mirror of
https://gitlab.com/spaceti-app/integrations/acs/colnod-connector.git
synced 2026-07-12 18:00:37 +02:00
171 lines
5.6 KiB
Markdown
171 lines
5.6 KiB
Markdown
# colnod-connector
|
|
|
|
Acces Management System of Colsys: [Product info](http://produkty.colsys.cz/colnod/)
|
|
|
|
## TODO
|
|
- [x] Dry Run Mode (0.1v)
|
|
- [x] Logs (0.1v)
|
|
- Timestamp
|
|
- Id of record
|
|
- Destination
|
|
- Report
|
|
- Token `action` to `subject_id`
|
|
- Sbject `action`
|
|
- `action` - updated, deleted, added
|
|
- [x] App output (0.1v)
|
|
- To Colnod
|
|
- Number of tokens added/deleted/updated
|
|
- To DB
|
|
- Number of subjects added/deleted/updated
|
|
- Number of tokens added/deleted/updated
|
|
|
|
## Requirements
|
|
|
|
- QPSQL driver must be installed (PostgreSQL)
|
|
- running on Qt 5.9
|
|
|
|
### Qt 5
|
|
```
|
|
sudo apt-get install -y build-essential
|
|
sudo apt-get install -y qt5-default
|
|
```
|
|
### PostgreSQL ( devel libs )
|
|
```
|
|
sudo apt-get install -y libpq-dev
|
|
sudo apt install libqt5sql5-psql # psql driver for Qt
|
|
```
|
|
|
|
## Endpoints
|
|
|
|
- POST `/AaaManager/authSession`
|
|
- Header: Authorization: Basic =4589022lj3.....
|
|
- password: spaceti1 -> sha512 `echo spaceti1 | sha512sum`
|
|
|
|
```bash
|
|
E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0
|
|
```
|
|
|
|
- body:
|
|
|
|
```json
|
|
{
|
|
"password": "E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0",
|
|
"username": "spaceti"
|
|
}
|
|
```
|
|
|
|
|
|
1. POST request - `/SubjectManager/getSubjects` - get subjects
|
|
2. POST request - `/SubjectManager/getSubjectsUpdated` - get tokens updated after <i>`time`</i>
|
|
3. POST request - `/SubjectManager/getSubjectsDeleted` - get tokens deleted after <i>`time`</i>
|
|
4. POST request - `/TokenManager/getTokens` - get tokens
|
|
5. POST request - `/TokenManager/getTokensUpdated` - get tokens updated after <i>`time`</i>
|
|
6. POST request - `/TokenManager/getTokensDeleted` - get tokens deleted after <i>`time`</i>
|
|
7. POST request - `/TokenManager/setTokens` - set tokens defined as <i>`JSON`</i>
|
|
8. POST request - `/TokenManager/deleteTokens` - delete tokens define as <i>`JSON2`</i>
|
|
9. POST request - `/AccessManager/getAccessGroups` - get access groups
|
|
10. POST request - `/AccessManager/getAccessGroupsUpdated`
|
|
11. POST request - `/AccessManager/getAccessGroupsDeleted`
|
|
12. POST request - `/AccessManager/getAccessGroupMembership`
|
|
13. POST request - `/AccessManager/getAccessGroupMembershipUpdated`
|
|
14. POST request - `/AccessManager/getAccessGroupMembershipDeleted`
|
|
- <i>`time`</i> = epoch time im miliseconds
|
|
```time
|
|
{
|
|
"timestamp": 1568646217767
|
|
}
|
|
```
|
|
- <i>`JSON`</i>
|
|
```json
|
|
{
|
|
"items": [
|
|
{
|
|
"id": "cf5cb80e-e6dd-45db-8edd-c9655447821c",
|
|
"name": "Testovaci pokus",
|
|
"description": "mobile",
|
|
"tokenType": "Token",
|
|
"tokenBits}": 32,
|
|
"tokenData": "7B9D31",
|
|
"timeToLive": 255,
|
|
"authErrors": 255,
|
|
"flags": [
|
|
"Enabled",
|
|
"NoValidity"
|
|
],
|
|
"subjectId": "72b37f7e-5761-4e6c-8e87-20c0bed0d904"
|
|
}
|
|
]
|
|
}
|
|
```
|
|
- <i>`JSON2`</i>
|
|
```json2
|
|
{
|
|
"items": [
|
|
"7272bcf6-b5ad-46dd-99a9-0c56faddf14c"
|
|
]
|
|
}
|
|
```
|
|
|
|
|
|
## RestAPI definitions
|
|
|
|
- `openapi.yaml` ( editor `VSCode` with `Swagger Viewer` extension - ⌘+⇧+P `Preview Swagger` )
|
|
|
|
## Colnod Test server
|
|
|
|
[Colnod server: confluence](https://spaceti.atlassian.net/wiki/spaces/IN/pages/97320961/Colsys+-+Colnod)
|
|
|
|
- URL: `192.168.1.3:8843`
|
|
- `!!! No license!!!` - server will shutdown after 8 hours.
|
|
- restart: `sudo service cndserver start`
|
|
- check `nmap -p8443 192.168.1.3` or `nc -zvw3 192.168.1.3 8443`
|
|
- user: `spaceti`
|
|
- password: ``
|
|
- sha512: `E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0`
|
|
|
|
```bash
|
|
curl -k --user "spaceti:E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0" -d '{"password":"E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0","username":"spaceti"}' -H "Content-Type: application/json" https://192.168.1.3:8443/AaaManager/authSession
|
|
```
|
|
|
|
## Colnod Penta server
|
|
|
|
- Acces through: `penta-master` IP: `172.16.4.4`
|
|
- URL: `192.168.254.11:8443`
|
|
- Port forwarding: `ssh -L 8443:192.168.254.11:8443 penta-master`
|
|
|
|
```bash
|
|
curl -k --user "spaceti:E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0" -d '{"password":"E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0","username":"spaceti"}' -H "Content-Type: application/json" https://192.168.254.11:8443/AaaManager/authSession
|
|
```
|
|
|
|
## Insomnia Rest client
|
|
|
|
[Insomnia Rest](https://insomnia.rest/)
|
|
|
|
It is possible to chain requests: [see doc](https://support.insomnia.rest/article/43-chaining-requests)
|
|
|
|
- use token from login response as an Authorization header
|
|
- use id from POST /item in PUT /items/<id>
|
|
- use entire body from one response to upload to another
|
|
|
|
### Import workspace
|
|
|
|
- import: [Insomnia file on GitLab](https://gitlab.com/spaceti-app/integrations/acs/colnod-connector/blob/master/Insomnia_2019-10-15.yaml)
|
|
|
|
## Testing Blueprint API
|
|
|
|
### Snowboard
|
|
|
|
#### Necesarry to allow
|
|
|
|
- Self signed certificate: [Stack overflow](https://superuser.com/a/1235250)
|
|
- Enable CORS:
|
|
- Safari: Develop->Disable cross origin restrictions
|
|
|
|
`snowboard http -c snowboard.yml --playground colnod.apib`
|
|
|
|
[Colnod API snowboard documentation](http://localhost:8088)
|
|
|
|
#### Install snowboard
|
|
|
|
`npm install -g snowboard`
|