script ipv postman

waltert

Het kostte wat puzzelwerk, maar uiteindelijk is het me gelukt de backend via scripting vanuit een *nix omgeving te benaderen:

# ProofofConcept shellscript to interact for nb-iot with OceanConnect
# v0.1 20171029WalterT
# NB: minimal errorchecking

#Personal configuration :setup secrets
APPID=xxxxxxxxxxxxxxxxxxxxxxxxxxxx
SECRET=yyyyyyyyyyyyyyyyyyyyyyyyyyyy
PASSPHRASE=zzzzzzzzzz

# Generic configuration
# onetime creation of pem file by concatenating the two original files
# file should be located in the directory from which the script is run
#
# cat outgoing.CertwithKey.key > outgoing.CertwithKey.pem
# cat outgoing.CertwithKey.crt >> outgoing.CertwithKey.pem


KEY=accessToken

#######################################
#   login and populate TOKEN variable #
#######################################
TOKEN=`/usr/bin/curl -k -X POST https://160.44.201.248:8743/iocm/app/sec/v1.1.0/login \
  -d "appId=$APPID&Secret=$SECRET" \
  --pass $PASSPHRASE \
  --cert  outgoing.CertwithKey.pem \
  --header 'cache-control: no-cache' \
  -H 'content-type: application/x-www-form-urlencoded' 2>/dev/null | /usr/bin/awk -F"[,:{}]" '{for(i=1;i<=NF;i++){if($i~/'$KEY'\042/){print $(i+1)}}}' | tr -d '"'`

if [  -z "$TOKEN" ]; then
   echo "login failed\n\n"
   exit 1
fi

#################
#  getdevices   #
#################
curl -k -X GET https://160.44.201.248:8743/iocm/app/dm/v1.1.0/devices?pageNo=0 \
  -d "appId=$APPID&Secret=$SECRET" \
  --pass $PASSPHRASE \
  --cert  outgoing.CertwithKey.pem \
  -H "app_key: $APPID" \
  -H "authorization: Bearer $TOKEN" \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/json

waltert

in de getdevices sequence hebben we al een token, dus hoeft secret niet gestuurd te worden,
vervang de regel onder de curl GET aanroep dus door:

-d "appId=$APPID" \ 

afzal_m

Nice! Er is trouwens ook een golang script beschikbaar. Heb je daar iets aan?

afzal_m

https://github.com/dualinventive/go-oceanconnect

techniek

Even wat gespeeld met het ocean connect platform…

Hier is een voorbeeldje middels een klein script om de Oceanconnect te bevragen…
Mede dank an @waltert !

gevoelige informatie heb ik in een los shell script gestopt:

# Ocean connect settings
APPKEY=*************************************
SECRET=*************************************
SSLKEY=`find $PWD -name outgoing.CertwithKey.key`
SSLCERT=`find $PWD -name outgoing.CertwithKey.crt`
export APPKEY SECRET SSLKEY SSLCERT

die je bv. vervolgens zo aan je environment kunt toevoegen:

.  ~/.settings

#!/usr/bin/perl -w

# This file is part of NB-iot-perl.
#
# NB-iot-perl is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
# (c) 2017 Henk Vergonet
use strict;
use LWP::UserAgent;
use JSON;
use MIME::Base64;
use Data::Dumper;

# Disable certificate check
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;
# Do nut mess with underscores in the header fields
$HTTP::Headers::TRANSLATE_UNDERSCORE = 0;

# For Northbound interfaces we will need these environment variables:
#
# APPKEY  => Get it from https://devreg.iot.t-mobile.nl/login key parameter
# SECRET  => Get it from https://devreg.iot.t-mobile.nl/login Secret parameter
# SSLKEY  => Location of the SSL key file
# SSLCERT => Location of the SSL certificate file

my %conf = (
# Ocean Connect Northbound Interface
        host    => 'https://160.44.201.248:8743',
        appid   => ($ENV{APPKEY}  || die "Define environment variable APPKEY"),
        secret  => ($ENV{SECRET}  || die "Define environment variable SECRET"),
        sslcert => ($ENV{SSLCERT} || die "Define envvronment SSLCERT for ssl certificate file"),
        sslkey  => ($ENV{SSLKEY}  || die "Define envvronment SSLCERT for ssl key file"),
);

my $res;
my $ua = LWP::UserAgent->new(
        ssl_opts => {
                SSL_verify_mode => 0,
                SSL_ca_path     => '/etc/ssl/certs',
                SSL_cert_file   => $conf{sslcert},
                SSL_key_file    => $conf{sslkey},
        });



################################################################################
# Login
$res = $ua->post($conf{host}.'/iocm/app/sec/v1.1.0/login',
                        { appId => $conf{appid}, Secret => $conf{secret}});
my $token = from_json($res->content());
print Dumper($token);

################################################################################
# Get All My Devices
{
  my $page = 0;
  my $ret;
  do {
    $res = $ua->get($conf{host}.'/iocm/app/dm/v1.1.0/devices?pageNo='.$page,
        'app_key'       => $conf{appid},
        'authorization' => "Bearer $token->{accessToken}",
        'cache-control' => 'no-cache',
        'content-type'  => 'application/json',
    );
    $ret = from_json($res->content());
    print Dumper($ret->{devices});
    last unless $ret->{totalCount} && $ret->{pageSize};

    $page += $ret->{pageSize};
  } while($page < $ret->{totalCount});
}

techniek

Natuurlijk kun je ook direct de settings in het %conf blokje configureren…

techniek

BTW… If you use curl you may need to specify the type of certificate by adding:

     --cert-type PEM
     --key-type PEM

belooussov

Have worked out the script, indeed the --cert-type must be present on the right place.

P.S. on Mac platform curl is known to give problems due to the certificates, the best workaround for me was to run the script from a linux docker container.

#Personal configuration :setup secrets

# ProofofConcept shellscript to interact for nb-iot with OceanConnect
# v0.1 20171029WalterT
# v0.2 20171122belooussov
# NB: minimal errorchecking

#Personal configuration :setup secrets
APPID=TYPE_YOUR_APP_ID_HERE
SECRET=TYPE_YOUR_SECRET_KEY_HERE

# Generic configuration
# onetime creation of pem file by concatenating the two original files
# file should be located in the directory from which the script is run
#
# cat outgoing.CertwithKey.key > 1.pem
# cat outgoing.CertwithKey.crt >> 1.pem

KEY=accessToken

#######################################
#   login and populate TOKEN variable #
#######################################
TOKEN=`/usr/bin/curl -k -X POST https://160.44.201.248:8743/iocm/app/sec/v1.1.0/login \
  -d "appId=$APPID&Secret=$SECRET" \
  --cert-type PEM \
  --cert ./1.pem \
  --header 'cache-control: no-cache' \
  -H 'content-type: application/x-www-form-urlencoded' 2>/dev/null | /usr/bin/awk -F"[,:{}]" '{for(i=1;i<=NF;i++){if($i~/'$KEY'\042/){print $(i+1)}}}' | tr -d '"'`

#echo "*******************************************"
#echo $TOKEN
#echo "*******************************************"

if [  -z "$TOKEN" ]; then
   echo "login failed\n\n"
   exit 1
fi

#################
#  getdevices   #
#################
curl -k -X GET https://160.44.201.248:8743/iocm/app/dm/v1.1.0/devices?pageNo=0 \
  -d "appId=$APPID&Secret=$SECRET" \
  --cert-type PEM \
  --cert ./1.pem \
  -H "app_key: $APPID" \
  -H "authorization: Bearer $TOKEN" \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/json'