diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-10-23 17:40:47 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-10-23 17:43:09 -0500 |
commit | 9fe1153c6bad63922e026d1db86e51b95a92c6cc (patch) | |
tree | 4e48cbbbb3c9e5f1a37c6089726490ea24c601f7 /auth | |
parent | 50245adc23b914bc627925cf8557948f25927a5b (diff) |
Client updates
Issue-ID: AAF-558
Change-Id: I2c12b3cf46924b784e3af54bb643e6341dadf165
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/docker/Dockerfile.client | 2 | ||||
-rw-r--r-- | auth/docker/Dockerfile.config | 2 | ||||
-rw-r--r-- | auth/docker/aaf.sh | 12 | ||||
-rwxr-xr-x | auth/docker/dbuild.sh | 4 | ||||
-rwxr-xr-x | auth/sample/bin/client.sh | 98 | ||||
-rw-r--r-- | auth/sample/bin/service.sh | 56 |
6 files changed, 101 insertions, 73 deletions
diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client index 3e61173d..c28ec24c 100644 --- a/auth/docker/Dockerfile.client +++ b/auth/docker/Dockerfile.client @@ -7,7 +7,7 @@ LABEL version=${AAF_VERSION} COPY logs /opt/app/aaf_config/logs COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/aaf-cadi*full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index b2f2becf..bc1eafca 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -13,7 +13,7 @@ COPY public /opt/app/aaf_config/public COPY CA /opt/app/aaf_config/CA COPY logs /opt/app/aaf_config/logs COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/aaf-cadi-aaf-${VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ ENTRYPOINT ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] CMD [] diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh index 29391597..f9cf1bc3 100644 --- a/auth/docker/aaf.sh +++ b/auth/docker/aaf.sh @@ -26,18 +26,6 @@ function run_it() { /bin/bash $PARAMS } -function set_prop() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2" "$3" -} - -function encrypt_it() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP encrypt "$1" "$2" -} - -function set_it() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2" -} - PARAMS="$@" if [ "$PARAMS" != "" ]; then run_it -it --rm diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index 80427cef..a170493d 100755 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -20,7 +20,7 @@ cd - # Create the AAF Config (Security) Images cd .. -cp ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin +cp auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin cp -Rf ../conf/CA sample # AAF Config image (for AAF itself) @@ -37,7 +37,7 @@ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/$ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest # Clean up -rm sample/Dockerfile sample/bin/aaf-cadi-aaf-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar +rm sample/Dockerfile sample/bin/aaf-auth-cmd-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar rm -Rf sample/CA cd - diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index a7095268..363e2b43 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -1,5 +1,5 @@ #!/bin/bash -# This script is run when starting aaf_config Container. +# This script is run when starting client Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # JAVA=/usr/bin/java @@ -21,6 +21,11 @@ LOCAL="$OSAAF/local" DOT_AAF="$HOME/.aaf" SSO="$DOT_AAF/sso.props" +JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine" +JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent" +JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent" +JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli" + # Check for local dir if [ ! -d $LOCAL ]; then mkdir -p $LOCAL @@ -30,23 +35,24 @@ if [ ! -d $LOCAL ]; then fi # Setup Bash, first time only -if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then - echo "alias cadi='$OSAAF/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases +if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then + echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases + echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases chmod a+x $OSAAF/bin/agent.sh . $HOME/.bash_aliases fi # Setup SSO info for Deploy ID function sso_encrypt() { - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile + $JAVA_CADI digest ${1} $DOT_AAF/keyfile } # Create Deployer Info, located at /root/.aaf if [ ! -e "$DOT_AAF/keyfile" ]; then mkdir -p $DOT_AAF - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile + $JAVA_CADI keygen $DOT_AAF/keyfile chmod 400 $DOT_AAF/keyfile echo cadi_latitude=${LATITUDE} > ${SSO} echo cadi_longitude=${LONGITUDE} >> ${SSO} @@ -64,30 +70,39 @@ fi # Only initialize once, automatically... if [ ! -e $LOCAL/${NS}.props ]; then - # setup Configs - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \ + echo "#### Create Configuration files " + $JAVA_AGENT config $APP_FQI \ aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \ cadi_etc_dir=$LOCAL cat $LOCAL/$NS.props - # Read Certificate info (by deployer) - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar read ${APP_FQI} ${APP_FQDN} \ - cadi_prop_files=${SSO} \ - cadi_etc_dir=$LOCAL - - # Place Certificates (by deployer) - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN} \ + echo + echo "#### Certificate Authorization Artifact" + TMP=$(mktemp) + $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \ cadi_prop_files=${SSO} \ - cadi_etc_dir=$LOCAL - - # Validate - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \ - cadi_prop_files=$LOCAL/${NS}.props + cadi_etc_dir=$LOCAL > $TMP + cat $TMP + echo + if [ -n "$(grep 'Namespace:' $TMP)" ]; then + echo "#### Place Certificates (by deployer)" + $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \ + cadi_prop_files=${SSO} \ + cadi_etc_dir=$LOCAL + + echo "#### Validate Configuration and Certificate with live call" + $JAVA_AGENT_SELF validate + else + echo "#### Certificate Authorization Artifact must be valid to continue" + fi + rm $TMP fi # Now run a command CMD=$2 -if [ ! "$CMD" = "" ]; then +if [ -z "$CMD" ]; then + $JAVA_AGENT +else shift shift case "$CMD" in @@ -117,20 +132,16 @@ if [ ! "$CMD" = "" ]; then ;; showpass) echo "## Show Passwords" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN} ;; check) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT check ${APP_FQI} ${APP_FQDN} ;; validate) echo "## validate requested" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props + $JAVA_AGENT_SELF validate ;; bash) - #if [ ! -e $HOME/bash_aliases ]; then - # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases - # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases - #fi shift cd $LOCAL || exit /bin/bash "$@" @@ -138,15 +149,20 @@ if [ ! "$CMD" = "" ]; then setProp) cd $LOCAL || exit FILES=$(grep -l "$1" ./*.props) - if [ "$FILES" = "" ]; then - FILES="$3" + if [ -z "$FILES" ]; then + if [ -z "$3" ]; then + FILES=${NS}.props + else + FILES="$3" + fi ADD=Y fi for F in $FILES; do - echo "Changing $1 in $F" if [ "$ADD" = "Y" ]; then - echo $2 >> $F + echo "Changing $1 to $F" + echo "$1=$2" >> $F else + echo "Changing $1 in $F" sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F fi cat $F @@ -172,7 +188,7 @@ if [ ! "$CMD" = "" ]; then else ORIG_PW="$2" fi - PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile) + PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile) if [ "$ADD" = "Y" ]; then echo "$1=enc:$PWD" >> $F else @@ -202,20 +218,26 @@ if [ ! "$CMD" = "" ]; then ;; cadi) echo "--- cadi Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6 + $JAVA_CADI ;; agent) echo "--- agent Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar + $JAVA_AGENT + ;; + aafcli) + echo "--- aafcli Tool Comands ---" + $JAVA_AAFCLI ;; - sample) - echo "--- run Sample Servlet App ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props esac echo "" ;; + ### Possible Dublin + # sample) + # echo "--- run Sample Servlet App ---" + # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props + # ;; *) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@" + $JAVA_AGENT "$CMD" "$@" ;; esac fi diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh index b810f0c5..9880e8a6 100644 --- a/auth/sample/bin/service.sh +++ b/auth/sample/bin/service.sh @@ -3,11 +3,17 @@ # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # JAVA=/usr/bin/java -LOCAL=/opt/app/osaaf/local -DATA=/opt/app/osaaf/data -PUBLIC=/opt/app/osaaf/public + +OSAAF=/opt/app/osaaf +LOCAL=$OSAAF/local +DATA=$OSAAF/data +PUBLIC=$OSAAF/public CONFIG=/opt/app/aaf_config +JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine" +JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.cadi.configure.Agent" +JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli" + # If doesn't exist... still create mkdir -p /opt/app/osaaf @@ -15,9 +21,10 @@ mkdir -p /opt/app/osaaf FILE= # Setup Bash, first time only -if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then - echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases +if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep cadi $HOME/.bash_aliases)" ]; then + echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases + echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases chmod a+x $CONFIG/bin/agent.sh . $HOME/.bash_aliases fi @@ -95,7 +102,8 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then cat $TMP - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \ + $JAVA_AGENT config \ + aaf@aaf.osaaf.org \ cadi_etc_dir=$LOCAL \ cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP} rm ${TMP} @@ -103,7 +111,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then # Cassandra Config stuff # Default is expect a Cassandra on same Node CASS_HOST=${CASS_HOST:="aaf_cass"} - CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile) + CASS_PASS=$($JAVA_CADI digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile) CASS_NAME=${CASS_HOST/:*/} sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \ -e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \ @@ -113,7 +121,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then if [ -n "$CM_CA_LOCAL" ]; then if [ -n "$CM_CA_PASS" ]; then - CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile) + CM_CA_LOCAL=$CM_CA_LOCAL$($JAVA_CADI digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile) fi # Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex FILE=$LOCAL/org.osaaf.aaf.cm.ca.props @@ -127,7 +135,9 @@ fi # Now run a command CMD=$2 -if [ ! "$CMD" = "" ]; then +if [ -z "$CMD" ]; then + $JAVA_AGENT +else shift shift case "$CMD" in @@ -158,7 +168,7 @@ if [ ! "$CMD" = "" ]; then ;; validate) echo "## validate requested" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props + $JAVA_AAFCLI perm list user aaf@aaf.osaaf.org ;; onap) echo Initializing ONAP configurations. @@ -171,17 +181,21 @@ if [ ! "$CMD" = "" ]; then setProp) cd $LOCAL || exit FILES=$(grep -l "$1" ./*.props) - if [ "$FILES" = "" ]; then - FILES="$3" + if [ -z "$FILES" ]; then + if [ -z "$3" ]; then + FILES=org.osaaf.aaf.props + else + FILES="$3" + fi ADD=Y fi for F in $FILES; do - echo "Changing $1 in $F" if [ "$ADD" = "Y" ]; then + echo "Changing $1 to $F" echo "$1=$2" >> $F else - VALUE=${2//\//\\\/} - sed -i.backup -e "s/\(${1}=\).*/\1${VALUE}/" $F + echo "Changing $1 in $F" + sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F fi cat $F done @@ -206,7 +220,7 @@ if [ ! "$CMD" = "" ]; then else ORIG_PW="$2" fi - PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile) + PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile) if [ "$ADD" = "Y" ]; then echo "$1=enc:$PWD" >> $F else @@ -236,17 +250,21 @@ if [ ! "$CMD" = "" ]; then ;; cadi) echo "--- cadi Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6 + $JAVA_CADI ;; agent) echo "--- agent Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar + $JAVA_AGENT + ;; + aafcli) + echo "--- aafcli Tool Comands ---" + $JAVA_AAFCLI ;; esac echo "" ;; *) - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@" + $JAVA_AGENT "$CMD" "$@" cadi_prop_files=$LOCAL/org.osaaf.aaf.props ;; esac fi |