Created
May 10, 2014 01:15
-
-
Save DinoChiesa/6097122abec7168c816e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # -*- mode:shell-script; coding:utf-8; -*- | |
| # | |
| # exercise-apigee-admin-APIs.sh | |
| # | |
| # A bash script for demonstrating the use of the administrative APIs for | |
| # Apigee Edge, to deploy new APIs and invoke them. | |
| # | |
| # | |
| # created: 2014-February-04 | |
| # Last saved: <2014-April-28 12:44:36> | |
| # | |
| verbosity=2 | |
| waittime=10 | |
| want_pause=0 | |
| apiname=automation-example | |
| #envname=test | |
| resetonly=0 | |
| defaultmgmtserver="https://api.enterprise.apigee.com" | |
| TAB=$'\t' | |
| function usage() { | |
| local CMD=`basename $0` | |
| echo "$CMD: Deploy a proxy bundle and test it. " | |
| echo " Uses the curl utility." | |
| echo "usage: " | |
| echo " $CMD [options] " | |
| echo "options: " | |
| echo " -m <url> the base url for the mgmt server." | |
| echo " -o <org> the organization to use." | |
| echo " -e <env> the environment to deploy to." | |
| echo " -u <creds> http basic authn credentials for the API calls." | |
| echo " -r reset the state; remove all the entities." | |
| echo " -a <url> the base url for the API server." | |
| echo " -p pause before each curl command" | |
| echo " -q quiet; decrease verbosity by 1" | |
| echo " -v verbose; increase verbosity by 1" | |
| echo | |
| echo "Current parameter values:" | |
| echo " mgmt api url: $defaultmgmtserver" | |
| echo " verbosity: $verbosity" | |
| echo | |
| exit 1 | |
| } | |
| ## function MYCURL | |
| ## Print the curl command, omitting sensitive parameters, then run it. | |
| ## There are side effects: | |
| ## 1. puts curl output into file named ${CURL_OUT}. If the CURL_OUT | |
| ## env var is not set prior to calling this function, it is created | |
| ## and the name of a tmp file in /tmp is placed there. | |
| ## 2. puts curl http_status into variable CURL_RC | |
| function MYCURL() { | |
| local outargs | |
| local allargs | |
| local ix | |
| local ix2 | |
| local re | |
| maybe_pause | |
| re="^(-[du]|--user)$" # the curl options to not echo | |
| # grab the curl args, but skip the basic auth and the payload, if any. | |
| while [ "$1" ]; do | |
| allargs[$ix2]=$1 | |
| let "ix2+=1" | |
| if [[ $1 =~ $re ]]; then | |
| shift | |
| allargs[$ix2]=$1 | |
| let "ix2+=1" | |
| else | |
| outargs[$ix]=$1 | |
| let "ix+=1" | |
| fi | |
| shift | |
| done | |
| [ -z "${CURL_OUT}" ] && CURL_OUT=`mktemp /tmp/apigee-${apiname}.curl.out.XXXXXX` | |
| [ -f "${CURL_OUT}" ] && rm ${CURL_OUT} | |
| if [ $verbosity -gt 0 ]; then | |
| # emit the curl command, without the auth + payload | |
| echo | |
| echo "curl ${outargs[@]}" | |
| fi | |
| # run the curl command | |
| CURL_RC=`curl -s -w "%{http_code}" -o "${CURL_OUT}" "${allargs[@]}"` | |
| if [ $verbosity -gt 1 ]; then | |
| # emit the http status code | |
| echo "==> ${CURL_RC}" | |
| fi | |
| echo | |
| if [ $verbosity -gt 2 ]; then | |
| # emit the output | |
| [ -f "${CURL_OUT}" ] && cat ${CURL_OUT} && echo | |
| fi | |
| } | |
| function echoerror() { echo "$@" 1>&2; } | |
| function CleanUp() { | |
| if [ -f ${CURL_OUT} ]; then | |
| rm -rf ${CURL_OUT} | |
| fi | |
| } | |
| function maybe_pause() { | |
| local foo | |
| [ ${want_pause} -gt 0 ] && read -p "ENTER to continue... " foo | |
| } | |
| function choose_mgmtserver() { | |
| local name | |
| echo | |
| read -p " Which mgmt server (${defaultmgmtserver}) :: " name | |
| name="${name:-$defaultmgmtserver}" | |
| mgmtserver=$name | |
| echo " mgmt server = ${mgmtserver}" | |
| } | |
| function choose_apiserver() { | |
| local name | |
| echo | |
| read -p " Which api server base url (${defaultapiserver}) :: " name | |
