diff --git a/mgmt/update-client-for-idp.sh b/mgmt/update-client-for-idp.sh index 4c4043f..ca8ec4d 100755 --- a/mgmt/update-client-for-idp.sh +++ b/mgmt/update-client-for-idp.sh @@ -1,7 +1,7 @@ #!/bin/bash set -x -v -while getopts ":c:s:r:p:i" opt; do +while getopts ":c:s:r:p:g:a:x:u:i" opt; do case $opt in c) client_id=$OPTARG @@ -9,15 +9,31 @@ while getopts ":c:s:r:p:i" opt; do s) client_secret=$OPTARG ;; - r) - redirect_uri=$OPTARG - ;; - p) - idps=$OPTARG - ;; - i) - skip_ssl="true" - ;; + r) + redirect_uri=$OPTARG + ;; + p) + idps=$OPTARG + ;; + i) + skip_ssl="true" + ;; + g) + # authorized_grant_types default: authorization_code + authorized_grant_types=$OPTARG + ;; + a) + # authorities default: uaa.resource + authorities=$OPTARG + ;; + x) + # auto approve default: openid + autoapprove=$OPTARG + ;; + u) + # scope default: openid + scope=$OPTARG + ;; \?) echo "Invalid option: -$OPTARG" >&2 exit 1 @@ -45,25 +61,64 @@ if [[ -z "$idps" ]]; then exit 1 fi -echo "$idps" - -IFS=',' read -ra allowed_providers <<< "$idps" -echo "${allowed_providers[@]}" comma="," +IFS=',' read -ra allowed_providers <<< "$idps" +echo "Allowed Identity Providers: ${allowed_providers[@]}" for i in "${allowed_providers[@]}"; do idp_array="$idp_array\"$i\"$comma" done - idp_array=$(echo "${idp_array%?}") -echo "$idp_array" +# Set authorized_grant_types +if [[ -z "$authorized_grant_types" ]]; then + authorized_grant_types="authorization_code" +fi +IFS=',' read -ra authorized_grant_types <<< "$authorized_grant_types" +echo "Authorized Grant Types: ${authorized_grant_types[@]}" +for i in "${authorized_grant_types[@]}"; do + granttypes_array="$granttypes_array\"$i\"$comma" +done +granttypes_array=$(echo "${granttypes_array%?}") + +# Set authorities +if [[ -z "$authorities" ]]; then + authorities="uaa.resource" +fi +IFS=',' read -ra authorities <<< "$authorities" +echo "Authorities: ${authorities[@]}" +for i in "${authorities[@]}"; do + authorities_array="$authorities_array\"$i\"$comma" +done +authorities_array=$(echo "${authorities_array%?}") + +# Set scope for the client +if [[ -z "$scope" ]]; then + scope="openid" +fi +IFS=',' read -ra scope <<< "$scope" +echo "Scope: ${scope[@]}" +for i in "${scope[@]}"; do + scope_array="$scope_array\"$i\"$comma" +done +scope_array=$(echo "${scope_array%?}") + +# Set auto approve for the client +if [[ -z "$autoapprove" ]]; then + autoapprove="openid" +fi +IFS=',' read -ra autoapprove <<< "$autoapprove" +echo "Auto approve: ${autoapprove[@]}" +for i in "${autoapprove[@]}"; do + autoapprove_array="$autoapprove_array\"$i\"$comma" +done +autoapprove_array=$(echo "${autoapprove_array%?}") if [[ -z "$redirect_uri" ]]; then echo "You must specify a redirect URI with option -r." exit 1 fi -payload='{ "client_id" : "'"$client_id"'", "client_secret" : "'"$client_secret"'", "authorized_grant_types" : ["authorization_code"], "scope" : ["openid"], "autoapprove":["openid"], "authorities":["uaa.resource"], "resource_ids":["none"], "redirect_uri":["'$redirect_uri'"], "allowedproviders" : ['"$idp_array"']}' +payload='{ "client_id" : "'"$client_id"'", "client_secret" : "'"$client_secret"'", "authorized_grant_types" : ['"$granttypes_array"'], "scope" : ['"$scope_array"'], "autoapprove" : ['"$autoapprove_array"'], "authorities":['"$authorities_array"'], "resource_ids":["none"], "redirect_uri":["'$redirect_uri'"], "allowedproviders" : ['"$idp_array"']}' if [[ -z $skip_ssl ]]; then uaac curl -XPUT -H "Accept: application/json" -H "Content-Type: application/json" -d "$payload" /oauth/clients/$client_id