#!/bin/bash
# ICANN API for the Centralized Zones Data Service - developed by acidvegas (https://git.acid.vegas/czds)

# https://czds.icann.org
# https://czds.icann.org/sites/default/files/czds-api-documentation.pdf

# Function to authenticate and get access token
authenticate() {
	username="$1"
	password="$2"
	# Make an authentication request and inline the URL
	response=$(curl -s -X POST "https://account-api.icann.org/api/authenticate" \
		-H "Content-Type: application/json" \
		-H "Accept: application/json" \
		-d "{\"username\":\"$username\",\"password\":\"$password\"}")

	# Extract and return the access token
	echo "$response" | grep -o '"accessToken":"[^"]*' | cut -d '"' -f 4
}

# Function to download a zone file
download_zone() {
	url="$1"
	token="$2"
	filename=$(basename "$url")
	tld=$(echo "$filename" | cut -d '.' -f 1)
	filepath="zonefiles/$tld.txt.gz"
	

	# Create output directory if it does not exist
	mkdir -p zonefiles

	# Make the GET request and save the response to a file
	curl --progress-bar -o "$filepath" -H "Authorization: Bearer $token" "$url"
	echo "Downloaded zone file to $filepath"
}

# Main program starts here
echo "ICANN Zone Data Service Script"

# Get username and password
username=${CZDS_USER:-$(read -p "ICANN Username: " user && echo "$user")}
password=${CZDS_PASS:-$(read -sp "ICANN Password: " pass && echo "$pass" && echo)}

# Authenticate and get token
echo "Authenticating..."
token=$(authenticate "$username" "$password")

# Check if authentication was successful
if [ -z "$token" ]; then
	echo "Authentication failed."
	exit 1
fi

echo "Fetching zone file links..."
# Fetch zone links with inline URL and download zone files
zone_links=$(curl -s -H "Authorization: Bearer $token" "https://czds-api.icann.org/czds/downloads/links" | grep -o 'https://[^"]*')

# Download zone files
for url in $zone_links; do
	if [ ! -f $filepath ]; then
		echo "Downloading $url..."
		download_zone "$url" "$token"
	fi
done

echo "All zone files downloaded."