Last active
July 18, 2024 18:55
-
-
Save hiranp/8e02dccdc6700885e6c5d69203d383e5 to your computer and use it in GitHub Desktop.
Scritpt to simplify calling Oracle OCI Rest API's
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Version: 1.0.2 | |
# ORGIGNAL: https://github.com/f5devcentral/f5-oci-failover/blob/master/oci-curl | |
# Updated by: hiran.patel on 2024-06-25 | |
# Usage: | |
# oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args] | |
# | |
# ex: | |
# oci-curl iaas.us-ashburn-1.oraclecloud.com get "/20160918/instances?compartmentId=some-compartment-ocid" | |
# oci-curl iaas.us-ashburn-1.oraclecloud.com post ./request.json "/20160918/vcns" | |
if [ "$#" -eq 0 ]; then | |
echo "Usage: $0 <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]" | |
echo "Example:" | |
echo " $0 iaas.us-ashburn-1.oraclecloud.com get \"/20160918/instances?compartmentId=some-compartment-ocid\"" | |
echo " $0 iaas.us-ashburn-1.oraclecloud.com post ./request.json \"/20160918/vcns\"" | |
exit 1 | |
fi | |
# Dynamically find paths for utilities | |
LOGGER=$(command -v logger) | |
OPENSSL=$(command -v openssl) | |
WC=$(command -v wc) | |
XARGS=$(command -v xargs) | |
CURL=$(command -v curl) | |
DATE=$(command -v date) | |
ECHO=$(command -v echo) | |
PRINTF=$(command -v printf) | |
TR=$(command -v tr) | |
# exec 1> >(logger -s -t $(basename "$0")) 2>&1 | |
# Redirect stdout and stderr to a temporary file and then use logger | |
temp_log=$(mktemp) | |
exec > "$temp_log" 2>&1 | |
trap 'cat "$temp_log" | $LOGGER -s -t "$(basename "$0")"; rm -f "$temp_log"' EXIT | |
# url encode all special characters except "/", "?", "=", and "&" | |
function rawurlencode { | |
local string="${1}" | |
local strlen=${#string} | |
local encoded="" | |
local pos c o | |
for ((pos = 0; pos < strlen; pos++)); do | |
c=${string:$pos:1} | |
case "$c" in | |
[-_.~a-zA-Z0-9] | "/" | "?" | "=" | "&") o="${c}" ;; | |
*) $PRINTF -v o '%%%02x' "'$c" ;; | |
esac | |
encoded+="${o}" | |
done | |
$ECHO -n "${encoded}" | |
} | |
# main oci-curl function | |
function oci-curl { | |
# Use environment variables if set, otherwise use defaults | |
local tenancyId="${OCI_TENANCY_ID:-ocid1.tenancy.oc1..ocid1.privateip.oc1.phx.abyhqljREPLACETHISWITHYOUROCIDSa}" | |
local authUserId="${OCI_AUTH_USER_ID:-ocid1.user.oc1..aaaaaaaaky3iyt7oqbdolpppdnqfbbarbREPLACETHISWITHYOUROCIDSvwq}" | |
local keyFingerprint="${OCI_KEY_FINGERPRINT:-b0:77:5f:39:37:36:e2:dc:98:d2:00:00:00:00:00:00}" | |
local privateKeyPath="${OCI_PRIVATE_KEY_PATH:-/config/failover/oci_api_key.pem}" | |
local alg=rsa-sha256 | |
local sigVersion="1" | |
local now="$($DATE -u "+%a, %d %h %Y %H:%M:%S GMT")" | |
local host=$1 | |
local method=$(echo "$2" | $TR '[:lower:]' '[:upper:]') # Convert method to uppercase | |
local target=$3 | |
local body=$4 | |
local extra_args=("${@:5}") | |
local keyId="$tenancyId/$authUserId/$keyFingerprint" | |
local headers="(request-target) date host" | |
local signing_string="" | |
local curl_header_args=(-H "date: $now" -H "host: $host") | |
local body_arg=() | |
case $method in | |
GET|DELETE|HEAD) | |
extra_args=("${@:4}") | |
;; | |
POST|PUT) | |
local content_sha256="$($OPENSSL dgst -binary -sha256 <"$body" | $OPENSSL enc -e -base64)" | |
local content_type="application/json" | |
local content_length="$($WC -c <"$body" | $XARGS)" | |
headers+=" x-content-sha256 content-type content-length" | |
signing_string+=$'\n'"x-content-sha256: $content_sha256"$'\n'"content-type: $content_type"$'\n'"content-length: $content_length" | |
curl_header_args+=(-H "x-content-sha256: $content_sha256" -H "content-type: $content_type" -H "content-length: $content_length") | |
body_arg=(--data-binary "@${body}") | |
;; | |
*) | |
$ECHO "Invalid HTTP method: $method" | |
return 1 | |
;; | |
esac | |
local escaped_target | |
escaped_target=$(rawurlencode "$target") # Assuming rawurlencode is a function defined elsewhere | |
local request_target="(request-target): $method $escaped_target" | |
signing_string="$request_target\n$(printf "%b" "date: $now\nhost: $host")$signing_string" | |
local sig | |
sig=$($PRINTF '%b' "$signing_string" | $OPENSSL dgst -sha256 -sign "$privateKeyPath" | $OPENSSL enc -e -base64 | $TR -d '\n') | |
$CURL "${extra_args[@]}" "${body_arg[@]}" -X "$method" -sS "https://$host$escaped_target" "${curl_header_args[@]}" \ | |
-H "Authorization: Signature version=\"$sigVersion\",keyId=\"$keyId\",algorithm=\"$alg\",headers=\"$headers\",signature=\"$sig\"" | |
} | |
oci-curl "$@" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment