#!/bin/bash if [ "$#" -eq 0 ]; then cat <> [parameters] commands: EOF grep '") ''# ' $0 exit fi if [ "$1" == "--trace" ]; then function trace() { echo "$*" >&2 } function doCurl() { set -x curl "$@" set +x } shift else function trace() { : } function doCurl() { curl "$@" } fi if [ -z "$HSADMINNG_CAS_LOGIN" ] || [ -z "$HSADMINNG_CAS_VALIDATE" ] || \ [ -z "$HSADMINNG_CAS_USERNAME" ] || [ -z "$HSADMINNG_CAS_PASSWORD" ] || \ [ -z "$HSADMINNG_CAS_SERVICE" ]; then cat >&2 <> export HSADMINNG_CAS_PASSWORD=<> export HSADMINNG_CAS_SERVICE=https://hsadminng.hostsharing.net:443/ EOF exit 1 fi function casLogin() { HSADMINNG_CAS_TGT=`doCurl -s -i -X POST \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d "username=$HSADMINNG_CAS_USERNAME&password=$HSADMINNG_CAS_PASSWORD" \ $HSADMINNG_CAS_LOGIN -o /dev/null -D - \ | grep -i "^Location: " | sed -e 's/^Location: //' -e 's/\\r//'` echo "$HSADMINNG_CAS_TGT" >~/.cas-login-tgt trace "$HSADMINNG_CAS_TGT" } function casTicket() { HSADMINNG_CAS_TGT=$(<~/.cas-login-tgt) if [[ -z "$HSADMINNG_CAS_TGT" ]]; then echo "ERROR: cannot get CAS ticket granting ticket for $HSADMINNG_CAS_USERNAME" >&2 exit 1 fi trace "CAS-TGT: $HSADMINNG_CAS_TGT" trace "fetching CAS service ticket" trace "curl -s -d \"service=$HSADMINNG_CAS_SERVICE\" $HSADMINNG_CAS_TGT" HSADMINNG_CAS_TICKET=$(curl -s -d "service=$HSADMINNG_CAS_SERVICE" $HSADMINNG_CAS_TGT) if [[ -z "$HSADMINNG_CAS_TICKET" ]]; then echo "ERROR: cannot get CAS service ticket" >&2 exit 1 fi echo $HSADMINNG_CAS_TICKET } function casValidate() { HSADMINNG_CAS_TICKET=`casTicket` trace "validating CAS-TICKET: $HSADMINNG_CAS_TICKET" trace curl -i -s $HSADMINNG_CAS_VALIDATE?ticket=${HSADMINNG_CAS_TICKET}\&service=${HSADMINNG_CAS_SERVICE} HSADMINNG_CAS_USER=`curl -i -s $HSADMINNG_CAS_VALIDATE?ticket=${HSADMINNG_CAS_TICKET}\&service=${HSADMINNG_CAS_SERVICE} | grep -oPm1 "(?<=)[^<]+"` if [ -z "$HSADMINNG_CAS_USER" ]; then echo "validation failed" >&2 exit 1 fi echo "CAS-User: $HSADMINNG_CAS_USER" } if ! find ~/.cas-login-tgt -type f -size +0c -mmin -60 2>/dev/null | grep -q .; then casLogin fi case "$1" in "login") # explicitly login using CAS-server and credentials in HSADMINNG_CAS_..., fetches ticket granting ticket casLogin ;; "logout") # logout, deleting ticket granting ticket rm ~/.cas-login-tgt ;; "validate") # validate user login and print currently logged in user casValidate ;; "get") # HTTP GET, add URL as parameter shift HSADMINNG_CAS_TICKET=`casTicket` #trace "curl -f -s --header \"Authorization: $HSADMINNG_CAS_TICKET\" " "$@" doCurl -f -H "Authorization: $HSADMINNG_CAS_TICKET" "$*" ;; "post") # HTTP POST, add curl options to specify the request body and the URL as last parameter shift HSADMINNG_CAS_TICKET=`casTicket` trace "curl -f --header \"Authorization: $HSADMINNG_CAS_TICKET\" --header \"Content-Type: application/json\" -X POST " "$@" curl -f -H "Authorization: $HSADMINNG_CAS_TICKET" --header "Content-Type: application/json" -X POST "$@" ;; "patch") # HTTP PATCH, add curl options to specify the request body and the URL as last parameter shift HSADMINNG_CAS_TICKET=`casTicket` trace "curl -f --header \"Authorization: $HSADMINNG_CAS_TICKET\" --header \"Content-Type: application/json\" -X PATCH " "$@" curl -f -H "Authorization: $HSADMINNG_CAS_TICKET" --header "Content-Type: application/json" -X POST "$*" ;; "delete") # HTTP DELETE, add curl options to specify the request body and the URL as last parameter shift HSADMINNG_CAS_TICKET=`casTicket` trace "curl -f --header \"Authorization: $HSADMINNG_CAS_TICKET\" -X DELETE " "$@" curl -f -H "Authorization: $HSADMINNG_CAS_TICKET" -X POST "$@" ;; *) cat >&2 <