LOCAL="$OSAAF/local"
DOT_AAF="$HOME/.aaf"
SSO="$DOT_AAF/sso.props"
-
-JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
-JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
-JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
-JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
+
+if [ -e "$CONFIG" ]; then
+ CONFIG_BIN="$CONFIG/bin"
+else
+ CONFIG_BIN="."
+fi
+
+CLPATH="$CONFIG_BIN/aaf-auth-cmd-*-full.jar"
+
+JAVA_CADI="$JAVA -cp $CLPATH org.onap.aaf.cadi.CmdLine"
+JAVA_AGENT="$JAVA -cp $CLPATH -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
+JAVA_AGENT_SELF="$JAVA -cp $CLPATH -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
+JAVA_AAFCLI="$JAVA -cp $CLPATH -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
# Check for local dir
if [ ! -d $LOCAL ]; then
# Setup Bash, first time only
if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep cadi $HOME/.bashrc)" ]; then
echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bashrc
- echo "alias agent='$CONFIG/bin/agent.sh agent \$*'" >>$HOME/.bashrc
+ echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" >>$HOME/.bashrc
echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bashrc
- chmod a+x $CONFIG/bin/agent.sh
+ chmod a+x $CONFIG_BIN/agent.sh
. $HOME/.bashrc
fi
$JAVA_CADI digest ${1} $DOT_AAF/keyfile
}
+if [ ! -e "$DOT_AAF/truststoreONAPall.jks" ]; then
+ mkdir -p $DOT_AAF
+ base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
+fi
# Create Deployer Info, located at /root/.aaf
if [ ! -e "$DOT_AAF/keyfile" ]; then
- mkdir -p $DOT_AAF
$JAVA_CADI keygen $DOT_AAF/keyfile
chmod 400 $DOT_AAF/keyfile
- echo cadi_latitude=${LATITUDE} > ${SSO}
- echo cadi_longitude=${LONGITUDE} >> ${SSO}
- echo aaf_id=${DEPLOY_FQI} >> ${SSO}
+
+ # Add Deployer Creds to Root's SSO
+ DEPLOY_FQI="${DEPLOY_FQI:=$app_id}"
+ echo "aaf_id=${DEPLOY_FQI}" > ${SSO}
if [ ! "${DEPLOY_PASSWORD}" = "" ]; then
echo aaf_password=enc:$(sso_encrypt ${DEPLOY_PASSWORD}) >> ${SSO}
fi
- echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
- echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
+
+ # Cover case where using app.props
+ aaf_locater_container_ns=${aaf_locator_container_ns:=$CONTAINER_NS}
+
+ for E in $(env); do
+ if [ "${E:0:4}" = "aaf_" ] || [ "${E:0:5}" = "cadi_" ]; then
+ # Use Deployer ID in ${SSO}
+ if [ "app_id" != "${E%=*}" ]; then
+ S="${E/_helm/.helm}"
+ S="${S/_oom/.oom}"
+ echo "$S" >> ${SSO}
+ fi
+ fi
+ done
- base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
echo "Caller Properties Initialized"
INITIALIZED="true"
fi
+echo "cat SSO"
+cat ${SSO}
+echo "dog"
# Only initialize once, automatically...
if [ ! -e $LOCAL/${NS}.props ]; then
+ if [ -e '/opt/app/aaf_config/bin' ]; then
+ cp /opt/app/aaf_config/bin/*.jar $LOCAL
+ echo "#!/bin/bash" > agent
+ echo 'case "$1" in' >> agent
+ echo ' ""|-?|--help)CMD="";FQI="";FQDN="";;' >> agent
+ echo ' validate)CMD="$1";FQI="";FQDN="${2:-'"$NS.props"'}";;' >> agent
+ echo ' *)CMD="$1";FQI="${2:-'"$APP_FQI"'}";FQDN="${3:-'"$APP_FQDN"'}";;' >> agent
+ echo 'esac' >> agent
+ echo 'java -cp '$(ls aaf-auth-cmd-*-full.jar)' -Dcadi_prop_files='"$NS"'.props org.onap.aaf.cadi.configure.Agent $CMD $FQI $FQDN' >> agent
+
+ echo "#!/bin/bash" > cadi
+ echo "java -cp $(ls aaf-auth-cmd-*-full.jar) -Dcadi_prop_files=$NS.props org.onap.aaf.cadi.CmdLine " '$*' >> cadi
+ # echo "#!/bin/bash" > aafcli
+ # echo "java -cp $(ls aaf-auth-cmd-*-full.jar) -Dcadi_prop_files=$NS.props org.onap.aaf.auth.cmd.AAFcli " '$*' >> aafcli
+
+ echo "#!/bin/bash" > testConnectivity
+ echo "java -cp $(ls aaf-auth-cmd-*-full.jar) org.onap.aaf.cadi.aaf.TestConnectivity $NS.props" >> testConnectivity
+ chmod ug+x agent cadi testConnectivity
+ fi
+
echo "#### Create Configuration files "
$JAVA_AGENT config $APP_FQI \
- aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
- cadi_etc_dir=$LOCAL
+ cadi_etc_dir=$LOCAL \
+ cadi_prop_files=$SSO
+ #aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION}
cat $LOCAL/$NS.props
echo
echo "#### Certificate Authorization Artifact"
- TMP=$(mktemp)
+ # TMP=$(mktemp)
+ TMP=$LOCAL/agent.log
$JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
cadi_prop_files=${SSO} \
- cadi_etc_dir=$LOCAL > $TMP
- cat $TMP
- echo
+ cadi_etc_dir=$LOCAL | tee $TMP
+
if [ -n "$(grep 'Namespace:' $TMP)" ]; then
echo "#### Place Certificates (by deployer)"
$JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
cadi_etc_dir=$LOCAL
echo "#### Validate Configuration and Certificate with live call"
- $JAVA_AGENT_SELF validate
echo "Obtained Certificates"
INITIALIZED="true"
else
if [ -n "$INITIALIZED" ]; then
echo "Initialization complete"
else
- $JAVA_AGENT
+ $JAVA_AGENT_SELF validate $FQI $FQDN
fi
else
shift
;;
validate)
echo "## validate requested"
- $JAVA_AGENT_SELF validate
+ $JAVA_AGENT_SELF validate $FQI $FQDN
;;
renew)
echo "## Renew Certificate"
taillog)
sh /opt/app/osaaf/logs/taillog
;;
+ testConnectivity|testconnectivity)
+ echo "--- Test Connectivity ---"
+ $JAVA -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props
+ ;;
--help | -?)
case "$1" in
"")
### Possible Dublin
# sample)
# echo "--- run Sample Servlet App ---"
- # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+ # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
# ;;
*)
$JAVA_AGENT "$CMD" "$@"
Code Review / aaf / authz.git / blobdiff