Newer
Older
#!/usr/bin/perl
## 18/07/2014, Olivier Salaün
## Command-line client for the Test IdP Account Manager
use strict;
use utf8;
use lib "/opt/testidp/IdPAccountManager/lib", ;
use lib "/opt/testidp/IdPAccountManager/conf";
renater.salaun
committed
use IdPAccountManager::SAMLMetadata;
use IdPAccountManager::ServiceProvider;
use IdPAccountManager::AuthenticationToken;
unless (&GetOptions(\%options, 'help', 'add_test_account', 'account_profile=s', 'sp_entityid=s', 'list_test_accounts', 'parse_federation_metadata',
'list_service_providers','list_authentication_tokens', 'get_authentication_token', 'add_authentication_token','email_address=s',
'token=s','send_notice')) {
die "Unknown options.";
}
if ($options{'help'}) {
printf "$0 --add_test_account --account_profile=<profile_id> --sp_entityid=<entityid>\n";
if ($options{'add_test_account'}) {
unless ($options{'account_profile'}) {
die "Missing account_profile option";
}
unless ($options{'sp_entityid'}) {
die "Missing sp_entityid option";
}
my $test_account = new IdPAccountManager::TestAccount(account_profile => $options{'account_profile'},
sp_entityid => $options{'sp_entityid'});
unless (defined $test_account) {
IdPAccountManager::Tools::do_log('error',"Failed to create test account");
exit -1;
unless ($test_account->save()) {
IdPAccountManager::Tools::do_log('error',"Failed to create test account");
exit -1;
}
printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n", $test_account->get('id'), $test_account->get('user_password');
}elsif ($options{'list_test_accounts'}) {
my %args;
if ($options{'sp_entityid'}) {
push @{$args{'query'}}, 'sp_entityid' => $options{'sp_entityid'};
}
if ($options{'account_profile'}) {
push @{$args{'query'}}, 'account_profile' => $options{'account_profile'};
}
my $all = IdPAccountManager::TestAccount::list_test_accounts(%args);
if ($#{$all} < 0) {
printf "No test account in DB\n";
}
$test_account->print();
renater.salaun
committed
}elsif ($options{'parse_federation_metadata'}) {
my $federation_metadata = new IdPAccountManager::SAMLMetadata;
unless ($federation_metadata->load(federation_metadata_file_path => $Conf::global{'federation_metadata_file_path'})) {
renater.salaun
committed
die;
}
my %args;
if ($options{'sp_entityid'}) {
$args{'filter_entity_id'} = $options{'sp_entityid'};
}
unless ($federation_metadata->parse(%args)) {
renater.salaun
committed
die;
}
printf "Document %s parsed\n", $Conf::global{'federation_metadata_file_path'};
renater.salaun
committed
## List SAML entities
printf "Hashref representing the metadata:\n";
&IdPAccountManager::Tools::dump_var($federation_metadata->{'federation_metadata_as_hashref'}, 0, \*STDOUT);
}elsif ($options{'list_service_providers'}) {
my %args;
my $all = IdPAccountManager::ServiceProvider::list_service_providers(%args);
if ($#{$all} < 0) {
printf "No service provider in DB\n";
}
foreach my $service_provider (@$all) {
$service_provider->print();
}
renater.salaun
committed
}elsif ($options{'list_authentication_tokens'}) {
my %args;
if ($options{'sp_entityid'}) {
push @{$args{'query'}}, 'sp_entityid' => $options{'sp_entityid'};
}
if ($options{'token'}) {
push @{$args{'query'}}, 'token' => $options{'token'};
}
my $all = IdPAccountManager::AuthenticationToken::list_authentication_tokens(%args);
if ($#{$all} < 0) {
printf "No corresponding token found in DB\n";
}
foreach my $authentication_token (@$all) {
$authentication_token->print();
}
}elsif ($options{'get_authentication_token'}) {
my %args;
if ($options{'token'}) {
$args{'token'} = $options{'token'};
}
my $authentication_token = new IdPAccountManager::AuthenticationToken(%args);
unless ($authentication_token->load()) {
die "No corresponding token found in DB\n";
}
if ($options{'sp_entityid'}) {
unless ($authentication_token->get('sp_entityid') eq $options{'sp_entityid'}) {
die "Authentication token cannot be used for this SP\n";
}
}
$authentication_token->print();
}elsif ($options{'add_authentication_token'}) {
unless ($options{'email_address'}) {
die "Missing email_address option";
}
unless ($options{'sp_entityid'}) {
die "Missing sp_entityid option";
}
my $authentication_token = new IdPAccountManager::AuthenticationToken();
unless (defined $authentication_token) {
IdPAccountManager::Tools::do_log('error',"Failed to create token object");
exit -1;
}
unless ($authentication_token->set('email_address' => $options{'email_address'},
'sp_entityid' => $options{'sp_entityid'})) {
IdPAccountManager::Tools::do_log('error',"Failed to set token value");
exit -1;
}
unless ($authentication_token->save()) {
IdPAccountManager::Tools::do_log('error',"Failed to create token");
exit -1;
}
$authentication_token->print();
}elsif ($options{'send_notice'}) {
unless ($options{'email_address'}) {
die "Missing email_address option";
}
unless (&IdPAccountManager::Tools::mail_notice('template' => 'templates/mail/notification_generic_error.tt2.eml',
'data' => {},
'to' => $options{'email_address'})) {
die "Failed to send mail notice to $options{'email_address'}\n";
}
printf "Mail notice sent to $options{'email_address'}\n";
renater.salaun
committed
}else {
die "Missing arguments";