-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathupdate-client-for-idp.sh
More file actions
executable file
·127 lines (115 loc) · 3.44 KB
/
update-client-for-idp.sh
File metadata and controls
executable file
·127 lines (115 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/bin/bash
set -x -v
while getopts ":c:s:r:p:g:a:x:u:i" opt; do
case $opt in
c)
client_id=$OPTARG
;;
s)
client_secret=$OPTARG
;;
r)
redirect_uri=$OPTARG
;;
p)
idps=$OPTARG
;;
i)
skip_ssl="true"
;;
g)
# authorized_grant_types default: authorization_code
authorized_grant_types=$OPTARG
;;
a)
# authorities default: uaa.resource
authorities=$OPTARG
;;
x)
# auto approve default: openid
autoapprove=$OPTARG
;;
u)
# scope default: openid
scope=$OPTARG
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 1
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
;;
esac
done
if [[ -z "$client_id" ]]; then
echo "You must specify a client id with option -c."
exit 1
fi
if [[ -z "$client_secret" ]]; then
echo "You must specify the client secret with option -s."
exit 1
fi
if [[ -z "$idps" ]]; then
echo "You must specify the allowed identity providers comma separated list with option -p,"
echo "And at least one identity provider must be input with option -p."
exit 1
fi
comma=","
IFS=',' read -ra allowed_providers <<< "$idps"
echo "Allowed Identity Providers: ${allowed_providers[@]}"
for i in "${allowed_providers[@]}"; do
idp_array="$idp_array\"$i\"$comma"
done
idp_array=$(echo "${idp_array%?}")
# Set authorized_grant_types
if [[ -z "$authorized_grant_types" ]]; then
authorized_grant_types="authorization_code"
fi
IFS=',' read -ra authorized_grant_types <<< "$authorized_grant_types"
echo "Authorized Grant Types: ${authorized_grant_types[@]}"
for i in "${authorized_grant_types[@]}"; do
granttypes_array="$granttypes_array\"$i\"$comma"
done
granttypes_array=$(echo "${granttypes_array%?}")
# Set authorities
if [[ -z "$authorities" ]]; then
authorities="uaa.resource"
fi
IFS=',' read -ra authorities <<< "$authorities"
echo "Authorities: ${authorities[@]}"
for i in "${authorities[@]}"; do
authorities_array="$authorities_array\"$i\"$comma"
done
authorities_array=$(echo "${authorities_array%?}")
# Set scope for the client
if [[ -z "$scope" ]]; then
scope="openid"
fi
IFS=',' read -ra scope <<< "$scope"
echo "Scope: ${scope[@]}"
for i in "${scope[@]}"; do
scope_array="$scope_array\"$i\"$comma"
done
scope_array=$(echo "${scope_array%?}")
# Set auto approve for the client
if [[ -z "$autoapprove" ]]; then
autoapprove="openid"
fi
IFS=',' read -ra autoapprove <<< "$autoapprove"
echo "Auto approve: ${autoapprove[@]}"
for i in "${autoapprove[@]}"; do
autoapprove_array="$autoapprove_array\"$i\"$comma"
done
autoapprove_array=$(echo "${autoapprove_array%?}")
if [[ -z "$redirect_uri" ]]; then
echo "You must specify a redirect URI with option -r."
exit 1
fi
payload='{ "client_id" : "'"$client_id"'", "client_secret" : "'"$client_secret"'", "authorized_grant_types" : ['"$granttypes_array"'], "scope" : ['"$scope_array"'], "autoapprove" : ['"$autoapprove_array"'], "authorities":['"$authorities_array"'], "resource_ids":["none"], "redirect_uri":["'$redirect_uri'"], "allowedproviders" : ['"$idp_array"']}'
if [[ -z $skip_ssl ]]; then
uaac curl -XPUT -H "Accept: application/json" -H "Content-Type: application/json" -d "$payload" /oauth/clients/$client_id
else
uaac curl -XPUT -H "Accept: application/json" -H "Content-Type: application/json" -d "$payload" /oauth/clients/$client_id --insecure
fi