newspaint

Documenting Problems That Were Difficult To Find The Answer To

Monthly Archives: February 2017

Using Perl to Make Signed Requests to Public Transport Victoria Timetable API

So you want to create an application to access the Public Transport Victoria (PTV) Timetable API.

You’ve followed the instructions and e-mailed a request for a developer ID and an access key; and you’ve received both in an e-mail that contained text similar to the following:

Thank you for your interest in the PTV Timetable API.

Your email address has now been registered and your user Id and API key are
below.

User Id: 2912345

API Key: 4cc12345-ff11-2222-a00a-dd1297cd04aa

Now you want to create a signed request using Perl to access the API.

The following function will take a URL and return a signed URL that can be used to access that URL:

#!/usr/bin/perl -w

use Digest::HMAC;
use Digest::SHA;

use strict;

my $devid = "2912345";
my $apikey = "4cc12345-ff11-2222-a00a-dd1297cd04aa";

sub sign_url {
  my ( $url ) = @_;

  # add ?devid=$devid or &devid=$devid to URL
  $url .= ( index($url, "?") < $[ ) ? "?" : "&";
  $url .= "devid=$devid";

  # strip out base URL from part used in signing
  my $request = $url;
  $request =~ s{^(([a-z]+)://+)?[^/]+}{};

  # calculate signature using API key and URL without base
  #   e.g. sign over a string like "/v3/routes?devid=2912345"
  my $signature = Digest::HMAC::hmac_hex(
      $request,
      $apikey,
      \&Digest::SHA::sha1
  );

  $url .= "&signature=" . $signature;
  return $url;
}

print sign_url( "http://timetableapi.ptv.vic.gov.au/v3/routes" );

This should output the following:

$ perl -w signtest.pl
http://timetableapi.ptv.vic.gov.au/v3/routes?devid=2912345&signature=b7ee928f05499a0016746daef5013dba35224d8e

The example is using an invalid signature and devid, so this example URL will not actually return a page; you will have to provide the access key and devid you received in your e-mail.

Note: it is absolutely essential that you do not change the capitalisation of the access key in this script. While it looks like a hex string it is actually treated as case-sensitive text.

Bash Script to Run Apt-Get Upgrades on All LXC Running Containers

If you have several LXC containers on your system that you want to upgrade in a loop you could use a sensible infrastructure management platform like Ansible.

Here, however, is a simple BASH script for logging into each running LXC host one at a time and letting you answer yes or no to the apt-get upgrade taking place:

#!/bin/bash

# declare an array variable
declare -a LINES

# store each line about running LXC containers into array
LINENUM=0
while IFS= read -r line; do
  echo "  processing LINENUM=$LINENUM, $line"
  LINES[$LINENUM]="$line"
  LINENUM=$((LINENUM + 1))
done <<< "$(sudo lxc-ls -f)"

# iterate through each line in the array
INDEX=0
while [[ $INDEX -lt $LINENUM ]]; do
  # squash up the spaces and delete commas from line
  CLEANLINE=`echo "${LINES[$INDEX]}" |tr -s ' ' |tr -d ,`

  # extract the hostname and ipaddress fields
  HNAME=`echo "$CLEANLINE" |cut '-d ' -f1`
  IPADDR=`echo "$CLEANLINE" |cut '-d ' -f5`

  # ssh into host if a valid IP address is present
  if [ `echo "$IPADDR" |grep -E '^([0-9]+[.]){3}([0-9]+)$'` ]; then
    echo "== $HNAME ($IPADDR) =="
    ssh -t ubuntu@$IPADDR 'echo "== $(hostname) =="; sudo apt-get update; echo "== $(hostname) =="; sudo apt-get upgrade;'
  else
    :
  fi

  INDEX=$((INDEX + 1))
done

This script makes use of BASH arrays. In addition it was discovered that attempting to change variables inside a read loop that was piped was fruitless because the pipe was run inside its own shell and thus the variable changes were lost.