CLOUDNS: add registrar support (#3961)

ClouDNS uses the same API for DNS and registrar-related operations.
Following the pattern I saw in other provider/registrar combos (autodns,
cscglobal), I implemented the registry call in the `cloudnsProvider`
object type, and when used as a registry it creates an additional
instance of the Provider.

_Incidentally this causes rate-limiting functionality not to function
optimally because each of the instances—the provider and registrar—have
their own requestLimit object, causing the rate limit to be tracked and
applied within each separately. I'm going to follow up with a PR that
will improve the API rate-limit implementation for ClouDNS._

The ClouDNS nameserver API responds with different structures apparently
depending on the number of name servers that the domain has. I observed
three on the same domain:
1. When there are 2 domain names for non-ClouDNS name servers, the
response is an array of name server strings `["abc.ns.cloudflare.net",
"def.ns.cloudflare.net"]`
2. When there are 4 ClouDNS name servers, the response is an object with
string keys containing the 4 entries
`{"1":"pns1.cloudns.net","2":"pns2.cloudns.net","3":"pns3.cloudns.net","4":"pns4.cloudns.net"}`
3. When there are 5 name servers, the response is an object with string
keys containing 8 entries included 3 blank values
`{"1":"pns1.cloudns.net","2":"pns2.cloudns.net","3":"pns3.cloudns.net","4":"pns4.cloudns.net","5":"abc.ns.cloudflare.net","6":"","7":"","8":""}`

This covers all of those cases, plus the possible case where the array
contains blank strings.

The new `setNameservers` API call needed to send multiple copies of the
same key `nameservers[]` in the query value, which is supported by the
http query values object, but was not possible with the existing call
pattern because the `get` function was built to accept a string map
instead of a query values object. So I refactored `get` into a wrapper
function that converts the map into a query values object, which calls
the new `getWithQuery` function with the query values object.

---------

Co-authored-by: Tom Limoncelli <[email protected]>

Author: RobinDaugherty

documentation/provider/index.md

@@ -35,7 +35,7 @@ Jump to a table:
 | [`BIND`](bind.md) | ✅ | ✅ | ❌ |
 | [`BUNNY_DNS`](bunny_dns.md) | ❌ | ✅ | ❌ |
 | [`CLOUDFLAREAPI`](cloudflareapi.md) | ✅ | ✅ | ❌ |
-| [`CLOUDNS`](cloudns.md) | ❌ | ✅ | ❌ |
+| [`CLOUDNS`](cloudns.md) | ❌ | ✅ | ✅ |
 | [`CNR`](cnr.md) | ❌ | ✅ | ✅ |
 | [`CSCGLOBAL`](cscglobal.md) | ✅ | ✅ | ✅ |
 | [`DESEC`](desec.md) | ❌ | ✅ | ❌ |

providers/cloudns/api.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
 	"strconv"
 	"strings"
 	"sync"
@@ -255,7 +256,7 @@ func (c *cloudnsProvider) isDnssecEnabled(id string) (bool, error) {
 			if errResp.Description == "The DNSSEC is not active." {
 				return false, nil
 			}
-			return false, fmt.Errorf("failed fetching DS records from ClouDNS: %w", err)
+			return false, fmt.Errorf("failed fetching DS records from ClouDNS: %s", errResp.Description)
 		}
 	}
 
@@ -280,21 +281,78 @@ func (c *cloudnsProvider) setDnssec(id string, enabled bool) error {
 	return nil
 }
 
+func (c *cloudnsProvider) getNameservers(domain string) ([]string, error) {
+	params := requestParams{"domain-name": domain}
+
+	bodyString, err := c.get("/domains/get-nameservers.json", params)
+	if err != nil {
+		return nil, fmt.Errorf("failed fetching nameservers from ClouDNS: %w", err)
+	}
+
+	// The API response might be an array of strings, or an object with string keys "1", "2", etc.
+	// And sometimes it contains values that are blank strings, which we don't want to include in the result.
+
+	// Try as array first
+	var arr []string
+	errFromArray := json.Unmarshal(bodyString, &arr)
+	if errFromArray == nil {
+		// Filter out empty strings
+		nameservers := make([]string, 0, len(arr))
+		for _, ns := range arr {
+			if ns != "" {
+				nameservers = append(nameservers, ns)
+			}
+		}
+		return nameservers, nil
+	}
+
+	// Try as map
+	var nr map[string]string
+	if err := json.Unmarshal(bodyString, &nr); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal nameservers from ClouDNS: when attempting object %w, when attempting array %w", err, errFromArray)
+	}
+
+	nameservers := make([]string, 0, len(nr))
+	for _, ns := range nr {
+		if ns != "" {
+			nameservers = append(nameservers, ns)
+		}
+	}
+
+	return nameservers, nil
+}
+
+func (c *cloudnsProvider) setNameservers(domain string, nameservers []string) error {
+	q := url.Values{}
+	q.Add("domain-name", domain)
+	for _, ns := range nameservers {
+		q.Add("nameservers[]", ns)
+	}
+
+	if _, err := c.getWithQuery("/domains/set-nameservers.json", q); err != nil {
+		return fmt.Errorf("failed setting nameservers at ClouDNS: %w", err)
+	}
+	return nil
+}
+
 func (c *cloudnsProvider) get(endpoint string, params requestParams) ([]byte, error) {
+	q := url.Values{}
+	for pName, pValue := range params {
+		q.Add(pName, pValue)
+	}
+	return c.getWithQuery(endpoint, q)
+}
+
+func (c *cloudnsProvider) getWithQuery(endpoint string, q url.Values) ([]byte, error) {
 	client := &http.Client{}
 	req, _ := http.NewRequest(http.MethodGet, "https://api.cloudns.net"+endpoint, nil)
-	q := req.URL.Query()
 
