CLOUDFLARE: Support API tokens (#555)

Cloudflare API tokens are a new way to authenticate to Cloudflare API. Unlike the Global API key, tokens can be given specific permissions to only access parts of the API. See [1] for details. [1] https://blog.cloudflare.com/api-tokens-general-availability/ This commit introduces a new credential for cloudflare called `apitoken`, which is mutually exclusive with `apiuser` and `apikey`. In order for DNSControl to work with this token, it should have the right to read DNS zones and edit DNS records. Closes #534
2024-05-11 05:55:12 +00:00 · 2019-10-23 17:48:00 +02:00
parent 96583a9188
commit 4e6d05b716
4 changed files with 31 additions and 11 deletions
--- a/providers/cloudflare/rest.go
+++ b/providers/cloudflare/rest.go
@@ -355,8 +355,12 @@ func handleActionResponse(resp *http.Response, err error) (id string, e error) {
 }

 func (c *CloudflareApi) setHeaders(req *http.Request) {
-	req.Header.Set("X-Auth-Key", c.ApiKey)
-	req.Header.Set("X-Auth-Email", c.ApiUser)
+	if len(c.ApiToken) > 0 {
+		req.Header.Set("Authorization", "Bearer "+c.ApiToken)
+	} else {
+		req.Header.Set("X-Auth-Key", c.ApiKey)
+		req.Header.Set("X-Auth-Email", c.ApiUser)
+	}
 }

 // generic get handler. makes request and unmarshalls response to given interface