From 7bcdd893dafc67396901b812c7cc56b4f7652633 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Vysko=C4=8Dil?= <vyskocilpavel@muni.cz>
Date: Thu, 28 Feb 2019 12:32:51 +0100
Subject: [PATCH] Changes in script proxy_idp_auth_test.sh
* Changed the script to test login via the host, from which is the script runs
---
README.md | 6 ++++++
proxy_idp_auth_test.sh | 19 +++++++++++++------
2 files changed, 19 insertions(+), 6 deletions(-)
diff --git a/README.md b/README.md
index 2059c2d..0dee2bf 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ services=""
</pre>
### proxy_idp_auth_test.sh
+This script checks the login to SP via the host, from which is the script runs
+
* Requirements:
* library *bc*
<pre>
@@ -42,6 +44,10 @@ password=""
# Fill in the instance name
# Instance name must not contain a space
instanceName=""
+
+# Fill in the global domain name of ProxyIdP
+# For example: login.cesnet.cz
+proxyDomainName="login.elixir-czech.org"
</pre>
## List of plugins
diff --git a/proxy_idp_auth_test.sh b/proxy_idp_auth_test.sh
index 9e1e4c9..a630770 100755
--- a/proxy_idp_auth_test.sh
+++ b/proxy_idp_auth_test.sh
@@ -23,8 +23,15 @@ password=""
# Instance name must not contain a space
instanceName=""
+# Fill in the global domain name of ProxyIdP
+# For example: login.cesnet.cz
+proxyDomainName=""
+
# How long is normal for total roundtrip (seconds)
-warningTime=5
+warningTime=10
+
+## Get host IP
+ip=($(hostname -I))
# End function
end()
@@ -46,7 +53,7 @@ if [[ $status -eq 0 && $totalTime -gt $(( $warningTime * 1000000000 )) ]]; then
statustxt="Successful login, but was too long."
fi
-echo "$status proxy_idp_auth_test-$instanceName login_time=$timeStat $statustxt"
+echo "$status $basename-$instanceName login_time=$timeStat $statustxt"
exit 0
}
@@ -55,7 +62,7 @@ cookieJar=$(mktemp /tmp/${basename}.XXXXXX) || exit 3
startTime=$(date +%s%N)
# REQUEST #1: fetch URL for authentication page
-html=$(curl -L -sS -c ${cookieJar} -w 'LAST_URL:%{url_effective}' ${testSite}) || end 2 "Failed to fetch URL: $testSite"
+html=$(curl -L -sS -c ${cookieJar} -w 'LAST_URL:%{url_effective}' --resolve ${proxyDomainName}':443:'${ip} ${testSite}) || end 2 "Failed to fetch URL: $testSite"
# Parse HTML to get the URL where to POST login (written out by curl itself above)
authURL=$(echo ${html} | sed -e 's/.*LAST_URL:\(.*\)$/\1/')
@@ -68,7 +75,7 @@ fi
# REQUEST #2: log in
html=$(curl -L -sS -c ${cookieJar} -b ${cookieJar} -w 'LAST_URL:%{url_effective}' \
--d "j_username=$login" -d "j_password=$password" --data-urlencode "AuthState=${authState}" ${authURL}) || end 2 "Failed to fetch URL: $authURL"
+-d "j_username=$login" -d "j_password=$password" --data-urlencode "AuthState=${authState}" --resolve ${proxyDomainName}':443:'${ip} ${authURL}) || end 2 "Failed to fetch URL: $authURL"
lastURL=$(echo ${html} | sed -e 's/.*LAST_URL:\(.*\)$/\1/')
@@ -83,7 +90,7 @@ proxySamlResponse=$(echo ${html} | sed -e 's/.*hidden[^>]*SAMLResponse[^>]*value
# REQUEST #3: post the SAMLResponse to proxy
html=$(curl -L -sS -c ${cookieJar} -b ${cookieJar} -w 'LAST_URL:%{url_effective}' \
- --data-urlencode "SAMLResponse=${proxySamlResponse}" ${proxySamlEndpoint}) || end 2 "Failed to fetch URL: $proxySamlEndpoint"
+ --data-urlencode "SAMLResponse=${proxySamlResponse}" --resolve ${proxyDomainName}':443:'${ip} ${proxySamlEndpoint}) || end 2 "Failed to fetch URL: $proxySamlEndpoint"
# We do not support JS, so parse HTML for SAML endpoint and response
spSamlEndpoint=$(echo ${html} | sed -e 's/.*form[^>]*action=[\"'\'']\([^\"'\'']*\)[\"'\''].*method[^>].*/\1/')
@@ -91,7 +98,7 @@ spSamlResponse=$(echo ${html} | sed -e 's/.*hidden[^>]*SAMLResponse[^>]*value=[\
# REQUEST #4: post the SAMLResponse to SP
html=$(curl -L -sS -c ${cookieJar} -b ${cookieJar} -w 'LAST_URL:%{url_effective}' \
- --data-urlencode "SAMLResponse=${spSamlResponse}" ${spSamlEndpoint}) || end 2 "Failed to fetch URL: $spSamlEndpoint"
+ --data-urlencode "SAMLResponse=${spSamlResponse}" --resolve ${proxyDomainName}':443:'${ip} ${spSamlEndpoint}) || end 2 "Failed to fetch URL: $spSamlEndpoint"
lastURL=$(echo ${html} | sed -e 's/.*LAST_URL:\(.*\)$/\1/')
--
GitLab