X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fsample%2Fbin%2Fclient.sh;h=b69646dfc7019b75fd5429c62615182527010491;hb=7a1817bf3cf3c40c6c33f673ddc46c3f115cc3bc;hp=2c73614279ee7c125f1a4b945592163fd43d48c2;hpb=32cdd553a8668e6d03a9cf5b11b360d35a63c87f;p=aaf%2Fauthz.git

diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
old mode 100644
new mode 100755
index 2c736142..b69646df
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -1,5 +1,24 @@
 #!/bin/bash
-# This script is run when starting aaf_config Container.
+#########
+#  ============LICENSE_START====================================================
+#  org.onap.aaf
+#  ===========================================================================
+#  Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#  ===========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END====================================================
+#
+# This script is run when starting client Container.
 #  It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
 #
 JAVA=/usr/bin/java
@@ -15,18 +34,45 @@ for (( i=( ${#FQIA_E[@]} -1 ); i>0; i-- )); do
    NS=${NS}${FQIA_E[i]}'.'
 done
 NS=${NS}${FQIA_E[0]}
+CONFIG="/opt/app/aaf_config"
+OSAAF="/opt/app/osaaf"
+LOCAL="$OSAAF/local"
+DOT_AAF="$HOME/.aaf"
+SSO="$DOT_AAF/sso.props"
+ 
+JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
+JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
+JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
+JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
+
+# Check for local dir
+if [ ! -d $LOCAL ]; then
+    mkdir -p $LOCAL
+    for D in bin logs; do
+        rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
+    done
+fi
 
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then
+  echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases
+  echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+  echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases
+  chmod a+x $OSAAF/bin/agent.sh
+  . $HOME/.bash_aliases
+fi
 
 # Setup SSO info for Deploy ID
 function sso_encrypt() {
- $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} ~/.aaf/keyfile
+   $JAVA_CADI digest ${1} $DOT_AAF/keyfile
 }
 
-if [ ! -e " ~/.aaf/keyfile" ]; then
-    mkdir -p ~/.aaf
-    SSO=~/.aaf/sso.props
-    $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen ~/.aaf/keyfile
-    chmod 400 ~/.aaf/keyfile
+
+# Create Deployer Info, located at /root/.aaf
+if [ ! -e "$DOT_AAF/keyfile" ]; then
+    mkdir -p $DOT_AAF
+    $JAVA_CADI keygen $DOT_AAF/keyfile
+    chmod 400 $DOT_AAF/keyfile
     echo cadi_latitude=${LATITUDE} > ${SSO}
     echo cadi_longitude=${LONGITUDE} >> ${SSO}
     echo aaf_id=${DEPLOY_FQI} >> ${SSO}
@@ -35,31 +81,55 @@ if [ ! -e " ~/.aaf/keyfile" ]; then
     fi
     echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
     echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
-    echo cadi_truststore=$(ls /opt/app/aaf_config/public/*trust*) >> ${SSO}
+
+    base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
+    echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
     echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
+    echo "Caller Properties Initialized"
+    INITIALIZED="true"
 fi
 
 # Only initialize once, automatically...
-if [ ! -e /opt/app/osaaf/local/${NS}.props ]; then
-    for D in bin logs; do
-        rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
-    done
+if [ ! -e $LOCAL/${NS}.props ]; then
+    echo "#### Create Configuration files "
+    $JAVA_AGENT config $APP_FQI \
+	aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
+        cadi_etc_dir=$LOCAL
+    cat $LOCAL/$NS.props
 
-    # setup Configs
-    $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
-        cadi_etc_dir=/opt/app/osaaf/local 
-
-    # Place Certificates
-    $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN}
-
-    # Validate
-    $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate \
-        cadi_prop_files=/opt/app/osaaf/local/${NS}.props
+    echo
+    echo "#### Certificate Authorization Artifact"
+    TMP=$(mktemp)
+    $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
+        cadi_prop_files=${SSO} \
+        cadi_etc_dir=$LOCAL > $TMP
+    cat $TMP
+    echo
+    if [ -n "$(grep 'Namespace:' $TMP)" ]; then
+        echo "#### Place Certificates (by deployer)"
+        $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
+            cadi_prop_files=${SSO} \
+            cadi_etc_dir=$LOCAL
+    
+        echo "#### Validate Configuration and Certificate with live call"
+        $JAVA_AGENT_SELF validate 
+        echo "Obtained Certificates"
+        INITIALIZED="true"
+    else
+	echo "#### Certificate Authorization Artifact must be valid to continue"
+    fi
+    rm $TMP    
 fi
 
 # Now run a command
 CMD=$2
-if [ ! "$CMD" = "" ]; then
+if [ -z "$CMD" ]; then
+    if [ -n "$INITIALIZED" ]; then
+      echo "Initialization complete"
+    else
+      $JAVA_AGENT
+    fi
+else 
     shift
     shift
     case "$CMD" in
@@ -84,45 +154,53 @@ if [ ! "$CMD" = "" ]; then
         ;;
     update)
         for D in bin logs; do
-            rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+            rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
         done
         ;;
+    showpass)
+        echo "## Show Passwords"
+        $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN}
+        ;;
+    check)
+        $JAVA_AGENT check ${APP_FQI} ${APP_FQDN}
+        ;;
     validate)
         echo "## validate requested"
-        $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=/opt/app/osaaf/local/${NS}.props
+        $JAVA_AGENT_SELF validate 
         ;;
     bash)
-        if [ ! -e ~/.bash_aliases ]; then
-            echo "alias cadi='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >~/.bash_aliases
-            echo "alias agent='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.configure.Agent \$*'" >>~/.bash_aliases
-        fi
         shift
-        cd /opt/app/osaaf/local || exit
+        cd $LOCAL || exit
         /bin/bash "$@"
         ;;
     setProp)
-        cd /opt/app/osaaf/local || exit
+        cd $LOCAL || exit
         FILES=$(grep -l "$1" ./*.props)
-	if [ "$FILES" = "" ]; then 
-  	    FILES="$3"
+	if [ -z "$FILES" ]; then 
+  	    if [ -z "$3" ]; then
+               FILES=${NS}.props
+            else 
+               FILES="$3"
+            fi
 	    ADD=Y
 	fi
         for F in $FILES; do
-            echo "Changing $1 in $F"
 	    if [ "$ADD" = "Y" ]; then
-		echo $2 >> $F
+                echo "Changing $1 to $F"
+		echo "$1=$2" >> $F
 	    else 
-                sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
+               echo "Changing $1 in $F"
+               sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
 	    fi
             cat $F
         done
         ;;
     encrypt)
-        cd /opt/app/osaaf/local || exit
+        cd $LOCAL || exit
 	echo $1
         FILES=$(grep -l "$1" ./*.props)
 	if [ "$FILES" = "" ]; then
-             FILES=/opt/app/osaaf/local/${NS}.cred.props
+             FILES=$LOCAL/${NS}.cred.props
 	     ADD=Y
         fi
         for F in $FILES; do
@@ -137,7 +215,7 @@ if [ ! "$CMD" = "" ]; then
             else
                 ORIG_PW="$2"
             fi
-            PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/${NS}.keyfile)
+            PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
             if [ "$ADD" = "Y" ]; then
                   echo "$1=enc:$PWD" >> $F
             else 
@@ -167,17 +245,26 @@ if [ ! "$CMD" = "" ]; then
             ;;
         cadi)
             echo "--- cadi Tool Comands ---"
-            $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+            $JAVA_CADI
             ;;
         agent)
             echo "--- agent Tool Comands ---"
-            $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar
+            $JAVA_AGENT
+            ;;
+        aafcli)
+            echo "--- aafcli Tool Comands ---"
+            $JAVA_AAFCLI
             ;;
         esac
         echo ""
         ;;
+    ### Possible Dublin
+    # sample)
+    #    echo "--- run Sample Servlet App ---"
+    #    $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+    #    ;;
     *)
-        $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+        $JAVA_AGENT "$CMD" "$@"
         ;;
     esac
 fi