hiranp/oci-curl.sh

## oci-curl.sh
#!/bin/bash
# Version: 1.0.2
# ORGIGNAL: https://github.com/f5devcentral/f5-oci-failover/blob/master/oci-curl
# Updated by: hiran.patel on 2024-06-25
# Usage:
# oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]
#
# ex:
# oci-curl iaas.us-ashburn-1.oraclecloud.com get "/20160918/instances?compartmentId=some-compartment-ocid"
# oci-curl iaas.us-ashburn-1.oraclecloud.com post ./request.json "/20160918/vcns"

if [ "$#" -eq 0 ]; then
    echo "Usage: $0 <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]"
    echo "Example:"
    echo "  $0 iaas.us-ashburn-1.oraclecloud.com get \"/20160918/instances?compartmentId=some-compartment-ocid\""
    echo "  $0 iaas.us-ashburn-1.oraclecloud.com post ./request.json \"/20160918/vcns\""
    exit 1
fi

# Dynamically find paths for utilities
LOGGER=$(command -v logger)
OPENSSL=$(command -v openssl)
WC=$(command -v wc)
XARGS=$(command -v xargs)
CURL=$(command -v curl)
DATE=$(command -v date)
ECHO=$(command -v echo)
PRINTF=$(command -v printf)
TR=$(command -v tr)

# exec 1> >(logger -s -t $(basename "$0")) 2>&1
# Redirect stdout and stderr to a temporary file and then use logger
temp_log=$(mktemp)
exec > "$temp_log" 2>&1
trap 'cat "$temp_log" | $LOGGER -s -t "$(basename "$0")"; rm -f "$temp_log"' EXIT

# url encode all special characters except "/", "?", "=", and "&"
function rawurlencode {
    local string="${1}"
    local strlen=${#string}
    local encoded=""
    local pos c o

    for ((pos = 0; pos < strlen; pos++)); do
        c=${string:$pos:1}
        case "$c" in
            [-_.~a-zA-Z0-9] | "/" | "?" | "=" | "&") o="${c}" ;;
            *) $PRINTF -v o '%%%02x' "'$c" ;;
        esac
        encoded+="${o}"
    done

    $ECHO -n "${encoded}"
}

# main oci-curl function
function oci-curl {
    # Use environment variables if set, otherwise use defaults
    local tenancyId="${OCI_TENANCY_ID:-ocid1.tenancy.oc1..ocid1.privateip.oc1.phx.abyhqljREPLACETHISWITHYOUROCIDSa}"
    local authUserId="${OCI_AUTH_USER_ID:-ocid1.user.oc1..aaaaaaaaky3iyt7oqbdolpppdnqfbbarbREPLACETHISWITHYOUROCIDSvwq}"
    local keyFingerprint="${OCI_KEY_FINGERPRINT:-b0:77:5f:39:37:36:e2:dc:98:d2:00:00:00:00:00:00}"
    local privateKeyPath="${OCI_PRIVATE_KEY_PATH:-/config/failover/oci_api_key.pem}"

    local alg=rsa-sha256
    local sigVersion="1"
    local now="$($DATE -u "+%a, %d %h %Y %H:%M:%S GMT")"
    local host=$1
    local method=$(echo "$2" | $TR '[:lower:]' '[:upper:]') # Convert method to uppercase
    local target=$3
    local body=$4
    local extra_args=("${@:5}")
    local keyId="$tenancyId/$authUserId/$keyFingerprint"
    local headers="(request-target) date host"
    local signing_string=""
    local curl_header_args=(-H "date: $now" -H "host: $host")
    local body_arg=()

    case $method in
        GET|DELETE|HEAD)
            extra_args=("${@:4}")
            ;;
        POST|PUT)
            local content_sha256="$($OPENSSL dgst -binary -sha256 <"$body" | $OPENSSL enc -e -base64)"
            local content_type="application/json"
            local content_length="$($WC -c <"$body" | $XARGS)"
            headers+=" x-content-sha256 content-type content-length"
            signing_string+=$'\n'"x-content-sha256: $content_sha256"$'\n'"content-type: $content_type"$'\n'"content-length: $content_length"
            curl_header_args+=(-H "x-content-sha256: $content_sha256" -H "content-type: $content_type" -H "content-length: $content_length")
            body_arg=(--data-binary "@${body}")
            ;;
        *)
            $ECHO "Invalid HTTP method: $method"
            return 1
            ;;
    esac

    local escaped_target
    escaped_target=$(rawurlencode "$target") # Assuming rawurlencode is a function defined elsewhere

    local request_target="(request-target): $method $escaped_target"
    signing_string="$request_target\n$(printf "%b" "date: $now\nhost: $host")$signing_string"

    local sig
    sig=$($PRINTF '%b' "$signing_string" | $OPENSSL dgst -sha256 -sign "$privateKeyPath" | $OPENSSL enc -e -base64 | $TR -d '\n')

    $CURL "${extra_args[@]}" "${body_arg[@]}" -X "$method" -sS "https://$host$escaped_target" "${curl_header_args[@]}" \
        -H "Authorization: Signature version=\"$sigVersion\",keyId=\"$keyId\",algorithm=\"$alg\",headers=\"$headers\",signature=\"$sig\""
}

oci-curl "$@"
	#!/bin/bash
	# Version: 1.0.2
	# ORGIGNAL: https://github.com/f5devcentral/f5-oci-failover/blob/master/oci-curl
	# Updated by: hiran.patel on 2024-06-25
	# Usage:
	# oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]
	#
	# ex:
	# oci-curl iaas.us-ashburn-1.oraclecloud.com get "/20160918/instances?compartmentId=some-compartment-ocid"
	# oci-curl iaas.us-ashburn-1.oraclecloud.com post ./request.json "/20160918/vcns"

	if [ "$#" -eq 0 ]; then
	echo "Usage: $0 <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]"
	echo "Example:"
	echo " $0 iaas.us-ashburn-1.oraclecloud.com get \"/20160918/instances?compartmentId=some-compartment-ocid\""
	echo " $0 iaas.us-ashburn-1.oraclecloud.com post ./request.json \"/20160918/vcns\""
	exit 1
	fi

	# Dynamically find paths for utilities
	LOGGER=$(command -v logger)
	OPENSSL=$(command -v openssl)
	WC=$(command -v wc)
	XARGS=$(command -v xargs)
	CURL=$(command -v curl)
	DATE=$(command -v date)
	ECHO=$(command -v echo)
	PRINTF=$(command -v printf)
	TR=$(command -v tr)

	# exec 1> >(logger -s -t $(basename "$0")) 2>&1
	# Redirect stdout and stderr to a temporary file and then use logger
	temp_log=$(mktemp)
	exec > "$temp_log" 2>&1
	trap 'cat "$temp_log" \| $LOGGER -s -t "$(basename "$0")"; rm -f "$temp_log"' EXIT

	# url encode all special characters except "/", "?", "=", and "&"
	function rawurlencode {
	local string="${1}"
	local strlen=${#string}
	local encoded=""
	local pos c o

	for ((pos = 0; pos < strlen; pos++)); do
	c=${string:$pos:1}
	case "$c" in
	[-_.~a-zA-Z0-9] \| "/" \| "?" \| "=" \| "&") o="${c}" ;;
	*) $PRINTF -v o '%%%02x' "'$c" ;;
	esac
	encoded+="${o}"
	done

	$ECHO -n "${encoded}"
	}

	# main oci-curl function
	function oci-curl {
	# Use environment variables if set, otherwise use defaults
	local tenancyId="${OCI_TENANCY_ID:-ocid1.tenancy.oc1..ocid1.privateip.oc1.phx.abyhqljREPLACETHISWITHYOUROCIDSa}"
	local authUserId="${OCI_AUTH_USER_ID:-ocid1.user.oc1..aaaaaaaaky3iyt7oqbdolpppdnqfbbarbREPLACETHISWITHYOUROCIDSvwq}"
	local keyFingerprint="${OCI_KEY_FINGERPRINT:-b0:77:5f:39:37:36:e2:dc:98:d2:00:00:00:00:00:00}"
	local privateKeyPath="${OCI_PRIVATE_KEY_PATH:-/config/failover/oci_api_key.pem}"

	local alg=rsa-sha256
	local sigVersion="1"
	local now="$($DATE -u "+%a, %d %h %Y %H:%M:%S GMT")"
	local host=$1
	local method=$(echo "$2" \| $TR '[:lower:]' '[:upper:]') # Convert method to uppercase
	local target=$3
	local body=$4
	local extra_args=("${@:5}")
	local keyId="$tenancyId/$authUserId/$keyFingerprint"
	local headers="(request-target) date host"
	local signing_string=""
	local curl_header_args=(-H "date: $now" -H "host: $host")
	local body_arg=()

	case $method in
	GET\|DELETE\|HEAD)
	extra_args=("${@:4}")
	;;
	POST\|PUT)
	local content_sha256="$($OPENSSL dgst -binary -sha256 <"$body" \| $OPENSSL enc -e -base64)"
	local content_type="application/json"
	local content_length="$($WC -c <"$body" \| $XARGS)"
	headers+=" x-content-sha256 content-type content-length"
	signing_string+=$'\n'"x-content-sha256: $content_sha256"$'\n'"content-type: $content_type"$'\n'"content-length: $content_length"
	curl_header_args+=(-H "x-content-sha256: $content_sha256" -H "content-type: $content_type" -H "content-length: $content_length")
	body_arg=(--data-binary "@${body}")
	;;
	*)
	$ECHO "Invalid HTTP method: $method"
	return 1
	;;
	esac

	local escaped_target
	escaped_target=$(rawurlencode "$target") # Assuming rawurlencode is a function defined elsewhere

	local request_target="(request-target): $method $escaped_target"
	signing_string="$request_target\n$(printf "%b" "date: $now\nhost: $host")$signing_string"

	local sig
	sig=$($PRINTF '%b' "$signing_string" \| $OPENSSL dgst -sha256 -sign "$privateKeyPath" \| $OPENSSL enc -e -base64 \| $TR -d '\n')

	$CURL "${extra_args[@]}" "${body_arg[@]}" -X "$method" -sS "https://$host$escaped_target" "${curl_header_args[@]}" \
	-H "Authorization: Signature version=\"$sigVersion\",keyId=\"$keyId\",algorithm=\"$alg\",headers=\"$headers\",signature=\"$sig\""
	}

	oci-curl "$@"