This repository has been archived by the owner on Jan 20, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 100
how to acquire oidc token from lightwave sts
Sriram Nambakam edited this page Feb 5, 2018
·
2 revisions
The following version depends on jq and curl.
#!/bin/bash
LW_SERVER=
LW_USER=
LW_DOMAIN=
LW_PASSWORD=
CRED_CACHE_PATH="$HOME/.lightwave_tokens"
showUsage()
{
echo "Usage: lw-get-token -s <server>"
echo " -u <account>"
echo " -d <domain>"
echo " [-p <password>]"
}
getEncodedValue()
{
local string="${1}"
local strlen=${#string}
local encoded=""
local pos c o
for (( pos=0 ; pos<strlen ; pos++ )); do
c=${string:$pos:1}
case "$c" in
[-_.~a-zA-Z0-9] )
o="${c}"
;;
* )
printf -v o '%%%02x' "'$c'"
;;
esac
encoded+="${o}"
done
echo "${encoded}"
}
while getopts s:d:u:p: o
do
case "$o" in
s)
LW_SERVER="$OPTARG"
;;
u)
LW_USER="$OPTARG"
;;
d)
LW_DOMAIN="$OPTARG"
;;
p)
LW_PASSWORD="$OPTARG"
;;
[?])
showUsage
exit 1
esac
done
if [ -z "$LW_SERVER" ]; then
echo "Error: The Lightwave Server was not specified"
showUsage
exit 1
fi
if [ -z "$LW_USER" ]; then
echo "Error: The Lightwave User was not specified"
showUsage
exit 1
fi
if [ -z "$LW_DOMAIN" ]; then
echo "Error: The Lightwave Identity Domain was not specified"
showUsage
exit 1
fi
if [ -z "$LW_PASSWORD" ]; then
stty -echo
read -p "Password: " LW_PASSWORD
stty echo
fi
LW_PASSWORD_ENCODED=$(getEncodedValue $LW_PASSWORD)
curl -k \
-d "grant_type=password&username=$LW_USER@$LW_DOMAIN&password=$LW_PASSWORD_ENCODED&scope=openid+rs_vmdir+rs_admin_server" \
https://$LW_SERVER/openidconnect/token/$LW_DOMAIN \
-o $CRED_CACHE_PATH
if [ $? -eq 0 ]; then
jq '.' $CRED_CACHE_PATH > $CRED_CACHE_PATH.tmp
mv $CRED_CACHE_PATH.tmp $CRED_CACHE_PATH
fi