Software /
code /
prosody-modules
Comparison
mod_rest/example/rest.sh @ 5281:4ed65a6c2a6a
mod_rest: Add an example bash script for using mod_rest
Also supports --login with mod_http_oauth2
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 27 Mar 2023 23:19:09 +0200 |
child | 5329:107d60c70c1a |
comparison
equal
deleted
inserted
replaced
5280:eb482defd9b0 | 5281:4ed65a6c2a6a |
---|---|
1 #!/bin/bash -eu | |
2 | |
3 # Copyright (c) Kim Alvefur | |
4 # This file is MIT/X11 licensed. | |
5 | |
6 # Settings | |
7 HOST="" | |
8 DOMAIN="" | |
9 | |
10 AUTH_METHOD="session-read-only" | |
11 AUTH_ID="rest" | |
12 | |
13 if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/restrc" ]; then | |
14 # Config file can contain the above settings | |
15 source "${XDG_CONFIG_HOME:-$HOME/.config}/restrc" | |
16 fi | |
17 | |
18 if [[ $# == 0 ]]; then | |
19 echo "${0##*/} [-h HOST] [-u USER|--login] [/path] kind=(message|presence|iq) ...." | |
20 # Last arguments are handed to HTTPie, so refer to its docs for further details | |
21 exit 0 | |
22 fi | |
23 | |
24 if [[ "$1" == "-h" ]]; then | |
25 HOST="$2" | |
26 shift 2 | |
27 elif [ -z "${HOST:-}" ]; then | |
28 HOST="$(hostname)" | |
29 fi | |
30 | |
31 if [[ "$HOST" != *.* ]]; then | |
32 # Assumes subdomain of your DOMAIN | |
33 if [ -z "${DOMAIN:-}" ]; then | |
34 DOMAIN="$(hostname -d)" | |
35 fi | |
36 if [[ "$HOST" == *:* ]]; then | |
37 HOST="${HOST%:*}.$DOMAIN:${HOST#*:}" | |
38 else | |
39 HOST="$HOST.$DOMAIN" | |
40 fi | |
41 fi | |
42 | |
43 if [[ "$1" == "-u" ]]; then | |
44 # -u username | |
45 AUTH_METHOD="auth" | |
46 AUTH_ID="$2" | |
47 shift 2 | |
48 elif [[ "$1" == "-rw" ]]; then | |
49 # To e.g. save Accept headers to the session | |
50 AUTH_METHOD="session" | |
51 shift 1 | |
52 fi | |
53 | |
54 if [[ "$1" == "--login" ]]; then | |
55 shift 1 | |
56 | |
57 # Check cache for OAuth client | |
58 if [ -f "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" ]; then | |
59 source "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" | |
60 fi | |
61 | |
62 OAUTH_META="$(http --check-status --json "https://$HOST/.well-known/oauth-authorization-server" Accept:application/json)" | |
63 AUTHORIZATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.authorization_endpoint')" | |
64 if [ -z "${OAUTH_CLIENT_INFO:-}" ]; then | |
65 # Register a new OAuth client | |
66 REGISTRATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.registration_endpoint')" | |
67 OAUTH_CLIENT_INFO="$(http --check-status "$REGISTRATION_ENDPOINT" Content-Type:application/json Accept:application/json client_name=rest client_uri="https://www.zash.se/rest-script.html" redirect_uris:='["urn:ietf:wg:oauth:2.0:oob"]')" | |
68 mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/rest/" | |
69 typeset -p OAUTH_CLIENT_INFO >> "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" | |
70 fi | |
71 | |
72 CLIENT_ID="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_id')" | |
73 CLIENT_SECRET="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_secret')" | |
74 | |
75 open "$AUTHORIZATION_ENDPOINT?response_type=code&client_id=$CLIENT_ID&scope=openid+prosody:user" | |
76 read -p "Paste authorization code: " -s -r AUTHORIZATION_CODE | |
77 | |
78 TOKEN_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.token_endpoint')" | |
79 TOKEN="$(http --check-status --form "$TOKEN_ENDPOINT" 'grant_type=authorization_code' "client_id=$CLIENT_ID" "client_secret=$CLIENT_SECRET" "code=$AUTHORIZATION_CODE" | jq -e -r '.access_token')" | |
80 | |
81 USERINFO_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.userinfo_endpoint')" | |
82 | |
83 if [ -n "${COLORTERM:-}" ]; then | |
84 echo -ne '\e[1K\e[G' | |
85 else | |
86 echo | |
87 fi | |
88 http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $TOKEN" Accept:application/json >&2 | |
89 AUTH_METHOD="session-read-only" | |
90 AUTH_ID="rest" | |
91 fi | |
92 | |
93 if [[ $# == 0 ]]; then | |
94 # Just login? | |
95 exit 0 | |
96 fi | |
97 | |
98 # For e.g /disco/example.com and such GET queries | |
99 GET_PATH="" | |
100 if [[ "$1" == /* ]]; then | |
101 GET_PATH="$1" | |
102 shift 1 | |
103 fi | |
104 | |
105 http --check-status -p b "--$AUTH_METHOD" "$AUTH_ID" "https://$HOST/rest$GET_PATH" "$@" |