From 171edcfbd380a35d3ffc5d5d980759ad7b0718e0 Mon Sep 17 00:00:00 2001
From: Obinna Ngini <obinnangini@gmail.com>
Date: Wed, 5 Feb 2025 22:17:45 -0600
Subject: [PATCH 1/4] Add branding flag to SSL object

---
 custom_hostname.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/custom_hostname.go b/custom_hostname.go
index b625b723263..fac89afe982 100644
--- a/custom_hostname.go
+++ b/custom_hostname.go
@@ -78,9 +78,10 @@ type CustomHostnameSSL struct {
 	// Deprecated: use ValidationRecords.
 	// If there a single validation record, this will equal ValidationRecords[0] for backwards compatibility.
 	SSLValidationRecord
-	ValidationRecords []SSLValidationRecord `json:"validation_records,omitempty"`
-	ValidationErrors  []SSLValidationError  `json:"validation_errors,omitempty"`
-	BundleMethod      string                `json:"bundle_method,omitempty"`
+	ValidationRecords  []SSLValidationRecord `json:"validation_records,omitempty"`
+	ValidationErrors   []SSLValidationError  `json:"validation_errors,omitempty"`
+	BundleMethod       string                `json:"bundle_method,omitempty"`
+	CloudflareBranding *bool                 `json:"cloudflare_branding,omitempty"`
 }
 
 // CustomMetadata defines custom metadata for the hostname. This requires logic to be implemented by Cloudflare to act on the data provided.

From 8153f9811d0a3ed20064bd4030af93188167019f Mon Sep 17 00:00:00 2001
From: Obinna Ngini <obinnangini@gmail.com>
Date: Wed, 5 Feb 2025 22:33:31 -0600
Subject: [PATCH 2/4] Added changelog entry

---
 .changelog/3901.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .changelog/3901.txt

diff --git a/.changelog/3901.txt b/.changelog/3901.txt
new file mode 100644
index 00000000000..b7450bd5fe9
--- /dev/null
+++ b/.changelog/3901.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+custom_hostname: add support for `cloudflare_branding` SSL flag
+```
\ No newline at end of file

From b55dd7116e0601ae40facd9073b147df9496a1b1 Mon Sep 17 00:00:00 2001
From: Obinna Ngini <obinnangini@gmail.com>
Date: Wed, 5 Feb 2025 23:11:07 -0600
Subject: [PATCH 3/4] Stubbed test for branding flag

---
 custom_hostname_test.go | 77 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/custom_hostname_test.go b/custom_hostname_test.go
index c38bbbee347..730a8424590 100644
--- a/custom_hostname_test.go
+++ b/custom_hostname_test.go
@@ -406,6 +406,83 @@ func TestCustomHostname_CreateCustomHostname_CustomOriginSNI(t *testing.T) {
 	}
 }
 
