CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

connect

Browse Source
This commit is contained in:
Jason Ertel
2024-10-28 19:11:26 -04:00
parent d503c09ef2
commit 12a76a9d35
2 changed files with 50 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
salt/manager/tools/sbin/so-client
View File

@@ -43,6 +43,12 @@ function usage() {
--id <id> --id <id>
--role <role> --role <role>
update: Updates a client name and note.
Required parameters:
--id <id>
--name <name>
--note <note>
generate-secret: Regenerates a client's secret and outputs the new secret. generate-secret: Regenerates a client's secret and outputs the new secret.
Required parameters: Required parameters:
--id <id> --id <id>
@@ -240,6 +246,36 @@ EOF
addClientRole "$id" "$role" addClientRole "$id" "$role"
} }
function update() {
clientId=$1
name=$2
note=$3
body=$(cat <<EOF
[
{
"op": "replace",
"path": "/client_name",
"value": "$name"
},
{
"op": "replace",
"path": "/metadata",
"value": {
"note": "$note"
}
}
]
EOF
)
response=$(curl -Ss -L --fail-with-body -X PATCH ${hydraUrl}/admin/clients/$id -d "$body")
if [[ $? != 0 ]]; then
error=$(echo $response | jq .error)
fail "Failed to submit request to Hydra: $error"
fi
}
function generateSecret() { function generateSecret() {
clientId=$1 clientId=$1
@@ -315,6 +351,17 @@ case "${operation}" in
echo "Successfully removed role from client" echo "Successfully removed role from client"
;; ;;
"update")
verifyEnvironment
[[ "$id" == "" ]] && fail "Id must be provided"
[[ "$name" == "" ]] && fail "Name must be provided"
[[ "$note" == "" ]] && fail "Note must be provided"
lock
update "$id" "$name" "$note"
echo "Successfully updated client"
;;
"generate-secret") "generate-secret")
verifyEnvironment verifyEnvironment
[[ "$id" == "" ]] && fail "Id must be provided" [[ "$id" == "" ]] && fail "Id must be provided"

6
salt/soc/files/bin/salt-relay.sh
View File

@@ -177,20 +177,20 @@ function manage_client() {
delete) delete)
id=$(echo "$request" | jq -r .id) id=$(echo "$request" | jq -r .id)
log "Performing client '$op' for client '$id'" log "Performing client '$op' for client '$id'"
response=$(so-client "$op" --id "$id" --skip-sync) response=$(so-client "$op" --id "$id")
exit_code=$? exit_code=$?
;; ;;
addrole|delrole) addrole|delrole)
id=$(echo "$request" | jq -r .id) id=$(echo "$request" | jq -r .id)
role=$(echo "$request" | jq -r .role) role=$(echo "$request" | jq -r .role)
log "Performing '$op' for client '$id' with role '$role'" log "Performing '$op' for client '$id' with role '$role'"
response=$(so-client "$op" --id "$id" --role "$role" --skip-sync) response=$(so-client "$op" --id "$id" --role "$role")
exit_code=$? exit_code=$?
;; ;;
generate-secret) generate-secret)
id=$(echo "$request" | jq -r .id) id=$(echo "$request" | jq -r .id)
log "Performing '$op' operation for client '$id'" log "Performing '$op' operation for client '$id'"
response=$(so-client "$op" --id "$id" --skip-sync) response=$(so-client "$op" --id "$id")
webResponse=$response webResponse=$response
exit_code=$? exit_code=$?
;; ;;