From 8cb34b687044aac4bbd9f6c71cbce4957ef99769 Mon Sep 17 00:00:00 2001 From: Tom Scavo Date: Mon, 12 Dec 2016 09:49:25 -0500 Subject: [PATCH] Refactor function CLI --- bin/probe_saml_idp.sh | 4 +++- lib/saml_tools.sh | 49 +++++++++++++++++++++---------------------- 2 files changed, 27 insertions(+), 26 deletions(-) diff --git a/bin/probe_saml_idp.sh b/bin/probe_saml_idp.sh index 7ab2cf6..75f2de7 100755 --- a/bin/probe_saml_idp.sh +++ b/bin/probe_saml_idp.sh @@ -380,8 +380,10 @@ for http_binding in $http_bindings; do fi # probe the endpoint - output=$( probe_saml2_idp_endpoint -v \ + output=$( probe_saml2_idp_endpoint \ -t $connect_timeout -m $max_time -r $max_redirs \ + -V "$tmp_subdir/curl_trace.txt" \ + -o "$tmp_subdir/idp_http_response.html" \ -T "$tmp_subdir" \ $location $binding "$saml_message" ) diff --git a/lib/saml_tools.sh b/lib/saml_tools.sh index d701740..2642fe5 100755 --- a/lib/saml_tools.sh +++ b/lib/saml_tools.sh @@ -25,9 +25,11 @@ # presenting an HTML login form to the client. # # Usage: -# probe_saml2_idp_endpoint [-v] \ +# probe_saml2_idp_endpoint \ # -t CONNECT_TIME -m MAX_TIME \ # -r MAX_REDIRS \ +# [-V CURL_TRACE_FILE] \ +# [-o RESPONSE_FILE] \ # -T TMP_DIR \ # IDP_ENDPOINT_LOCATION IDP_ENDPOINT_BINDING \ # SAML_MESSAGE @@ -78,11 +80,10 @@ probe_saml2_idp_endpoint () { fi # user agent - local script_version="0.5" + local script_version="0.6" local user_agent_string="SAML2 IdP Endpoint Probe ${script_version}" # command-line options - local verbose_mode=false local local_opts local connect_timeout local max_time @@ -116,23 +117,34 @@ probe_saml2_idp_endpoint () { # Process command-line options and arguments. ################################################################### + # default curl options + curl_opts="--silent --show-error" + curl_opts="$curl_opts --insecure --tlsv1" + local opt local OPTARG local OPTIND - while getopts ":vt:m:r:T:" opt; do + while getopts ":t:m:r:V:o:T:" opt; do case $opt in - v) - verbose_mode=true - local_opts="$local_opts -$opt" - ;; t) connect_timeout="$OPTARG" + curl_opts="$curl_opts --connect-timeout $connect_timeout" ;; m) max_time="$OPTARG" + curl_opts="$curl_opts --max-time $max_time" ;; r) max_redirs="$OPTARG" + curl_opts="$curl_opts --location --max-redirs $max_redirs" + ;; + V) + curl_trace_file="$OPTARG" + curl_opts="$curl_opts --trace-ascii $curl_trace_file" + ;; + o) + response_file="$OPTARG" + curl_opts="$curl_opts --output $response_file" ;; T) tmp_dir="$OPTARG" @@ -209,24 +221,11 @@ probe_saml2_idp_endpoint () { # temporary files header_file="${tmp_dir}/idp_http_header.txt" + curl_opts="${curl_opts} --dump-header $header_file" printf "$FUNCNAME using IdP header file: %s\n" "$header_file" >> "$tmp_log_file" - response_file="${tmp_dir}/idp_http_response.html" - printf "$FUNCNAME using IdP response file: %s\n" "$response_file" >> "$tmp_log_file" cookie_jar_file="${tmp_dir}/idp_cookie_jar.txt" - printf "$FUNCNAME using IdP cookie file: %s\n" "$cookie_jar_file" >> "$tmp_log_file" - - # compute curl command-line options - curl_opts="--silent --show-error" - if $verbose_mode; then - curl_trace_file="${tmp_dir}/curl_trace.txt" - curl_opts="${curl_opts} --trace-ascii $curl_trace_file" - fi - curl_opts="${curl_opts} --connect-timeout $connect_timeout --max-time $max_time" - curl_opts="${curl_opts} --insecure --tlsv1" - curl_opts="${curl_opts} --location --max-redirs $max_redirs" curl_opts="${curl_opts} --cookie-jar $cookie_jar_file --cookie $cookie_jar_file" - curl_opts="${curl_opts} --dump-header $header_file" - curl_opts="${curl_opts} --output $response_file" + printf "$FUNCNAME using IdP cookie file: %s\n" "$cookie_jar_file" >> "$tmp_log_file" ################################################################### # Compute the protocol URL. @@ -293,12 +292,12 @@ probe_saml2_idp_endpoint () { fi - printf "$FUNCNAME using curl opts: %s\n" "$curl_opts" >> "$tmp_log_file" - ################################################################### # Probe the IdP endpoint. ################################################################### + printf "$FUNCNAME using curl opts: %s\n" "$curl_opts" >> "$tmp_log_file" + # transmit the request to the IdP curl_output=$( /usr/bin/curl ${curl_opts} \ --user-agent "$user_agent_string" \