pulling X-Auth-Token from login

I am a big scripting guy. I believe in automating as much as possible and having a program do as much as possible and me typing as little as possible. I find it easier to use command lines than drag and drop interfaces. I have been struggling with how to script the REST apis for Oracle Cloud Services and wanted to get some feedback on different ways of doing this. I wanted to script creation of a database for some workshops that I typically give. The first step is creating the storage containers for the database backup.

Realize that the blogging software that is used does not allow me to type in “c url” without the space. If you see “c url” somewhere in this text, take out the space.

Most of the information that I got is from an online tutorial around creating storage containers. I basically boiled this information down and customized it a little to script everything.

First, authentication can be obfuscated by hiding the username and password in environment variables. I typically use a Mac so everything works well in a Terminal Window. On Windows 7 I use CygWin-64 which includes Unix like commands that are good for scripting. The firs tsetp is to hide the username, identity domain, and password in environment variables.

  • export OPASS=password
  • export OUID=username
  • export ODOMAIN=identity_domain

In my case, the identity domain is metcsgse00026. The username is cloud.admin. The password is given to me when I log into the demo.oracle.com system corresponding to this identity domain. What I would type in is

  • export OPASS=password
  • export OUID=cloud.admin
  • export ODOMAIN=metcsgse00026

The first step required is authentication. You need to log into the cloud service using the RESTapi to generate an X-Auth-Token. This is done with a GET command using the “c url” command.

c url -v -X GET -H “X-Storage-User: Storage-$ODOMAIN:$OUID” -H “X-Storage-Pass: $OPASS” https://$ODOMAIN.storage.oraclecloud.com/auth/v1.0

Note the -v is for verbose and displays everything. If you drop the -v you don’t get back the return headers. Passing the -i might be a better option since the -v echos the user password and the -i only replies back with the tokens that you are interested in.

c url -i -X GET -H “X-Storage-User: Storage-$ODOMAIN:$OUID” -H “X-Storage-Pass: $OPASS” https://$ODOMAIN.storage.oraclecloud.com/auth/v1.0

In our example, this returned

HTTP/1.1 200 OK

date: 1458658839620

X-Auth-Token: AUTH_tkf4e26780c9e6b1d171f3dbeafa194cac

X-Storage-Token: AUTH_tkf4e26780c9e6b1d171f3dbeafa194cac

X-Storage-Url: https://storage.us2.oraclecloud.com/v1/Storage-metcsgse00026

Content-Length: 0

Server: Oracle-Storage-Cloud-Service

When you take this output and try to strip the X-Auth-Token from the header you get a strange output and need to add -is to the command to suppress timing of the outputs.

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0

If you add the grep “X-Auth-Token followed by awk ‘{print $2]’ you get back just the AUTH_string which is what we are looking for.

c url -is -X GET -H “X-Storage-User: Storage-metcsgse00026:cloud.admin” -H “X-Storage-Pass: $OPASS” https://metcsgse00026.storage.oraclecloud.com/auth/v1.0 | grep -s “X-Auth-Token” | awk ‘{print $2}’