Skip to content

Instantly share code, notes, and snippets.

@DinoChiesa

DinoChiesa/exercise-apigee-admin-APIs.sh

Created May 10, 2014 01:15
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DinoChiesa/6097122abec7168c816e to your computer and use it in GitHub Desktop.
Save DinoChiesa/6097122abec7168c816e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
exercise-apigee-admin-APIs.sh
#!/bin/bash
# -*- mode:shell-script; coding:utf-8; -*-
#
# exercise-apigee-admin-APIs.sh
#
# A bash script for demonstrating the use of the administrative APIs for
# Apigee Edge, to deploy new APIs and invoke them.
#
#
# created: 2014-February-04
# Last saved: <2014-April-28 12:44:36>
#
verbosity=2
waittime=10
want_pause=0
apiname=automation-example
#envname=test
resetonly=0
defaultmgmtserver="https://api.enterprise.apigee.com"
TAB=$'\t'
function usage() {
local CMD=`basename $0`
echo "$CMD: Deploy a proxy bundle and test it. "
echo " Uses the curl utility."
echo "usage: "
echo " $CMD [options] "
echo "options: "
echo " -m <url> the base url for the mgmt server."
echo " -o <org> the organization to use."
echo " -e <env> the environment to deploy to."
echo " -u <creds> http basic authn credentials for the API calls."
echo " -r reset the state; remove all the entities."
echo " -a <url> the base url for the API server."
echo " -p pause before each curl command"
echo " -q quiet; decrease verbosity by 1"
echo " -v verbose; increase verbosity by 1"
echo
echo "Current parameter values:"
echo " mgmt api url: $defaultmgmtserver"
echo " verbosity: $verbosity"
echo
exit 1
}
## function MYCURL
## Print the curl command, omitting sensitive parameters, then run it.
## There are side effects:
## 1. puts curl output into file named ${CURL_OUT}. If the CURL_OUT
## env var is not set prior to calling this function, it is created
## and the name of a tmp file in /tmp is placed there.
## 2. puts curl http_status into variable CURL_RC
function MYCURL() {
local outargs
local allargs
local ix
local ix2
local re
maybe_pause
re="^(-[du]|--user)$" # the curl options to not echo
# grab the curl args, but skip the basic auth and the payload, if any.
while [ "$1" ]; do
allargs[$ix2]=$1
let "ix2+=1"
if [[ $1 =~ $re ]]; then
shift
allargs[$ix2]=$1
let "ix2+=1"
else
outargs[$ix]=$1
let "ix+=1"
fi
shift
done
[ -z "${CURL_OUT}" ] && CURL_OUT=`mktemp /tmp/apigee-${apiname}.curl.out.XXXXXX`
[ -f "${CURL_OUT}" ] && rm ${CURL_OUT}
if [ $verbosity -gt 0 ]; then
# emit the curl command, without the auth + payload
echo
echo "curl ${outargs[@]}"
fi
# run the curl command
CURL_RC=`curl -s -w "%{http_code}" -o "${CURL_OUT}" "${allargs[@]}"`
if [ $verbosity -gt 1 ]; then
# emit the http status code
echo "==> ${CURL_RC}"
fi
echo
if [ $verbosity -gt 2 ]; then
# emit the output
[ -f "${CURL_OUT}" ] && cat ${CURL_OUT} && echo
fi
}
function echoerror() { echo "$@" 1>&2; }
function CleanUp() {
if [ -f ${CURL_OUT} ]; then
rm -rf ${CURL_OUT}
fi
}
function maybe_pause() {
local foo
[ ${want_pause} -gt 0 ] && read -p "ENTER to continue... " foo
}
function choose_mgmtserver() {
local name
echo
read -p " Which mgmt server (${defaultmgmtserver}) :: " name
name="${name:-$defaultmgmtserver}"
mgmtserver=$name
echo " mgmt server = ${mgmtserver}"
}
function choose_apiserver() {
local name
echo
read -p " Which api server base url (${defaultapiserver}) :: " name
name="${name:-$defaultapiserver}"
apiserver=$name
echo " api server = ${apiserver}"
}
function choose_credentials() {
local creds
echo
echo -n " Admin creds for ${mgmtserver}? (user:password) :: "
read -s creds
echo
credentials=$creds
}
function check_org() {
echo " checking org ${orgname}..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/e
if [ ${CURL_RC} -eq 200 ]; then
check_org=0
envarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`)
else
check_org=1
fi
}
function check_env() {
echo " checking environment ${envname}..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/e/${envname}
if [ ${CURL_RC} -eq 200 ]; then
check_env=0
else
check_env=1
fi
}
function choose_org() {
local all_done
all_done=0
while [ $all_done -ne 1 ]; do
echo
read -p " Which organization? " orgname
check_org
if [ ${check_org} -ne 0 ]; then
echo cannot read that organization with the given creds.
