey API Key. Called "Identifier" in the Active24 Admin
 Active24_ApiSecret API Secret. Called "Secret key" in the Active24 Admin
Issues: github.com/acmesh-official/acme.sh/issues/2059
'

Active24_Api="https://rest.active24.cz"
# export Active24_ApiKey=ak48l3h7-ak5d-qn4t-p8gc-b6fs8c3l
# export Active24_ApiSecret=ajvkeo3y82ndsu2smvxy3o36496dcascksldncsq

# Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
# Used to add txt record
dns_active24_add() {
  fulldomain=$1
  txtvalue=$2

  _active24_init

  _info "Adding txt record"
  if _active24_rest POST "/v2/service/$_service_id/dns/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":300}"; then
    if _contains "$response" "error"; then
      _err "Add txt record error."
      return 1
    else
      _info "Added, OK"
      return 0
    fi
  fi

  _err "Add txt record error."
  return 1
}

# Usage: fulldomain txtvalue
# Used to remove the txt record after validation
dns_active24_rm() {
  fulldomain=$1
  txtvalue=$2

  _active24_init

  _debug "Getting txt records"
  # The API needs to send data in body in order the filter to work
  _active24_rest GET "/v2/service/$_service_id/dns/record" "{\"page\":1,\"descending\":true,\"sortBy\":\"name\",\"rowsPerPage\":100,\"totalRecords\":0,\"filters\":{\"type\":[\"TXT\"],\"name\":\"${_sub_domain}\"}}"
  #_active24_rest GET "/v2/service/$_service_id/dns/record?rowsPerPage=100"

  if _contains "$response" "error"; then
    _err "Error"
    return 1
  fi

  # Note: it might never be more than one record actually, NEEDS more INVESTIGATION
  record_ids=$(printf "%s" "$response" | _egrep_o "[^{]+${txtvalue}[^}]+" | _egrep_o '"id" *: *[^,]+' | cut -d ':' -f 2)
  _debug2 record_ids "$record_ids"

  for redord_id in $record_ids; do
    _debug "Removing record_id" "$redord_id"
    _debug "txtvalue" "$txtvalue"
    if _active24_rest DELETE "/v2/service/$_service_id/dns/record/$redord_id" ""; then
      if _contains "$response" "error"; then
        _err "Unable to remove txt record."
        return 1
      else
        _info "Removed txt record."
        return 0
      fi
    fi
  done

  _err "No txt records found."
  return 1
}

_get_root() {
  domain=$1
  i=1
  p=1

  if ! _active24_rest GET "/v1/user/self/service"; then
    return 1
  fi

  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
    _debug "h" "$h"
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi

    if _contains "$response" "\"$h\"" >/dev/null; then
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
      _domain=$h
      return 0
    fi
    p=$i
    i=$(_math "$i" + 1)
  done
  return 1
}

_active24_init() {
  Active24_ApiKey="${Active24_ApiKey:-$(_readaccountconf_mutable Active24_ApiKey)}"
  Active24_ApiSecret="${Active24_ApiSecret:-$(_readaccountconf_mutable Active24_ApiSecret)}"
  #Active24_ServiceId="${Active24_ServiceId:-$(_readaccountconf_mutable Active24_ServiceId)}"

  if [ -z "$Active24_ApiKey" ] || [ -z "$Active24_ApiSecret" ]; then
    Active24_ApiKey=""
    Active24_ApiSecret=""
    _err "You don't specify Active24 api key and ApiSecret yet."
    _err "Please create your key and try again."
    return 1
  fi

  #save the credentials to the account conf file.
  _saveaccountconf_mutable Active24_ApiKey "$Active24_ApiKey"
  _saveaccountconf_mutable Active24_ApiSecret "$Active24_ApiSecret"

  _debug "A24 API CHECK"
  if ! _active24_rest GET "/v2/check"; then
    _err "A24 API check failed with: $response"
    return 1
  fi

  if ! echo "$response" | tr -d " " | grep \"verified\":true >/dev/null; then
    _err "A24 API check failed with: $response"
    return 1
  fi

  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi

  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"
  _active24_get_service_id "$_domain"
  _debug _service_id "$_service_id"
}

_active24_get_service_id() {
  _d=$1
  if ! _active24_rest GET "/v1/user/self/zone/${_d}"; then
    return 1
  else
    response=$(echo "$response" | _json_decode)
    _service_id=$(echo "$response" | _egrep_o '"id" *: *[^,]+' | cut -d ':' -f 2)
  fi
}

_active24_rest() {
  m=$1
  ep_qs=$2 # with query string
  # ep=$2
  ep=$(printf "%s" "$ep_qs" | cut -d '?' -f1) # no query string
  data="$3"

  _debug "A24 $ep"
  _debug "A24 $Active24_ApiKey"
  _debug "A24 $Active24_ApiSecret"

  timestamp=$(_time)
  datez=$(date -u +"%Y%m%dT%H%M%SZ")
  canonicalRequest="${m} ${ep} ${timestamp}"
  signature=$(printf "%s" "$canonicalRequest" | _hmac sha1 "$(printf "%s" "$Active24_ApiSecret" | _hex_dump | tr -d " ")" hex)
  authorization64="$(printf "%s:%s" "$Active24_ApiKey" "$signature" | _base64)"

  export _H1="Date: ${datez}"
  export _H2="Accept: application/json"
  export _H3="Content-Type: application/json"
  export _H4="Authorization: Basic ${authorization64}"

  _debug2 H1 "$_H1"
  _debug2 H2 "$_H2"
  _debug2 H3 "$_H3"
  _debug2 H4 "$_H4"

  # _sleep 1

  if [ "$m" != "GET" ]; then
    _debug2 "${m} $Active24_Api${ep_qs}"
    _debug "data" "$data"
    response="$(_post "$data" "$Active24_Api${ep_qs}" "" "$m" "application/json")"
  else
    if [ -z "$data" ]; then
      _debug2 "GET $Active24_Api${ep_qs}"
      response="$(_get "$Active24_Api${ep_qs}")"
    else
      _debug2 "GET $Active24_Api${ep_qs} with data: ${data}"
      response="$(_post "$data" "$Active24_Api${ep_qs}" "" "$m" "application/json")"
    fi
  fi
  if [ "$?" != "0" ]; then
    _err "error $ep"
    return 1
  fi
  _debug2 response "$response"
  return 0
}