Merge pull request #303 from daozzg/master

add script for update the ca of cdn

Author: jemygraw

examples/update_cdn_sslcert.py

@@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+"""
+更新cdn证书(可配合let's encrypt 等完成自动证书更新)
+"""
+import qiniu
+from qiniu import DomainManager
+
+# 账户ak，sk
+access_key = ''
+secret_key = ''
+
+auth = qiniu.Auth(access_key=access_key, secret_key=secret_key)
+domain_manager = DomainManager(auth)
+
+privatekey = "ssl/www.qiniu.com/privkey.pem"
+ca = "ssl/www.qiniu.com/fullchain.pem"
+domain_name='www.qiniu.com'
+
+with open(privatekey,'r') as f:
+    privatekey_str=f.read()
+
+with open(ca,'r') as f:
+    ca_str=f.read()
+
+ret, info = domain_manager.create_sslcert(domain_name, domain_name, privatekey_str, ca_str)
+print(ret['certID'])
+
+ret, info = domain_manager.put_httpsconf(domain_name, ret['certID'],False)
+print(info)

qiniu/__init__.py

@@ -19,7 +19,7 @@
 from .services.storage.bucket import BucketManager, build_batch_copy, build_batch_rename, build_batch_move, \
     build_batch_stat, build_batch_delete
 from .services.storage.uploader import put_data, put_file, put_stream
-from .services.cdn.manager import CdnManager, create_timestamp_anti_leech_url
+from .services.cdn.manager import CdnManager, create_timestamp_anti_leech_url,DomainManager
 from .services.processing.pfop import PersistentFop
 from .services.processing.cmd import build_op, pipe_cmd, op_save
 from .services.compute.app import AccountClient

qiniu/http.py

@@ -51,6 +51,20 @@ def _post(url, data, files, auth, headers=None):
         return None, ResponseInfo(None, e)
     return __return_wrapper(r)
 
+def _put(url, data, files, auth, headers=None):
+    if _session is None:
+        _init()
+    try:
+        post_headers = _headers.copy()
+        if headers is not None:
+            for k, v in headers.items():
+                post_headers.update({k: v})
+        r = _session.put(
+            url, data=data, files=files, auth=auth, headers=post_headers,
+            timeout=config.get_default('connection_timeout'))
+    except Exception as e:
+        return None, ResponseInfo(None, e)
+    return __return_wrapper(r)
 
 def _get(url, params, auth):
     try:
@@ -86,6 +100,12 @@ def _post_with_auth(url, data, auth):
 def _post_with_auth_and_headers(url, data, auth, headers):
     return _post(url, data, None, qiniu.auth.RequestsAuth(auth), headers)
 
+def _put_with_auth(url, data, auth):
+    return _put(url, data, None, qiniu.auth.RequestsAuth(auth))
+
+def _put_with_auth_and_headers(url, data, auth, headers):
+    return _put(url, data, None, qiniu.auth.RequestsAuth(auth), headers)
+
 
 def _post_with_qiniu_mac(url, data, auth):
     qn_auth = qiniu.auth.QiniuMacRequestsAuth(auth) if auth is not None else None

qiniu/services/cdn/manager.py

@@ -157,10 +157,117 @@ def get_log_list_data(self, domains, log_date):
         url = '{0}/v2/tune/log/list'.format(self.server)
         return self.__post(url, body)
 
+    def put_httpsconf(self, name, certid, forceHttps=False):
+        """
+        修改证书，文档 https://developer.qiniu.com/fusion/api/4246/the-domain-name#11
+
+        Args:
+           domains:     域名name
+           CertID:      证书id，从上传或者获取证书列表里拿到证书id
+           ForceHttps:  是否强制https跳转
+
+        Returns:
+           {}
+        """
+        req = {}
+        req.update({"certid": certid})
+        req.update({"forceHttps": forceHttps})
+
+        body = json.dumps(req)
+        url = '{0}/domain/{1}/httpsconf'.format(self.server, name)
+        return self.__post(url, body)
+
+    def __post(self, url, data=None):
+        headers = {'Content-Type': 'application/json'}
+        return http._post_with_auth_and_headers(url, data, self.auth, headers)
+
+
+class DomainManager(object):
+    def __init__(self, auth):
+        self.auth = auth
+        self.server = 'http://api.qiniu.com'
+
+    def create_domain(self, name, body):
+        """
+        创建域名，文档 https://developer.qiniu.com/fusion/api/4246/the-domain-name
+
+        Args:
+           name:     域名, 如果是泛域名，必须以点号 . 开头
+           bosy:     创建域名参数
+        Returns:
+           {}
+        """
+        url = '{0}/domain/{1}'.format(self.server, name)
+        return self.__post(url, body)
+
+    def get_domain(self, name):
+        """
+        获取域名信息，文档 https://developer.qiniu.com/fusion/api/4246/the-domain-name
+
+        Args:
+           name:     域名, 如果是泛域名，必须以点号 . 开头
+        Returns:
+            返回一个tuple对象，其格式为(<result>, <ResponseInfo>)
+            - result          成功返回dict{}，失败返回{"error": "<errMsg string>"}
+            - ResponseInfo    请求的Response信息
+        """
+        url = '{0}/domain/{1}'.format(self.server, name)
+        return self.__post(url)
+
+    def put_httpsconf(self, name, certid, forceHttps):
+        """
+        修改证书，文档 https://developer.qiniu.com/fusion/api/4246/the-domain-name#11
+
+        Args:
+           domains:     域名name
+           CertID:      证书id，从上传或者获取证书列表里拿到证书id
+           ForceHttps:  是否强制https跳转
+
+        Returns:
+           {}
+        """
+        req = {}
+        req.update({"certid": certid})
+        req.update({"forceHttps": forceHttps})
+
+        body = json.dumps(req)
+        url = '{0}/domain/{1}/httpsconf'.format(self.server, name)
+        return self.__put(url, body)
+
+    def create_sslcert(self, name, common_name, pri, ca):
+        """
+        修改证书，文档 https://developer.qiniu.com/fusion/api/4246/the-domain-name#11
+
+        Args:
+           name:        证书名称
+           common_name: 相关域名
+           pri:         证书私钥
+           ca:          证书内容
+        Returns:
+            返回一个tuple对象，其格式为(<result>, <ResponseInfo>)
+            - result          成功返回dict{certID: <CertID>}，失败返回{"error": "<errMsg string>"}
+            - ResponseInfo    请求的Response信息
+
+
+        """
+        req = {}
+        req.update({"name": name})
+        req.update({"common_name": common_name})
+        req.update({"pri": pri})
+        req.update({"ca": ca})
+
+        body = json.dumps(req)
+        url = '{0}/sslcert'.format(self.server)
+        return self.__post(url, body)
+
     def __post(self, url, data=None):
         headers = {'Content-Type': 'application/json'}
         return http._post_with_auth_and_headers(url, data, self.auth, headers)
 
+    def __put(self, url, data=None):
+        headers = {'Content-Type': 'application/json'}
+        return http._put_with_auth_and_headers(url, data, self.auth, headers)
+
 
 def create_timestamp_anti_leech_url(host, file_name, query_string, encrypt_key, deadline):
     """