+func TestCustomHostname_CreateCustomHostname_CloudflareBrandingSSL(t *testing.T) {
+	setup()
+	defer teardown()
+
+	mux.HandleFunc("/zones/foo/custom_hostnames", func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, http.MethodPost, r.Method, "Expected method 'POST', got %s", r.Method)
+
+		w.Header().Set("content-type", "application/json")
+		w.WriteHeader(http.StatusCreated)
+		fmt.Fprintf(w, `
+{
+	"success": true,
+	"errors": [],
+	"messages": [],
+	"result": {
+		"id": "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
+		"hostname": "app.example.com",
+		"custom_origin_server": "example.app.com",
+		"ssl": {
+			"status": "pending_validation",
+			"method": "http",
+			"type": "dv",
+			"wildcard": "false",
+			"certificate_authority": "google"
+		},
+		"status": "pending",
+		"verification_errors": [
+		  "None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found."
+		],
+		"ownership_verification": {
+		  "type": "txt",
+		  "name": "_cf-custom-hostname.app.example.com",
+		  "value": "38ddbedc-6cc3-4a4c-af67-9c5b02344ce0"
+		},
+		"ownership_verification_http": {
+		  "http_url": "http://app.example.com/.well-known/cf-custom-hostname-challenge/37c82d20-99fb-490e-ba0a-489fa483b776",
+		  "http_body": "38ddbedc-6cc3-4a4c-af67-9c5b02344ce0"
+		},
+		"created_at": "2020-02-06T18:11:23.531995Z"
+}`)
+	})
+
+	response, err := client.CreateCustomHostname(context.Background(), "foo", CustomHostname{Hostname: "app.example.com", CustomOriginServer: "example.app.com", SSL: &CustomHostnameSSL{Method: "http", Type: "dv", CloudflareBranding: BoolPtr(true)}})
+
+	createdAt, _ := time.Parse(time.RFC3339, "2020-02-06T18:11:23.531995Z")
+
+	want := &CustomHostnameResponse{
+		Result: CustomHostname{
+			ID:                 "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
+			Hostname:           "app.example.com",
+			CustomOriginServer: "example.app.com",
+			SSL: &CustomHostnameSSL{
+				Type:   "http",
+				Method: "cname",
+				Status: "pending_validation",
+			},
+			Status:             "pending",
+			VerificationErrors: []string{"None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found."},
+			OwnershipVerification: CustomHostnameOwnershipVerification{
+				Type:  "txt",
+				Name:  "_cf-custom-hostname.app.example.com",
+				Value: "38ddbedc-6cc3-4a4c-af67-9c5b02344ce0",
+			},
+			OwnershipVerificationHTTP: CustomHostnameOwnershipVerificationHTTP{
+				HTTPUrl:  "http://app.example.com/.well-known/cf-custom-hostname-challenge/37c82d20-99fb-490e-ba0a-489fa483b776",
+				HTTPBody: "38ddbedc-6cc3-4a4c-af67-9c5b02344ce0",
+			},
+			CreatedAt: &createdAt,
+		},
+		Response: Response{Success: true, Errors: []ResponseInfo{}, Messages: []ResponseInfo{}},
+	}
+
+	if assert.NoError(t, err) {
+		assert.Equal(t, want, response)
+	}
+}
+
 func TestCustomHostname_CustomHostnames(t *testing.T) {
 	setup()
 	defer teardown()

From 7d079de282802ebd9b4773a05c1b63935c6ab594 Mon Sep 17 00:00:00 2001
From: Obinna Ngini <obinnangini@gmail.com>
Date: Wed, 5 Feb 2025 23:50:18 -0600
Subject: [PATCH 4/4] Fixed wildcard value data type

---
 custom_hostname_test.go | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/custom_hostname_test.go b/custom_hostname_test.go
index 730a8424590..fbcb7d42de8 100644
--- a/custom_hostname_test.go
+++ b/custom_hostname_test.go
@@ -428,7 +428,7 @@ func TestCustomHostname_CreateCustomHostname_CloudflareBrandingSSL(t *testing.T)
 			"status": "pending_validation",
 			"method": "http",
 			"type": "dv",
-			"wildcard": "false",
+			"wildcard": false,
 			"certificate_authority": "google"
 		},
 		"status": "pending",
@@ -445,6 +445,7 @@ func TestCustomHostname_CreateCustomHostname_CloudflareBrandingSSL(t *testing.T)
 		  "http_body": "38ddbedc-6cc3-4a4c-af67-9c5b02344ce0"
 		},
 		"created_at": "2020-02-06T18:11:23.531995Z"
+	}
 }`)
 	})
 
@@ -458,9 +459,11 @@ func TestCustomHostname_CreateCustomHostname_CloudflareBrandingSSL(t *testing.T)
 			Hostname:           "app.example.com",
 			CustomOriginServer: "example.app.com",
 			SSL: &CustomHostnameSSL{
-				Type:   "http",
-				Method: "cname",
-				Status: "pending_validation",
+				Type:                 "dv",
+				Method:               "http",
+				Status:               "pending_validation",
+				Wildcard:             BoolPtr(false),
+				CertificateAuthority: "google",
 			},
 			Status:             "pending",
 			VerificationErrors: []string{"None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found."},