14.3.2 Bash Sample Client

Warning

This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.

14.3.2 Bash sample client (old style)

Step 1. Prepare oci-curl function

The method below uses the oci-curl bash function previously provided in the OCI documentation. It is reserved for backup, and as of 2022, it has been changed to use oci cli like oci raw-request. See the link below for the latest information.

https://docs.cloud.oracle.com/iaas/Content/API/Concepts/signingrequests.htm#Bash

# Version: 1.0.2
# Usage:
# oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]
# ex:
# oci-curl iaas.us-ashburn-1.oraclecloud.com get "/20160918/instances?compartmentId=some-compartment-ocid"
# oci-curl iaas.us-ashburn-1.oraclecloud.com post ./request.json "/20160918/vcns"

function oci-curl {
	# TODO: update these values to your own
		local tenancyId="ocid1.tenancy.oc1..aaaaaaaaba3pv6wkcr4jqae5f15p2b2m2yt2j6rx32uzr4h25vqstifsfdsq";
		local authUserId="ocid1.user.oc1..aaaaaaaat5nvwcna5j6aqzjcaty5eqbb6qt2jvpkanghtgdaqedqw3rynjq";
		local keyFingerprint="20:3b:97:13:55:1c:5b:0d:d3:37:d8:50:4e:c5:3a:34";
		local privateKeyPath="/Users/someuser/.oci/oci_api_key.pem";

	local alg=rsa-sha256
	local sigVersion="1"
	local now="$(LC_ALL=C \date -u "+%a, %d %h %Y %H:%M:%S GMT")"
	local host=$1
	local method=$2
	local extra_args
	local keyId="$tenancyId/$authUserId/$keyFingerprint"
	
	case $method in
				
		"get" | "GET")
		local target=$3
		extra_args=("${@: 4}")
		local curl_method="GET";
		local request_method="get";
		;;				
				
		"delete" | "DELETE")
		local target=$3
		extra_args=("${@: 4}")
		local curl_method="DELETE";
		local request_method="delete";
		;;		
				
		"head" | "HEAD")
		local target=$3
		extra_args=("--head" "${@: 4}")
		local curl_method="HEAD";
		local request_method="head";
		;;
				
		"post" | "POST")
		local body=$3
		local target=$4
		extra_args=("${@: 5}")
		local curl_method="POST";
		local request_method="post";
		local content_sha256="$(openssl dgst -binary -sha256 < $body | openssl enc -e -base64)";
		local content_type="application/json";
		local content_length="$(wc -c < $body | xargs)";
		;;		
		
		"put" | "PUT")
		local body=$3
		local target=$4
		extra_args=("${@: 5}")
		local curl_method="PUT"
		local request_method="put"
		local content_sha256="$(openssl dgst -binary -sha256 < $body | openssl enc -e -base64)";
		local content_type="application/json";
		local content_length="$(wc -c < $body | xargs)";
		;;				
		
		*) echo "invalid method"; return;;
esac

# This line will url encode all special characters in the request target except "/", "?", "=", and "&", since those characters are used 
# in the request target to indicate path and query string structure. If you need to encode any of "/", "?", "=", or "&", such as when
# used as part of a path value or query string key or value, you will need to do that yourself in the request target you pass in.

local escaped_target="$(echo $( rawurlencode "$target" ))"	
local request_target="(request-target): $request_method $escaped_target"
local date_header="date: $now"
local host_header="host: $host"
local content_sha256_header="x-content-sha256: $content_sha256"
local content_type_header="content-type: $content_type"
local content_length_header="content-length: $content_length"
local signing_string="$request_target\n$date_header\n$host_header"
local headers="(request-target) date host"
local curl_header_args
curl_header_args=(-H "$date_header")
local body_arg
body_arg=()
				
if [ "$curl_method" = "PUT" -o "$curl_method" = "POST" ]; then
	signing_string="$signing_string\n$content_sha256_header\n$content_type_header\n$content_length_header"
	headers=$headers" x-content-sha256 content-type content-length"
	curl_header_args=("${curl_header_args[@]}" -H "$content_sha256_header" -H "$content_type_header" -H "$content_length_header")
	body_arg=(--data-binary @${body})
fi
				
local sig=$(printf '%b' "$signing_string" | \
			openssl dgst -sha256 -sign $privateKeyPath | \
			openssl enc -e -base64 | tr -d '\n')

curl "${extra_args[@]}" "${body_arg[@]}" -X $curl_method -sS https://${host}${escaped_target} "${curl_header_args[@]}" \
	-H "Authorization: Signature version=\"$sigVersion\",keyId=\"$keyId\",algorithm=\"$alg\",headers=\"${headers}\",signature=\"$sig\""
}				
# url encode all special characters except "/", "?", "=", and "&"
function rawurlencode {
  local string="${1}"
  local strlen=${#string}
  local encoded=""
  local pos c o	

  for (( pos=0 ; pos<strlen ; pos++ )); do
	c=${string:$pos:1}
	case "$c" in
		[-_.~a-zA-Z0-9] | "/" | "?" | "=" | "&" ) o="${c}" ;;
		* )               printf -v o '%%%02x' "'$c"
	esac
	encoded+="${o}"
	done

	echo "${encoded}"
}

Step 2. Connection information setting

Copy the above sample code and save it as oci-curl.sh.

