git.defcon.no Git - hermes/blob - guc-clients/feide2sipuser

   1 #!/usr/bin/perl
   2 use strict;
   3
   4 use Getopt::Long;
   5 use Net::LDAP;
   6 use Net::LDAP::Control::Paged;
   7 use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
   8 use LWP;
   9 use JSON;
  10 use AppConfig;
  11
  12 my $api_key;
  13
  14 my $help;
  15 my $username;
  16 my $configfile;
  17 my ($g_ua, $session, $api_key, $auth_key, $data, $domain);
  18 my ($user, $displayname, $phone, $mail, $sipuser, $linetext);
  19
  20 my $config = AppConfig->new({ CREATE => 1 });
  21
  22 $config->define("api_url=s");
  23 $config->define("api_keyfile=s");
  24 $config->define("feide_server=s");
  25 $config->define("feide_login=s");
  26 $config->define("feide_passwd=s");
  27 $config->define("feide_people=s");
  28
  29 $config->define("numbers_local_prefix=s");
  30 $config->define("numbers_local_series=s");
  31 $config->define("numbers_countrycode=s");
  32
  33 GetOptions(
  34         "help"          => \$help,
  35         "username=s"    => \$username,
  36         "configfile=s"  => \$configfile,
  37 );
  38
  39 if (
  40         (not $username) ||
  41         (( $configfile ) && ( not -f $configfile ))
  42 )
  43 {
  44         $help = 1;
  45 }
  46
  47 $config->file( $configfile );
  48
  49 if (    ( not  $config->api_url ) ||
  50         ( not  $config->api_keyfile ) ||
  51         ( $config->api_keyfile && not -f $config->api_keyfile ) ||
  52         ( not  $config->feide_server ) ||
  53         ( not  $config->feide_login ) ||
  54         ( not  $config->feide_passwd ) ||
  55         ( not  $config->feide_people ) )
  56 {
  57         $help = 1;
  58 }
  59
  60 if ( $help ) {
  61 print <<END_HELP;
  62 Verify that the following options are set:
  63         --configfile=s
  64         --username=s
  65
  66 Verify the contents of the configuration file.
  67 Verify that the key-file exists.
  68 END_HELP
  69 exit; }
  70
  71 open KEY, "<" . $config->api_keyfile;
  72 chomp( $api_key = <KEY> );
  73 close KEY;
  74
  75 if ( not $username =~ m/\w+/ )
  76 { print "Illegal username\n"; exit; }
  77
  78
  79 # Kobler til LDAP-server
  80 my $ldap = Net::LDAP->new($config->feide_server, version => 3)
  81         or die "Can't connect to LDAP server: " . $config->feide_server . "!\n";
  82 my $msg = $ldap->bind (dn => $config->feide_login, password => $config->feide_passwd);
  83 if ( $msg->code()) {
  84         die ("LDAP error: ", $msg->error_text((), "\n"));
  85 }
  86
  87 $msg = $ldap->search( base => $config->feide_people,
  88                         scope    => "subtree",
  89                         filter => "(uid=". $username .")",
  90                         attrs => () );
  91 die("Getting information for " . $username . " failed..." ) if ( $msg->count != 1 );
  92
  93 $user = $msg->entry;
  94 $displayname = $user->get_value("displayName");
  95 $phone = $user->get_value("telephoneNumber");
  96 $mail = $user->get_value("mail");
  97 $sipuser = $user->get_value("eduPersonPrincipalName");
  98
  99 my $short_test = "^" . $config->numbers_local_series;
 100 my $long_test = "^" . $config->numbers_local_prefix . $config->numbers_local_series;
 101
 102 if ( $phone =~ m/$short_test/ )
 103 {
 104         print "Phone number is in 5-digit local format. Completing E164.\n";
 105         $linetext = $config->numbers_local_prefix . $phone;
 106         $phone = $config->numbers_countrycode . $config->numbers_local_prefix . $phone;
 107 }
 108 elsif ( $phone =~ m/$long_test/ )
 109 {
 110         print "Phone number is in 8-digit local format. Adding CC.\n" ;
 111         $linetext = $phone;
 112         $phone = $config->numbers_countrycode . $phone;
 113 }
 114 else
 115 {
 116         print "Unable to recognize Phone number. Check FEIDE\n";
 117         exit;
 118 }
 119
 120 print "Data so far:" . "\n";
 121 print "  Username:    " . $username . "\n";
 122 print "  Displayname: " . $displayname . "\n";
 123 print "  Phone:       " . $phone . "\n";
 124 print "  Line-text:   " . $linetext . "\n";
 125 print "  Mail:        " . $mail . "\n";
 126 print "  SIP address: " . $sipuser . "\n";
 127
 128 $msg = $ldap->unbind;
 129 if ( $msg->code()) { die ("LDAP error: ", $msg->error_text((), "\n")); }
 130
 131 $g_ua = LWP::UserAgent->new;
 132 $g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
 133
 134 login_apikey();
 135
 136 $data = exec_apinode("user/available", { "user" => $sipuser });
 137 if ( not $data->{'response'} eq 'ok' )
 138 {
 139         printf("Unable to add user, Hermes response to available query is: %s\n", $data->{'cause'});
 140         exit;
 141 }
 142 undef $data;
 143
 144 $data = exec_apinode("user/add_local", {
 145         "user" => $sipuser,
 146         "displayname" => $displayname,
 147         "email" => $mail,
 148 });
 149 if ( not $data->{'response'} eq 'ok' )
 150 {
 151         printf("Unable to add user, Hermes response to add_local query is: %s\n", $data->{'cause'});
 152         exit;
 153 }
 154 else
 155 {
 156         printf("Added user, login information:\n");
 157         printf("username:    %s@%s\nauthid:      %s\npassword:    %s\n" .
 158                 "registrar:   %s:%d\nproxy:       %s:%d\ndisplayname: %s\n" .
 159                 "email:       %s\npermission:  %s\n",
 160                 $data->{'user'}->{'username'},
 161                 $data->{'user'}->{'domain'},
 162                 $data->{'user'}->{'authid'},
 163                 $data->{'user'}->{'password'},
 164                 $data->{'user'}->{'registrar'},
 165                 $data->{'user'}->{'r_port'},
 166                 $data->{'user'}->{'proxy'},
 167                 $data->{'user'}->{'p_port'},
 168                 $data->{'user'}->{'displayname'},
 169                 $data->{'user'}->{'email'},
 170                 $data->{'user'}->{'permittedcalls'},
 171         );
 172         $domain = $data->{'user'}->{'domain'},
 173         $phone .= "\@" . $domain;
 174 }
 175 undef $data;
 176
 177 unless ( $mail eq $sipuser )
 178 {
 179         $data = exec_apinode("alias/add", {
 180                 "destination" => $sipuser,
 181                 "alias" => $mail,
 182         });
 183         if ( not $data->{'response'} eq 'ok' )
 184         {
 185                 printf("Unable to add alias, Hermes response to add_local query is: %s\n", $data->{'cause'});
 186                 printf("Attempting to roll back user %s: ", $sipuser);
 187                 undef $data; $data = exec_apinode("user/remove", { "user" => $sipuser });
 188                 printf("%s\n", $data->{'response'});
 189                 exit;
 190         }
 191         else
 192         { printf("alias:       %s\n", $mail); }
 193         undef $data;
 194 }
 195
 196 $data = exec_apinode("alias/add", {
 197         "destination" => $sipuser,
 198         "alias" => $phone,
 199 });
 200 if ( not $data->{'response'} eq 'ok' )
 201 {
 202         printf("Unable to add E164 number, Hermes response to add_local query is: %s\n", $data->{'cause'});
 203         printf("Attempting to roll back user %s: ", $sipuser);
 204         exec_apinode("alias/remove", { "alias" => $mail });
 205         exec_apinode("user/remove", { "user" => $sipuser });
 206         exit;
 207 }
 208 else
 209 { printf("e164:        %s\n", $phone); }
 210 undef $data;
 211
 212 $data = exec_apinode("user/update", {
 213         "user" => $sipuser,
 214         "linetext" => $linetext,
 215 });
 216 if ( not $data->{'response'} eq 'ok' )
 217 {
 218         printf("Did not update 'linetext' element.");
 219 }
 220
 221 # During testing:
 222 #exec_apinode("alias/remove", { "alias" => $mail });
 223 #exec_apinode("alias/remove", { "alias" => $phone });
 224 #exec_apinode("user/remove", { "user" => $sipuser });
 225
 226 logout();
 227 ################################################################################################
 228 sub exec_apinode($$)
 229 {
 230         my $node = shift;
 231         my $param = shift;
 232
 233         my ( $response, $data );
 234
 235         $session = "" if not defined $session;
 236         $auth_key = "" if not defined $auth_key;
 237         my $url = $config->api_url . "/" . $node;
 238
 239         $param->{'session'} = $session;
 240         $param->{'auth_key'} = $auth_key;
 241
 242         $response = $g_ua->post( $url, $param );
 243         if ( $response->is_success )
 244         {
 245                 if ( $response->content =~ m/\s*{/ )
 246                 {
 247                         $data = decode_json( $response->content);
 248                 }
 249                 else
 250                 {
 251                         $data = $response->content;
 252                 }
 253
 254         }
 255         return $data;
 256 }
 257
 258 sub login_apikey
 259 {
 260         my $response = $g_ua->post( $config->api_url . "/auth/login",
 261                 [ "api_key" => $api_key ] );
 262
 263         my $data = decode_json( $response->content) if $response->is_success;
 264         die("HTTP error") unless $response->is_success;
 265
 266         if ( $data->{'response'} eq "ok" )
 267         {
 268                 $session = $data->{'session'};
 269                 $auth_key = $data->{'auth_key'};
 270         }
 271         else
 272         {
 273                 print "Unable to log in to Hermes API\n";
 274                 exit;
 275         }
 276         undef $data; undef $response;
 277 }
 278
 279 sub logout
 280 {
 281         my $response = $g_ua->post( $config->api_url . "/auth/logout",
 282                 [ "session" => $session ] );
 283         die("HTTP error") unless $response->is_success;
 284         undef $session; undef $auth_key;
 285 }