powerdns-remote-http-example/dns-api.go

package main

// https://docs.powerdns.com/authoritative/backends/remote.html

import (
	"encoding/json"
	"errors"
	"fmt"
	"io"
	"log"
	"net/http"
	"net/url"
	"strconv"
	"strings"
	"time"

	"github.com/gin-gonic/gin"
	"github.com/miekg/dns"
)

const (
	dnsApiLight = true

	dnsApiRootUri     = "/dns"
	dnsApiUriGet      = dnsApiRootUri + "/:method/*parameters"
	dnsApiUriPostForm = dnsApiRootUri + "/:method"
	dnsApiUriPostJson = dnsApiRootUri
)

var (
	dnsApiMethods = map[string]dnsApiHandlerFunc{
		"lookup":               dnsApi_lookup,
		"getAllDomains":        dnsApi_emptyArray,
		"getDomainMetadata":    dnsApi_emptyArray,
		"getAllDomainMetadata": dnsApi_emptyMap,
	}
)

func setupDnsApi(r *gin.Engine) {
	r.GET(dnsApiUriGet, dnsApiHttpGetHandler)
	// https://docs.powerdns.com/authoritative/backends/remote.html#http-connector
	// "post" in "remote-connection-string="
	r.POST(dnsApiUriPostForm, dnsApiHttpPostFormHandler)
	// https://docs.powerdns.com/authoritative/backends/remote.html#http-connector
	// "post,post_json" in "remote-connection-string="
	r.POST(dnsApiUriPostJson, dnsApiHttpPostJsonHandler)
}

func dnsApiNotImplemented(c *gin.Context) {
	c.JSON(http.StatusNotImplemented, gin.H{"result": false})
}

func dnsApiSimpleError(c *gin.Context) {
	c.JSON(http.StatusBadRequest, gin.H{"result": false})
}

func dnsApiGenericError(c *gin.Context, err error) {
	log.Printf("error: %v", err)
	c.JSON(http.StatusBadRequest, gin.H{"result": false, "error": err.Error()})
}

func dnsApiMissingParameters(c *gin.Context) {
	c.JSON(http.StatusBadRequest, gin.H{"result": false, "error": "missing parameters"})
}

func dnsApiArgumentError(c *gin.Context, argument string, err error) {
	log.Printf("argument %v error: %v", argument, err)
	c.JSON(http.StatusBadRequest, gin.H{"result": false, "error": err.Error()})
}

func dnsApiMethodError(c *gin.Context, method string, err error) {
	log.Printf("method %v returned error: %v", method, err)
	c.JSON(http.StatusBadRequest, gin.H{"result": false, "error": err.Error()})
}

type PowerDnsJsonRequest struct {
	Method     string                 `json:"method"`
	Parameters map[string]interface{} `json:"parameters"`
}

func NewPowerDnsRequest() PowerDnsJsonRequest {
	var r PowerDnsJsonRequest
	r.Parameters = make(map[string]interface{})
	return r
}

type dnsApiHandlerFunc func(*PowerDnsJsonRequest) (interface{}, error)

func dnsApiHttpGetHandler(c *gin.Context) {
	var err error

	method := c.Param("method")
	if method == "" {
		dnsApiSimpleError(c)
		return
	}
	mFunc, mFound := dnsApiMethods[method]
	if !mFound {
		dnsApiNotImplemented(c)
		return
	}

	// HTTP GET scheme is somewhat spoiled
	uriParams := make([]string, 0)
	uriParamPrefix := dnsApiRootUri + "/" + method + "/"
	uriParamString, hasUriParams := strings.CutPrefix(c.Request.RequestURI, uriParamPrefix)
	if hasUriParams {
		if uriParamString == "" {
			dnsApiMissingParameters(c)
			return
		}

		uriParams = strings.Split(uriParamString, "/")
	} else {
		uriParamString = ""
	}

	req := NewPowerDnsRequest()
	req.Method = method

	// HTTP GET scheme is somewhat spoiled, part 2
	switch method {
	case "lookup":
		switch len(uriParams) {
		case 0:
			dnsApiArgumentError(c, "qname", err)
			return
		case 1:
			dnsApiArgumentError(c, "qtype", err)
			return
		}
		req.Parameters["qname"] = uriParams[0]
		req.Parameters["qtype"] = uriParams[1]

		if !dnsApiLight {
			for _, p := range []string{"remote", "local", "real-remote"} {
				val := c.Request.Header.Get("X-RemoteBackend-" + p)
				if val == "" {
					continue
				}
				req.Parameters[p] = val
			}
			for _, p := range []string{"zone-id", "zone_id"} {
				val := c.Request.Header.Get("X-RemoteBackend-" + p)
				if val == "" {
					continue
				}
				req.Parameters["zone-id"], err = strconv.ParseInt(val, 10, 64)
				if err != nil {
					dnsApiArgumentError(c, "zone-id", err)
					return
				}
			}
		}

