]> git.defcon.no Git - hermes/blob - guc-clients/feide2sipuser
48e20c8a207c083b31a3c60c0b845a3b2e88fab7
[hermes] / guc-clients / feide2sipuser
1 #!/usr/bin/perl
2 use strict;
3
4 use Getopt::Long;
5 use Net::LDAP;
6 use Net::LDAP::Control::Paged;
7 use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
8 use LWP;
9 use JSON;
10 use AppConfig;
11
12 my $api_key;
13
14 my $help;
15 my $username;
16 my $configfile;
17 my ($g_ua, $session, $api_key, $auth_key, $data, $domain);
18 my ($user, $displayname, $phone, $mail, $sipuser, $linetext);
19
20 my $config = AppConfig->new({ CREATE => 1 });
21
22 $config->define("api_url=s");
23 $config->define("api_keyfile=s");
24 $config->define("feide_server=s");
25 $config->define("feide_login=s");
26 $config->define("feide_passwd=s");
27 $config->define("feide_people=s");
28
29 $config->define("numbers_local_prefix=s");
30 $config->define("numbers_local_series=s");
31 $config->define("numbers_countrycode=s");
32
33 GetOptions(
34 "help" => \$help,
35 "username=s" => \$username,
36 "configfile=s" => \$configfile,
37 );
38
39 if (
40 (not $username) ||
41 (( $configfile ) && ( not -f $configfile ))
42 )
43 {
44 $help = 1;
45 }
46
47 $config->file( $configfile );
48
49 if ( ( not $config->api_url ) ||
50 ( not $config->api_keyfile ) ||
51 ( $config->api_keyfile && not -f $config->api_keyfile ) ||
52 ( not $config->feide_server ) ||
53 ( not $config->feide_login ) ||
54 ( not $config->feide_passwd ) ||
55 ( not $config->feide_people ) )
56 {
57 $help = 1;
58 }
59
60 if ( $help ) {
61 print <<END_HELP;
62 Verify that the following options are set:
63 --configfile=s
64 --username=s
65
66 Verify the contents of the configuration file.
67 Verify that the key-file exists.
68 END_HELP
69 exit; }
70
71 open KEY, "<" . $config->api_keyfile;
72 chomp( $api_key = <KEY> );
73 close KEY;
74
75 if ( not $username =~ m/\w+/ )
76 { print "Illegal username\n"; exit; }
77
78
79 # Kobler til LDAP-server
80 my $ldap = Net::LDAP->new($config->feide_server, version => 3)
81 or die "Can't connect to LDAP server: " . $config->feide_server . "!\n";
82 my $msg = $ldap->bind (dn => $config->feide_login, password => $config->feide_passwd);
83 if ( $msg->code()) {
84 die ("LDAP error: ", $msg->error_text((), "\n"));
85 }
86
87 $msg = $ldap->search( base => $config->feide_people,
88 scope => "subtree",
89 filter => "(uid=". $username .")",
90 attrs => () );
91 die("Getting information for " . $username . " failed..." ) if ( $msg->count != 1 );
92
93 $user = $msg->entry;
94 $displayname = $user->get_value("displayName");
95 $phone = $user->get_value("telephoneNumber");
96 $mail = $user->get_value("mail");
97 $sipuser = $user->get_value("eduPersonPrincipalName");
98
99 my $short_test = "^" . $config->numbers_local_series;
100 my $long_test = "^" . $config->numbers_local_prefix . $config->numbers_local_series;
101
102 if ( $phone =~ m/$short_test/ )
103 {
104 print "Phone number is in 5-digit local format. Completing E164.\n";
105 $linetext = $config->numbers_local_prefix . $phone;
106 $phone = $config->numbers_countrycode . $config->numbers_local_prefix . $phone;
107 }
108 elsif ( $phone =~ m/$long_test/ )
109 {
110 print "Phone number is in 8-digit local format. Adding CC.\n" ;
111 $linetext = $phone;
112 $phone = $config->numbers_countrycode . $phone;
113 }
114 else
115 {
116 print "Unable to recognize Phone number. Check FEIDE\n";
117 exit;
118 }
119
120 print "Data so far:" . "\n";
121 print " Username: " . $username . "\n";
122 print " Displayname: " . $displayname . "\n";
123 print " Phone: " . $phone . "\n";
124 print " Line-text: " . $linetext . "\n";
125 print " Mail: " . $mail . "\n";
126 print " SIP address: " . $sipuser . "\n";
127
128 $msg = $ldap->unbind;
129 if ( $msg->code()) { die ("LDAP error: ", $msg->error_text((), "\n")); }
130
131 $g_ua = LWP::UserAgent->new;
132 $g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
133
134 login_apikey();
135
136 $data = exec_apinode("user/available", { "user" => $sipuser });
137 if ( not $data->{'response'} eq 'ok' )
138 {
139 printf("Unable to add user, Hermes response to available query is: %s\n", $data->{'cause'});
140 exit;
141 }
142 undef $data;
143
144 $data = exec_apinode("user/add_local", {
145 "user" => $sipuser,
146 "displayname" => $displayname,
147 "email" => $mail,
148 });
149 if ( not $data->{'response'} eq 'ok' )
150 {
151 printf("Unable to add user, Hermes response to add_local query is: %s\n", $data->{'cause'});
152 exit;
153 }
154 else
155 {
156 printf("Added user, login information:\n");
157 printf("username: %s@%s\nauthid: %s\npassword: %s\n" .
158 "registrar: %s:%d\nproxy: %s:%d\ndisplayname: %s\n" .
159 "email: %s\npermission: %s\n",
160 $data->{'user'}->{'username'},
161 $data->{'user'}->{'domain'},
162 $data->{'user'}->{'authid'},
163 $data->{'user'}->{'password'},
164 $data->{'user'}->{'registrar'},
165 $data->{'user'}->{'r_port'},
166 $data->{'user'}->{'proxy'},
167 $data->{'user'}->{'p_port'},
168 $data->{'user'}->{'displayname'},
169 $data->{'user'}->{'email'},
170 $data->{'user'}->{'permittedcalls'},
171 );
172 $domain = $data->{'user'}->{'domain'},
173 $phone .= "\@" . $domain;
174 }
175 undef $data;
176
177 unless ( $mail eq $sipuser )
178 {
179 $data = exec_apinode("alias/add", {
180 "destination" => $sipuser,
181 "alias" => $mail,
182 });
183 if ( not $data->{'response'} eq 'ok' )
184 {
185 printf("Unable to add alias, Hermes response to add_local query is: %s\n", $data->{'cause'});
186 printf("Attempting to roll back user %s: ", $sipuser);
187 undef $data; $data = exec_apinode("user/remove", { "user" => $sipuser });
188 printf("%s\n", $data->{'response'});
189 exit;
190 }
191 else
192 { printf("alias: %s\n", $mail); }
193 undef $data;
194 }
195
196 $data = exec_apinode("alias/add", {
197 "destination" => $sipuser,
198 "alias" => $phone,
199 });
200 if ( not $data->{'response'} eq 'ok' )
201 {
202 printf("Unable to add E164 number, Hermes response to add_local query is: %s\n", $data->{'cause'});
203 printf("Attempting to roll back user %s: ", $sipuser);
204 exec_apinode("alias/remove", { "alias" => $mail });
205 exec_apinode("user/remove", { "user" => $sipuser });
206 exit;
207 }
208 else
209 { printf("e164: %s\n", $phone); }
210 undef $data;
211
212 $data = exec_apinode("user/update", {
213 "user" => $sipuser,
214 "linetext" => $linetext,
215 });
216 if ( not $data->{'response'} eq 'ok' )
217 {
218 printf("Did not update 'linetext' element.");
219 }
220
221 # During testing:
222 #exec_apinode("alias/remove", { "alias" => $mail });
223 #exec_apinode("alias/remove", { "alias" => $phone });
224 #exec_apinode("user/remove", { "user" => $sipuser });
225
226 logout();
227 ################################################################################################
228 sub exec_apinode($$)
229 {
230 my $node = shift;
231 my $param = shift;
232
233 my ( $response, $data );
234
235 $session = "" if not defined $session;
236 $auth_key = "" if not defined $auth_key;
237 my $url = $config->api_url . "/" . $node;
238
239 $param->{'session'} = $session;
240 $param->{'auth_key'} = $auth_key;
241
242 $response = $g_ua->post( $url, $param );
243 if ( $response->is_success )
244 {
245 if ( $response->content =~ m/\s*{/ )
246 {
247 $data = decode_json( $response->content);
248 }
249 else
250 {
251 $data = $response->content;
252 }
253
254 }
255 return $data;
256 }
257
258 sub login_apikey
259 {
260 my $response = $g_ua->post( $config->api_url . "/auth/login",
261 [ "api_key" => $api_key ] );
262
263 my $data = decode_json( $response->content) if $response->is_success;
264 die("HTTP error") unless $response->is_success;
265
266 if ( $data->{'response'} eq "ok" )
267 {
268 $session = $data->{'session'};
269 $auth_key = $data->{'auth_key'};
270 }
271 else
272 {
273 print "Unable to log in to Hermes API\n";
274 exit;
275 }
276 undef $data; undef $response;
277 }
278
279 sub logout
280 {
281 my $response = $g_ua->post( $config->api_url . "/auth/logout",
282 [ "session" => $session ] );
283 die("HTTP error") unless $response->is_success;
284 undef $session; undef $auth_key;
285 }