scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-31 10:47:48 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
version_update
wlan-cloud-ucentralsec/test_scripts/curl/cli
stephb9959 17f95a64ad https://telecominfraproject.atlassian.net/browse/WIFI-12068 
Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
2023-01-31 14:59:16 -08:00

630 lines
21 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
#
# License type: BSD 3-Clause License
# License copy: https://github.com/Telecominfraproject/wlan-cloud-UCENTRALSEC/blob/master/LICENSE
#
# Created by Stephane Bourque on 2021-03-04.
# Arilia Wireless Inc.
#
if [[ "$(which jq)" == "" ]]
then
echo "You need the package jq installed to use this script."
exit 1
fi
if [[ "$(which curl)" == "" ]]
then
echo "You need the package curl installed to use this script."
exit 1
fi
if [[ -z "${OWSEC}" || -z "${OWSEC_USERNAME}" || -z "${OWSEC_PASSWORD}" ]]
then
echo "You must set the variables OWSEC, OWSEC_USERNAME, and OWSEC_PASSWORD in order to use this script. Something like"
echo "export OWSEC=security.isp.com:16001"
echo "export OWSEC_USERNAME=theusername@domain.com"
echo "export OWSEC_PASSWORD=mytoughpassword"
exit 1
fi
username=${OWSEC_USERNAME}
password=${OWSEC_PASSWORD}
if [[ "${FLAGS}" == "" ]]
then
FLAGS="-s"
fi
token=""
result_file=result.json
browser_list=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl)
browser=""
login() {
payload="{ \"userId\" : \"$username\" , \"password\" : \"$password\" }"
token=$(curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${OWSEC}/api/v1/oauth2" | jq -r '.access_token')
if [[ "${token}" == "" ]]
then
echo "Could not login. Please verify the host and username/password."
exit 13
fi
echo "${token}" > token.json
}
testlogin() {
payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-H "Content-Type: application/json" \
-d "$payload" > ${result_file}
userMustChangePassword=$(cat ${result_file} | jq -r '.ErrorCode')
if [[ ${userMustChangePassword} == "1" ]]
then
echo "User must change password to login..."
if [[ "$3" == "" ]]
then
echo "Please supply your new password too..."
exit 1
fi
payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\", \"newPassword\" : \"$3\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-H "Content-Type: application/json" \
-d "$payload" > ${result_file}
jq < ${result_file}
elif [[ "$3" != "" ]]
then
payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\", \"newPassword\" : \"$3\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2" \
-H "Content-Type: application/json" \
-d "$payload" > ${result_file}
token=$(cat ${result_file} | jq -r '.access_token')
else
payload="{ \"userId\" : \"$1\" , \"password\" : \"$2\" }"
token=$(curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${OWSEC}/api/v1/oauth2" | jq -r '.access_token')
fi
jq < ${result_file}
}
emailtest() {
payload="{ \"userId\" : \"$1\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2?forgotPassword=true" \
-H "Content-Type: application/json" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
findbrowser() {
if [[ "${browser}" != "" ]]
then
echo
elif [[ "$(uname)" == "Darwin" ]]
then
browser=open
else
BROWSER_LIST=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl)
for br_name in "${browser_list[@]}"
do
if [[ $(which ${br_name}) != "" ]]
then
browser=${br_name}
break
fi
done
fi
}
logout() {
curl ${FLAGS} -X DELETE -H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
"https://${OWSEC}/api/v1/oauth2/${token}"
token=""
rm -rf token.json
}
me() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/oauth2?me=true" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
listendpoints() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/systemEndpoints" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
for index in {0..10}
do
endpointlocation=".endpoints[${index}].uri"
endpointlocationtype=".endpoints[${index}].type"
rawurl="$(cat ${result_file} | jq -r ${endpointlocation})"
svctype="$(cat ${result_file} | jq -r ${endpointlocationtype})"
proto="$(echo $rawurl | grep :// | sed -e's,^\(.*://\).*,\1,g')"
url="$(echo ${rawurl/$proto/})"
user="$(echo $url | grep @ | cut -d@ -f1)"
hostport="$(echo ${url/$user@/} | cut -d/ -f1)"
host="$(echo $hostport | sed -e 's,:.*,,g')"
port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')"
path="$(echo $url | grep / | cut -d/ -f2-)"
if [[ ${url} != "null" ]]
then
if [[ ${svctype} == "ucentralgw" ]]
then
echo "url: $url"
echo " proto: $proto"
echo " user: $user"
echo " host: $host"
echo " port: $port"
echo " path: $path"
UCENTRALGW=$host
break
fi
fi
done
}
getlogo() {
curl ${FLAGS} -X GET "https://${OWSEC}/wwwassets/logo.png"
}
createuser() {
case $3 in
root|admin|subscriber|csr|system|installer|noc|accounting)
payload="{ \"id\": \"0\", \"email\" : \"$1\", \"currentPassword\" : \"$2\", \"changePassword\" : true, \"userRole\" : \"$3\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/user/0" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file} ;;
*)
echo "Error: userRole has to be one of root|admin|subscriber|csr|system|installer|noc|accounting"
exit 1 ;;
esac
}
createsub() {
payload="{ \"id\": \"0\", \"email\" : \"$1\", \"currentPassword\" : \"$2\", \"changePassword\" : false, \"userRole\" : \"subscriber\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/subuser/0" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
createuser_v() {
case $3 in
root|admin|subscriber|csr|system|installer|noc|accounting)
payload="{ \"id\": \"0\", \"email\" : \"$1\", \"currentPassword\" : \"$2\", \"changePassword\" : true, \"userRole\" : \"$3\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/user/0?email_verification=true" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file} ;;
*)
echo "Error: userRole has to be one of root|admin|subscriber|csr|system|installer|noc|accounting"
exit 1 ;;
esac
}
deleteuser() {
curl ${FLAGS} -X DELETE "https://${OWSEC}/api/v1/user/$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
deletesub() {
