better help msg for sso_bypass

mk_certs uses standlone
ncsa · Oct 3, 2024 · 73f3fce · 73f3fce
1 parent 1cfd207
commit 73f3fce
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 33 deletions.
diff --git a/bin/mk_certs.sh b/bin/mk_certs.sh
@@ -10,6 +10,5 @@ BIN="$BASE"/bin
 [[ $DEBUG -eq $YES ]] && action=echo
 
 $action certbot certonly -v -n \
-  --webroot -w "/var/www/html" \
-  --deploy-hook "/etc/letsencrypt/renewal-hooks-puppet/renew-deploy.sh" \
+  --standalone \
   -d ${HOSTNAME_NEW}
diff --git a/bin/sso_bypass.sh b/bin/sso_bypass.sh
@@ -1,5 +1,9 @@
-MODE="false"
-# KEY="password"
+#!/bin/bash
+
+die() {
+  echo "ERROR - $*" 1>&2
+  exit 99
+}
 
 get_netrc_value() {
     local _machine=$1
@@ -12,15 +16,6 @@ get_netrc_value() {
       ' ~/.netrc
 }
 
-is_object_null() {
-  local _obj=$1
-  if [ -z "$_obj" ]; then 
-    echo "Error: Either Base URL, key type, or Access Token was not provided"
-    echo "Run with -h option for help."
-    exit 1
-  fi
-}
-
 verify_auth_fallback_status() {
   echo "$1"
   local _status=$1
@@ -46,11 +41,11 @@ verify_auth_fallback_status() {
 }
 
 request_auth_fallback() {
-  is_object_null "$MACHINE"
-  is_object_null "$KEY"
   local _endpoint="https://"$MACHINE"/rest/authconfig/1.0/sso"
   local _token=$(get_netrc_value "$MACHINE" "$KEY")
-  is_object_null "$_token"
+  if [[ -z "$_token" ]] ; then
+    die "Unable to find '$KEY' for '$MACHINE' in netrc file"
+  fi
 
   local _status=$(curl -s --location --request PATCH "$_endpoint" \
   --header "Content-Type: application/json" \
@@ -67,32 +62,58 @@ print_usage() {
   cat <<ENDHERE
 ${_prg}
   Enable/Disable SSO Bypass on Confluence
-  Require: Save auth in .netrc 
+  Requires: Valid credentials in ~/.netrc 
+
 SYNOPSYS
-  ${_prg} [OPTIONS] [BASE URL] [KEY TYPE]
+  ${_prg} [OPTIONS] HOSTNAME ACTION
+
+  Ex. ${_prg} jira.ncsa.illinois.edu enable
+  Ex. ${_prg} wiki.ncsa.illinois.edu disable
 
-  Ex. ${_prg} -e confluence.com account
 OPTIONS
   -h --help Print this help
-  -e --enable Turn on SSO Bypass 
-  -d --disable Turn off SSO Bypass
+  -t --token   Name of the netrc token that has the Personal Access Token (from the Atlassian app)
 ENDHERE
 } 
 
-if [[ $# -eq 0 ]]; then 
-  echo "Error: No options were included"
-  echo "Run with -h option for help."
-  exit 1
-fi
+# if [[ $# -eq 0 ]]; then 
+#   echo "Error: No options were included"
+#   echo "Run with -h option for help."
+#   exit 1
+# fi
 
+KEY="account"
 ENDWHILE=0
-while [[ $# -gt 0 ]]  && [[ ENDWHILE -eq 0 ]] ; do 
-  case $1 in 
-    -h| --help) print_usage; exit 1;;
-    -e| --enable) MACHINE="$2"; KEY="$3"; MODE="true"; request_auth_fallback;;
-    -d| --disable) MACHINE="$2"; KEY="$3"; MODE="false"; request_auth_fallback;;
-     *) echo "Invalid option '$1'"; exit 1;;
-  esac 
+while [[ $# -gt 0 ]] && [[ $ENDWHILE -lt 0 ]] ; do
+  case $1 in
+    -h|--help) print_usage; exit 0;;
+    -t|--token)
+      KEY=$2
+      shift
+      ;;
+    --) ENDWHILE=1;;
+    -*) die "Invalid option '$1'";;
+     *) ENDWHILE=1; break;;
+  esac
   shift
 done
+MACHINE="$1"
+ACTION="$2"
+
+if [[ -z "$MACHINE" ]]; then
+  die "missing HOSTNAME"
+fi
+
+if [[ -z "$ACTION" ]]; then
+  die "missing ACTION"
+fi
+
+case $ACTION in
+  enable) MODE="true";;
+  disable) MODE="false";;
+  *)
+    die "Invalid ACTION '$ACTION'. Must be one of 'enable', 'disable'"
+    ;;
+esac
 
+request_auth_fallback