2 # Here is the script to deploy the cert to your CleverReach Account using the CleverReach REST API.
3 # Your OAuth needs the right scope, please contact CleverReach support for that.
5 # Written by Jan-Philipp Benecke <github@bnck.me>
8 # Following environment variables must be set:
10 #export DEPLOY_CLEVERREACH_CLIENT_ID=myid
11 #export DEPLOY_CLEVERREACH_CLIENT_SECRET=mysecret
13 cleverreach_deploy
() {
20 _rest_endpoint
="https://rest.cleverreach.com"
22 _debug _cdomain
"$_cdomain"
24 _debug _ccert
"$_ccert"
26 _debug _cfullchain
"$_cfullchain"
28 _getdeployconf DEPLOY_CLEVERREACH_CLIENT_ID
29 _getdeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET
30 _getdeployconf DEPLOY_CLEVERREACH_SUBCLIENT_ID
32 if [ -z "${DEPLOY_CLEVERREACH_CLIENT_ID}" ]; then
33 _err
"CleverReach Client ID is not found, please define DEPLOY_CLEVERREACH_CLIENT_ID."
36 if [ -z "${DEPLOY_CLEVERREACH_CLIENT_SECRET}" ]; then
37 _err
"CleverReach client secret is not found, please define DEPLOY_CLEVERREACH_CLIENT_SECRET."
41 _savedeployconf DEPLOY_CLEVERREACH_CLIENT_ID
"${DEPLOY_CLEVERREACH_CLIENT_ID}"
42 _savedeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET
"${DEPLOY_CLEVERREACH_CLIENT_SECRET}"
43 _savedeployconf DEPLOY_CLEVERREACH_SUBCLIENT_ID
"${DEPLOY_CLEVERREACH_SUBCLIENT_ID}"
45 _info
"Obtaining a CleverReach access token"
47 _data
="{\"grant_type\": \"client_credentials\", \"client_id\": \"${DEPLOY_CLEVERREACH_CLIENT_ID}\", \"client_secret\": \"${DEPLOY_CLEVERREACH_CLIENT_SECRET}\"}"
48 _auth_result
="$(_post "$_data" "$_rest_endpoint/oauth
/token.php
" "" "POST
" "application
/json
")"
51 _debug _auth_result
"$_auth_result"
53 _regex
=".*\"access_token\":\"\([-._0-9A-Za-z]*\)\".*$"
54 _debug _regex
"$_regex"
55 _access_token
=$
(echo "$_auth_result" | _json_decode |
sed -n "s/$_regex/\1/p")
57 _debug _subclient
"${DEPLOY_CLEVERREACH_SUBCLIENT_ID}"
59 if [ -n "${DEPLOY_CLEVERREACH_SUBCLIENT_ID}" ]; then
60 _info
"Obtaining token for sub-client ${DEPLOY_CLEVERREACH_SUBCLIENT_ID}"
61 export _H1
="Authorization: Bearer ${_access_token}"
62 _subclient_token_result
="$(_get "$_rest_endpoint/v
3/clients
/$DEPLOY_CLEVERREACH_SUBCLIENT_ID/token
")"
63 _access_token
=$
(echo "$_subclient_token_result" |
sed -n "s/\"//p")
65 _debug _subclient_token_result
"$_access_token"
67 _info
"Destroying parent token at CleverReach, as it not needed anymore"
68 _destroy_result
="$(_post "" "$_rest_endpoint/v
3/oauth
/token.json
" "" "DELETE
" "application
/json
")"
69 _debug _destroy_result
"$_destroy_result"
72 _info
"Uploading certificate and key to CleverReach"
74 _certData
="{\"cert\":\"$(_json_encode <"$_cfullchain")\", \"key\":\"$(_json_encode <"$_ckey")\"}"
75 export _H1
="Authorization: Bearer ${_access_token}"
76 _add_cert_result
="$(_post "$_certData" "$_rest_endpoint/v
3/ssl
" "" "POST
" "application
/json
")"
78 if [ -z "${DEPLOY_CLEVERREACH_SUBCLIENT_ID}" ]; then
79 _info
"Destroying token at CleverReach, as it not needed anymore"
80 _destroy_result
="$(_post "" "$_rest_endpoint/v
3/oauth
/token.json
" "" "DELETE
" "application
/json
")"
81 _debug _destroy_result
"$_destroy_result"
84 if ! echo "$_add_cert_result" |
grep '"error":' >/dev
/null
; then
85 _info
"Uploaded certificate successfully"
88 _debug _add_cert_result
"$_add_cert_result"
89 _err
"Unable to update certificate"