From ee79f908cb3e248916b9f31b18dc73792865ee6e Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Tue, 19 Jun 2018 22:22:19 +0200
Subject: [PATCH] rewrite config object

---
 authenticator.py | 88 +++++++++++++++++++++++++++++++++++-------------
 1 file changed, 65 insertions(+), 23 deletions(-)

diff --git a/authenticator.py b/authenticator.py
index 0fad8b7..47ad059 100755
--- a/authenticator.py
+++ b/authenticator.py
@@ -11,6 +11,7 @@ import configparser
 import sys
 import logging
 import tldextract
+import codecs
 
 
 def setup_logger():
@@ -33,44 +34,66 @@ def setup_logger():
 
 
 def load_config(logger):
-    try:
-        config_path = os.path.join(
-            os.path.expanduser("~"), ".certbot_dns_corenetworks", "config.ini")
+    config_path = os.path.join(os.path.expanduser("~"), ".certbot_dns_corenetworks", "config.ini")
+
+    if os.path.isfile(config_path):
         config = configparser.ConfigParser()
         config.read(config_path)
+    else:
+        logger.error("Configfile " + config_path + " not present.")
+        sys.exit(1)
 
-        data = {}
-        data["API_HOST"] = config['API']['HOST']
-        data["API_USER"] = config['API']['USER']
-        data["PASSWORD"] = config['API']['PASSWORD']
+    return config
 
-        data["ZONE"] = config['DNS']['ZONE']
-    except KeyError, e:
-        logger.error("Key %s not found in config" % (e))
+
+def write_backup(name, value, logger):
+    data = {}
+    data["name"] = name
+    data["data"] = value
+    filename = '/tmp/CERTBOT_%s.json' % (name)
+
+    if os.path.isfile(filename):
+        logger.error("File '%s' exists. There seems to be an existing DNS record." % (filename))
         sys.exit(1)
 
-    return data
+    with codecs.open(filename, 'w', encoding='utf8') as f:
+        f.write(json.dumps(data, sort_keys=True, indent=4, ensure_ascii=False))
 
 
-def get_auth_token(user, passwd, host, logger):
+def get_auth_token(config, logger):
     data = {}
-    data["login"] = user
-    data["password"] = passwd
-    json_data = json.dumps(data)
+
+    try:
+        data["login"] = config.get('API', 'USER')
+        data["password"] = config.get('API', 'PASSWORD')
+        json_data = json.dumps(data)
+
+        host = config.get('API', 'HOST')
+    except (configparser.NoSectionError, configparser.NoOptionError) as e:
+        logger.error("Config error: %s" % (e))
+        sys.exit(1)
 
     url = urlparse.urljoin(host, os.path.join("auth", "token"))
 
     try:
         r = requests.post(url, data=json_data)
         r.raise_for_status()
-    except requests.exceptions.HTTPError, e:
+    except requests.exceptions.HTTPError as e:
         logger.error(e)
         sys.exit(1)
 
     return r
 
 
-def get_zone(token, host, zone, logger):
+def get_zone(config, logger):
+    try:
+        host = config.get('API', 'HOST')
+        zone = config.get('DNS', 'ZONE')
+        token = config.get('API', 'TOKEN')
+    except (configparser.NoSectionError, configparser.NoOptionError) as e:
+        logger.error("Config error: %s" % (e))
+        sys.exit(1)
+
     url = urlparse.urljoin(host, os.path.join("dnszones", zone))
     headers = {"Authorization": "Bearer %s" % (token)}
 
@@ -84,7 +107,15 @@ def get_zone(token, host, zone, logger):
     return r
 
 
-def set_record(token, host, zone, logger):
+def set_record(config, logger):
+    try:
+        host = config.get('API', 'HOST')
+        zone = config.get('DNS', 'ZONE')
+        token = config.get('API', 'TOKEN')
+    except (configparser.NoSectionError, configparser.NoOptionError) as e:
+        logger.error("Config error: %s" % (e))
+        sys.exit(1)
+
     url = urlparse.urljoin(host, os.path.join("dnszones", zone, "records/"))
     headers = {"Authorization": "Bearer %s" % (token)}
 
@@ -101,6 +132,8 @@ def set_record(token, host, zone, logger):
         logger.error("Environment Variable %s not set" % (e))
         sys.exit(1)
 
+    write_backup(os.environ['CERTBOT_DOMAIN'], certbot_validation, logger)
+
     data = {}
     data["name"] = certbot_domain
     data["ttl"] = 120
@@ -126,13 +159,19 @@ def main():
 
     # get auth token
     logger.info("Try to get auth token")
-    r_token = get_auth_token(config["API_USER"], config["PASSWORD"], config["API_HOST"], logger)
-    auth_token = r_token.json()["token"]
+    r_token = get_auth_token(config, logger)
+    config.set('API', 'TOKEN', r_token.json()["token"])
     logger.info("Authentication successful")
 
     # verify dns zone
-    r_zone = get_zone(auth_token, config["API_HOST"], config["ZONE"], logger)
-    zone_name = r_zone.json()["name"]
+    r_zone = get_zone(config, logger)
+
+    try:
+        zone_name = config.get('DNS', 'ZONE')
+    except (configparser.NoSectionError, configparser.NoOptionError) as e:
+        logger.error("Config error: %s" % (e))
+        sys.exit(1)
+
     zone_active = r_zone.json()["active"]
 
     if zone_active:
@@ -142,7 +181,10 @@ def main():
         sys.exit(1)
 
     # add txt record
-    z_record = set_record(auth_token, config["API_HOST"], zone_name, logger)
+    logger.info("Try to set TXT record for dns challenge")
+    z_record = set_record(config, logger)
+    logger.info("Set TXT record successful")
+
 
 if __name__ == "__main__":
     main()