| name="${name:-$defaultapiserver}" | |
| apiserver=$name | |
| echo " api server = ${apiserver}" | |
| } | |
| function choose_credentials() { | |
| local creds | |
| echo | |
| echo -n " Admin creds for ${mgmtserver}? (user:password) :: " | |
| read -s creds | |
| echo | |
| credentials=$creds | |
| } | |
| function check_org() { | |
| echo " checking org ${orgname}..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/e | |
| if [ ${CURL_RC} -eq 200 ]; then | |
| check_org=0 | |
| envarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`) | |
| else | |
| check_org=1 | |
| fi | |
| } | |
| function check_env() { | |
| echo " checking environment ${envname}..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/e/${envname} | |
| if [ ${CURL_RC} -eq 200 ]; then | |
| check_env=0 | |
| else | |
| check_env=1 | |
| fi | |
| } | |
| function choose_org() { | |
| local all_done | |
| all_done=0 | |
| while [ $all_done -ne 1 ]; do | |
| echo | |
| read -p " Which organization? " orgname | |
| check_org | |
| if [ ${check_org} -ne 0 ]; then | |
| echo cannot read that organization with the given creds. | |
| echo | |
| all_done=0 | |
| else | |
| all_done=1 | |
| fi | |
| done | |
| echo | |
| echo " organization = ${orgname}" | |
| } | |
| function choose_env() { | |
| local all_done | |
| local i | |
| local env | |
| local envnum | |
| envname=`random_string` | |
| all_done=0 | |
| while [ $all_done -ne 1 ]; do | |
| echo | |
| for i in "${!envarray[@]}" | |
| do | |
| env=${envarray[i]} | |
| echo " ${i}. ${env}" | |
| done | |
| echo | |
| read -p " Which environment? " envnum | |
| echo | |
| if [ "${envnum}" -lt "${#envarray[@]}" ] && [ "${envnum}" -ge "0" ]; then | |
| envname="${envarray[${envnum}]}" | |
| # check_env checks the environment referred to in ${envname} | |
| check_env | |
| if [ ${check_env} -ne 0 ]; then | |
| echo cannot read that env with the given creds. | |
| echo | |
| all_done=0 | |
| else | |
| all_done=1 | |
| fi | |
| else | |
| echo | |
| echo | |
| echo "** choose a valid number." | |
| echo | |
| fi | |
| done | |
| echo | |
| echo " environment = ${envname}" | |
| } | |
| function random_string() { | |
| local rand_string | |
| rand_string=$(cat /dev/urandom | LC_CTYPE=C tr -cd '[:alnum:]' | head -c 10) | |
| echo ${rand_string} | |
| } | |
| ## function clear_env_state | |
| ## Removes any developer app with the prefix of ${apiname}, and any | |
| ## developer or api product with that prefix, and any API with that | |
| ## name. | |
| function clear_env_state() { | |
| local prodarray | |
| local devarray | |
| local apparray | |
| local revisionarray | |
| local prod | |
| local rev | |
| local dev | |
| local app | |
| local i | |
| local j | |
| local numdeleteddevs | |
| numdeleteddevs=0 | |
| echo " check for developers like ${apiname}..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/developers | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror "Cannot retrieve developers from that org..." | |
| exit 1 | |
| fi | |
| devarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`) | |
| if [ "${#devarray[@]}" -gt 0 ]; then | |
| for i in "${!devarray[@]}" | |
| do | |
| dev=${devarray[i]} | |
| if [[ "$dev" =~ ^${apiname}.+$ ]] ; then | |
| echo " found a matching developer..." | |
| echo " list the apps for that developer..." | |
| MYCURL -u ${credentials} -X GET "${mgmtserver}/v1/o/${orgname}/developers/${dev}/apps" | |
| apparray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`) | |
| if [ "${#apparray[@]}" -gt 0 ]; then | |
| for j in "${!apparray[@]}" | |
| do | |
| app=${apparray[j]} | |
| echo " delete the app ${app}..." | |
| MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/developers/${dev}/apps/${app}" | |
| ## ignore errors | |
| done | |
| else | |
| echo " no apps to delete..." | |
| fi | |
| echo " delete the developer $dev..." | |
| MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/developers/${dev}" | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " could not delete that developer (${dev})" | |
| echo | |
| exit 1 | |
| fi | |
| let "numdeleteddevs+=1" | |
| fi | |
| done | |
| echo " deleted ${numdeleteddevs} matching developers...." | |
| else | |
| echo " no developers in that org..." | |
| fi | |
| echo " check for api products like ${apiname}..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apiproducts | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror "Cannot retrieve apiproducts from that org..." | |
| exit 1 | |
| fi | |
| prodarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`) | |
| for i in "${!prodarray[@]}" | |
| do | |
| prod=${prodarray[i]} | |
| if [[ "$prod" =~ ^${apiname}.+$ ]] ; then | |
| echo " found a matching product...deleting it." | |
| MYCURL -u ${credentials} -X DELETE ${mgmtserver}/v1/o/${orgname}/apiproducts/${prod} | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " could not delete that product (${prod})" | |
| echo | |
| exit 1 | |
| fi | |
| fi | |
| done | |
| echo " check for the ${apiname} api..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apis/${apiname} | |
| if [ ${CURL_RC} -eq 200 ]; then | |
| echo " found, deleting it..." | |
| MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions | |
| revisionarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`) | |
| for i in "${!revisionarray[@]}" | |
| do | |
| rev=${revisionarray[i]} | |
| echo " undeploy the old api revision ${rev}" | |
| MYCURL -u ${credentials} -X POST "${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/${rev}/deployments?action=undeploy&env=${envname}" | |
| ## ignore errors | |
| echo " delete the api revision ${rev}" | |
| MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/${rev}" | |
| done | |
| if [ $resetonly -eq 1 ] ; then | |
| echo " delete the api" | |
| MYCURL -u ${credentials} -X DELETE ${mgmtserver}/v1/o/${orgname}/apis/${apiname} | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo "failed to delete that API" | |
| fi | |
| fi | |
| fi | |
| } | |
| function deploy_new_bundle() { | |
| echo " import the bundle..." | |
| sleep 2 | |
| MYCURL -u $credentials -X POST \ | |
| "${mgmtserver}/v1/o/${orgname}/apis/?action=import&name=${apiname}" \ | |
| -T ${apiname}.zip -H "Content-Type: application/octet-stream" | |
| if [ ${CURL_RC} -ne 201 ]; then | |
| echo | |
| echoerror " failed importing that bundle." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| echo " deploy ${apiname}..." | |
| sleep 2 | |
| MYCURL -u $credentials -X POST \ | |
| "${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/1/deployments?action=deploy&env=$envname" | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " failed deploying that api." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| } | |
| function create_new_product() { | |
| productname=${apiname}-`random_string` | |
| echo " create a new product (${productname}) with that API" | |
| sleep 2 | |
| MYCURL -u $credentials \ | |
| -H "Content-Type:application/json" \ | |
| -X POST ${mgmtserver}/v1/o/${orgname}/apiproducts -d '{ | |
| "approvalType" : "auto", | |
| "attributes" : [ ], | |
| "displayName" : "'${productname}' Test product", | |
| "name" : "'${productname}'", | |
| "apiResources" : [ "/**" ], | |
| "description" : "Test from Dino", | |
| "environments": [ "'${envname}'" ], | |
| "proxies": [ "'${apiname}'" ], | |
| "quota": "10000", | |
| "quotaInterval": "1", | |
| "quotaTimeUnit": "minute" | |
| }' | |
| if [ ${CURL_RC} -ne 201 ]; then | |
| echo | |
| echoerror " failed creating that product." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| } | |
| function create_new_developer() { | |
| local shortdevname=${apiname}-`random_string` | |
| devname=${shortdevname}@apigee.com | |
| echo " create a developer (${devname})..." | |
| sleep 2 | |
| MYCURL -u $credentials \ | |
| -H "Content-type:application/json" \ | |
| -X POST \ | |
| ${mgmtserver}/v1/o/${orgname}/developers \ | |
| -d '{ | |
| "email" : "'${devname}'", | |
| "firstName" : "Dino", | |
| "lastName" : "'`random_string`'", | |
| "userName" : "'${shortdevname}'", | |
| "organizationName" : "'${orgname}'", | |
| "status" : "active" | |
| }' | |
| if [ ${CURL_RC} -ne 201 ]; then | |
| echo | |
| echoerror " failed creating a new developer." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| } | |
| function create_new_app() { | |
| appname=${apiname}-`random_string` | |
| echo " create a new app (${appname}) for that developer, with authorization for the product..." | |
| sleep 2 | |
| MYCURL -u $credentials \ | |
| -H "Content-type:application/json" \ | |
| -X POST \ | |
| ${mgmtserver}/v1/o/${orgname}/developers/${devname}/apps \ | |
| -d '{ | |
| "attributes" : [ { | |
| "name" : "creator", | |
| "value" : "test script '$0'" | |
| } ], | |
| "apiProducts": [ "'${productname}'" ], | |
| "callbackUrl" : "notused://www.apigee.com", | |
| "name" : "'${appname}'", | |
| "keyExpiresIn" : "1000000" | |
| }' | |
| if [ ${CURL_RC} -ne 201 ]; then | |
| echo | |
| echoerror " failed creating a new app." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| } | |
| function retrieve_app_keys() { | |
| local array | |
| echo " get the keys for that app..." | |
| sleep 2 | |
| MYCURL -u $credentials \ | |
| -X GET \ | |
| ${mgmtserver}/v1/o/${orgname}/developers/${devname}/apps/${appname} | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " failed retrieving the app details." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| array=(`cat ${CURL_OUT} | grep "consumerKey" | sed -E 's/[",:]//g'`) | |
| consumerkey=${array[1]} | |
| array=(`cat ${CURL_OUT} | grep "consumerSecret" | sed -E 's/[",:]//g'`) | |
| consumersecret=${array[1]} | |
| echo " consumer key: ${consumerkey}" | |
| echo " consumer secret: ${consumersecret}" | |
| echo | |
| sleep 2 | |
| } | |
| function generate_token() { | |
| local array | |
| echo " invoke the API to generate an authorization code..." | |
| sleep 2 | |
| MYCURL -i \ | |
| -X POST \ | |
| -H "Content-type: application/x-www-form-urlencoded" \ | |
| ${apiserver}/v1/${apiname}/authorize \ | |
| -d "client_id=${consumerkey}&response_type=code" | |
| if [ ${CURL_RC} -ne 302 ]; then | |
| echo | |
| echoerror " failed generating a code." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| code=`cat ${CURL_OUT} | grep "^Location" | sed -E 's/.*code=(.*)/\1/' | tr -d '[[:space:]]'` | |
| echo " authorization code = '${code}'" | |
| sleep 2 | |
| echo | |
| echo " invoke the API with that code to generate an access token..." | |
| sleep 2 | |
| echo | |
| echo " according to the policy," | |
| echo " the generated access token will expire in ~8 seconds," | |
| sleep 3 | |
| echo " while the refresh token will expire in ~8 hours..." | |
| sleep 3 | |
| MYCURL -u ${consumerkey}:${consumersecret} \ | |
| -X POST \ | |
| -H "Content-type: application/x-www-form-urlencoded" \ | |
| ${apiserver}/v1/${apiname}/token \ | |
| -d "grant_type=authorization_code&code=${code}&token_lifetime=8000" | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " failed generating a token." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| refreshtoken=`cat ${CURL_OUT} | grep "refresh_token\"" | sed -E 's/(.*: +)"(.*)",/\2/'` | |
