summaryrefslogtreecommitdiffstats
path: root/server/bin/settoken
diff options
context:
space:
mode:
authorRamón M. Gómez <ramongomez@us.es>2019-09-26 11:37:49 +0200
committerRamón M. Gómez <ramongomez@us.es>2019-09-26 11:37:49 +0200
commit84954097c4bce5b4eb700546c7b5c98c6a86a747 (patch)
tree25db2b1aa97f818ff36028ff4a3d7bcda976071a /server/bin/settoken
parent8645a4a3854dda6384ee64d9992240bb51345c3f (diff)
#925: settoken: new server script to generate service access tokens.
Diffstat (limited to 'server/bin/settoken')
-rwxr-xr-xserver/bin/settoken83
1 files changed, 83 insertions, 0 deletions
diff --git a/server/bin/settoken b/server/bin/settoken
new file mode 100755
index 00000000..dd98f06a
--- /dev/null
+++ b/server/bin/settoken
@@ -0,0 +1,83 @@
+#!/bin/bash
+
+#/**
+#@file settoken
+#@brief Generate a new security token for the specified service.
+#@usage settoken [-f] [Service]
+#@param -f: force server restart without prompting (ask by default)
+#@param Service: may be "server", "repo" or "both" (by default)
+#@warning This script uses "php" command.
+#@version 1.1.2 - Initial version.
+#@author Ramón M. Gómez - ETSII Univ. Sevilla
+#@date 2019-09-25
+#*/ ##
+
+# Global constants definition.
+PROG=$(basename "$(realpath "$0")") # Program name.
+OPENGNSYS=/opt/opengnsys # OpenGnsys main directory.
+SERVERCFG=$OPENGNSYS/etc/ogAdmServer.cfg # Configuration files.
+REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg
+
+# Functions.
+source $OPENGNSYS/lib/ogfunctions.sh
+
+# Error control.
+[ "$USER" != "root" ] && raiseError access "Need to by root"
+if [ "$1" == "-f" ]; then
+ FORCE=1
+ shift
+fi
+[ $# -gt 1 ] && raiseError usage
+case "${1,,}" in
+ help)
+ help ;;
+ server)
+ SERVER=1 ;;
+ repo)
+ REPO=1 ;;
+ ""|both)
+ SERVER=1; REPO=1 ;;
+ *)
+ raiseError notfound "Unknown service"
+esac
+[ -w $SERVERCFG ] || raiseError access "Server configuration file"
+
+# Update server token.
+if [ "$SERVER" ]; then
+ # Confirm action (server will be restarted).
+ if [ ! "$FORCE" ]; then
+ read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
+ [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
+ fi
+ APIKEY=$(php -r 'echo md5(uniqid(rand(), true));')
+ sed -i "s/^APITOKEN=.*/APITOKEN=$APIKEY/" $SERVERCFG || raiseError access "Cannot update server file"
+fi
+
+# Update repository token.
+if [ "$REPO" ]; then
+ [ -w $REPOCFG ] || raiseError access "Repository configuration file"
+ APIKEY=$(php -r 'echo md5(uniqid(rand(), true));')
+ sed -i "s/^ApiToken=.*/ApiToken=$APIKEY/" $REPOCFG || raiseError access "Cannot update repository file"
+ # If database is local, update it.
+ source $SERVERCFG
+ source $REPOCFG
+ if [ "$ServidorAdm" == "$IPlocal" ]; then
+ MYCNF=$(mktemp)
+ trap "rm -f $MYCNF" 0 1 2 3 6 9 15
+ chmod 600 $MYCNF
+ cat << EOT > $MYCNF
+[client]
+user=$USUARIO
+password=$PASSWORD
+host=$datasource
+EOT
+ mysql --defaults-extra-file="$MYCNF" --default-character-set=utf8 -D "$CATALOG" -e \
+ "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';" || raiseError access "Database error"
+ fi
+fi
+
+# Restart server, if needed.
+if [ "$SERVER" ]; then
+ restart opengnsys
+fi
+