echo
all_done=0
else
all_done=1
fi
done
echo
echo " organization = ${orgname}"
}
function choose_env() {
local all_done
local i
local env
local envnum
envname=`random_string`
all_done=0
while [ $all_done -ne 1 ]; do
echo
for i in "${!envarray[@]}"
do
env=${envarray[i]}
echo " ${i}. ${env}"
done
echo
read -p " Which environment? " envnum
echo
if [ "${envnum}" -lt "${#envarray[@]}" ] && [ "${envnum}" -ge "0" ]; then
envname="${envarray[${envnum}]}"
# check_env checks the environment referred to in ${envname}
check_env
if [ ${check_env} -ne 0 ]; then
echo cannot read that env with the given creds.
echo
all_done=0
else
all_done=1
fi
else
echo
echo
echo "** choose a valid number."
echo
fi
done
echo
echo " environment = ${envname}"
}
function random_string() {
local rand_string
rand_string=$(cat /dev/urandom | LC_CTYPE=C tr -cd '[:alnum:]' | head -c 10)
echo ${rand_string}
}
## function clear_env_state
## Removes any developer app with the prefix of ${apiname}, and any
## developer or api product with that prefix, and any API with that
## name.
function clear_env_state() {
local prodarray
local devarray
local apparray
local revisionarray
local prod
local rev
local dev
local app
local i
local j
local numdeleteddevs
numdeleteddevs=0
echo " check for developers like ${apiname}..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/developers
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror "Cannot retrieve developers from that org..."
exit 1
fi
devarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`)
if [ "${#devarray[@]}" -gt 0 ]; then
for i in "${!devarray[@]}"
do
dev=${devarray[i]}
if [[ "$dev" =~ ^${apiname}.+$ ]] ; then
echo " found a matching developer..."
echo " list the apps for that developer..."
MYCURL -u ${credentials} -X GET "${mgmtserver}/v1/o/${orgname}/developers/${dev}/apps"
apparray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`)
if [ "${#apparray[@]}" -gt 0 ]; then
for j in "${!apparray[@]}"
do
app=${apparray[j]}
echo " delete the app ${app}..."
MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/developers/${dev}/apps/${app}"
## ignore errors
done
else
echo " no apps to delete..."
fi
echo " delete the developer $dev..."
MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/developers/${dev}"
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " could not delete that developer (${dev})"
echo
exit 1
fi
let "numdeleteddevs+=1"
fi
done
echo " deleted ${numdeleteddevs} matching developers...."
else
echo " no developers in that org..."
fi
echo " check for api products like ${apiname}..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apiproducts
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror "Cannot retrieve apiproducts from that org..."
exit 1
fi
prodarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`)
for i in "${!prodarray[@]}"
do
prod=${prodarray[i]}
if [[ "$prod" =~ ^${apiname}.+$ ]] ; then
echo " found a matching product...deleting it."
MYCURL -u ${credentials} -X DELETE ${mgmtserver}/v1/o/${orgname}/apiproducts/${prod}
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " could not delete that product (${prod})"
echo
exit 1
fi
fi
done
echo " check for the ${apiname} api..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apis/${apiname}
if [ ${CURL_RC} -eq 200 ]; then
echo " found, deleting it..."
MYCURL -u ${credentials} -X GET ${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions
revisionarray=(`cat ${CURL_OUT} | grep "\[" | sed -E 's/[]",[]//g'`)
for i in "${!revisionarray[@]}"
do
rev=${revisionarray[i]}
echo " undeploy the old api revision ${rev}"
MYCURL -u ${credentials} -X POST "${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/${rev}/deployments?action=undeploy&env=${envname}"
## ignore errors
echo " delete the api revision ${rev}"
MYCURL -u ${credentials} -X DELETE "${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/${rev}"
done
if [ $resetonly -eq 1 ] ; then
echo " delete the api"
MYCURL -u ${credentials} -X DELETE ${mgmtserver}/v1/o/${orgname}/apis/${apiname}
if [ ${CURL_RC} -ne 200 ]; then
echo "failed to delete that API"
fi
fi
fi
}
function deploy_new_bundle() {
echo " import the bundle..."