| accesstoken=`cat ${CURL_OUT} | grep "access_token\"" | sed -E 's/(.*: +)"(.*)",/\2/'` | |
| sleep 3 | |
| } | |
| function test_token() { | |
| echo " invoke the API to verify the access token..." | |
| sleep 2 | |
| MYCURL -H "Authorization: Bearer ${accesstoken}" \ | |
| -X GET \ | |
| -H "Content-type: application/x-www-form-urlencoded" \ | |
| ${apiserver}/v1/${apiname}/verify | |
| if [ ${CURL_RC} -ne 200 ]; then | |
| echo | |
| echoerror " failed verifying the access token." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| if [ $verbosity -le 2 ]; then | |
| cat ${CURL_OUT} | |
| echo | |
| fi | |
| echo | |
| echo " ok, 200. that access token is good." | |
| echo " waiting ${waittime} seconds so that the access token expires..." | |
| sleep ${waittime} | |
| echo | |
| echo " at this point we think the access token is expired." | |
| sleep 2 | |
| echo " check expiry..." | |
| sleep 2 | |
| MYCURL -H "Authorization: Bearer ${accesstoken}" \ | |
| -X GET \ | |
| -H "Content-type: application/x-www-form-urlencoded" \ | |
| ${apiserver}/v1/${apiname}/verify | |
| if [ ${CURL_RC} -ne 401 ]; then | |
| echo | |
| echoerror " failed to expire the access token." | |
| cat ${CURL_OUT} | |
| echo | |
| echo | |
| exit 1 | |
| fi | |
| if [ $verbosity -le 2 ]; then | |
| cat ${CURL_OUT} | |
| echo | |
| fi | |
| echo | |
| echo " ok, 401. it's really expired..." | |
| sleep 2 | |
| echo | |
| } | |
| ## ======================================================= | |
| echo | |
| echo "This script deploys the specified bundle as a new proxy, creates an API" | |
| echo "product, inserts the proxy into the product, creates a developer and " | |
| echo "a developer app, gets the keys for that app, then using those keys" | |
| echo "invokes the APIs." | |
| echo "=============================================================================" | |
| while getopts "vqhe:o:u:m:a:rp" opt; do | |
| case $opt in | |
| h) usage ;; | |
| q) verbosity=$(($verbosity-1)) ;; | |
| v) verbosity=$(($verbosity+1)) ;; | |
| e) envname=$OPTARG ;; | |
| o) orgname=$OPTARG ;; | |
| m) mgmtserver=$OPTARG ;; | |
| a) apiserver=$OPTARG ;; | |
| u) credentials=$OPTARG ;; | |
| r) resetonly=1 ;; | |
| p) want_pause=1 ;; | |
| *) echo "unknown arg" && usage ;; | |
| esac | |
| done | |
| if ! [ -f $apiname.zip ]; then | |
| echo | |
| echoerror "the bundle $apiname.zip must exist in the current directory..." | |
| echo | |
| exit 1 | |
| fi | |
| echo | |
| if [ "X$mgmtserver" = "X" ]; then | |
| choose_mgmtserver | |
| fi | |
| echo | |
| if [ "X$credentials" = "X" ]; then | |
| choose_credentials | |
| fi | |
| echo | |
| if [ "X$orgname" = "X" ]; then | |
| choose_org | |
| else | |
| check_org | |
| if [ ${check_org} -ne 0 ]; then | |
| echoerror "that organization cannot be validated" | |
| exit 1 | |
| fi | |
| fi | |
| echo | |
| if [ "X$envname" = "X" ]; then | |
| choose_env | |
| else | |
| check_env | |
| if [ ${check_env} -ne 0 ]; then | |
| echoerror "that environment cannot be validated" | |
| exit 1 | |
| fi | |
| fi | |
| ## reset everything related to this api | |
| clear_env_state | |
| if [ $resetonly -eq 0 ] ; then | |
| deploy_new_bundle | |
| create_new_product | |
| create_new_developer | |
| create_new_app | |
| retrieve_app_keys | |
| defaultapiserver="http://$orgname-$envname.apigee.net" | |
| echo | |
| if [ "X$apiserver" = "X" ]; then | |
| choose_apiserver | |
| fi | |
| generate_token | |
| test_token | |
| fi | |
| CleanUp | |
| exit 0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment