alidns: upgrade libdns to v 1.0.6-beta.1 and introduce the security_token

Author: viscropst

README.md

@@ -1,7 +1,7 @@
 Alibaba Cloud DNS (AliDNS) module for Caddy
 ===========================
 
-This package contains a DNS provider module for [Caddy](https://github.com/caddyserver/caddy). It can be used to manage DNS records with Alibaba Cloud (as is Aliyun or ALIYUN) accounts.
+This package contains a DNS provider module for [Caddy](https://github.com/caddyserver/caddy). It can be used to manage DNS records with Alibaba Cloud (as is Aliyun,aliyun or ALIYUN) accounts.
 
 ## Caddy module name
 
@@ -19,9 +19,9 @@ To use this module for the ACME DNS challenge, [configure the ACME issuer in you
   "challenges": {
     "dns": {
       "provider": {
-	"name": "alidns",
-	"access_key_id":"YOUR_ALIYUN_ACCESS_KEY_ID",
-	"access_key_secret":"YOUR_ALIYUN_ACCESS_KEY_SECRET"
+        "name": "alidns",
+        "access_key_id":"YOUR_ALIYUN_ACCESS_KEY_ID",
+        "access_key_secret":"YOUR_ALIYUN_ACCESS_KEY_SECRET"
       }
     }
   }
@@ -50,8 +50,49 @@ tls {
 }
 ```
 
-You can replace `{env.ALIYUN_ACCESS_KEY_ID}`,`{env.ALIYUN_ACCESS_KEY_SECRET}` with the actual auth token in the `""` if you prefer to put it directly in your config instead of an environment variable.
+If you have `SecurityToken` for aliyun's STS authorization you can configure like:
 
+```json
+{
+  "module": "acme",
+  "challenges": {
+    "dns": {
+      "provider": {
+        "name": "alidns",
+        "access_key_id":"YOUR_ALIYUN_ACCESS_KEY_ID",
+        "access_key_secret":"YOUR_ALIYUN_ACCESS_KEY_SECRET",
+        "security_token": "YOU_ALIYUN_SECURITY_TOKEN"
+      }
+    }
+  }
+}
+```
+
+or with the Caddyfile:
+
+```
+# globally
+
+acme_dns alidns {
+  access_key_id {env.ALIYUN_ACCESS_KEY_ID}
+  access_key_secret {env.ALIYUN_ACCESS_KEY_SECRET}
+  security_token {env.ALIYUN_SECURITY_TOKEN}
+}
+```
+
+```
+# one site
+
+tls {
+  dns alidns {
+    access_key_id {env.ALIYUN_ACCESS_KEY_ID}
+    access_key_secret {env.ALIYUN_ACCESS_KEY_SECRET}
+    security_token {env.ALIYUN_SECURITY_TOKEN}
+  }
+}
+```
+
+You can replace `{env.ALIYUN_ACCESS_KEY_ID}`,`{env.ALIYUN_ACCESS_KEY_SECRET}`,`{env.ALIYUN_SECURITY_TOKEN}` with the actual auth token in the `""` if you prefer to put it directly in your config instead of an environment variable.
 
 ## Authenticating
 

alidns.go

@@ -25,18 +25,20 @@ func (Provider) CaddyModule() caddy.ModuleInfo {
 // Implements caddy.Provisioner.
 func (p *Provider) Provision(ctx caddy.Context) error {
 	repl := caddy.NewReplacer()
-	p.Provider.AccKeyID = repl.ReplaceAll(p.Provider.AccKeyID, "")
-	p.Provider.AccKeySecret = repl.ReplaceAll(p.Provider.AccKeySecret, "")
+	p.Provider.AccessKeyID = repl.ReplaceAll(p.Provider.AccessKeyID, "")
+	p.Provider.AccessKeySecret = repl.ReplaceAll(p.Provider.AccessKeySecret, "")
+	p.Provider.SecurityToken = repl.ReplaceAll(p.SecurityToken, "")
 	return nil
 }
 
 // UnmarshalCaddyfile sets up the DNS provider from Caddyfile tokens. Syntax:
 //
-// alidns {
-//     access_key_id "<access_key_id>"
-//     access_key_secret "<access_key_secret>"
-// }
-//
+//	alidns {
+//	    access_key_id "<access_key_id>"
+//	    access_key_secret "<access_key_secret>"
+//		region_id "<region_id,defaults to 'cn-hangzhou' if empty>"
+//	    security_token "<security_token, if you use the STS authorization it's required by aliyun>"
+//	}
 func (p *Provider) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 	for d.Next() {
 		if d.NextArg() {
@@ -46,14 +48,28 @@ func (p *Provider) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 			switch d.Val() {
 			case "access_key_id":
 				if d.NextArg() {
-					p.Provider.AccKeyID = d.Val()
+					p.Provider.AccessKeyID = d.Val()
 				}
 				if d.NextArg() {
 					return d.ArgErr()
 				}
 			case "access_key_secret":
 				if d.NextArg() {
-					p.Provider.AccKeySecret = d.Val()
+					p.Provider.AccessKeySecret = d.Val()
+				}
+				if d.NextArg() {
+					return d.ArgErr()
+				}
+			case "region_id":
+				if d.NextArg() {
+					p.Provider.RegionID = d.Val()
+				}
+				if d.NextArg() {
+					return d.ArgErr()
+				}
+			case "security_token":
+				if d.NextArg() {
+					p.Provider.SecurityToken = d.Val()
 				}
 				if d.NextArg() {
 					return d.ArgErr()
@@ -63,7 +79,7 @@ func (p *Provider) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 			}
 		}
 	}
-	if p.AccKeyID == "" || p.AccKeySecret == "" {
+	if p.AccessKeyID == "" || p.AccessKeySecret == "" {
 		return d.Err("AccessKeyID or AccessKeySecret is empty")
 	}
 	return nil

go.mod

@@ -1,49 +1,8 @@
 module github.com/caddy-dns/alidns
 
-go 1.22.3
+go 1.16
 
 require (
-	github.com/caddyserver/caddy/v2 v2.9.1
-	github.com/libdns/alidns v1.0.5-libdns.v1.beta1
-)
-
-require (
-	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/caddyserver/certmagic v0.21.6 // indirect
-	github.com/caddyserver/zerossl v0.1.3 // indirect
-	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/francoispqt/gojay v1.2.13 // indirect
-	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
-	github.com/google/pprof v0.0.0-20231212022811-ec68065c825e // indirect
-	github.com/google/uuid v1.6.0 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.9 // indirect
-	github.com/libdns/libdns v1.0.0-beta.1 // indirect
-	github.com/mholt/acmez/v3 v3.0.0 // indirect
-	github.com/miekg/dns v1.1.62 // indirect
-	github.com/onsi/ginkgo/v2 v2.13.2 // indirect
-	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_golang v1.19.1 // indirect
-	github.com/prometheus/client_model v0.6.0 // indirect
-	github.com/prometheus/common v0.48.0 // indirect
-	github.com/prometheus/procfs v0.12.0 // indirect
-	github.com/quic-go/qpack v0.5.1 // indirect
-	github.com/quic-go/quic-go v0.48.2 // indirect
-	github.com/zeebo/assert v1.3.0 // indirect
-	github.com/zeebo/blake3 v0.2.4 // indirect
-	go.uber.org/mock v0.4.0 // indirect
-	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.27.0 // indirect
-	go.uber.org/zap/exp v0.3.0 // indirect
-	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
-	golang.org/x/mod v0.18.0 // indirect
-	golang.org/x/net v0.33.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/sys v0.28.0 // indirect
-	golang.org/x/term v0.27.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/time v0.7.0 // indirect
-	golang.org/x/tools v0.22.0 // indirect
-	google.golang.org/protobuf v1.35.1 // indirect
+	github.com/caddyserver/caddy/v2 v2.4.1
+	github.com/libdns/alidns v1.0.6-beta.1
 )