	case "getAllDomains":
		req.Parameters["include_disabled"], err = strconv.ParseBool(c.DefaultQuery("include_disabled", "false"))
		if err != nil {
			dnsApiArgumentError(c, "include_disabled", err)
			return
		}
	case "getAllDomainMetadata":
		if len(uriParams) == 0 {
			dnsApiArgumentError(c, "name", err)
			return
		}
		req.Parameters["name"] = uriParams[0]
	case "getDomainMetadata":
		switch len(uriParams) {
		case 0:
			dnsApiArgumentError(c, "name", err)
			return
		case 1:
			dnsApiArgumentError(c, "kind", err)
			return
		}
		req.Parameters["name"] = uriParams[0]
		req.Parameters["kind"] = uriParams[1]
	}

	result, err := mFunc(&req)
	if err != nil {
		dnsApiMethodError(c, method, err)
		return
	}

	c.JSON(http.StatusOK, gin.H{"result": result})
}

func dnsApiHttpPostFormHandler(c *gin.Context) {
	var err error

	method := c.Param("method")
	if method == "" {
		dnsApiSimpleError(c)
		return
	}
	mFunc, mFound := dnsApiMethods[method]
	if !mFound {
		dnsApiNotImplemented(c)
		return
	}

	params := c.PostForm("parameters")
	if params == "" {
		dnsApiMissingParameters(c)
		return
	}

	if strings.HasPrefix(params, "%7b") {
		params, err = url.PathUnescape(params)
		if err != nil {
			dnsApiGenericError(c, err)
			return
		}
	}

	req := NewPowerDnsRequest()
	req.Method = method

	if strings.HasPrefix(params, "{") {
		err = json.Unmarshal([]byte(params), &req.Parameters)
		if err != nil {
			dnsApiGenericError(c, err)
			return
		}
	}

	result, err := mFunc(&req)
	if err != nil {
		dnsApiMethodError(c, method, err)
		return
	}

	c.JSON(http.StatusOK, gin.H{"result": result})
}

func dnsApiHttpPostJsonHandler(c *gin.Context) {
	var err error

	bodyData, err := io.ReadAll(c.Request.Body)
	if err != nil {
		dnsApiGenericError(c, err)
		return
	}

	req := NewPowerDnsRequest()
	err = json.Unmarshal(bodyData, &req)
	if err != nil {
		dnsApiGenericError(c, err)
		return
	}

	method := req.Method
	if method == "" {
		dnsApiSimpleError(c)
		return
	}
	mFunc, mFound := dnsApiMethods[method]
	if !mFound {
		dnsApiNotImplemented(c)
		return
	}

	result, err := mFunc(&req)
	if err != nil {
		dnsApiMethodError(c, method, err)
		return
	}

	c.JSON(http.StatusOK, gin.H{"result": result})
}

func dnsApi_emptyArray(r *PowerDnsJsonRequest) (interface{}, error) {
	emptyArray := make([]int, 0)
	return emptyArray, nil
}

func dnsApi_emptyMap(r *PowerDnsJsonRequest) (interface{}, error) {
	emptyMap := make(map[string]interface{}, 0)
	return emptyMap, nil
}

func dnsApi_lookup(r *PowerDnsJsonRequest) (interface{}, error) {
	x, ok := r.Parameters["qtype"]
	if !ok {
		return nil, errors.New("qtype is absent")
	}
	qtype, ok := x.(string)
	if !ok {
		return nil, errors.New("qtype is not a string")
	}
	if qtype == "" {
		return nil, errors.New("qtype is empty")
	}
	dns_qtype := dnsQtypeStringToValue(qtype)
	if dns_qtype == dns.TypeNone {
		return nil, errors.New("qtype is NONE")
	}

	x, ok = r.Parameters["qname"]
	if !ok {
		return nil, errors.New("qname is absent")
	}
	qname, ok := x.(string)
	if !ok {
		return nil, errors.New("qname is not a string")
	}
	if qname == "" {
		return nil, errors.New("qname is empty")
	}

	// adjust qname
	if !strings.HasSuffix(qname, ".") {
		qname = qname + "."
	}

	return dnsApi_lookup_int(qname, dns_qtype)
}

func dnsApi_lookup_int(qname string, qtype uint16) (interface{}, error) {
	if qtype == dns.TypeSOA {
		return []PowerDnsAnswer{
			{
				Qname: qname,
				Qtype: dns.TypeToString[qtype],
				Ttl:   cfgTtlMax,
				Content: fmt.Sprintf("%v %v %v %v %v %v %v",
					// ns mbox serial
					cfgSoaNs, cfgSoaMbox, time.Now().Unix(),
					// refresh retry expire minttl
					cfgTtlMax/2, cfgTtlMax, cfgTtlMax*2, cfgTtlMin,
				),
			},
		}, nil
	}

	resp, err := dnsCustomResolve(qname, qtype)
	if err != nil {
		return nil, err
	}
	if resp == nil {
		return nil, errors.New("dns.Msg is nil")
	}
	if len(resp.Answer) == 0 {
		log.Printf("got empty answer for %v/%v", qname, dns.TypeToString[qtype])
		return []PowerDnsAnswer{}, nil
	}

	switch qtype {
	case dns.TypeA, dns.TypeAAAA, dns.TypeANY:
		// resolve and process (see below)
		return dnsRemap(qname, qtype, resp)
	default:
		// only resolve
		return dnsToPowerDnsAnswer(resp)
	}
}