X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fsample%2Fbin%2Fclient.sh;h=b69646dfc7019b75fd5429c62615182527010491;hb=7a1817bf3cf3c40c6c33f673ddc46c3f115cc3bc;hp=ded8c409608da8dc3222a69f2bc0ad2ac4e785a5;hpb=ee72c3ab8a95a775e5a1db5ea1b1566e0c59f626;p=aaf%2Fauthz.git diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh old mode 100644 new mode 100755 index ded8c409..b69646df --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -1,5 +1,24 @@ #!/bin/bash -# This script is run when starting aaf_config Container. +######### +# ============LICENSE_START==================================================== +# org.onap.aaf +# =========================================================================== +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# =========================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END==================================================== +# +# This script is run when starting client Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # JAVA=/usr/bin/java @@ -16,27 +35,43 @@ for (( i=( ${#FQIA_E[@]} -1 ); i>0; i-- )); do done NS=${NS}${FQIA_E[0]} CONFIG="/opt/app/aaf_config" -LOCAL="/opt/app/osaaf/local" +OSAAF="/opt/app/osaaf" +LOCAL="$OSAAF/local" DOT_AAF="$HOME/.aaf" SSO="$DOT_AAF/sso.props" +JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine" +JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent" +JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent" +JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli" + +# Check for local dir +if [ ! -d $LOCAL ]; then + mkdir -p $LOCAL + for D in bin logs; do + rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D + done +fi + # Setup Bash, first time only -if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then - echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases - echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases - chmod a+x $CONFIG/bin/agent.sh +if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then + echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases + echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases + echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases + chmod a+x $OSAAF/bin/agent.sh . $HOME/.bash_aliases fi # Setup SSO info for Deploy ID function sso_encrypt() { - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile + $JAVA_CADI digest ${1} $DOT_AAF/keyfile } +# Create Deployer Info, located at /root/.aaf if [ ! -e "$DOT_AAF/keyfile" ]; then mkdir -p $DOT_AAF - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile + $JAVA_CADI keygen $DOT_AAF/keyfile chmod 400 $DOT_AAF/keyfile echo cadi_latitude=${LATITUDE} > ${SSO} echo cadi_longitude=${LONGITUDE} >> ${SSO} @@ -50,30 +85,51 @@ if [ ! -e "$DOT_AAF/keyfile" ]; then base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO} echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO} + echo "Caller Properties Initialized" + INITIALIZED="true" fi # Only initialize once, automatically... if [ ! -e $LOCAL/${NS}.props ]; then - mkdir -p $LOCAL - for D in bin logs; do - rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D - done + echo "#### Create Configuration files " + $JAVA_AGENT config $APP_FQI \ + aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \ + cadi_etc_dir=$LOCAL + cat $LOCAL/$NS.props - # setup Configs - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \ - cadi_etc_dir=$LOCAL cadi_prop_files=$SSO - - # Place Certificates - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN} - - # Validate - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \ - cadi_prop_files=$LOCAL/${NS}.props + echo + echo "#### Certificate Authorization Artifact" + TMP=$(mktemp) + $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \ + cadi_prop_files=${SSO} \ + cadi_etc_dir=$LOCAL > $TMP + cat $TMP + echo + if [ -n "$(grep 'Namespace:' $TMP)" ]; then + echo "#### Place Certificates (by deployer)" + $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \ + cadi_prop_files=${SSO} \ + cadi_etc_dir=$LOCAL + + echo "#### Validate Configuration and Certificate with live call" + $JAVA_AGENT_SELF validate + echo "Obtained Certificates" + INITIALIZED="true" + else + echo "#### Certificate Authorization Artifact must be valid to continue" + fi + rm $TMP fi # Now run a command CMD=$2 -if [ ! "$CMD" = "" ]; then +if [ -z "$CMD" ]; then + if [ -n "$INITIALIZED" ]; then + echo "Initialization complete" + else + $JAVA_AGENT + fi +else shift shift case "$CMD" in @@ -103,20 +159,16 @@ if [ ! "$CMD" = "" ]; then ;; showpass) echo "## Show Passwords" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN} ;; check) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT check ${APP_FQI} ${APP_FQDN} ;; validate) echo "## validate requested" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props + $JAVA_AGENT_SELF validate ;; bash) - #if [ ! -e $HOME/bash_aliases ]; then - # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases - # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases - #fi shift cd $LOCAL || exit /bin/bash "$@" @@ -124,15 +176,20 @@ if [ ! "$CMD" = "" ]; then setProp) cd $LOCAL || exit FILES=$(grep -l "$1" ./*.props) - if [ "$FILES" = "" ]; then - FILES="$3" + if [ -z "$FILES" ]; then + if [ -z "$3" ]; then + FILES=${NS}.props + else + FILES="$3" + fi ADD=Y fi for F in $FILES; do - echo "Changing $1 in $F" if [ "$ADD" = "Y" ]; then - echo $2 >> $F + echo "Changing $1 to $F" + echo "$1=$2" >> $F else + echo "Changing $1 in $F" sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F fi cat $F @@ -158,7 +215,7 @@ if [ ! "$CMD" = "" ]; then else ORIG_PW="$2" fi - PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile) + PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile) if [ "$ADD" = "Y" ]; then echo "$1=enc:$PWD" >> $F else @@ -188,17 +245,26 @@ if [ ! "$CMD" = "" ]; then ;; cadi) echo "--- cadi Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6 + $JAVA_CADI ;; agent) echo "--- agent Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar + $JAVA_AGENT + ;; + aafcli) + echo "--- aafcli Tool Comands ---" + $JAVA_AAFCLI ;; esac echo "" ;; + ### Possible Dublin + # sample) + # echo "--- run Sample Servlet App ---" + # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props + # ;; *) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@" + $JAVA_AGENT "$CMD" "$@" ;; esac fi