Merge pull request #636 from ddclient/feature_gandi_pat_support

Gandi: Personal access token support
2024-03-19 21:58:31 +01:00 · 2024-03-19 21:58:31 +01:00 · b803b308fa
commit b803b308fa
parent 9c3fc230ba 12e9a7c47b
2 changed files with 32 additions and 12 deletions
--- a/ddclient.conf.in
+++ b/ddclient.conf.in
@ -200,6 +200,7 @@ ssl=yes					# use ssl-support.  Works with
 # protocol=gandi
 # zone=example.com
 # password=my-gandi-access-token
+# use-personal-access-token=yes
 # ttl=10800 # optional
 # myhost.example.com

--- a/ddclient.in
+++ b/ddclient.in
@ -730,6 +730,7 @@ my %services = (
            'min-interval'              => setv(T_DELAY,  0, 0, 0,               interval('5m')),
            'server'                    => setv(T_FQDNP,  1, 0, 'api.gandi.net', undef),
            'script'                    => setv(T_STRING, 1, 1, '/v5',           undef),
+            'use-personal-access-token' => setv(T_BOOL, 0, 0, 0, undef),
            'ttl'                       => setv(T_DELAY,  0, 0, undef,           interval('5m')),
            'zone'                      => setv(T_FQDN,   1, 0, undef,           undef),
            # Unused variables.
@ -7455,23 +7456,35 @@ Description of Gandi's LiveDNS API can be found at:
    https://api.gandi.net/docs/livedns/

 Available configuration variables:
-  * password: The Gandi access token. If you don’t have one yet, you can generate
-    your production access token from the Gandi Admin application. Required.
+  * password: The Gandi API key or personal access token. If you don’t have
+    one yet, you can generate a production API key from the API Key Page
+    (in the Security section) or a personal access token from the Gandi
+    Admin application. Required.
+  * use-personal-access-token: Whether the password value is a API key or a
+    personal access token. Defaults to API key. Note that API keys are
+    deprecated by Gandi.
  * zone: The DNS zone to be updated. Required.
  * ttl: The time-to-live value associated with the updated DNS record.
    Optional; uses Gandi's default (10800) if unset.

 Example ${program}.conf file entries:
-  ## Single host update.
+  ## Single host update using API key.
  protocol=gandi
  zone=example.com
-  password=my-gandi-access-token
+  password=my-gandi-api-key
+  host.example.com
+
+  ## Single host update using Personal access token
+  protocol=gandi
+  zone=example.com
+  password=my-gandi-personal-access-token
+  use-personal-access-token=yes
  host.example.com

  ## Multiple host update.
  protocol=gandi
  zone=example.com
-  password=my-gandi-access-token
+  password=my-gandi-api-key
  ttl=3600 # optional
  hosta.example.com,hostb.sub.example.com
 EoEXAMPLE
@ -7495,7 +7508,13 @@ sub nic_gandi_update {

            my $headers;
            $headers  = "Content-Type: application/json\n";
+            if ($config{$h}{'use-personal-access-token'} == 1) {
                $headers .= "Authorization: Bearer $config{$h}{'password'}\n";
+            }
+            else
+            {
+                $headers .= "Authorization: Apikey $config{$h}{'password'}\n";
+            }