curl ${FLAGS} -X DELETE "https://${OWSEC}/api/v1/subuser/$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getuser() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/user/$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getsub() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/subuser/$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getuserbyemail() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/user/${1}?byEmail=true" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getsubbyemail() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/subuser/${1}?byEmail=true" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
listusers() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/users" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
listsubs() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/subusers" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
policies() {
payload="{}"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/oauth2?requirements=true" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
setavatar() {
curl ${FLAGS} -F 'data=@$2' "https://${OWSEC}/api/v1/avatar/$1" \
-H "Authorization: Bearer ${token}" > ${result_file};
jq < ${result_file}
}
getavatar() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/avatar/$1" \
-H "accept: application/octet-stream" \
-H "Authorization: Bearer ${token}" \
-o "user.svg"
}
deleteavatar() {
curl ${FLAGS} -X DELETE "https://${OWSEC}/api/v1/avatar/$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
sendemail() {
payload="{ \"recipients\" : [ \"$1\" ] , \"subject\" : \"test1\" , \"from\" : \"$2\" , \"text\" : \"This is a test from SES.\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/email" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
sendsms() {
payload="{ \"to\" : \"$1\" , \"text\" : \"$2\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/sms" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
setpreferences() {
payload="{ \"data\" : [ { \"tag\" : \"${1}\" , \"value\" : \"${2}\" } ] }"
echo ${payload}
curl ${FLAGS} -X PUT "https://${OWSEC}/api/v1/preferences" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getpreferences() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/preferences" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
getauthqrcode() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/totp" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
-o qrcode.svg
}
testlogout() {
echo "Logged in..."
oldtoken=${token}
listusers
logout
echo "Logged out..."
token=${oldtoken}
echo "This should be en error"
listusers
}
setloglevel() {
payload="{ \"command\" : \"setloglevel\" , \"subsystems\" : [ { \"tag\" : \"$1\" , \"value\" : \"$2\" } ] }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/system" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload"
}
getloglevels() {
payload="{ \"command\" : \"getloglevels\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/system" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload"
}
getloglevelnames() {
payload="{ \"command\" : \"getloglevelnames\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/system" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload"
}
getsubsystemnames() {
payload="{ \"command\" : \"getsubsystemnames\" }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/system" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload"
}
systeminfo() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/system?command=info" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
getsecret() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/systemSecret/${1}" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
getsecretdictionary() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/systemSecret/0?dictionary=true" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
getallsecrets() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/systemSecret/0?all=true" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
setsecret() {
curl ${FLAGS} -X PUT "https://${OWSEC}/api/v1/systemSecret/${1}?value=${2}" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
deletesecret() {
curl ${FLAGS} -X DELETE "https://${OWSEC}/api/v1/systemSecret/${1}" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
reloadsubsystem() {
payload="{ \"command\" : \"reload\", \"subsystems\" : [ \"$1\" ] }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/system" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload"
}
check_response() {
if [ -s "$1" ]; then
ERROR_CODE="$(jq -r '.ErrorCode' < $1)"
if [[ -n "$ERROR_CODE" && "$ERROR_CODE" != 'null' ]]; then
echo "Error: got HTTP error code $ERROR_CODE, exiting"
exit 1
fi
else
echo "Error: result file not found or empty"
exit 1
fi
}
createapikey() {
payload="{ \"name\" : \"test1\" , \"expiresOn\" : 1699393386 }"
curl ${FLAGS} -X POST "https://${OWSEC}/api/v1/apiKey/$1" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
deleteapikey() {
curl ${FLAGS} -X DELETE "https://${OWSEC}/api/v1/apiKey/$1?keyUuid=$2" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
getapikey() {
curl ${FLAGS} -X GET "https://${OWSEC}/api/v1/apiKey/$1" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${token}" > ${result_file}
jq < ${result_file}
}
test_service() {
echo
echo "----------------------"
echo "Get system information"
echo "----------------------"
systeminfo
check_response $result_file
echo
echo "----------------"
echo "Create test user"
echo "----------------"
createuser testuser@mail.telecominfraproject.com 'Test123!' accounting
check_response $result_file
USER_ID="$(jq -r '.id' < $result_file)"
if [[ $USER_ID == null ]]; then
USER_ID="$(jq -r '.Id' < $result_file)"
fi
echo
echo "-------------"
echo "Get test user"
echo "-------------"
getuser $USER_ID
check_response $result_file
echo
echo "----------------"
echo "Delete test user"
echo "----------------"
deleteuser $USER_ID
# check_response $result_file
USER_STATUS="$(jq -r '.ErrorCode' < $result_file)"
if [ "$USER_STATUS" == 404 ]; then
echo "Error: failed to delete test user, HTTP error code 404"
else
echo "Successfully deleted test user"
fi
}
help() {
echo
echo "Usage: cli <cmd> [args]"
echo
echo "listendpoints Get all the system endpoints."
echo "emailtest Generate a forgot Password e-amil to the logged in user."
echo "me Show information about the logged user."
echo "createuser <email> <password> <userrole> Create a user with an initial password and force the user to change password."
echo "createuser_v <email> <password> <userrole> Same as create user but also force an e-mail verification."
echo "deleteuser <user UUID> Delete the user."
echo "getuser <user UUID> Get the user information."
echo "listusers List users."
echo "policies List the login and access policies."
echo "setavatar <user UUID> <filename> Sets the avatar for user to the image in filename."
echo "getavatar <user UUID> Get the avatar for the user."
echo "deleteavatar <user UUID> Remove the avatar for a user."
echo "sendemail <recipient> <from> Sends a test email to see if the e-mail system is working."
echo "setloglevel <subsystem> <loglevel> Set the log level for s specific subsystem."
echo "getloglevels Get the current log levels for all subsystems."
echo "getloglevelnames Get the log level names available."
echo "getsubsystemnames Get the list of subsystems."
echo "systeminfo Get basic system information."
echo "reloadsubsystem <subsystem name> Reload the configuration for a subsystem."
echo "test_service Run a set of CLI commands for testing purposes"
echo
}
shopt -s nocasematch
case "$1" in
"createuser") login; createuser "$2" "$3" "$4"; logout;;
"createsub") login; createsub "$2" "$3"; logout;;
"createuser_v") login; createuser_v "$2" "$3" "$4"; logout;;
"createsub_v") login; createsub_v "$2" "$3"; logout;;
"deleteuser") login; deleteuser "$2" ; logout;;
"deletesub") login; deletesub "$2" ; logout;;
"getuser") login; getuser "$2" ; logout;;
"getsub") login; getsub "$2" ; logout;;
"getuserbyemail") login; getuserbyemail "$2" ; logout;;
"getsubbyemail") login; getsubbyemail "$2" ; logout;;
"listusers") login; listusers ; logout ;;
"listsubs") login; listsubs ; logout ;;
"me") login; me ; logout ;;
"listendpoints") login; listendpoints ; logout ;;
"testlogin") testlogin "$2" "$3" "$4";;
"emailtest") emailtest "$2";;
"getlogo") getlogo ;;
"policies") policies ;;
"setavatar") login; setavatar "$2"; logout;;
"getavatar") login; getavatar "$2"; logout;;
"deleteavatar") login; deleteavatar "$2"; logout;;
"sendemail") login; sendemail "$2" "$3"; logout;;
"sendsms") login; sendsms "$2" "$3" ; logout;;
"testlogout") login; testlogout ;;
"setloglevel") login; setloglevel "$2" "$3" ; logout ;;
"getloglevels") login; getloglevels; logout ;;
"getloglevelnames") login; getloglevelnames; logout ;;
"getsubsystemnames") login; getsubsystemnames; logout ;;
"reloadsubsystem") login; reloadsubsystem "$2"; logout ;;
"systeminfo") login; systeminfo ; logout;;
"setpreferences") login; setpreferences "$2" "$3" ; logout;;
"getpreferences") login; getpreferences ; logout;;
"getauthqrcode") login; getauthqrcode; logout;;
"test_service") login; test_service; logout;;
"createapikey") login; createapikey "$2" ; logout;;
"deleteapikey") login; deleteapikey "$2" "$3"; logout;;
"getapikey") login; getapikey "$2" ; logout;;
"getsecret") login; getsecret "$2" ; logout;;
"getallsecrets") login; getallsecrets ; logout;;
"setsecret") login; setsecret "$2" "$3" ; logout;;
"deletesecret") login; deletesecret "$2" ; logout;;
"getsecretdictionary") login; getsecretdictionary ; logout;;
"help") login; help ; logout ;;
*) help ;;
esac
Reference in New Issue View Git Blame Copy Permalink