sleep 2
MYCURL -u $credentials -X POST \
"${mgmtserver}/v1/o/${orgname}/apis/?action=import&name=${apiname}" \
-T ${apiname}.zip -H "Content-Type: application/octet-stream"
if [ ${CURL_RC} -ne 201 ]; then
echo
echoerror " failed importing that bundle."
cat ${CURL_OUT}
echo
echo
exit 1
fi
echo " deploy ${apiname}..."
sleep 2
MYCURL -u $credentials -X POST \
"${mgmtserver}/v1/o/${orgname}/apis/${apiname}/revisions/1/deployments?action=deploy&env=$envname"
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " failed deploying that api."
cat ${CURL_OUT}
echo
echo
exit 1
fi
}
function create_new_product() {
productname=${apiname}-`random_string`
echo " create a new product (${productname}) with that API"
sleep 2
MYCURL -u $credentials \
-H "Content-Type:application/json" \
-X POST ${mgmtserver}/v1/o/${orgname}/apiproducts -d '{
"approvalType" : "auto",
"attributes" : [ ],
"displayName" : "'${productname}' Test product",
"name" : "'${productname}'",
"apiResources" : [ "/**" ],
"description" : "Test from Dino",
"environments": [ "'${envname}'" ],
"proxies": [ "'${apiname}'" ],
"quota": "10000",
"quotaInterval": "1",
"quotaTimeUnit": "minute"
}'
if [ ${CURL_RC} -ne 201 ]; then
echo
echoerror " failed creating that product."
cat ${CURL_OUT}
echo
echo
exit 1
fi
}
function create_new_developer() {
local shortdevname=${apiname}-`random_string`
devname=${shortdevname}@apigee.com
echo " create a developer (${devname})..."
sleep 2
MYCURL -u $credentials \
-H "Content-type:application/json" \
-X POST \
${mgmtserver}/v1/o/${orgname}/developers \
-d '{
"email" : "'${devname}'",
"firstName" : "Dino",
"lastName" : "'`random_string`'",
"userName" : "'${shortdevname}'",
"organizationName" : "'${orgname}'",
"status" : "active"
}'
if [ ${CURL_RC} -ne 201 ]; then
echo
echoerror " failed creating a new developer."
cat ${CURL_OUT}
echo
echo
exit 1
fi
}
function create_new_app() {
appname=${apiname}-`random_string`
echo " create a new app (${appname}) for that developer, with authorization for the product..."
sleep 2
MYCURL -u $credentials \
-H "Content-type:application/json" \
-X POST \
${mgmtserver}/v1/o/${orgname}/developers/${devname}/apps \
-d '{
"attributes" : [ {
"name" : "creator",
"value" : "test script '$0'"
} ],
"apiProducts": [ "'${productname}'" ],
"callbackUrl" : "notused://www.apigee.com",
"name" : "'${appname}'",
"keyExpiresIn" : "1000000"
}'
if [ ${CURL_RC} -ne 201 ]; then
echo
echoerror " failed creating a new app."
cat ${CURL_OUT}
echo
echo
exit 1
fi
}
function retrieve_app_keys() {
local array
echo " get the keys for that app..."
sleep 2
MYCURL -u $credentials \
-X GET \
${mgmtserver}/v1/o/${orgname}/developers/${devname}/apps/${appname}
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " failed retrieving the app details."
cat ${CURL_OUT}
echo
echo
exit 1
fi
array=(`cat ${CURL_OUT} | grep "consumerKey" | sed -E 's/[",:]//g'`)
consumerkey=${array[1]}
array=(`cat ${CURL_OUT} | grep "consumerSecret" | sed -E 's/[",:]//g'`)
consumersecret=${array[1]}
echo " consumer key: ${consumerkey}"
echo " consumer secret: ${consumersecret}"
echo
sleep 2
}
function generate_token() {
local array
echo " invoke the API to generate an authorization code..."
sleep 2
MYCURL -i \
-X POST \
-H "Content-type: application/x-www-form-urlencoded" \
${apiserver}/v1/${apiname}/authorize \
-d "client_id=${consumerkey}&response_type=code"
if [ ${CURL_RC} -ne 302 ]; then
echo
echoerror " failed generating a code."
