From 12e9a7c47bdbcb4322fd2ee9d3389a38e13b4d31 Mon Sep 17 00:00:00 2001 From: Lenard Hess Date: Sat, 2 Mar 2024 12:17:22 +0100 Subject: [PATCH] gandi: Added support for personal access tokens --- ddclient.conf.in | 3 ++- ddclient.in | 40 +++++++++++++++++++++++++++++----------- 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/ddclient.conf.in b/ddclient.conf.in index c4d5172..8652635 100644 --- a/ddclient.conf.in +++ b/ddclient.conf.in @@ -199,7 +199,8 @@ ssl=yes # use ssl-support. Works with ## Single host update # protocol=gandi # zone=example.com -# password=my-gandi-api-key +# password=my-gandi-access-token +# use-personal-access-token=yes # ttl=10800 # optional # myhost.example.com diff --git a/ddclient.in b/ddclient.in index 5c99bb5..ddb5d8b 100755 --- a/ddclient.in +++ b/ddclient.in @@ -727,13 +727,14 @@ my %services = ( 'examples' => \&nic_gandi_examples, 'variables' => { %{$variables{'service-common-defaults'}}, - 'min-interval' => setv(T_DELAY, 0, 0, 0, interval('5m')), - 'server' => setv(T_FQDNP, 1, 0, 'api.gandi.net', undef), - 'script' => setv(T_STRING, 1, 1, '/v5', undef), - 'ttl' => setv(T_DELAY, 0, 0, undef, interval('5m')), - 'zone' => setv(T_FQDN, 1, 0, undef, undef), + 'min-interval' => setv(T_DELAY, 0, 0, 0, interval('5m')), + 'server' => setv(T_FQDNP, 1, 0, 'api.gandi.net', undef), + 'script' => setv(T_STRING, 1, 1, '/v5', undef), + 'use-personal-access-token' => setv(T_BOOL, 0, 0, 0, undef), + 'ttl' => setv(T_DELAY, 0, 0, undef, interval('5m')), + 'zone' => setv(T_FQDN, 1, 0, undef, undef), # Unused variables. - 'login' => setv(T_STRING, 0, 0, 'unused', undef), + 'login' => setv(T_STRING, 0, 0, 'unused', undef), } }, 'godaddy' => { @@ -7455,20 +7456,31 @@ Description of Gandi's LiveDNS API can be found at: https://api.gandi.net/docs/livedns/ Available configuration variables: - * password: The Gandi API key. If you don’t have one yet, you can generate - your production API key from the API Key Page (in the Security section). - Required. + * password: The Gandi API key or personal access token. If you don’t have + one yet, you can generate a production API key from the API Key Page + (in the Security section) or a personal access token from the Gandi + Admin application. Required. + * use-personal-access-token: Whether the password value is a API key or a + personal access token. Defaults to API key. Note that API keys are + deprecated by Gandi. * zone: The DNS zone to be updated. Required. * ttl: The time-to-live value associated with the updated DNS record. Optional; uses Gandi's default (10800) if unset. Example ${program}.conf file entries: - ## Single host update. + ## Single host update using API key. protocol=gandi zone=example.com password=my-gandi-api-key host.example.com + ## Single host update using Personal access token + protocol=gandi + zone=example.com + password=my-gandi-personal-access-token + use-personal-access-token=yes + host.example.com + ## Multiple host update. protocol=gandi zone=example.com @@ -7496,7 +7508,13 @@ sub nic_gandi_update { my $headers; $headers = "Content-Type: application/json\n"; - $headers .= "Authorization: Apikey $config{$h}{'password'}\n"; + if ($config{$h}{'use-personal-access-token'} == 1) { + $headers .= "Authorization: Bearer $config{$h}{'password'}\n"; + } + else + { + $headers .= "Authorization: Apikey $config{$h}{'password'}\n"; + }