Skip to content

Instantly share code, notes, and snippets.

@rcmelendez
Last active November 28, 2023 16:01
Show Gist options
  • Save rcmelendez/f6f2da1f95e9bd3ae3767240ab9b25d3 to your computer and use it in GitHub Desktop.
Save rcmelendez/f6f2da1f95e9bd3ae3767240ab9b25d3 to your computer and use it in GitHub Desktop.
Bash shell script that performs requests using the Devo Provisioning API.
#!/usr/bin/env bash
#
# Bash shell script that performs requests using the Devo Provisioning API.
#
# Tested on Linux (CentOS/Ubuntu) and macOS.
#
#
# Version: 1.1.1
# Author: Roberto Meléndez [Cambridge, USA]
# API Doc: https://docs.devo.com/space/latest/177864705/Provisioning+API
# Released: June 9, 2021
# Updated: November 28, 2023
set -euo pipefail
#######################################
# USER SETTINGS
#
# Uncomment if DEVO_API_KEY and/or DEVO_API_SECRET variables are not already defined in
# your shell startup file (e.g. .zshrc, .bashrc, etc)
# declare -r DEVO_API_KEY=YOUR-API-KEY
# declare -r DEVO_API_SECRET=YOUR-API-SECRET
# Endpoint
# Available regions: us, eu, ca, apac, sasr
declare -r DEVO_CLOUD=us
declare -r BASE_URL=https://api-${DEVO_CLOUD}.devo.com/probio
# Domain & Reseller
declare -r DOMAIN=roberto
# Leave it blank if this is not a reseller
declare -r RESELLER=
if [[ -n "${RESELLER}" ]]; then
DEVO_DOMAIN="${DOMAIN}@${RESELLER}"
else
DEVO_DOMAIN=${DOMAIN}
fi
# Use correct header for resellers
DEVO_API_KEY_HEADER='x-logtrust-domain-apikey'
[[ "${DEVO_DOMAIN}" =~ "@" ]] && DEVO_API_KEY_HEADER='x-logtrust-reseller-apikey'
# User
#declare -r USER=roberto@example.com
# HTTP method (GET, POST, PUT, or DELETE)
declare -r METHOD=GET
# Probio operation
declare -r OPERATION=/domain/${DEVO_DOMAIN}/roles
# Use double quotes if the String has spaces
#declare -r OPERATION="/domain/${DEVO_DOMAIN}/roles/Devo Users"
# Body
# Empty value if using GET
declare -r DATA=''
# Example body that creates a new role
#declare -r DATA='{"name": "Devo Users", "description": "Devo Users role created via Provisioning API", "policies": ["*"]}'
#######################################
# Concatenate full API endpoint URL
declare -r API_ENDPOINT="${BASE_URL}${OPERATION}"
# Get current epoch in miliseconds
declare -i timestamp
timestamp=$(echo "$(date +%s) * 1000" | bc)
# Concatenate DEVO_API_KEY + DATA + timestamp (order is important)
declare -r MESSAGE="${DEVO_API_KEY}${DATA}${timestamp}"
# Generate HMAC signature
# awk is needed to remove "(stdin)= " on Linux
signature=$(echo -n "${MESSAGE}" | openssl dgst -sha256 -hmac "${DEVO_API_SECRET}" | awk '{ print $NF }')
# RESULTS
# Show HTTP method and API operation
echo "${METHOD} ${OPERATION}"
CURL_CMD=$(curl -s -w "%{time_total}" -X ${METHOD} "${API_ENDPOINT}" \
-H "Content-Type: application/json" \
-H "cache-control: no-cache" \
-H "${DEVO_API_KEY_HEADER}: ${DEVO_API_KEY}" \
-H "x-logtrust-timestamp: ${timestamp}" \
-H "x-logtrust-sign: ${signature}" \
-d "${DATA}")
# Pretty print the JSON output if jq is installed
if [[ -x "$(command -v jq)" ]]; then
echo "${CURL_CMD}" | jq '.'
else
echo "${CURL_CMD}"
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment