summaryrefslogtreecommitdiffstats
path: root/authz-cmd/src/main/scripts/aaflogin
blob: 62da100998d1dc609e98344866698811b8775b8b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
#!/bin/bash
JAVA_HOME=_JAVA_HOME_
JAVA=${JAVA_HOME}/bin/java
DEFAULT_DOMAIN=XXX_DOMAIN
###
# Give some help hints if first run
#
if [ "`declare -f aaflogout`" = "" ] || [ "$1" = "-h" ]; then
  echo
  echo "  COMMANDS:"
  echo "    aaflogin -f = Redo Local Login"
  echo "    aaflogout   = Logout from Environment"
  echo "    aaflogin -r = Reset Password on AAF Service"
  echo "    aaflogin -h = Help"
  echo "    aafcli      = AAF Management Tool"
  echo
fi

if [ "$1" != "-h" ]; then


###
# Load User/Password for aafcli, and create in function.
# 
# To use, source aaflogin
#
#   ex:   . ./aaflogin
#
#  -f = force relogin
#  -r = reset password sequence
#
#  see aaflogout to logout
###

###
# Gather Classpath - warning, DME2 doesn't work with -Djava.ext.dirs
###
AAF_CP=_ROOT_DIR_/etc
for JAR in `find _ROOT_DIR_/lib -name "*.jar"` ; do
  AAF_CP="$AAF_CP:$JAR"
done

###
# Create Keyfile to use temporarily, if not exists
###
if [ ! -e $HOME/.aaf/keyfile ]; then 
  mkdir -p $HOME/.aaf
  ${JAVA} -cp $AAF_CP com.att.cadi.CmdLine keygen $HOME/.aaf/keyfile
  chmod 400 $HOME/.aaf/keyfile 
fi
  
###
# Obtain User ID from AAF_ID, or SUDO_USER or USER, that order
###
if [ "$AAF_ID" == "" ] || [ "$1" == "-f" ] ; then
   if [ "$AAF_ID" == "" ] ; then
	   if [ "$SUDO_USER" != "" ] ; then 
	      AAF_ID=$SUDO_USER
	   else if [ "$USER" != "" ] ; then 
	      AAF_ID=$USER
	      fi
	   fi
   fi

   echo -n "Enter AAF ID [$AAF_ID]: "
   read TEMP
   if [ "$TEMP" != "" ] ; then
      AAF_ID=$TEMP
   fi 
   export AAF_ID
fi

###
# Add Function to remove AAF Vars and Functions from the Shell
#
function aaflogout {
	unset AAF_ID
	unset AAF_PASS
	unset AAF_CP
	unset -f aafcli
	unset -f cmcli
	unset -f aaflogout
	rm -f $HOME/.aaf/keyfile
}


###
# Load the Password
###
if [ "$AAF_PASS" == "" ] || [ "$1" == "-f" ] ; then
   # Ask for User and Password.  Assuming Unix and availability of "stty"
   if [[ "$AAF_ID" == *"@$DEFAULT_DOMAIN" ]] || [[ "$AAF_ID" != *"@"* ]] ; then
   	  PASS_PROMPT="AT&T Global Login"
	  AAF_DEFAULT_DOMAIN="-Daaf_default_domain=$DEFAULT_DOMAIN"
   else 
      PASS_PROMPT="AAF"
      AAF_DEFAULT_DOMAIN=""
   fi
  
   
   read -ers -p "Enter "$PASS_PROMPT" Password for $AAF_ID: " AAF_PASS
   echo 
   AAF_PASS=enc:`$JAVA -cp $AAF_CP $AAF_DEFAULT_DOMAIN com.att.cadi.CmdLine digest "$AAF_PASS" $HOME/.aaf/keyfile`
   export AAF_PASS
fi



###
# load aafcli function in the Shell
###

function aafcli {
  # for separating VM_ARGS in aafcli 
  AAF_SPACE=" "
  THE_ID=$AAF_ID
  if [ "${AAF_ID}" = "${AAF_ID/@/%}" ]; then
	THE_ID+="@$DEFAULT_DOMAIN"
  fi
  _JAVA_HOME_/bin/java \
  -cp $AAF_CP \
  -Daaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_ \
  -DAFT_LATITUDE=_AFT_LATITUDE_ \
  -DAFT_LONGITUDE=_AFT_LONGITUDE_ \
  -DAFT_ENVIRONMENT=_AFT_ENVIRONMENT_ \
  -Daaf_id=$THE_ID \
  -Daaf_password=$AAF_PASS \
  -Daaf_dme_timeout=60000 \
  -Dcadi_keyfile=$HOME/.aaf/keyfile \
  -Daaf_default_realm=$DEFAULT_DOMAIN \
  -DDEPLOYED_VERSION=_ARTIFACT_VERSION_ \
  _DME2_FS_ \
  com.att.cmd.AAFcli $*  
  unset THE_ID
  unset AAF_SPACE
}

###
# load cmcli function in the Shell
###

function cmcli {
  # for separating VM_ARGS in cmcli 
  AAF_SPACE=" "
  THE_ID=$AAF_ID
  if [ "${AAF_ID}" = "${AAF_ID/@/%}" ]; then
	THE_ID+="@$DEFAULT_DOMAIN"
  fi
  CM_URL=_CM_URL_
  if [ "${CM_URL}" = "" ]; then
    CM_URL=https://DME2RESOLVE/service=com.att.authz.Certman/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
  fi
  
  _JAVA_HOME_/bin/java \
  -cp $AAF_CP \
  -DAFT_LATITUDE=_AFT_LATITUDE_ \
  -DAFT_LONGITUDE=_AFT_LONGITUDE_ \
  -DAFT_ENVIRONMENT=_AFT_ENVIRONMENT_ \
  -Daaf_dme_timeout=60000 \
  -Daaf_default_realm=$DEFAULT_DOMAIN \
  -DDEPLOYED_VERSION=_ARTIFACT_VERSION_ \
  _DME2_FS_ \
  com.att.cadi.cm.CmAgent cm_url=${CM_URL} aaf_id=$THE_ID aaf_password="$AAF_PASS" \
    cadi_keyfile=$HOME/.aaf/keyfile $*  
  unset THE_ID
  unset AAF_SPACE
  unset CM_URL
}


###
# if "-r" the do Remote Password Reset
###
if [ "$1" == "-r" ] ; then
   # Ask for User and Password.  Assuming Unix and availability of "stty"
   read -ers -p "Enter New AAF Password for $AAF_ID: " AAF_NEWPASS
   echo 
   read -ers -p "Reenter New AAF Password for $AAF_ID: " AAF_NEWPASS2
   echo
   if [ "$AAF_NEWPASS" == "$AAF_NEWPASS2" ] ; then
	   RESP=`aafcli user resetCred "$AAF_ID@aaf.att.com" $AAF_NEWPASS`
	   echo $RESP
	   if [ "$RESP" == "Reset Credential [$AAF_ID@aaf.att.com]" ] ; then
	      export AAF_PASS=enc:`$JAVA -cp $AAF_CP com.att.cadi.CmdLine digest $AAF_NEWPASS $HOME/.aaf/keyfile`
	   fi
   else     
        echo "Passwords don't match!"
   fi
fi

###
# Export key variables for use in other Scripts
###
export AAF_ID 
export AAF_PASS
export AAF_CP
export -f aafcli
export -f aaflogout
fi