refactor: clean code

2025-10-05 22:14:53 +00:00 · 2024-11-19 22:43:15 +08:00
parent a6c93ef9b8
commit 82807fcc1b
10 changed files with 127 additions and 111 deletions
--- a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
+++ b/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
@@ -144,11 +144,6 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Cl
 		region = "cn-hangzhou" // CAS 服务默认区域：华东一杭州
 	}

-	aConfig := &aliyunOpen.Config{
-		AccessKeyId:     tea.String(accessKeyId),
-		AccessKeySecret: tea.String(accessKeySecret),
-	}
-
 	var endpoint string
 	switch region {
 	case "cn-hangzhou":
@@ -156,9 +151,14 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Cl
 	default:
 		endpoint = fmt.Sprintf("cas.%s.aliyuncs.com", region)
 	}
-	aConfig.Endpoint = tea.String(endpoint)

-	client, err := aliyunCas.NewClient(aConfig)
+	config := &aliyunOpen.Config{
+		Endpoint:        tea.String(endpoint),
+		AccessKeyId:     tea.String(accessKeyId),
+		AccessKeySecret: tea.String(accessKeySecret),
+	}
+
+	client, err := aliyunCas.NewClient(config)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
+++ b/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
@@ -121,11 +121,6 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Cl
 		region = "cn-hangzhou" // SLB 服务默认区域：华东一杭州
 	}

-	aConfig := &aliyunOpen.Config{
-		AccessKeyId:     tea.String(accessKeyId),
-		AccessKeySecret: tea.String(accessKeySecret),
-	}
-
 	var endpoint string
 	switch region {
 	case
@@ -137,9 +132,14 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Cl
 	default:
 		endpoint = fmt.Sprintf("slb.%s.aliyuncs.com", region)
 	}
-	aConfig.Endpoint = tea.String(endpoint)

-	client, err := aliyunSlb.NewClient(aConfig)
+	config := &aliyunOpen.Config{
+		Endpoint:        tea.String(endpoint),
+		AccessKeyId:     tea.String(accessKeyId),
+		AccessKeySecret: tea.String(accessKeySecret),
+	}
+
+	client, err := aliyunSlb.NewClient(config)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go
+++ b/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go
@@ -2,6 +2,7 @@ package bytepluscdn

 import (
 	"context"
+	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/hex"
 	"errors"
@@ -9,9 +10,11 @@ import (
 	"strings"
 	"time"

-	"github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
+	bpCdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
 	xerrors "github.com/pkg/errors"
+
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
+	"github.com/usual2970/certimate/internal/pkg/utils/cast"
 	"github.com/usual2970/certimate/internal/pkg/utils/x509"
 )

@@ -22,7 +25,7 @@ type ByteplusCDNUploaderConfig struct {

 type ByteplusCDNUploader struct {
 	config    *ByteplusCDNUploaderConfig
-	sdkClient *cdn.CDN
+	sdkClient *bpCdn.CDN
 }

 var _ uploader.Uploader = (*ByteplusCDNUploader)(nil)
@@ -32,14 +35,13 @@ func New(config *ByteplusCDNUploaderConfig) (*ByteplusCDNUploader, error) {
 		return nil, errors.New("config is nil")
 	}

-	instance := cdn.NewInstance()
-	client := instance.Client
-	client.SetAccessKey(config.AccessKey)
-	client.SetSecretKey(config.SecretKey)
+	client := bpCdn.NewInstance()
+	client.Client.SetAccessKey(config.AccessKey)
+	client.Client.SetSecretKey(config.SecretKey)

 	return &ByteplusCDNUploader{
 		config:    config,
-		sdkClient: instance,
+		sdkClient: client,
 	}, nil
 }

