starred/godoxy-yusing
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-01-11 22:30:47 +01:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

feat(api/cert): enhance certificate info retrieval

Browse Source 
- Introduced a new method `GetCertInfos` to fetch details of all available certificates.
- Updated the `Info` handler to return an array of `CertInfo` instead of a single certificate.
- Improved error handling for cases with no available certificates.
- Refactored related error messages for clarity.
This commit is contained in:
yusing
2026-01-07 10:54:33 +08:00
parent f5dcc85b12
commit 17bfc96e3d
4 changed files with 63 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
internal/api/v1/cert/info.go
View File

@@ -1,6 +1,7 @@
package certapi
import (
"errors"
"net/http"
"github.com/gin-gonic/gin"
@@ -8,46 +9,33 @@ import (
apitypes "github.com/yusing/goutils/apitypes"
)
type CertInfo struct {
Subject string `json:"subject"`
Issuer string `json:"issuer"`
NotBefore int64 `json:"not_before"`
NotAfter int64 `json:"not_after"`
DNSNames []string `json:"dns_names"`
EmailAddresses []string `json:"email_addresses"`
} // @name CertInfo
// @x-id "info"
// @BasePath /api/v1
// @Summary Get cert info
// @Description Get cert info
// @Tags cert
// @Produce json
// @Success 200 {object} CertInfo
// @Failure 403 {object} apitypes.ErrorResponse
// @Failure 404 {object} apitypes.ErrorResponse
// @Failure 500 {object} apitypes.ErrorResponse
// @Router /cert/info [get]
// @Success 200 {array} autocert.CertInfo
// @Failure 403 {object} apitypes.ErrorResponse "Unauthorized"
// @Failure 404 {object} apitypes.ErrorResponse "No certificates found or autocert is not enabled"
// @Failure 500 {object} apitypes.ErrorResponse "Internal server error"
// @Router /cert/info [get]
func Info(c *gin.Context) {
autocert := autocert.ActiveProvider.Load()
if autocert == nil {
provider := autocert.ActiveProvider.Load()
if provider == nil {
c.JSON(http.StatusNotFound, apitypes.Error("autocert is not enabled"))
return
}
cert, err := autocert.GetCert(nil)
certInfos, err := provider.GetCertInfos()
if err != nil {
if errors.Is(err, autocert.ErrNoCertificates) {
c.JSON(http.StatusNotFound, apitypes.Error("no certificate found"))
return
}
c.Error(apitypes.InternalServerError(err, "failed to get cert info"))
return
}
certInfo := CertInfo{
Subject: cert.Leaf.Subject.CommonName,
Issuer: cert.Leaf.Issuer.CommonName,
NotBefore: cert.Leaf.NotBefore.Unix(),
NotAfter: cert.Leaf.NotAfter.Unix(),
DNSNames: cert.Leaf.DNSNames,
EmailAddresses: cert.Leaf.EmailAddresses,
}
c.JSON(http.StatusOK, certInfo)
c.JSON(http.StatusOK, certInfos)
}

11
internal/api/v1/docs/swagger.json
View File

@@ -328,23 +328,26 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/CertInfo"
"type": "array",
"items": {
"$ref": "#/definitions/CertInfo"
}
}
},
"403": {
"description": "Forbidden",
"description": "Unauthorized",
"schema": {
"$ref": "#/definitions/ErrorResponse"
}
},
"404": {
"description": "Not Found",
"description": "No certificates found or autocert is not enabled",
"schema": {
"$ref": "#/definitions/ErrorResponse"
}
},
"500": {
"description": "Internal Server Error",
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/ErrorResponse"
}

10
internal/api/v1/docs/swagger.yaml
View File

@@ -1886,17 +1886,19 @@ paths:
"200":
description: OK
schema:
$ref: '#/definitions/CertInfo'
items:
$ref: '#/definitions/CertInfo'
type: array
"403":
description: Forbidden
description: Unauthorized
schema:
$ref: '#/definitions/ErrorResponse'
"404":
description: Not Found
description: No certificates found or autocert is not enabled
schema:
$ref: '#/definitions/ErrorResponse'
"500":
description: Internal Server Error
description: Internal server error
schema:
$ref: '#/definitions/ErrorResponse'
summary: Get cert info

39
internal/autocert/provider.go
View File

@@ -55,10 +55,20 @@ type (
}
CertExpiries map[string]time.Time
RenewMode uint8
CertInfo struct {
Subject string `json:"subject"`
Issuer string `json:"issuer"`
NotBefore int64 `json:"not_before"`
NotAfter int64 `json:"not_after"`
DNSNames []string `json:"dns_names"`
EmailAddresses []string `json:"email_addresses"`
} // @name CertInfo
RenewMode uint8
)
var ErrNoCertificate = errors.New("no certificate found")
var ErrNoCertificates = errors.New("no certificates found")
const (
// renew failed for whatever reason, 1 hour cooldown
@@ -98,7 +108,7 @@ func NewProvider(cfg *Config, user *User, legoCfg *lego.Config) (*Provider, erro
func (p *Provider) GetCert(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
if p.tlsCert == nil {
return nil, ErrNoCertificate
return nil, ErrNoCertificates
}
if hello == nil || hello.ServerName == "" {
return p.tlsCert, nil
@@ -109,6 +119,29 @@ func (p *Provider) GetCert(hello *tls.ClientHelloInfo) (*tls.Certificate, error)
return p.tlsCert, nil
}
func (p *Provider) GetCertInfos() ([]CertInfo, error) {
allProviders := p.allProviders()
certInfos := make([]CertInfo, 0, len(allProviders))
for _, provider := range allProviders {
if provider.tlsCert == nil {
continue
}
certInfos = append(certInfos, CertInfo{
Subject: provider.tlsCert.Leaf.Subject.CommonName,
Issuer: provider.tlsCert.Leaf.Issuer.CommonName,
NotBefore: provider.tlsCert.Leaf.NotBefore.Unix(),
NotAfter: provider.tlsCert.Leaf.NotAfter.Unix(),
DNSNames: provider.tlsCert.Leaf.DNSNames,
EmailAddresses: provider.tlsCert.Leaf.EmailAddresses,
})
}
if len(certInfos) == 0 {
return nil, ErrNoCertificates
}
return certInfos, nil
}
func (p *Provider) GetName() string {
if p.cfg.idx == 0 {
return "main"