From 79ffce52839e3a50d4b77fe4cec0cf833f600dbe Mon Sep 17 00:00:00 2001 From: Olivier Grand Date: Mon, 14 May 2018 14:46:40 +0200 Subject: [PATCH] update tools for uaa/ldap user authentication --- scripts/log-cf | 40 ++++++++++++++-------------------------- scripts/log-credhub | 28 ++++++++++------------------ scripts/log-fly | 35 +++++++++++++---------------------- scripts/log-mc | 37 +++++++++++++------------------------ scripts/log-openstack | 35 +++++++++++++---------------------- 5 files changed, 63 insertions(+), 112 deletions(-) diff --git a/scripts/log-cf b/scripts/log-cf index 398e3cf..e9b8809 100644 --- a/scripts/log-cf +++ b/scripts/log-cf @@ -11,8 +11,6 @@ export STD='\033[0m' export BOLD='\033[1m' export REVERSE='\033[7m' -flagError=0 - getCredhub() { #--- Test if parameter exist with non empty value, else get it from credhub if [ "${!1}" = "" ] ; then @@ -29,29 +27,20 @@ getCredhub() { } #--- Log to credhub -status=`env | grep CREDHUB_SECRET` -if [ "${status}" = "" ] ; then - if [ ! -s "${BOSH_CA_CERT}" ] ; then - printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" - flagError=1 - else - export CREDHUB_SERVER="https://credhub.internal.paas:8844" - export CREDHUB_CLIENT="director_to_credhub" - export CREDHUB_CA_CERT="${BOSH_CA_CERT}" - flag=0 - while [ ${flag} = 0 ] ; do - clear - printf "%bEnter credhub password :%b " "${REVERSE}${YELLOW}" "${STD}" ; read -s CREDHUB_SECRET - if [ "${CREDHUB_SECRET}" != "" ] ; then - flag=1 - fi - done +export CREDHUB_SERVER="https://credhub.internal.paas:8844" +export CREDHUB_CA_CERT="${BOSH_CA_CERT}" +flagError=0 - export CREDHUB_SECRET - credhub api > /dev/null 2>&1 - credhub login > /dev/null 2>&1 - if [ $? = 1 ] ; then - printf "\n%bERROR : Bad credhub password.\nConnexion failed.%b\n\n" "${RED}" "${STD}" +if [ ! -s "${BOSH_CA_CERT}" ] ; then + printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" + flagError=1 +else + flag=`credhub f 2>&1 | grep "not currently authenticated"` + if [ "${flag}" != "" ] ; then + printf "%bEnter CF LDAP user and password :%b\n" "${REVERSE}${YELLOW}" "${STD}" + credhub login + if [ $? != 0 ] ; then + printf "\n%bERROR : Bad LDAP authentication.\nConnexion failed.%b\n\n" "${RED}" "${STD}" flagError=1 fi fi @@ -60,8 +49,7 @@ fi #--- Log to CF if [ "${flagError}" = "0" ] ; then flag=0 - while [ ${flag} = 0 ] - do + while [ ${flag} = 0 ] ; do clear printf "%bEnter CF User :%b " "${REVERSE}${YELLOW}" "${STD}" ; read CF_USER if [ "${CF_USER}" != "" ] ; then diff --git a/scripts/log-credhub b/scripts/log-credhub index 5ee4e1f..cfe6a59 100644 --- a/scripts/log-credhub +++ b/scripts/log-credhub @@ -13,27 +13,19 @@ export REVERSE='\033[7m' #--- Log to credhub export CREDHUB_SERVER="https://credhub.internal.paas:8844" -export CREDHUB_CLIENT="director_to_credhub" export CREDHUB_CA_CERT="${BOSH_CA_CERT}" -if [ ! -s "${CREDHUB_CA_CERT}" ] ; then - printf "\n%bERROR : CA cert file \"${CREDHUB_CA_CERT}\" unknown.\nConnexion failed.%b\n\n" "${RED}" "${STD}" +if [ ! -s "${BOSH_CA_CERT}" ] ; then + printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" else - flag=0 - while [ ${flag} = 0 ] ; do - clear - printf "%bEnter credhub password :%b " "${REVERSE}${YELLOW}" "${STD}" ; read -s CREDHUB_SECRET - if [ "${CREDHUB_SECRET}" != "" ] ; then - flag=1 + flag=`credhub f 2>&1 | grep "not currently authenticated"` + if [ "${flag}" != "" ] ; then + printf "%bEnter CF LDAP user and password :%b\n" "${REVERSE}${YELLOW}" "${STD}" + credhub login + if [ $? != 0 ] ; then + printf "\n%bERROR : Bad LDAP authentication.\nConnexion failed.%b\n\n" "${RED}" "${STD}" + else + printf "\n\n" fi - done - - export CREDHUB_SECRET - credhub api > /dev/null 2>&1 - credhub login > /dev/null 2>&1 - if [ $? = 1 ] ; then - printf "\n%bERROR : Bad credhub password.\nConnexion failed.