@@ -49,17 +51,17 @@ func (u *ByteplusCDNUploader) Upload(ctx context.Context, certPem string, privke
 	if err != nil {
 		return nil, err
 	}
+
 	// 查询证书列表，避免重复上传
 	// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-listcertinfo
-	pageNum := int64(1)
-	pageSize := int64(100)
-	certSource := "cert_center"
-	listCertInfoReq := &cdn.ListCertInfoRequest{
-		PageNum:  &pageNum,
-		PageSize: &pageSize,
-		Source:   &certSource,
+	listCertInfoPageNum := int64(1)
+	listCertInfoPageSize := int64(100)
+	listCertInfoTotal := 0
+	listCertInfoReq := &bpCdn.ListCertInfoRequest{
+		PageNum:  cast.Int64Ptr(listCertInfoPageNum),
+		PageSize: cast.Int64Ptr(listCertInfoPageSize),
+		Source:   cast.StringPtr("cert_center"),
 	}
-	searchTotal := 0
 	for {
 		listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq)
 		if err != nil {
@@ -68,8 +70,10 @@ func (u *ByteplusCDNUploader) Upload(ctx context.Context, certPem string, privke

 		if listCertInfoResp.Result.CertInfo != nil {
 			for _, certDetail := range listCertInfoResp.Result.CertInfo {
-				hash := sha256.Sum256(certX509.Raw)
-				isSameCert := strings.EqualFold(hex.EncodeToString(hash[:]), certDetail.CertFingerprint.Sha256)
+				fingerprintSha1 := sha1.Sum(certX509.Raw)
+				fingerprintSha256 := sha256.Sum256(certX509.Raw)
+				isSameCert := strings.EqualFold(hex.EncodeToString(fingerprintSha1[:]), certDetail.CertFingerprint.Sha1) &&
+					strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256)
 				// 如果已存在相同证书，直接返回已有的证书信息
 				if isSameCert {
 					return &uploader.UploadResult{
@@ -80,23 +84,26 @@ func (u *ByteplusCDNUploader) Upload(ctx context.Context, certPem string, privke
 			}
 		}

-		searchTotal += len(listCertInfoResp.Result.CertInfo)
-		if int(listCertInfoResp.Result.Total) > searchTotal {
-			pageNum++
-		} else {
+		listCertInfoLen := len(listCertInfoResp.Result.CertInfo)
+		if listCertInfoLen < int(listCertInfoPageSize) || int(listCertInfoResp.Result.Total) <= listCertInfoTotal+listCertInfoLen {
 			break
+		} else {
+			listCertInfoPageNum++
+			listCertInfoTotal += listCertInfoLen
 		}
-
 	}
+
+	// 生成新证书名（需符合 BytePlus 命名规则）
 	var certId, certName string
 	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
+
 	// 上传新证书
 	// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate
-	addCertificateReq := &cdn.AddCertificateRequest{
+	addCertificateReq := &bpCdn.AddCertificateRequest{
 		Certificate: certPem,
 		PrivateKey:  privkeyPem,
-		Source:      &certSource,
-		Desc:        &certName,
+		Source:      cast.StringPtr("cert_center"),
+		Desc:        cast.StringPtr(certName),
 	}
 	addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq)
 	if err != nil {
--- a/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go
+++ b/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go
@@ -2,6 +2,7 @@ package volcenginecdn

 import (
 	"context"
+	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/hex"
 	"errors"
@@ -10,56 +11,57 @@ import (
 	"time"

 	xerrors "github.com/pkg/errors"
+	veCdn "github.com/volcengine/volc-sdk-golang/service/cdn"
+
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
+	"github.com/usual2970/certimate/internal/pkg/utils/cast"
 	"github.com/usual2970/certimate/internal/pkg/utils/x509"
-	"github.com/volcengine/volc-sdk-golang/service/cdn"
 )

-type VolcengineCDNUploaderConfig struct {
+type VolcEngineCDNUploaderConfig struct {
 	AccessKeyId     string `json:"accessKeyId"`
 	AccessKeySecret string `json:"accessKeySecret"`
 }

-type VolcengineCDNUploader struct {
-	config    *VolcengineCDNUploaderConfig
-	sdkClient *cdn.CDN
+type VolcEngineCDNUploader struct {
+	config    *VolcEngineCDNUploaderConfig
+	sdkClient *veCdn.CDN
 }

-var _ uploader.Uploader = (*VolcengineCDNUploader)(nil)
+var _ uploader.Uploader = (*VolcEngineCDNUploader)(nil)

-func New(config *VolcengineCDNUploaderConfig) (*VolcengineCDNUploader, error) {
+func New(config *VolcEngineCDNUploaderConfig) (*VolcEngineCDNUploader, error) {
 	if config == nil {
 		return nil, errors.New("config is nil")
 	}