 	// TODO: Support  sub-auth-user https://asia.cloudns.net/wiki/article/42/
 	// Add auth params
 	q.Add("auth-id", c.creds.id)
 	q.Add("auth-password", c.creds.password)
 	q.Add("sub-auth-id", c.creds.subid)
 
-	for pName, pValue := range params {
-		q.Add(pName, pValue)
-	}
-
 	req.URL.RawQuery = q.Encode()
 
 	// ClouDNS has an undocumented rate limit

providers/cloudns/cloudnsProvider.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"sort"
 	"strconv"
 	"strings"
 
@@ -24,8 +25,7 @@ Info required in `creds.json`:
    - auth-password
 */
 
-// NewCloudns creates the provider.
-func NewCloudns(m map[string]string, metadata json.RawMessage) (providers.DNSServiceProvider, error) {
+func NewCloudns(m map[string]string) (*cloudnsProvider, error) {
 	c := &cloudnsProvider{}
 	c.requestLimit = NewAdaptiveLimiter(10, 10)
 
@@ -38,6 +38,14 @@ func NewCloudns(m map[string]string, metadata json.RawMessage) (providers.DNSSer
 	return c, nil
 }
 
+func NewDsp(conf map[string]string, metadata json.RawMessage) (providers.DNSServiceProvider, error) {
+	return NewCloudns(conf)
+}
+
+func NewReg(conf map[string]string) (providers.Registrar, error) {
+	return NewCloudns(conf)
+}
+
 var features = providers.DocumentationNotes{
 	// The default for unlisted capabilities is 'Cannot'.
 	// See providers/capabilities.go for the entire list of capabilities.
@@ -69,10 +77,11 @@ func init() {
 	const providerName = "CLOUDNS"
 	const providerMaintainer = "@pragmaton"
 	fns := providers.DspFuncs{
-		Initializer:   NewCloudns,
+		Initializer:   NewDsp,
 		RecordAuditor: AuditRecords,
 	}
 	providers.RegisterDomainServiceProviderType(providerName, fns, features)
+	providers.RegisterRegistrarType(providerName, NewReg)
 	providers.RegisterCustomRecordType("CLOUDNS_WR", providerName, "")
 	providers.RegisterMaintainer(providerName, providerMaintainer)
 }
@@ -268,6 +277,36 @@ func (c *cloudnsProvider) GetZoneRecordsCorrections(dc *models.DomainConfig, exi
 	return corrections, actualChangeCount, nil
 }
 
+// GetRegistrarCorrections returns corrections to update domain nameserver delegation
+func (c *cloudnsProvider) GetRegistrarCorrections(dc *models.DomainConfig) ([]*models.Correction, error) {
+	// 1. Get current nameservers from registrar
+	existing, err := c.getNameservers(dc.Name)
+	if err != nil {
+		return nil, err
+	}
+	sort.Strings(existing)
+	existingStr := strings.Join(existing, ",")
+
+	// 2. Get desired nameservers from config
+	desired := models.NameserversToStrings(dc.Nameservers)
+	sort.Strings(desired)
+	desiredStr := strings.Join(desired, ",")
+
+	// 3. Compare and return correction if needed
+	if existingStr != desiredStr {
+		return []*models.Correction{
+			{
+				Msg: fmt.Sprintf("Update nameservers from '%s' to '%s'", existingStr, desiredStr),
+				F: func() error {
+					return c.setNameservers(dc.Name, desired)
+				},
+			},
+		}, nil
+	}
+
+	return nil, nil
+}
+
 // getDNSSECCorrections returns corrections that update a domain's DNSSEC state.
 func (c *cloudnsProvider) getDNSSECCorrections(dc *models.DomainConfig) ([]*models.Correction, error) {
 	enabled, err := c.isDnssecEnabled(dc.Name)