Update the connection information in oci-curl.sh to suit the user.

Example of connection information

For how to find the information below, refer to 14.2.3 Obtaining Terraform OCI Provider Connection Information.

local tenancyId="ocid1.tenancy.oc1..aaaaaaaaba3pv6wkcr4jqae5f15p2b2m2yt2j6rx32uzr4h25vqstifsfdsq";
local authUserId="ocid1.user.oc1..aaaaaaaat5nvwcna5j6aqzjcaty5eqbb6qt2jvpkanghtgdaqedqw3rynjq";
local keyFingerprint="20:3b:97:13:55:1c:5b:0d:d3:37:d8:50:4e:c5:3a:34";
local privateKeyPath="/Users/someuser/.oci/oci_api_key.pem";

If you execute the command below, the oci-curl function can be executed in the current session.

oracle@ubuntu:~/oci-curl$ . ./oci-curl.sh
oracle@ubuntu:~/oci-curl$ oci-curl
invalid method
oracle@ubuntu:~/oci-curl$

Step 3. Execute User Query REST API

ListUsers Description
- Documentation link: https://docs.cloud.oracle.com/iaas/api/#/en/identity/20160918/User/ListUsers
- Endpoint: identity.us-ashburn-1.oraclecloud.com
- GET /20160918/users/
- Parameters
  - compartmentId: tenancy’s OCID
How to use

oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]

Example of use - Search all users in tenancy
You can see that the user is being viewed as shown below.
- You can check the response message header by entering -i as extra-curl-args.

oracle@ubuntu:~/oci-curl$ oci-curl identity.us-ashburn-1.oraclecloud.com GET "/20160918/users/?compartmentId=ocid1.tenancy.oc1..aaaaaaaa4xqu77ge5lsioskp53247ohk7rs3bfyodsb2bf6h6mhahlzXXXXX" -i
HTTP/1.1 200 OK
Date: Sun, 19 May 2019 08:15:10 GMT
Content-Type: application/json
Content-Length: 3152
Connection: keep-alive
opc-request-id: /2BF47D321833EFD084DBAAC718095658/E21191A3BE4584980FA4A533A6E50927
opc-next-page: AAAAAAAAAAJleUpyYVdRaU9pSTBPRGNpTENKbGJtTWlPaUpCTWpVMlIwTk5JaXdpWVd4bklqb2laR2x5SW4wLi53d0wzM0RiMnVMNGJld0FjLmVyQjNfU3RfbVpmNTRkQS1GRVlLaFk4N196S3dzakVRUVhicnZZeUowSVJxYWdpQnZSVWtEQW9ZWlRNX0hKQ1RzcEVFYTU1Qkt0cEFBdlJXdlRrdWlvNlBRRWpoUG5FNDhCSXpjZUd5UTlOOFBOdkVNRzFoLTEzRUJHbzJzSFJ0Q0hpTU8weFRMRHI4UjlhVHI4SnFjZVJyMXVkT3hlZWRVMmJ2Y1pZenlUM05aTXAzeG5HMDc4ZGpKTHBmbWViWFhtSHBLb1JrQ0JXZHl0VTlkNzRIYksyU19STlk5WWlKSGRRczhjenVzOEE2MGNJS2JDY1MyZ0FGVFhsTmI3UnNXS05ZaHlhTXZUcVZVX05JUTJETkstbVB1TUdjRFYwQU5GTkg1NzdISDRFbDY3R0w4TlAwOVBfeFprSFZrOWNFU0xfMXRHWDRUcUF5d0NoMVVrak5Nc2drb21VbkMzMWNQVThTdjBFQ1ZsS2ZjVGlmTGxCVkxqS0o1a1o1R3RoWUJVLXhJcGxHenJXNjZRUWFsbTlVM2VPVFMxbDFKZi1HS0F3ZGlDY0E1aU1ldWtxNE92d3JmT3Z6aXFGdktJUFZoeldpeHNQaF81ZVE5UzgxWlJmSURHU1dpNU85cUdXZ2I3WnA0bVhnOWtIaGFqY2YyMjJLdlNSTS0xSVFLcnlJazVDUzhranVZR2hJNE9Oa2JrUXIuWloyejcyZ05EUGVCODNZdFVJZEptZw==
Cache-Control: no-cache, no-store, must-revalidate
opc-limit: 25
Pragma: no-cache
X-Content-Type-Options: nosniff

[ {
  "capabilities" : {
    "canUseConsolePassword" : true,
    "canUseApiKeys" : true,
    "canUseAuthTokens" : true,
    "canUseSmtpCredentials" : true,
    "canUseCustomerSecretKeys" : true
  },
  "emailVerified" : false,
  "identityProviderId" : null,
  "externalIdentifier" : null,
  "timeModified" : "2019-05-13T04:56:33.114Z",
  "isMfaActivated" : false,
  "id" : "ocid1.user.oc1..aaaaaaaa2um5iz27ms3cf43tp77k6tjjn4kbzjrilajem4xaiyl5vqeXXXXXX",
  "compartmentId" : "ocid1.tenancy.oc1..aaaaaaaa4xqu77ge5lsioskp53247ohk7rs3bfyodsb2bf6h6mhahlzXXXXX",
  "name" : "oci.admin",
  "description" : "OCI Admin",
  "timeCreated" : "2019-05-13T04:55:06.156Z",
  "freeformTags" : { },
  "definedTags" : { },
  "lifecycleState" : "ACTIVE"
}, {
  "capabilities" : {
    "canUseConsolePassword" : true,
    "canUseApiKeys" : true,
    "canUseAuthTokens" : true,
    "canUseSmtpCredentials" : true,
    "canUseCustomerSecretKeys" : true
  },
  "emailVerified" : false,
  "identityProviderId" : null,
  "externalIdentifier" : null,
  "timeModified" : "2019-05-13T04:11:10.299Z",
  "isMfaActivated" : false,
  "id" : "ocid1.user.oc1..aaaaaaaaeqzpkd5u7humc3xinp3ika4sjhnhqj5jbvfcvdqg4tdx4jqXXXXX",
  "compartmentId" : "ocid1.tenancy.oc1..aaaaaaaa4xqu77ge5lsioskp53247ohk7rs3bfyodsb2bf6h6mhahlzXXXXX",
  "name" : "sandboxer",
  "description" : "sandboxer",
  "timeCreated" : "2019-05-13T04:09:32.205Z",
  "freeformTags" : { },
  "definedTags" : { },
  "lifecycleState" : "ACTIVE"
} ]oracle@ubuntu:~/oci-curl$

Step 4. Run REST API - CreateUser

CreateUser Description
- Documentation link: https://docs.cloud.oracle.com/iaas/api/#/en/identity/20160918/User/CreateUser
- Endpoint: identity.us-ashburn-1.oraclecloud.com
- POST /20160918/users/
- Parameter Example
```
{

  "compartmentId" : "tenancy OCID",
  "name" : "User Name",
  "description" : ".."
}
```
How to use

oci-curl <host> <method> [file-to-send-as-body] <request-target> [extra-curl-args]

Examples - user creation

oracle@ubuntu:~/oci-curl$ cat create_user_request.json
{
  "compartmentId" : "ocid1.tenancy.oc1..aaaaaaaa4xqu77ge5lsioskp53247ohk7rs3bfyodsb2bf6h6mhahlzXXXXX",
  "description" : "KilDong OCI",
  "name" : "kildong.oci@example.com"
}
oracle@ubuntu:~/oci-curl$ oci-curl identity.us-ashburn-1.oraclecloud.com POST ./create_user_request.json "/20160918/users/" -i
HTTP/1.1 200 OK
Date: Sun, 19 May 2019 08:33:39 GMT
Content-Type: application/json
Content-Length: 748
Connection: keep-alive
opc-request-id: /3010DE4E4BFBF1963248FEC32FC1FFBA/FB514FBFDEAA1C6845BCAA66C2B4C31D
Cache-Control: no-cache, no-store, must-revalidate
ETag: 42e800af061123f725163d2b538d1f9560022422
Pragma: no-cache
Location: http://identity.us-ashburn-1.oraclecloud.com/20160918/users/ocid1.user.oc1..aaaaaaaaniw34appawah7sicksca37hhzhq7pvfkmhwskf4gbkt3ctxXXXXXX
X-Content-Type-Options: nosniff
{
  "capabilities" : {
    "canUseConsolePassword" : true,
    "canUseApiKeys" : true,
    "canUseAuthTokens" : true,
    "canUseSmtpCredentials" : true,
    "canUseCustomerSecretKeys" : true
  },
  "emailVerified" : false,
  "identityProviderId" : null,
  "externalIdentifier" : null,
  "timeModified" : "2019-05-19T08:33:39.788Z",
  "isMfaActivated" : false,
  "id" : "ocid1.user.oc1..aaaaaaaaniw34appawah7sicksca37hhzhq7pvfkmhwskf4gbkt3ctxXXXXX",
  "compartmentId" : "ocid1.tenancy.oc1..aaaaaaaa4xqu77ge5lsioskp53247ohk7rs3bfyodsb2bf6h6mhahlzXXXXX",
  "name" : "kildong.oci@example.com",
  "description" : "KilDong OCI",
  "timeCreated" : "2019-05-19T08:33:39.788Z",
  "freeformTags" : { },
  "definedTags" : { },
  "lifecycleState" : "ACTIVE"
}oracle@ubuntu:~/oci-curl$

Check the creation result

As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.

Last updated on 19 Jan 2022