%b\n\n" "${RED}" "${STD}" - else - printf "\n\n" fi fi \ No newline at end of file diff --git a/scripts/log-fly b/scripts/log-fly index b7e9640..8469581 100644 --- a/scripts/log-fly +++ b/scripts/log-fly @@ -29,29 +29,20 @@ getCredhub() { } #--- Log to credhub -status=`env | grep CREDHUB_SECRET` -if [ "${status}" = "" ] ; then - if [ ! -s "${BOSH_CA_CERT}" ] ; then - printf "\n\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" - flagError=1 - else - export CREDHUB_SERVER="https://credhub.internal.paas:8844" - export CREDHUB_CLIENT="director_to_credhub" - export CREDHUB_CA_CERT="${BOSH_CA_CERT}" - flag=0 - while [ ${flag} = 0 ] ; do - clear - printf "%bEnter credhub password :%b " "${REVERSE}${YELLOW}" "${STD}" ; read -s CREDHUB_SECRET - if [ "${CREDHUB_SECRET}" != "" ] ; then - flag=1 - fi - done +export CREDHUB_SERVER="https://credhub.internal.paas:8844" +export CREDHUB_CA_CERT="${BOSH_CA_CERT}" +flagError=0 - export CREDHUB_SECRET - credhub api > /dev/null 2>&1 - credhub login > /dev/null 2>&1 - if [ $? = 1 ] ; then - printf "\n\n%bERROR : Bad credhub password.\nConnexion failed.%b\n\n" "${RED}" "${STD}" +if [ ! -s "${BOSH_CA_CERT}" ] ; then + printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" + flagError=1 +else + flag=`credhub f 2>&1 | grep "not currently authenticated"` + if [ "${flag}" != "" ] ; then + printf "%bEnter CF LDAP user and password :%b\n" "${REVERSE}${YELLOW}" "${STD}" + credhub login + if [ $? != 0 ] ; then + printf "\n%bERROR : Bad LDAP authentication.\nConnexion failed.%b\n\n" "${RED}" "${STD}" flagError=1 fi fi diff --git a/scripts/log-mc b/scripts/log-mc index 3b204bc..1c797fb 100644 --- a/scripts/log-mc +++ b/scripts/log-mc @@ -11,8 +11,6 @@ export STD='\033[0m' export BOLD='\033[1m' export REVERSE='\033[7m' -flagError=0 - getCredhub() { #--- Test if parameter exist with non empty value, else get it from credhub if [ "${!1}" = "" ] ; then @@ -29,29 +27,20 @@ getCredhub() { } #--- Log to credhub -status=`env | grep CREDHUB_SECRET` -if [ "${status}" = "" ] ; then - if [ ! -s "${BOSH_CA_CERT}" ] ; then - printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" - flagError=1 - else - export CREDHUB_SERVER="https://credhub.internal.paas:8844" - export CREDHUB_CLIENT="director_to_credhub" - export CREDHUB_CA_CERT="${BOSH_CA_CERT}" - flag=0 - while [ ${flag} = 0 ] ; do - clear - printf "%bEnter credhub password :%b " "${REVERSE}${YELLOW}" "${STD}" ; read -s CREDHUB_SECRET - if [ "${CREDHUB_SECRET}" != "" ] ; then - flag=1 - fi - done +export CREDHUB_SERVER="https://credhub.internal.paas:8844" +export CREDHUB_CA_CERT="${BOSH_CA_CERT}" +flagError=0 - export CREDHUB_SECRET - credhub api > /dev/null 2>&1 - credhub login > /dev/null 2>&1 - if [ $? = 1 ] ; then - printf "\n%bERROR : Bad credhub password.\nConnexion failed.%b\n\n" "${RED}" "${STD}" +if [ ! -s "${BOSH_CA_CERT}" ] ; then + printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" + flagError=1 +else + flag=`credhub f 2>&1 | grep "not currently authenticated"` + if [ "${flag}" != "" ] ; then + printf "%bEnter CF LDAP user and password :%b\n" "${REVERSE}${YELLOW}" "${STD}" + credhub login + if [ $? != 0 ] ; then + printf "\n%bERROR : Bad LDAP authentication.\nConnexion failed.%b\n\n" "${RED}" "${STD}" flagError=1 fi fi diff --git a/scripts/log-openstack b/scripts/log-openstack index 55262ee..6cafbb9 100644 --- a/scripts/log-openstack +++ b/scripts/log-openstack @@ -31,29 +31,20 @@ getCredhub() { } #--- Log to credhub -status=`env | grep CREDHUB_SECRET` -if [ "${status}" = "" ] ; then - if [ ! -s "${BOSH_CA_CERT}" ] ; then - printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" - flagError=1 - else - export CREDHUB_SERVER="https://credhub.internal.paas:8844" - export CREDHUB_CLIENT="director_to_credhub" - export CREDHUB_CA_CERT="${BOSH_CA_CERT}" - flag=0 - while [ ${flag} = 0 ] ; do - clear - printf "%bEnter credhub password :%b " "${REVERSE}${YELLOW}" "${STD}" ; read -s CREDHUB_SECRET - if [ "${CREDHUB_SECRET}" != "" ] ; then - flag=1 - fi - done +export CREDHUB_SERVER="https://credhub.internal.paas:8844" +export CREDHUB_CA_CERT="${BOSH_CA_CERT}" +flagError=0 - export CREDHUB_SECRET - credhub api > /dev/null 2>&1 - credhub login > /dev/null 2>&1 - if [ $? = 1 ] ; then - printf "\n%bERROR : Bad credhub password.\nConnexion failed.%b\n\n" "${RED}" "${STD}" +if [ ! -s "${BOSH_CA_CERT}" ] ; then + printf "\n%bERROR : CA cert file \"${BOSH_CA_CERT}\" unknown.%b\n\n" "${RED}" "${STD}" + flagError=1 +else + flag=`credhub f 2>&1 | grep "not currently authenticated"` + if [ "${flag}" != "" ] ; then + printf "%bEnter CF LDAP user and password :%b\n" "${REVERSE}${YELLOW}" "${STD}" + credhub login + if [ $? != 0 ] ; then + printf "\n%bERROR : Bad LDAP authentication.\nConnexion failed.%b\n\n" "${RED}" "${STD}" flagError=1 fi fi