blob: 492dc855e27c8788cc860e423bf7a3587d9d548a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
#!/bin/bash
#/**
#@file settoken
#@brief Generate a new security token for the specified service or user.
#@usage settoken [[-f] [Service]] | User
#@param -f force server restart without prompting (ask by default)
#@param Service may be "server", "repo" or "services" (for all services, by default)
#@param User OpenGnsys-defined username
#@warning This script uses "php" command.
#@version 1.1.1 - Initial version.
#@author Ramón M. Gómez - ETSII Univ. Sevilla
#@date 2019-09-25
#*/ ##
# Global constants.
OPENGNSYS=${OPENGNSYS:-"/opt/opengnsys"}
SERVERCFG=$OPENGNSYS/etc/ogAdmServer.cfg # Configuration files.
REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg
# Functions.
source $OPENGNSYS/lib/ogfunctions.sh || exit 1
function new_token() {
php -r 'echo md5(uniqid(rand(), true));'
}
# Error control.
if [ "$1" == "-f" ]; then
FORCE=1
shift
fi
[ $# -gt 1 ] && raiseError usage
case "${1,,}" in
help) # Show help.
help ;;
version) # Show version number.
version ;;
server) # Generate server token.
SERVER=1 ;;
repo) # Generate repository token.
REPO=1 ;;
""|services) # Generate server and repo tokens.
SERVER=1; REPO=1 ;;
*) # Generate user token.
OGUSER="${1//\'/\\\'}" ;;
esac
[ "$USER" != "root" ] && raiseError access "Need to be root"
[ -w $SERVERCFG ] || raiseError access "Server configuration file"
source $SERVERCFG
# Update user token.
if [ "$OGUSER" ]; then
APIKEY="$(new_token)"
DATA="
UPDATE usuarios
SET apikey='$APIKEY', idusuario=LAST_INSERT_ID(idusuario)
WHERE usuario='$OGUSER';
SELECT LAST_INSERT_ID();
"
[ "$(dbexec "$DATA")" == "0" ] && raiseError notfound "User \"$OGUSER\""
fi
# Update server token.
if [ "$SERVER" ]; then
# Confirm action (server will be restarted).
if [ ! "$FORCE" ]; then
read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
[ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
fi
APIKEY="$(new_token)"
sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$APIKEY" $SERVERCFG || raiseError access "Cannot update server file"
fi
# Update repository token.
if [ "$REPO" ]; then
[ -w $REPOCFG ] || raiseError access "Repository configuration file"
APIKEY="$(new_token)"
sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file"
# If database is local, update it.
source $REPOCFG
if [ "$ServidorAdm" == "$IPlocal" ]; then
dbexec "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';"
else
echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)."
fi
fi
# Restart server, if needed.
if [ "$SERVER" ]; then
restart opengnsys
fi
|