X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fsample%2Fbin%2Fclient.sh;h=4132e6cadbf7067ca03f681326785c16cb8ad914;hb=4d0a045d78b8ad411534888464d977f65ff9efc7;hp=9b146c5f4015b9ca749ecd6d17beb65898529d2c;hpb=bf3d3075cac610b901c951ae135fcdbcc6ffecb8;p=aaf%2Fauthz.git

diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
index 9b146c5f..4132e6ca 100755
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -21,7 +21,7 @@
 # This script is run when starting client Container.
 #  It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
 #
-JAVA=/usr/bin/java
+JAVA=${JAVA_HOME}/bin/java
 AAF_INTERFACE_VERSION=2.1
 
 # Extract Name, Domain and NS from FQI
@@ -39,87 +39,134 @@ OSAAF="/opt/app/osaaf"
 LOCAL="$OSAAF/local"
 DOT_AAF="$HOME/.aaf"
 SSO="$DOT_AAF/sso.props"
- 
-JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
-JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
-JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
-JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
 
-# Check for local dir
-if [ ! -d $LOCAL ]; then
-    mkdir -p $LOCAL
-    for D in bin logs; do
-        mkdir -p $OSAAF/$D
-        cp $CONFIG/$D/* $OSAAF/$D
-    done
+if [ -e "$CONFIG" ]; then
+  CONFIG_BIN="$CONFIG/bin" 
+else 
+  CONFIG_BIN="."
 fi
 
-# Setup Bash, first time only
-if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep cadi $HOME/.bashrc)" ]; then
-  echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bashrc
-  echo "alias agent='$CONFIG/bin/agent.sh agent \$*'" >>$HOME/.bashrc
-  echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bashrc
-  chmod a+x $CONFIG/bin/agent.sh
-  . $HOME/.bashrc
-fi
+AGENT_JAR="$CONFIG_BIN/aaf-cadi-aaf-*-full.jar"
+
+JAVA_AGENT="$JAVA -Dcadi_loglevel=DEBUG -Dcadi_etc_dir=${LOCAL} -Dcadi_log_dir=${LOCAL} -jar $AGENT_JAR "
 
 # Setup SSO info for Deploy ID
 function sso_encrypt() {
-   $JAVA_CADI digest ${1} $DOT_AAF/keyfile
+   $JAVA_AGENT cadi digest ${1} $DOT_AAF/keyfile
 }
 
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep agent $HOME/.bashrc)" ]; then
+  echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" >>$HOME/.bashrc
+  chmod a+x $CONFIG_BIN/agent.sh
+  . $HOME/.bashrc
+fi
+if [ ! -e "$DOT_AAF/truststoreONAPall.jks" ]; then
+    mkdir -p $DOT_AAF
+    base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
+fi
 
 # Create Deployer Info, located at /root/.aaf
 if [ ! -e "$DOT_AAF/keyfile" ]; then
-    mkdir -p $DOT_AAF
-    $JAVA_CADI keygen $DOT_AAF/keyfile
+    $JAVA_AGENT cadi keygen $DOT_AAF/keyfile
     chmod 400 $DOT_AAF/keyfile
-    echo cadi_latitude=${LATITUDE} > ${SSO}
-    echo cadi_longitude=${LONGITUDE} >> ${SSO}
-    echo aaf_id=${DEPLOY_FQI} >> ${SSO}
+    echo "cadi_keyfile=$DOT_AAF/keyfile" > ${SSO}
+
+    # Add Deployer Creds to Root's SSO
+    DEPLOY_FQI="${DEPLOY_FQI:=$app_id}"
+    echo "aaf_id=${DEPLOY_FQI}" >> ${SSO}
     if [ ! "${DEPLOY_PASSWORD}" = "" ]; then
        echo aaf_password=enc:$(sso_encrypt ${DEPLOY_PASSWORD}) >> ${SSO}
     fi
-    echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
-    echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
+    
+    # Cover case where using app.props
+    aaf_locator_container_ns=${aaf_locator_container_ns:=$CONTAINER_NS}
+    if [ "$aaf_locator_container" = "docker" ]; then
+        echo "aaf_locate_url=https://aaf-locate:8095" >> ${SSO}
+        echo "aaf_url_cm=https://aaf-cm:8150" >> ${SSO}
+        echo "aaf_url=https://aaf-service:8100" >> ${SSO}
+    else 
+        echo "aaf_locate_url=https://$aaf-locator.${CONTAINER_NS}:8095" >> ${SSO}
+        echo "aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%NS.cm:2.1" >> ${SSO}
+        echo "aaf_url=https://AAF_LOCATE_URL/%CNS.%NS.service:2.1" >> ${SSO}
+    fi
 
-    base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
     echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
-    echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
+    echo "cadi_truststore_password=changeit" >> ${SSO}
+    echo "cadi_latitude=${LATITUDE}" >> ${SSO}
+    echo "cadi_longitude=${LONGITUDE}" >> ${SSO}
+    echo "hostname=${aaf_locator_fqdn}" >> ${SSO}
+
+    # Push in all AAF and CADI properties to SSO
+    for E in $(env); do
+        if [ "${E:0:4}" = "aaf_" ] || [ "${E:0:5}" = "cadi_" ]; then
+           # Use Deployer ID in ${SSO}
+           if [ "app_id" != "${E%=*}" ]; then
+              S="${E/_helm/.helm}"
+              S="${S/_oom/.oom}"
+             echo "$S" >> ${SSO}
+           fi
+        fi
+    done
+
+    . ${SSO}
     echo "Caller Properties Initialized"
     INITIALIZED="true"
+    echo "cat SSO"
+    cat ${SSO}
+fi
+
+# Check for local dir
+if [ -d $LOCAL ]; then
+    echo "$LOCAL exists"
+else
+    mkdir -p $LOCAL
+    echo "Created $LOCAL"
+fi
+
+cd $LOCAL
+echo "Existing files in $LOCAL"
+ls -l
+
+# Should we clean up?
+if [ "${VERSION}" != "$(cat ${LOCAL}/VERSION 2> /dev/null)" ]; then
+  echo "Clean up directory ${LOCAL}"
+  rm -Rf ${LOCAL}/*
 fi
+echo "${VERSION}" > $LOCAL/VERSION
 
+echo "Namespace is ${NS}"
 # Only initialize once, automatically...
 if [ ! -e $LOCAL/${NS}.props ]; then
     echo "#### Create Configuration files "
-    $JAVA_AGENT config $APP_FQI \
-	aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
-        cadi_etc_dir=$LOCAL
+    $JAVA_AGENT config $APP_FQI $APP_FQDN 
     cat $LOCAL/$NS.props
 
     echo
     echo "#### Certificate Authorization Artifact"
-    TMP=$(mktemp)
-    $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
-        cadi_prop_files=${SSO} \
-        cadi_etc_dir=$LOCAL > $TMP
-    cat $TMP
-    echo
+    # TMP=$(mktemp)
+    TMP=$LOCAL/agent.log
+    $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} | tee $TMP
+
     if [ -n "$(grep 'Namespace:' $TMP)" ]; then
         echo "#### Place Certificates (by deployer)"
-        $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
-            cadi_prop_files=${SSO} \
-            cadi_etc_dir=$LOCAL
+        $JAVA_AGENT place $APP_FQI $APP_FQDN
     
-        echo "#### Validate Configuration and Certificate with live call"
-        $JAVA_AGENT_SELF validate 
-        echo "Obtained Certificates"
-        INITIALIZED="true"
+        if [ -z "$(grep cadi_alias $NS.cred.props)" ]; then
+	    echo "FAILED to get Certificate"
+          INITIALIZED="false"
+        else 
+          echo "Obtained Certificates"
+          echo "#### Validate Configuration and Certificate with live call"
+          $JAVA_AGENT validate cadi_prop_files=${NS}.props
+          INITIALIZED="true"
+        fi
     else
 	echo "#### Certificate Authorization Artifact must be valid to continue"
     fi
     rm $TMP    
+else
+    INITIALIZED="true"
 fi
 
 # Now run a command
@@ -127,8 +174,6 @@ CMD=$2
 if [ -z "$CMD" ]; then
     if [ -n "$INITIALIZED" ]; then
       echo "Initialization complete"
-    else
-      $JAVA_AGENT
     fi
 else 
     shift
@@ -153,21 +198,30 @@ else
             fi
         fi
         ;;
+    read)
+        echo "## Read Artifacts"
+        $JAVA_AGENT read $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=INFO
+        ;;
     showpass)
         echo "## Show Passwords"
-        $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN}
+        $JAVA_AGENT showpass $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=ERROR
         ;;
     check)
         echo "## Check Certificate"
-        $JAVA_AGENT check ${APP_FQI} ${APP_FQDN}
+        echo "$JAVA_AGENT check $APP_FQI $APP_FQDN cadi_prop_files=${LOCAL}/${NS}.props"
+        $JAVA_AGENT check $APP_FQI $APP_FQDN cadi_prop_files=${LOCAL}/${NS}.props
         ;;
     validate)
         echo "## validate requested"
-        $JAVA_AGENT_SELF validate 
+        $JAVA_AGENT validate $APP_FQI $APP_FQDN
+        ;;
+    place)
+        echo "## Renew Certificate"
+        $JAVA_AGENT place $APP_FQI $APP_FQDN cadi_prop_files=${SSO}
         ;;
     renew)
         echo "## Renew Certificate"
-        $JAVA_AGENT place ${APP_FQI} ${APP_FQDN}
+        $JAVA_AGENT place $APP_FQI $APP_FQDN
         ;;
     bash)
         shift
@@ -228,6 +282,10 @@ else
     taillog) 
 	sh /opt/app/osaaf/logs/taillog
 	;;
+    testConnectivity|testconnectivity)
+        echo "--- Test Connectivity ---"
+        $JAVA -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props 
+	;;
     --help | -?)
         case "$1" in
         "")
@@ -262,7 +320,7 @@ else
     ### Possible Dublin
     # sample)
     #    echo "--- run Sample Servlet App ---"
-    #    $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+    #    $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
     #    ;;
     *)
         $JAVA_AGENT "$CMD" "$@"