#!/bin/bash # # License type: BSD 3-Clause License # License copy: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/LICENSE # # Created by Stephane Bourque on 2021-03-04. # Arilia Wireless Inc. # if [[ "$(which jq)" == "" ]] then echo "You need the package jq installed to use this script." exit 1 fi if [[ "$(which curl)" == "" ]] then echo "You need the package curl installed to use this script." exit 1 fi if [[ "${OWSUB}" == "" ]] then echo "You must set the variable OWSUB in order to use this script. Something like" echo "OWSUB=security.isp.com:16006" exit 1 fi if [[ "${FLAGS}" == "" ]] then FLAGS="-s" fi target_servicetype=owsub target_service_endpoint="${OWSUB}" token="" result_file=result.json browser_list=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl) browser="" if [ -z ${OWSEC_USERNAME+x} ]; then username="script.runner@arilia.com" else username=${OWSEC_USERNAME} fi if [ -z ${OWSEC_PASSWORD+x} ]; then password="Snoopy99!!!" else password=${OWSEC_PASSWORD} fi login() { payload="{ \"userId\" : \"$username\" , \"password\" : \"$password\" }" curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${target_service_endpoint}/api/v1/oauth2" > ${result_file} token=$(cat ${result_file} | jq -r '.access_token' ) if [[ "${token}" == "null" ]] then method=$(cat ${result_file} | jq -r '.method' ) if [[ "${method}" == "sms" ]] then while true do read -r -p "Please provide the SMS login code that was sent to you: " challenge_code mfauuid=$(cat ${result_file} | jq -r '.uuid' ) mfaloginpayload="{ \"uuid\" : \"${mfauuid}\", \"answer\" : \"${challenge_code}\" }" curl ${FLAGS} -X POST "https://${target_service_endpoint}/api/v1/oauth2?completeMFAChallenge=true" \ -d "$mfaloginpayload" > mfa_answer.json token=$(cat mfa_answer.json | jq -r '.access_token') if [[ "{$token}" != "null" ]] then break fi done return fi echo "Could not login. Please verify the host and username/password." exit 13 fi echo "${token}" > token.json } findbrowser() { if [[ "${browser}" != "" ]] then echo elif [[ "$(uname)" == "Darwin" ]] then browser=open else BROWSER_LIST=(firefox sensible-browser xdg-open w3m links links2 lynx youtube-dl) for br_name in "${browser_list[@]}" do if [[ $(which ${br_name}) != "" ]] then browser=${br_name} break fi done fi } me() { curl ${FLAGS} -X GET -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ "https://${target_service_endpoint}/api/v1/oauth2?me=true" > ${result_file} jq < ${result_file} } logout() { curl ${FLAGS} -X DELETE -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ "https://${target_service_endpoint}/api/v1/oauth2/${token}" rm -rf token.json } startmfa() { payload="{ \"type\" : \"sms\" , \"sms\" : \"$1\" }" curl ${FLAGS} -X PUT "https://${target_service_endpoint}/api/v1/submfa?startValidation=true" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ -d "${payload}" > ${result_file} jq < ${result_file} } completemfa() { payload="{ \"type\" : \"sms\" , \"sms\" : \"$1\" }" curl ${FLAGS} -X PUT "https://${target_service_endpoint}/api/v1/submfa?completeValidation=true&challengeCode=$2" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ -d "${payload}" > ${result_file} jq < ${result_file} } getmfa() { curl ${FLAGS} -X GET "https://${target_service_endpoint}/api/v1/submfa" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } disablemfa() { payload="{ \"type\" : \"disabled\" }" curl ${FLAGS} -X PUT "https://${target_service_endpoint}/api/v1/submfa" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ -d "${payload}" > ${result_file} jq < ${result_file} } getmyinfo() { curl ${FLAGS} -X GET "https://${target_service_endpoint}/api/v1/subscriber" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } removeme() { curl ${FLAGS} -X DELETE "https://${target_service_endpoint}/api/v1/subscriber" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } reboot() { payload="{ \"mac\" : \"04f8f8fc3771\" , \"when\" : 0 }" curl ${FLAGS} -X POST "https://${target_service_endpoint}/api/v1/action?action=reboot" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ -d "${payload}" > ${result_file} jq < ${result_file} } blink() { payload="{ \"mac\" : \"$1\" , \"when\" : 0 , \"pattern\" : \"blink\" , \"duration\" : 20 }" curl ${FLAGS} -X POST "https://${target_service_endpoint}/api/v1/action?action=blink" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" \ -d "${payload}" > ${result_file} jq < ${result_file} } wificlients() { curl ${FLAGS} -X GET "https://${target_service_endpoint}/api/v1/wificlients?serialNumber=04f8f8fc3771" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } wiredclients() { curl ${FLAGS} -X GET "https://${target_service_endpoint}/api/v1/wiredclients?serialNumber=$1" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${token}" > ${result_file} jq < ${result_file} } signup() { curl ${FLAGS} -X POST "https://${target_service_endpoint}/api/v1/signup?email=stephane.bourque%40gmail.com&macAddress=04f8f8fc3771" \ -H "Content-Type: application/json" \ -d "{}" > ${result_file} jq < ${result_file} } getsignup() { curl ${FLAGS} -X POST "https://${target_service_endpoint}/api/v1/signup?signupUUID=$1" \ -H "Content-Type: application/json" \ -d "{}" > ${result_file} jq < ${result_file} } shopt -s nocasematch case "$1" in "login") login; echo "You successfully logged in." ; logout ;; "me") login; me ; logout ;; "startmfa") login; startmfa "$2" ; logout;; "completemfa") login; completemfa "$2" "$3" ; logout;; "getmfa") login; getmfa ; logout;; "disablemfa") login; disablemfa ; logout;; "getmyinfo") login; getmyinfo ; logout;; "reboot") login; reboot "$2" ; logout ;; "blink") login; blink "$2" ; logout ;; "wificlients") login; wificlients "$2" ; logout ;; "wiredclients") login; wiredclients "$2" ; logout ;; "signup") signup ;; "getsignup") getsignup $2 ;; "removeme") login; removeme ; logout ;; *) help ;; esac