Last active
May 22, 2020 02:41
-
-
Save wardenlym/2cffc837860ffe7fbf4e0985fe092853 to your computer and use it in GitHub Desktop.
cas-get.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -e | |
| # Usage: cas-get.sh <dest-service> <cas-host> <username> <password> | |
| # ./cas-get.sh https://www.baidu.com https://casserver.herokuapp.com casuser Mellon | |
| DEST="$1" | |
| CAS_HOSTNAME="$2" | |
| USERNAME="$3" | |
| PASSWORD="$4" | |
| ENCODED_DEST=`echo "$DEST" | perl -p -e 's/([^A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg' | sed 's/%2E/./g' | sed 's/%0A//g'` | |
| echo "service:" "${DEST}" "->" "${ENCODED_DEST}" | |
| COOKIE_JAR=.cookieJar | |
| HEADER_DUMP_DEST=.headers | |
| rm -f $COOKIE_JAR | |
| rm -f $HEADER_DUMP_DEST | |
| #Visit CAS and get a login form. This includes a unique ID for the form, which we will store in CAS_ID jsessionid cookie | |
| CAS_ID=`curl -s -c $COOKIE_JAR $CAS_HOSTNAME/cas/login?service=$ENCODED_DEST | grep name=.execution | awk -F " " '{print $4}' | awk -F "\"" '{print $2}'` | |
| echo "get lt : " "${CAS_ID}" | |
| #Submit the login form, using the cookies saved in the cookie jar and the form submission ID just extracted. We keep the headers from this request as the return value should be a 302 including a "ticket" param which we'll need in the next request | |
| #curl -s -k --data "username=$USERNAME&password=$PASSWORD<=$CAS_ID&_eventId=submit" -i -b $COOKIE_JAR -c $COOKIE_JAR $CAS_HOSTNAME/cas/login?service=$ENCODED_DEST -D $HEADER_DUMP_DEST -o /dev/null | |
| # *MUST* have: execution=e1s1&_eventId=submit | |
| #curl -s -k --data "username=$USERNAME&password=$PASSWORD<=$CAS_ID&execution=e1s1&_eventId=submit" -i -b $COOKIE_JAR -c $COOKIE_JAR $CAS_HOSTNAME/cas/login?service=$ENCODED_DEST -D $HEADER_DUMP_DEST #-o /dev/null | |
| curl -XPOST -s --data "username=$USERNAME&password=$PASSWORD&execution=${CAS_ID}&_eventId=submit" -i -b $COOKIE_JAR -c $COOKIE_JAR $CAS_HOSTNAME/cas/login?service=$ENCODED_DEST -D $HEADER_DUMP_DEST #-o /dev/null | |
| #Linux may not need this line but my response from the previous call has retrieving windows-style linebreaks in OSX | |
| dos2unix $HEADER_DUMP_DEST > /dev/null | |
| CURL_DEST=`grep Location $HEADER_DUMP_DEST | sed 's/Location: //'` | |
| if [[ "$CURL_DEST" = "" ]]; then | |
| echo "Cannot login. Check if you can login in a browser using user/pass = $USERNAME/$PASSWORD and the following url: $CAS_HOSTNAME/cas/login?service=$ENCODED_DEST" | |
| exit 1 | |
| fi | |
| echo "302 Location: " "$CURL_DEST" | |
| curl -v -i -k -b $COOKIE_JAR -c $COOKIE_JAR $CURL_DEST | |
| #If our destination is not a GET we'll need to do a GET to, say, the user dashboard here | |
| #Visit the place we actually wanted to go to | |
| # curl -s -k -b $COOKIE_JAR "$DEST" | |
| ST=`echo "$CURL_DEST" | awk -F "=" '{print $2}'` | |
| VALIDATE="${CAS_HOSTNAME}/cas/serviceValidate?service=${ENCODED_DEST}&ticket=${ST}" | |
| echo ${VALIDATE} | |
| curl -i "${VALIDATE}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment