Add example script to issue a token

The script issues a token using an account backed by OpenID Connect.
2022-09-08 23:30:57 -04:00 · 2022-09-08 23:30:57 -04:00 · f9be14e6ab
commit f9be14e6ab
parent dad6a14e1a
1 changed files with 31 additions and 0 deletions
--- a/examples/test-v3oidcpassword.sh
+++ b/examples/test-v3oidcpassword.sh
@ -0,0 +1,31 @@
+#!/bin/bash -eux
+#
+# Example script to issue a token using an account backed by OpenID Connect,
+# the script automatically gather the information from the juju model and
+# assumes certain information for the objects created by openidc-test-fixture.
+#
+
+export OS_AUTH_TYPE=v3oidcpassword
+export OS_DISCOVERY_ENDPOINT="$(juju config keystone-openidc oidc-provider-metadata-url)"
+
+export OS_OPENID_SCOPE="openid email profile"
+export OS_CLIENT_ID="$(juju config keystone-openidc oidc-client-id)"
+export OS_CLIENT_SECRET="$(juju config keystone-openidc oidc-client-secret)"
+
+# openstack identity provider list
+export OS_IDENTITY_PROVIDER=openid
+
+# openstack federation protocol list --identity-provider $OS_IDENTITY_PROVIDER
+export OS_PROTOCOL=openid  # map to the protocol associated to the identity provider
+
+
+# openstack specific config
+export OS_USERNAME=janedoe
+export OS_PASSWORD=f00bar
+export OS_AUTH_URL=https://$(juju config keystone vip):5000/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_PROJECT_NAME=janedoe_project
+export OS_PROJECT_DOMAIN_NAME=federated_domain
+export OS_REGION_NAME=RegionOne
+
+openstack token issue