-	instance := cdn.NewInstance()
-	client := instance.Client
-	client.SetAccessKey(config.AccessKeyId)
-	client.SetSecretKey(config.AccessKeySecret)
+	client := veCdn.NewInstance()
+	client.Client.SetAccessKey(config.AccessKeyId)
+	client.Client.SetSecretKey(config.AccessKeySecret)

-	return &VolcengineCDNUploader{
+	return &VolcEngineCDNUploader{
 		config:    config,
-		sdkClient: instance,
+		sdkClient: client,
 	}, nil
 }

-func (u *VolcengineCDNUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *VolcEngineCDNUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
 	certX509, err := x509.ParseCertificateFromPEM(certPem)
 	if err != nil {
 		return nil, err
 	}
+
 	// 查询证书列表，避免重复上传
 	// REF: https://www.volcengine.com/docs/6454/125709
-	pageNum := int64(1)
-	pageSize := int64(100)
-	certSource := "volc_cert_center"
-	listCertInfoReq := &cdn.ListCertInfoRequest{
-		PageNum:  &pageNum,
-		PageSize: &pageSize,
-		Source:   certSource,
+	listCertInfoPageNum := int64(1)
+	listCertInfoPageSize := int64(100)
+	listCertInfoTotal := 0
+	listCertInfoReq := &veCdn.ListCertInfoRequest{
+		PageNum:  cast.Int64Ptr(listCertInfoPageNum),
+		PageSize: cast.Int64Ptr(listCertInfoPageSize),
+		Source:   "volc_cert_center",
 	}
-	searchTotal := 0
 	for {
 		listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq)
 		if err != nil {
@@ -68,8 +70,10 @@ func (u *VolcengineCDNUploader) Upload(ctx context.Context, certPem string, priv

 		if listCertInfoResp.Result.CertInfo != nil {
 			for _, certDetail := range listCertInfoResp.Result.CertInfo {
-				hash := sha256.Sum256(certX509.Raw)
-				isSameCert := strings.EqualFold(hex.EncodeToString(hash[:]), certDetail.CertFingerprint.Sha256)
+				fingerprintSha1 := sha1.Sum(certX509.Raw)
+				fingerprintSha256 := sha256.Sum256(certX509.Raw)
+				isSameCert := strings.EqualFold(hex.EncodeToString(fingerprintSha1[:]), certDetail.CertFingerprint.Sha1) &&
+					strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256)
 				// 如果已存在相同证书，直接返回已有的证书信息
 				if isSameCert {
 					return &uploader.UploadResult{
@@ -80,24 +84,26 @@ func (u *VolcengineCDNUploader) Upload(ctx context.Context, certPem string, priv
 			}
 		}

-		searchTotal += len(listCertInfoResp.Result.CertInfo)
-		if int(listCertInfoResp.Result.Total) > searchTotal {
-			pageNum++
-		} else {
+		listCertInfoLen := len(listCertInfoResp.Result.CertInfo)
+		if listCertInfoLen < int(listCertInfoPageSize) || int(listCertInfoResp.Result.Total) <= listCertInfoTotal+listCertInfoLen {
 			break
+		} else {
+			listCertInfoPageNum++
+			listCertInfoTotal += listCertInfoLen
 		}
-
 	}
+
 	// 生成新证书名（需符合火山引擎命名规则）
 	var certId, certName string
 	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
+
 	// 上传新证书
 	// REF: https://www.volcengine.com/docs/6454/1245763
-	addCertificateReq := &cdn.AddCertificateRequest{
+	addCertificateReq := &veCdn.AddCertificateRequest{
 		Certificate: certPem,
 		PrivateKey:  privkeyPem,
-		Source:      &certSource,
-		Desc:        &certName,
+		Source:      cast.StringPtr("volc_cert_center"),
+		Desc:        cast.StringPtr(certName),
 	}
 	addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq)
 	if err != nil {
--- a/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go
+++ b/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go
@@ -8,77 +8,79 @@ import (
 	"time"

 	xerrors "github.com/pkg/errors"
+	veLive "github.com/volcengine/volc-sdk-golang/service/live/v20230101"
+
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	"github.com/usual2970/certimate/internal/pkg/utils/cast"
 	"github.com/usual2970/certimate/internal/pkg/utils/x509"
-	live "github.com/volcengine/volc-sdk-golang/service/live/v20230101"
 )

-type VolcengineLiveUploaderConfig struct {
+type VolcEngineLiveUploaderConfig struct {
 	AccessKeyId     string `json:"accessKeyId"`
 	AccessKeySecret string `json:"accessKeySecret"`
 }

-type VolcengineLiveUploader struct {
-	config    *VolcengineLiveUploaderConfig
-	sdkClient *live.Live
+type VolcEngineLiveUploader struct {
+	config    *VolcEngineLiveUploaderConfig
+	sdkClient *veLive.Live
 }

-var _ uploader.Uploader = (*VolcengineLiveUploader)(nil)
+var _ uploader.Uploader = (*VolcEngineLiveUploader)(nil)

-func New(config *VolcengineLiveUploaderConfig) (*VolcengineLiveUploader, error) {
+func New(config *VolcEngineLiveUploaderConfig) (*VolcEngineLiveUploader, error) {
 	if config == nil {
 		return nil, errors.New("config is nil")
 	}

-	client := live.NewInstance()
+	client := veLive.NewInstance()
 	client.SetAccessKey(config.AccessKeyId)
 	client.SetSecretKey(config.AccessKeySecret)

-	return &VolcengineLiveUploader{
+	return &VolcEngineLiveUploader{
 		config:    config,
 		sdkClient: client,
 	}, nil
 }

-func (u *VolcengineLiveUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *VolcEngineLiveUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
 	certX509, err := x509.ParseCertificateFromPEM(certPem)
 	if err != nil {
 		return nil, err
 	}
+
 	// 查询证书列表，避免重复上传
 	// REF: https://www.volcengine.com/docs/6469/1186278#%E6%9F%A5%E8%AF%A2%E8%AF%81%E4%B9%A6%E5%88%97%E8%A1%A8
-	listCertReq := &live.ListCertV2Body{}
+	listCertReq := &veLive.ListCertV2Body{}
 	listCertResp, err := u.sdkClient.ListCertV2(ctx, listCertReq)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.ListCertV2'")
 	}
-
 	if listCertResp.Result.CertList != nil {
 		for _, certDetail := range listCertResp.Result.CertList {
-
-			describeCertDetailSecretReq := &live.DescribeCertDetailSecretV2Body{
-				ChainID: cast.StringPtr(certDetail.ChainID),
-			}
 			// 查询证书详细信息
 			// REF: https://www.volcengine.com/docs/6469/1186278#%E6%9F%A5%E7%9C%8B%E8%AF%81%E4%B9%A6%E8%AF%A6%E6%83%85
-			describeCertDetailSecretResp, detailErr := u.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq)
-			if detailErr != nil {
+			describeCertDetailSecretReq := &veLive.DescribeCertDetailSecretV2Body{
+				ChainID: cast.StringPtr(certDetail.ChainID),
+			}
+			describeCertDetailSecretResp, err := u.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq)
+			if err != nil {
 				continue
 			}
+
 			var isSameCert bool
 			certificate := strings.Join(describeCertDetailSecretResp.Result.SSL.Chain, "\n\n")
 			if certificate == certPem {
 				isSameCert = true
 			} else {
-				cert, err := x509.ParseCertificateFromPEM(certificate)
+				oldCertX509, err := x509.ParseCertificateFromPEM(certificate)
 				if err != nil {
 					continue
 				}

-				isSameCert = x509.EqualCertificate(cert, certX509)
+				isSameCert = x509.EqualCertificate(certX509, oldCertX509)
 			}
+
 			// 如果已存在相同证书，直接返回已有的证书信息
 			if isSameCert {
 				return &uploader.UploadResult{
@@ -92,13 +94,14 @@ func (u *VolcengineLiveUploader) Upload(ctx context.Context, certPem string, pri
 	// 生成新证书名（需符合火山引擎命名规则）
 	var certId, certName string
 	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
+
 	// 上传新证书
 	// REF: https://www.volcengine.com/docs/6469/1186278#%E6%B7%BB%E5%8A%A0%E8%AF%81%E4%B9%A6
-	createCertReq := &live.CreateCertBody{
+	createCertReq := &veLive.CreateCertBody{
 		CertName:    &certName,
 		UseWay:      "https",
 		ProjectName: cast.StringPtr("default"),
-		Rsa: live.CreateCertBodyRsa{
+		Rsa: veLive.CreateCertBodyRsa{
 			Prikey: privkeyPem,
 			Pubkey: certPem,
 		},