# Author: Scott Haskell
# Company: Splunk
# Date: 10/20/2015
# Base code for using stored passwords in storage/passwords REST endpoint

# Modify to fit your environment
CREDENTIAL_USER="shaskell"
# Set realm if entered with password
CREDENTIAL_REALM=""
# Update App Name
APP="cloud_alert_auth"
# Search needs to be owned by someone with admin rights to access passwords
ALERT_OWNER="admin"
# Splunk Host
SPLUNK_HOST="localhost"

# Splunk Python
SPLUNK_PYTHON="$SPLUNK_HOME/bin/splunk cmd python"

# Read sessionKey from STDIN
read sessionKey
key=`echo $sessionKey | sed s/sessionKey=//g`
decoded_key=`$SPLUNK_PYTHON -c "import sys, urllib as ul; print ul.unquote_plus('$key')"`
clear_password=`curl -s -k -H "Authorization: Splunk $decoded_key" https://$SPLUNK_HOST:8089/servicesNS/$ALERT_OWNER/$APP/storage/passwords/$CREDENTIAL_REALM:$CREDENTIAL_USER: | grep clear_password | sed -re 's/^\s+<s:.*?>(.*?)<.*?>$/\1/g'`