cat ${CURL_OUT}
echo
echo
exit 1
fi
code=`cat ${CURL_OUT} | grep "^Location" | sed -E 's/.*code=(.*)/\1/' | tr -d '[[:space:]]'`
echo " authorization code = '${code}'"
sleep 2
echo
echo " invoke the API with that code to generate an access token..."
sleep 2
echo
echo " according to the policy,"
echo " the generated access token will expire in ~8 seconds,"
sleep 3
echo " while the refresh token will expire in ~8 hours..."
sleep 3
MYCURL -u ${consumerkey}:${consumersecret} \
-X POST \
-H "Content-type: application/x-www-form-urlencoded" \
${apiserver}/v1/${apiname}/token \
-d "grant_type=authorization_code&code=${code}&token_lifetime=8000"
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " failed generating a token."
cat ${CURL_OUT}
echo
echo
exit 1
fi
cat ${CURL_OUT}
echo
echo
refreshtoken=`cat ${CURL_OUT} | grep "refresh_token\"" | sed -E 's/(.*: +)"(.*)",/\2/'`
accesstoken=`cat ${CURL_OUT} | grep "access_token\"" | sed -E 's/(.*: +)"(.*)",/\2/'`
sleep 3
}
function test_token() {
echo " invoke the API to verify the access token..."
sleep 2
MYCURL -H "Authorization: Bearer ${accesstoken}" \
-X GET \
-H "Content-type: application/x-www-form-urlencoded" \
${apiserver}/v1/${apiname}/verify
if [ ${CURL_RC} -ne 200 ]; then
echo
echoerror " failed verifying the access token."
cat ${CURL_OUT}
echo
echo
exit 1
fi
if [ $verbosity -le 2 ]; then
cat ${CURL_OUT}
echo
fi
echo
echo " ok, 200. that access token is good."
echo " waiting ${waittime} seconds so that the access token expires..."
sleep ${waittime}
echo
echo " at this point we think the access token is expired."
sleep 2
echo " check expiry..."
sleep 2
MYCURL -H "Authorization: Bearer ${accesstoken}" \
-X GET \
-H "Content-type: application/x-www-form-urlencoded" \
${apiserver}/v1/${apiname}/verify
if [ ${CURL_RC} -ne 401 ]; then
echo
echoerror " failed to expire the access token."
cat ${CURL_OUT}
echo
echo
exit 1
fi
if [ $verbosity -le 2 ]; then
cat ${CURL_OUT}
echo
fi
echo
echo " ok, 401. it's really expired..."
sleep 2
echo
}
## =======================================================
echo
echo "This script deploys the specified bundle as a new proxy, creates an API"
echo "product, inserts the proxy into the product, creates a developer and "
echo "a developer app, gets the keys for that app, then using those keys"
echo "invokes the APIs."
echo "============================================================================="
while getopts "vqhe:o:u:m:a:rp" opt; do
case $opt in
h) usage ;;
q) verbosity=$(($verbosity-1)) ;;
v) verbosity=$(($verbosity+1)) ;;
e) envname=$OPTARG ;;
o) orgname=$OPTARG ;;
m) mgmtserver=$OPTARG ;;
a) apiserver=$OPTARG ;;
u) credentials=$OPTARG ;;
r) resetonly=1 ;;
p) want_pause=1 ;;
*) echo "unknown arg" && usage ;;
esac
done
if ! [ -f $apiname.zip ]; then
echo
echoerror "the bundle $apiname.zip must exist in the current directory..."
echo
exit 1
fi
echo
if [ "X$mgmtserver" = "X" ]; then
choose_mgmtserver
fi
echo
if [ "X$credentials" = "X" ]; then
choose_credentials
fi
echo
if [ "X$orgname" = "X" ]; then
choose_org
else
check_org
if [ ${check_org} -ne 0 ]; then
echoerror "that organization cannot be validated"
exit 1
fi
fi
echo
if [ "X$envname" = "X" ]; then
choose_env
else
check_env
if [ ${check_env} -ne 0 ]; then
echoerror "that environment cannot be validated"
exit 1
fi
fi
## reset everything related to this api
clear_env_state
if [ $resetonly -eq 0 ] ; then
deploy_new_bundle
create_new_product
create_new_developer
create_new_app
retrieve_app_keys
defaultapiserver="http://$orgname-$envname.apigee.net"
echo
if [ "X$apiserver" = "X" ]; then
choose_apiserver
fi
generate_token
test_token
fi
CleanUp
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment