4edb611792
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1428194 13f79535-47bb-0310-9956-ffa450edef68
108 lines
2.8 KiB
Bash
Executable file
108 lines
2.8 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# Generate an OAuth server conf
|
|
here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
|
|
mkdir -p $1
|
|
root=`echo "import os; print os.path.realpath('$1')" | python`
|
|
|
|
uname=`uname -s`
|
|
if [ $uname = "Darwin" ]; then
|
|
libsuffix=".dylib"
|
|
else
|
|
libsuffix=".so"
|
|
fi
|
|
|
|
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
|
|
host=`echo $conf | awk '{ print $6 }'`
|
|
|
|
sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
|
|
if [ "$sslconf" = "" ]; then
|
|
sslsuffix=""
|
|
else
|
|
sslsuffix="-ssl"
|
|
fi
|
|
|
|
if [ "$2" = "" ]; then
|
|
providers="file"
|
|
else
|
|
providers="file $2"
|
|
fi
|
|
|
|
# Configure HTTPD mod_tuscany_oauth module
|
|
cat >>$root/conf/modules.conf <<EOF
|
|
# Generated by: oauth-conf $*
|
|
# Load support for OAuth authentication
|
|
LoadModule mod_tuscany_oauth2 $here/libmod_tuscany_oauth2$libsuffix
|
|
|
|
EOF
|
|
|
|
# Disallow public access to server resources
|
|
cat >$root/conf/noauth$sslsuffix.conf <<EOF
|
|
# Generated by: oauth-conf $*
|
|
# Disallow public access to server resources
|
|
|
|
EOF
|
|
|
|
# Configure OAuth authentication
|
|
cat >>$root/conf/locauth$sslsuffix.conf <<EOF
|
|
# Generated by: oauth-conf $*
|
|
# Enable OAuth authentication
|
|
<Location />
|
|
AuthType Open
|
|
AuthName "$host"
|
|
AuthOAuthProvider socache $providers
|
|
AuthnCacheProvideFor $providers
|
|
AuthnCacheContext /
|
|
Require valid-user
|
|
AuthOAuth On
|
|
AuthOAuthLoginPage /login/
|
|
AddAuthOAuth2ScopeAttr REALM realm
|
|
AddAuthOAuth2ScopeAttr REMOTE_USER email
|
|
AddAuthOAuth2ScopeAttr EMAIL email
|
|
AddAuthOAuth2ScopeAttr NICKNAME name
|
|
AddAuthOAuth2ScopeAttr FULLNAME name
|
|
AddAuthOAuth2ScopeAttr FIRSTNAME first_name
|
|
AddAuthOAuth2ScopeAttr LASTNAME last_name
|
|
AddAuthOAuth2ScopeAttr FULLNAME name
|
|
</Location>
|
|
|
|
EOF
|
|
|
|
cat >>$root/conf/auth.conf <<EOF
|
|
# Configure OAuth App keys
|
|
Include $root/cert/oauth-keys.conf
|
|
|
|
EOF
|
|
|
|
mkdir -p $root/cert
|
|
cat >$root/cert/oauth-keys.conf <<EOF
|
|
# Generated by: oauth-conf $*
|
|
# OAuth App keys
|
|
|
|
EOF
|
|
|
|
if [ -d "$HOME/.oauth" ]; then
|
|
cat >>$root/conf/auth.conf <<EOF
|
|
# Configure OAuth App keys
|
|
Include $HOME/.oauth/*-key.conf
|
|
|
|
EOF
|
|
fi
|
|
|