#!/bin/bash # # License type: BSD 3-Clause License # License copy: https://github.com/Telecominfraproject/wlan-cloud-UCENTRALSEC/blob/master/LICENSE # # Created by Stephane Bourque on 2021-03-04. # Arilia Wireless Inc. # if [[ "$(which jq)" == "" ]] then echo "You need the package jq installed to use this script." exit 1 fi if [[ "$(which curl)" == "" ]] then echo "You need the package curl installed to use this script." exit 1 fi if [[ "${UCENTRALSEC}" == "" ]] then echo "You must set the variable UCENTRALSEC in order to use this script. Something like" echo "UCENTRALSEC=myauthgateway.isp.com:16001" exit 1 fi if [[ "${FLAGS}" == "" ]] then FLAGS="-s" fi token="" result_file=result.json username="tip@ucentral.com" password="openwifi" #username="stephb@incognito.com" #password="Snoopy98!" browser_list=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl) browser="" login() { payload="{ \"userId\" : \"$username\" , \"password\" : \"$password\" }" token=$(curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${UCENTRALSEC}/api/v1/oauth2" | jq -r '.access_token') if [[ "${token}" == "" ]] then echo "Could not login. Please verify the host and username/password." exit 13 fi echo "${token}" > token.json } testlogin() { payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\" }" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/oauth2" \ -H "Content-Type: application/json" \ -d "$payload" > ${result_file} userMustChangePassword=$(cat ${result_file} | jq -r '.userMustChangePassword') if [[ ${userMustChangePassword} == "true" ]] then echo "User must change password to login..." if [[ "$3" == "" ]] then echo "Please supply your new password too..." exit 1 fi payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\", \"newPassword\" : \"$3\" }" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/oauth2" \ -H "Content-Type: application/json" \ -d "$payload" > ${result_file} jq < ${result_file} elif [[ "$3" != "" ]] then payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\", \"newPassword\" : \"$3\" }" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/oauth2" \ -H "Content-Type: application/json" \ -d "$payload" > ${result_file} jq < ${result_file} fi jq < ${result_file} } emailtest() { payload="{ \"userId\" : \"$1\" }" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/oauth2?forgotPassword=true" \ -H "Content-Type: application/json" \ -d "$payload" > ${result_file} jq < ${result_file} } findbrowser() { if [[ "${browser}" != "" ]] then echo elif [[ "$(uname)" == "Darwin" ]] then browser=open else BROWSER_LIST=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl) for br_name in "${browser_list[@]}" do if [[ $(which ${br_name}) != "" ]] then browser=${br_name} break fi done fi } logout() { curl ${FLAGS} -X DELETE -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ "https://${UCENTRALSEC}/api/v1/oauth2/${token}" rm -rf token.json } me() { curl ${FLAGS} -X GET -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ "https://${UCENTRALSEC}/api/v1/oauth2?me=true" } listendpoints() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/systemEndpoints" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} for index in {0..10} do endpointlocation=".endpoints[${index}].uri" endpointlocationtype=".endpoints[${index}].type" rawurl="$(cat ${result_file} | jq -r ${endpointlocation})" svctype="$(cat ${result_file} | jq -r ${endpointlocationtype})" proto="$(echo $rawurl | grep :// | sed -e's,^\(.*://\).*,\1,g')" url="$(echo ${rawurl/$proto/})" user="$(echo $url | grep @ | cut -d@ -f1)" hostport="$(echo ${url/$user@/} | cut -d/ -f1)" host="$(echo $hostport | sed -e 's,:.*,,g')" port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')" path="$(echo $url | grep / | cut -d/ -f2-)" if [[ ${url} != "null" ]] then if [[ ${svctype} == "ucentralgw" ]] then echo "url: $url" echo " proto: $proto" echo " user: $user" echo " host: $host" echo " port: $port" echo " path: $path" UCENTRALGW=$host break fi fi done } getlogo() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/wwwassets/open-wifi.svg" } createuser() { payload="{ \"id\": \"0\", \"email\" : \"$1\", \"currentPassword\" : \"$2\", \"changePassword\" : true}" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/user/0" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" \ -d "$payload" > ${result_file} jq < ${result_file} } createuser_v() { payload="{ \"id\": \"0\", \"email\" : \"$1\", \"currentPassword\" : \"$2\", \"changePassword\" : true}" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/user/0?email_verification=true" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" \ -d "$payload" > ${result_file} jq < ${result_file} } deleteuser() { curl ${FLAGS} -X DELETE "https://${UCENTRALSEC}/api/v1/user/$1" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" \ -d "$payload" > ${result_file} jq < ${result_file} } getuser() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/user/$1" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" \ -d "$payload" > ${result_file} jq < ${result_file} } listusers() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/users" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" \ -d "$payload" > ${result_file} jq < ${result_file} } policies() { payload="{}" curl ${FLAGS} -X POST "https://${UCENTRALSEC}/api/v1/oauth2?requirements=true" \ -H "Content-Type: application/json" \ -d "$payload" > ${result_file} jq < ${result_file} } setavatar() { curl ${FLAGS} -F 'data=@open-wifi.svg' "https://${UCENTRALSEC}/api/v1/avatar/$1" \ -H "Authorization: Bearer ${token}" > ${result_file}; jq < ${result_file} } getavatar() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/avatar/$1" \ -H "accept: application/octet-stream" \ -H "Authorization: Bearer ${token}" \ -o "user.svg" } deleteavatar() { curl ${FLAGS} -X DELETE "https://${UCENTRALSEC}/api/v1/avatar/$1" \ -H "Authorization: Bearer ${token}" \ -H "Content-Type: application/json" > ${result_file} jq < ${result_file} } secversion() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/system?command=version" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } sectimes() { curl ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/system?command=times" \ -H "accept: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } help() { echo echo "listendpoints Get all the system endpoints." echo } shopt -s nocasematch case "$1" in "createuser") login; createuser "$2" "$3"; logout;; "createuser_v") login; createuser_v "$2" "$3"; logout;; "deleteuser") login; deleteuser "$2" ; logout;; "getuser") login; getuser "$2" ; logout;; "listusers") login; listusers ; logout ;; "me") login; me ; logout ;; "listendpoints") login; listendpoints ; logout ;; "testlogin") testlogin "$2" "$3" "$4";; "emailtest") emailtest "$2";; "getlogo") getlogo ;; "policies") policies ;; "setavatar") login; setavatar "$2"; logout;; "getavatar") login; getavatar "$2"; logout;; "deleteavatar") login; deleteavatar "$2"; logout;; "secversion") login; secversion ; logout;; "sectimes") login; sectimes ; logout;; "help") login; help ; logout ;; *) help ;; esac