diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go
index 9cdc68d94f..8dc58a3336 100644
--- a/cmd/zz_gen_cmd_dnshelp.go
+++ b/cmd/zz_gen_cmd_dnshelp.go
@@ -12,6 +12,7 @@ import (
func allDNSCodes() string {
providers := []string{
+ "abion",
"acme-dns",
"active24",
"alidns",
@@ -215,6 +216,26 @@ func displayDNSHelp(w io.Writer, name string) error {
ew := &errWriter{w: w}
switch name {
+ case "abion":
+ // generated from: providers/dns/abion/abion.toml
+ ew.writeln(`Configuration for Abion.`)
+ ew.writeln(`Code: 'abion'`)
+ ew.writeln(`Since: 'v4.34.0'`)
+ ew.writeln()
+
+ ew.writeln(`Credentials:`)
+ ew.writeln(` - "ABION_API_KEY": API key`)
+ ew.writeln()
+
+ ew.writeln(`Additional Configuration:`)
+ ew.writeln(` - "ABION_HTTP_TIMEOUT": API request timeout in seconds (Default: 10)`)
+ ew.writeln(` - "ABION_POLLING_INTERVAL": Time between DNS propagation check in seconds (Default: 2)`)
+ ew.writeln(` - "ABION_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation in seconds (Default: 60)`)
+ ew.writeln(` - "ABION_TTL": The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)`)
+
+ ew.writeln()
+ ew.writeln(`More information: https://go-acme.github.io/lego/dns/abion`)
+
case "acme-dns":
// generated from: providers/dns/acmedns/acmedns.toml
ew.writeln(`Configuration for Joohoi's ACME-DNS.`)
diff --git a/docs/content/dns/zz_gen_abion.md b/docs/content/dns/zz_gen_abion.md
new file mode 100644
index 0000000000..758f5bdcd5
--- /dev/null
+++ b/docs/content/dns/zz_gen_abion.md
@@ -0,0 +1,67 @@
+---
+title: "Abion"
+date: 2019-03-03T16:39:46+01:00
+draft: false
+slug: abion
+dnsprovider:
+ since: "v4.34.0"
+ code: "abion"
+ url: "https://abion.com"
+---
+
+
+
+
+
+
+Configuration for [Abion](https://abion.com).
+
+
+
+
+- Code: `abion`
+- Since: v4.34.0
+
+
+Here is an example bash command using the Abion provider:
+
+```bash
+ABION_API_KEY="xxxxxxxxxxxx" \
+lego --dns abion -d '*.example.com' -d example.com run
+```
+
+
+
+
+## Credentials
+
+| Environment Variable Name | Description |
+|-----------------------|-------------|
+| `ABION_API_KEY` | API key |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+## Additional Configuration
+
+| Environment Variable Name | Description |
+|--------------------------------|-------------|
+| `ABION_HTTP_TIMEOUT` | API request timeout in seconds (Default: 10) |
+| `ABION_POLLING_INTERVAL` | Time between DNS propagation check in seconds (Default: 2) |
+| `ABION_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation in seconds (Default: 60) |
+| `ABION_TTL` | The TTL of the TXT record used for the DNS challenge in seconds (Default: 120) |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+
+
+## More information
+
+- [API documentation](https://demo.abion.com/pmapi-doc/openapi-ui/index.html)
+
+
+
+
diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml
index 9f26366f38..7140cec1ab 100644
--- a/docs/data/zz_cli_help.toml
+++ b/docs/data/zz_cli_help.toml
@@ -152,7 +152,7 @@ To display the documentation for a specific DNS provider, run:
$ lego dnshelp -c code
Supported DNS providers:
- acme-dns, active24, alidns, aliesa, allinkl, alwaysdata, anexia, artfiles, arvancloud, auroradns, autodns, axelname, azion, azure, azuredns, baiducloud, beget, binarylane, bindman, bluecat, bluecatv2, bookmyname, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, com35, conoha, conohav3, constellix, corenetworks, cpanel, czechia, ddnss, derak, desec, designate, digitalocean, directadmin, dnsexit, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dyndnsfree, dynu, easydns, edgecenter, edgedns, edgeone, efficientip, epik, eurodns, excedo, exec, exoscale, f5xc, freemyip, gandi, gandiv5, gcloud, gcore, gigahostno, glesys, godaddy, googledomains, gravity, hetzner, hostingde, hostinger, hostingnl, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ionoscloud, ipv64, ispconfig, ispconfigddns, iwantmyname, jdcloud, joker, keyhelp, leaseweb, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manageengine, manual, metaname, metaregistrar, mijnhost, mittwald, myaddr, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, namesurfer, nearlyfreespeech, neodigit, netcup, netlify, netnod, nicmanager, nicru, nifcloud, njalla, nodion, ns1, octenium, onecloudru, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rainyun, rcodezero, regfish, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, spaceship, stackpath, syse, technitium, tencentcloud, timewebcloud, todaynic, transip, ultradns, uniteddomains, variomedia, vegadns, vercel, versio, vinyldns, virtualname, vkcloud, volcengine, vscale, vultr, webnames, webnamesca, websupport, wedos, westcn, yandex, yandex360, yandexcloud, zoneedit, zoneee, zonomi
+ abion, acme-dns, active24, alidns, aliesa, allinkl, alwaysdata, anexia, artfiles, arvancloud, auroradns, autodns, axelname, azion, azure, azuredns, baiducloud, beget, binarylane, bindman, bluecat, bluecatv2, bookmyname, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, com35, conoha, conohav3, constellix, corenetworks, cpanel, czechia, ddnss, derak, desec, designate, digitalocean, directadmin, dnsexit, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dyndnsfree, dynu, easydns, edgecenter, edgedns, edgeone, efficientip, epik, eurodns, excedo, exec, exoscale, f5xc, freemyip, gandi, gandiv5, gcloud, gcore, gigahostno, glesys, godaddy, googledomains, gravity, hetzner, hostingde, hostinger, hostingnl, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ionoscloud, ipv64, ispconfig, ispconfigddns, iwantmyname, jdcloud, joker, keyhelp, leaseweb, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manageengine, manual, metaname, metaregistrar, mijnhost, mittwald, myaddr, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, namesurfer, nearlyfreespeech, neodigit, netcup, netlify, netnod, nicmanager, nicru, nifcloud, njalla, nodion, ns1, octenium, onecloudru, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rainyun, rcodezero, regfish, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, spaceship, stackpath, syse, technitium, tencentcloud, timewebcloud, todaynic, transip, ultradns, uniteddomains, variomedia, vegadns, vercel, versio, vinyldns, virtualname, vkcloud, volcengine, vscale, vultr, webnames, webnamesca, websupport, wedos, westcn, yandex, yandex360, yandexcloud, zoneedit, zoneee, zonomi
More information: https://go-acme.github.io/lego/dns
"""
diff --git a/providers/dns/abion/abion.go b/providers/dns/abion/abion.go
new file mode 100644
index 0000000000..67fad1ed9f
--- /dev/null
+++ b/providers/dns/abion/abion.go
@@ -0,0 +1,214 @@
+// Package abion implements a DNS provider for solving the DNS-01 challenge using Abion.
+package abion
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "net/http"
+ "time"
+
+ "github.com/go-acme/lego/v4/challenge"
+ "github.com/go-acme/lego/v4/challenge/dns01"
+ "github.com/go-acme/lego/v4/platform/config/env"
+ "github.com/go-acme/lego/v4/providers/dns/abion/internal"
+ "github.com/go-acme/lego/v4/providers/dns/internal/clientdebug"
+)
+
+// Environment variables names.
+const (
+ envNamespace = "ABION_"
+
+ EnvAPIKey = envNamespace + "API_KEY"
+
+ EnvTTL = envNamespace + "TTL"
+ EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
+ EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
+ EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
+)
+
+var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
+
+// Config is used to configure the creation of the DNSProvider.
+type Config struct {
+ APIKey string
+ PropagationTimeout time.Duration
+ PollingInterval time.Duration
+ TTL int
+ HTTPClient *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider.
+func NewDefaultConfig() *Config {
+ return &Config{
+ TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL),
+ PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
+ PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
+ HTTPClient: &http.Client{
+ Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 10*time.Second),
+ },
+ }
+}
+
+// DNSProvider implements the challenge.Provider interface.
+type DNSProvider struct {
+ config *Config
+ client *internal.Client
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for Abion.
+// Credentials must be passed in the environment variable: ABION_API_KEY.
+func NewDNSProvider() (*DNSProvider, error) {
+ values, err := env.Get(EnvAPIKey)
+ if err != nil {
+ return nil, fmt.Errorf("abion: %w", err)
+ }
+
+ config := NewDefaultConfig()
+ config.APIKey = values[EnvAPIKey]
+
+ return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for Abion.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+ if config == nil {
+ return nil, errors.New("abion: the configuration of the DNS provider is nil")
+ }
+
+ if config.APIKey == "" {
+ return nil, errors.New("abion: credentials missing")
+ }
+
+ client := internal.NewClient(config.APIKey)
+
+ if config.HTTPClient != nil {
+ client.HTTPClient = config.HTTPClient
+ }
+
+ client.HTTPClient = clientdebug.Wrap(client.HTTPClient)
+
+ return &DNSProvider{
+ config: config,
+ client: client,
+ }, nil
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+ return d.config.PropagationTimeout, d.config.PollingInterval
+}
+
+// Present creates a TXT record to fulfill the dns-01 challenge.
+func (d *DNSProvider) Present(domain, _, keyAuth string) error {
+ ctx := context.Background()
+ info := dns01.GetChallengeInfo(domain, keyAuth)
+
+ authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ if err != nil {
+ return fmt.Errorf("abion: could not find zone for domain %q: %w", domain, err)
+ }
+
+ subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
+ if err != nil {
+ return fmt.Errorf("abion: %w", err)
+ }
+
+ zones, err := d.client.GetZone(ctx, dns01.UnFqdn(authZone))
+ if err != nil {
+ return fmt.Errorf("abion: get zone %w", err)
+ }
+
+ var data []internal.Record
+
+ if sub, ok := zones.Data.Attributes.Records[subDomain]; ok {
+ if records, exist := sub["TXT"]; exist {
+ data = append(data, records...)
+ }
+ }
+
+ data = append(data, internal.Record{
+ TTL: d.config.TTL,
+ Data: info.Value,
+ Comments: "lego",
+ })
+
+ patch := internal.ZoneRequest{
+ Data: internal.Zone{
+ Type: "zone",
+ ID: dns01.UnFqdn(authZone),
+ Attributes: internal.Attributes{
+ Records: map[string]map[string][]internal.Record{
+ subDomain: {"TXT": data},
+ },
+ },
+ },
+ }
+
+ _, err = d.client.UpdateZone(ctx, dns01.UnFqdn(authZone), patch)
+ if err != nil {
+ return fmt.Errorf("abion: update zone %w", err)
+ }
+
+ return nil
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+ ctx := context.Background()
+ info := dns01.GetChallengeInfo(domain, keyAuth)
+
+ authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ if err != nil {
+ return fmt.Errorf("abion: could not find zone for domain %q: %w", domain, err)
+ }
+
+ subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
+ if err != nil {
+ return fmt.Errorf("abion: %w", err)
+ }
+
+ zones, err := d.client.GetZone(ctx, dns01.UnFqdn(authZone))
+ if err != nil {
+ return fmt.Errorf("abion: get zone %w", err)
+ }
+
+ var data []internal.Record
+
+ if sub, ok := zones.Data.Attributes.Records[subDomain]; ok {
+ if records, exist := sub["TXT"]; exist {
+ for _, record := range records {
+ if record.Data != info.Value {
+ data = append(data, record)
+ }
+ }
+ }
+ }
+
+ payload := map[string][]internal.Record{}
+ if len(data) == 0 {
+ payload["TXT"] = nil
+ } else {
+ payload["TXT"] = data
+ }
+
+ patch := internal.ZoneRequest{
+ Data: internal.Zone{
+ Type: "zone",
+ ID: dns01.UnFqdn(authZone),
+ Attributes: internal.Attributes{
+ Records: map[string]map[string][]internal.Record{
+ subDomain: payload,
+ },
+ },
+ },
+ }
+
+ _, err = d.client.UpdateZone(ctx, dns01.UnFqdn(authZone), patch)
+ if err != nil {
+ return fmt.Errorf("abion: update zone %w", err)
+ }
+
+ return nil
+}
diff --git a/providers/dns/abion/abion.toml b/providers/dns/abion/abion.toml
new file mode 100644
index 0000000000..4617cad0c2
--- /dev/null
+++ b/providers/dns/abion/abion.toml
@@ -0,0 +1,22 @@
+Name = "Abion"
+Description = ''''''
+URL = "https://abion.com"
+Code = "abion"
+Since = "v4.34.0"
+
+Example = '''
+ABION_API_KEY="xxxxxxxxxxxx" \
+lego --dns abion -d '*.example.com' -d example.com run
+'''
+
+[Configuration]
+ [Configuration.Credentials]
+ ABION_API_KEY = "API key"
+ [Configuration.Additional]
+ ABION_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 2)"
+ ABION_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 60)"
+ ABION_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)"
+ ABION_HTTP_TIMEOUT = "API request timeout in seconds (Default: 10)"
+
+[Links]
+ API = "https://demo.abion.com/pmapi-doc/openapi-ui/index.html"
diff --git a/providers/dns/abion/abion_test.go b/providers/dns/abion/abion_test.go
new file mode 100644
index 0000000000..c5516b8c9a
--- /dev/null
+++ b/providers/dns/abion/abion_test.go
@@ -0,0 +1,118 @@
+package abion
+
+import (
+ "testing"
+
+ "github.com/go-acme/lego/v4/platform/tester"
+ "github.com/stretchr/testify/require"
+)
+
+const envDomain = envNamespace + "DOMAIN"
+
+var envTest = tester.NewEnvTest(EnvAPIKey).WithDomain(envDomain)
+
+func TestNewDNSProvider(t *testing.T) {
+ testCases := []struct {
+ desc string
+ envVars map[string]string
+ expected string
+ }{
+ {
+ desc: "success",
+ envVars: map[string]string{
+ EnvAPIKey: "123",
+ },
+ },
+ {
+ desc: "missing credentials",
+ envVars: map[string]string{
+ EnvAPIKey: "",
+ },
+ expected: "abion: some credentials information are missing: ABION_API_KEY",
+ },
+ }
+
+ for _, test := range testCases {
+ t.Run(test.desc, func(t *testing.T) {
+ defer envTest.RestoreEnv()
+
+ envTest.ClearEnv()
+
+ envTest.Apply(test.envVars)
+
+ p, err := NewDNSProvider()
+
+ if test.expected == "" {
+ require.NoError(t, err)
+ require.NotNil(t, p)
+ require.NotNil(t, p.config)
+ } else {
+ require.EqualError(t, err, test.expected)
+ }
+ })
+ }
+}
+
+func TestNewDNSProviderConfig(t *testing.T) {
+ testCases := []struct {
+ desc string
+ apiKey string
+ ttl int
+ expected string
+ }{
+ {
+ desc: "success",
+ apiKey: "123",
+ },
+ {
+ desc: "missing credentials",
+ expected: "abion: credentials missing",
+ },
+ }
+
+ for _, test := range testCases {
+ t.Run(test.desc, func(t *testing.T) {
+ config := NewDefaultConfig()
+ config.APIKey = test.apiKey
+ config.TTL = test.ttl
+
+ p, err := NewDNSProviderConfig(config)
+
+ if test.expected == "" {
+ require.NoError(t, err)
+ require.NotNil(t, p)
+ require.NotNil(t, p.config)
+ } else {
+ require.EqualError(t, err, test.expected)
+ }
+ })
+ }
+}
+
+func TestLivePresent(t *testing.T) {
+ if !envTest.IsLiveTest() {
+ t.Skip("skipping live test")
+ }
+
+ envTest.RestoreEnv()
+
+ provider, err := NewDNSProvider()
+ require.NoError(t, err)
+
+ err = provider.Present(envTest.GetDomain(), "", "123d==")
+ require.NoError(t, err)
+}
+
+func TestLiveCleanUp(t *testing.T) {
+ if !envTest.IsLiveTest() {
+ t.Skip("skipping live test")
+ }
+
+ envTest.RestoreEnv()
+
+ provider, err := NewDNSProvider()
+ require.NoError(t, err)
+
+ err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
+ require.NoError(t, err)
+}
diff --git a/providers/dns/abion/internal/client.go b/providers/dns/abion/internal/client.go
new file mode 100644
index 0000000000..709da4a915
--- /dev/null
+++ b/providers/dns/abion/internal/client.go
@@ -0,0 +1,172 @@
+package internal
+
+import (
+ "bytes"
+ "context"
+ "encoding/json"
+ "fmt"
+ "io"
+ "net/http"
+ "net/url"
+ "time"
+
+ "github.com/go-acme/lego/v4/providers/dns/internal/errutils"
+ "github.com/go-acme/lego/v4/providers/dns/internal/useragent"
+ querystring "github.com/google/go-querystring/query"
+)
+
+// defaultBaseURL represents the API endpoint to call.
+const defaultBaseURL = "https://api.abion.com"
+
+const apiKeyHeader = "X-API-KEY"
+
+// Client the Abion API client.
+type Client struct {
+ apiKey string
+ baseURL *url.URL
+ HTTPClient *http.Client
+}
+
+// NewClient Creates a new Client.
+func NewClient(apiKey string) *Client {
+ baseURL, _ := url.Parse(defaultBaseURL)
+
+ return &Client{
+ apiKey: apiKey,
+ baseURL: baseURL,
+ HTTPClient: &http.Client{Timeout: 5 * time.Second},
+ }
+}
+
+// GetZones Lists all the zones your session can access.
+func (c *Client) GetZones(ctx context.Context, page *Pagination) (*APIResponse[[]Zone], error) {
+ endpoint := c.baseURL.JoinPath("v1", "zones")
+
+ req, err := newJSONRequest(ctx, http.MethodGet, endpoint, http.NoBody)
+ if err != nil {
+ return nil, err
+ }
+
+ if page != nil {
+ v, errQ := querystring.Values(page)
+ if errQ != nil {
+ return nil, errQ
+ }
+
+ req.URL.RawQuery = v.Encode()
+ }
+
+ results := &APIResponse[[]Zone]{}
+
+ if err := c.do(req, results); err != nil {
+ return nil, fmt.Errorf("could not get zones: %w", err)
+ }
+
+ return results, nil
+}
+
+// GetZone Returns the full information on a single zone.
+func (c *Client) GetZone(ctx context.Context, name string) (*APIResponse[*Zone], error) {
+ endpoint := c.baseURL.JoinPath("v1", "zones", name)
+
+ req, err := newJSONRequest(ctx, http.MethodGet, endpoint, http.NoBody)
+ if err != nil {
+ return nil, err
+ }
+
+ results := &APIResponse[*Zone]{}
+
+ if err := c.do(req, results); err != nil {
+ return nil, fmt.Errorf("could not get zone %s: %w", name, err)
+ }
+
+ return results, nil
+}
+
+// UpdateZone Updates a zone by patching it according to JSON Merge Patch format (RFC 7396).
+func (c *Client) UpdateZone(ctx context.Context, name string, patch ZoneRequest) (*APIResponse[*Zone], error) {
+ endpoint := c.baseURL.JoinPath("v1", "zones", name)
+
+ req, err := newJSONRequest(ctx, http.MethodPatch, endpoint, patch)
+ if err != nil {
+ return nil, err
+ }
+
+ results := &APIResponse[*Zone]{}
+
+ if err := c.do(req, results); err != nil {
+ return nil, fmt.Errorf("could not update zone %s: %w", name, err)
+ }
+
+ return results, nil
+}
+
+func (c *Client) do(req *http.Request, result any) error {
+ useragent.SetHeader(req.Header)
+
+ req.Header.Set(apiKeyHeader, c.apiKey)
+
+ resp, err := c.HTTPClient.Do(req)
+ if err != nil {
+ return errutils.NewHTTPDoError(req, err)
+ }
+
+ defer func() { _ = resp.Body.Close() }()
+
+ if resp.StatusCode != http.StatusOK {
+ return parseError(req, resp)
+ }
+
+ if result == nil {
+ return nil
+ }
+
+ raw, err := io.ReadAll(resp.Body)
+ if err != nil {
+ return errutils.NewReadResponseError(req, resp.StatusCode, err)
+ }
+
+ err = json.Unmarshal(raw, result)
+ if err != nil {
+ return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
+ }
+
+ return nil
+}
+
+func newJSONRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) {
+ buf := new(bytes.Buffer)
+
+ if payload != nil {
+ err := json.NewEncoder(buf).Encode(payload)
+ if err != nil {
+ return nil, fmt.Errorf("failed to create request JSON body: %w", err)
+ }
+ }
+
+ req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)
+ if err != nil {
+ return nil, fmt.Errorf("unable to create request: %w", err)
+ }
+
+ req.Header.Set("Accept", "application/json")
+
+ if payload != nil {
+ req.Header.Set("Content-Type", "application/json")
+ }
+
+ return req, nil
+}
+
+func parseError(req *http.Request, resp *http.Response) error {
+ raw, _ := io.ReadAll(resp.Body)
+
+ zResp := &APIResponse[any]{}
+
+ err := json.Unmarshal(raw, zResp)
+ if err != nil {
+ return errutils.NewUnexpectedStatusCodeError(req, resp.StatusCode, raw)
+ }
+
+ return zResp.Error
+}
diff --git a/providers/dns/abion/internal/client_test.go b/providers/dns/abion/internal/client_test.go
new file mode 100644
index 0000000000..87677ffb9e
--- /dev/null
+++ b/providers/dns/abion/internal/client_test.go
@@ -0,0 +1,255 @@
+package internal
+
+import (
+ "context"
+ "net/http"
+ "net/http/httptest"
+ "net/url"
+ "testing"
+
+ "github.com/go-acme/lego/v4/platform/tester/servermock"
+ "github.com/stretchr/testify/assert"
+ "github.com/stretchr/testify/require"
+)
+
+func mockBuilder() *servermock.Builder[*Client] {
+ return servermock.NewBuilder(
+ func(server *httptest.Server) (*Client, error) {
+ client := NewClient("secret")
+ client.HTTPClient = server.Client()
+ client.baseURL, _ = url.Parse(server.URL)
+
+ return client, nil
+ },
+ servermock.CheckHeader().
+ WithJSONHeaders().
+ With(apiKeyHeader, "secret"),
+ )
+}
+
+func TestUpdateZone(t *testing.T) {
+ domain := "example.com"
+
+ client := mockBuilder().
+ Route("PATCH /v1/zones/"+domain,
+ servermock.ResponseFromFixture("update.json"),
+ servermock.CheckRequestJSONBodyFromFixture("update-request.json")).
+ Build(t)
+
+ patch := ZoneRequest{
+ Data: Zone{
+ Type: "zone",
+ ID: domain,
+ Attributes: Attributes{
+ Records: map[string]map[string][]Record{
+ "_acme-challenge.test": {
+ "TXT": []Record{
+ {Data: "test"},
+ {Data: "test1"},
+ {Data: "test2"},
+ },
+ },
+ },
+ },
+ },
+ }
+
+ zone, err := client.UpdateZone(context.Background(), domain, patch)
+ require.NoError(t, err)
+
+ expected := &APIResponse[*Zone]{
+ Meta: &Metadata{
+ InvocationID: "95cdcc21-b9c3-4b21-8bd1-b05c34c56147",
+ },
+ Data: &Zone{
+ Type: "zone",
+ ID: "dipcon.com",
+ Attributes: Attributes{
+ OrganisationID: "10154",
+ OrganisationDescription: "My Company AB",
+ DNSTypeDescription: "Anycast",
+ Slave: false,
+ Pending: false,
+ Deleted: false,
+ Settings: &Settings{
+ MName: "dns01.dipcon.com.",
+ Refresh: 3600,
+ Expire: 604800,
+ TTL: 600,
+ },
+ Records: map[string]map[string][]Record{
+ "@": {
+ "NS": {
+ {
+ TTL: 3600,
+ Data: "193.14.90.194",
+ Comments: "this is a comment",
+ },
+ },
+ },
+ },
+ Redirects: map[string][]Redirect{
+ "