annotate mod_rest/example/rest.sh @ 5306:210aeb5afe42

mod_client_management: Fail to revoke clients that have used passwords Return an error so the caller can take appropriate action, e.g. encouraging the user to change their password.
author Matthew Wild <mwild1@gmail.com>
date Wed, 05 Apr 2023 19:45:13 +0100
parents 4ed65a6c2a6a
children 107d60c70c1a
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5281
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 #!/bin/bash -eu
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 # Copyright (c) Kim Alvefur
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 # This file is MIT/X11 licensed.
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 # Settings
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 HOST=""
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 DOMAIN=""
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 AUTH_METHOD="session-read-only"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 AUTH_ID="rest"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/restrc" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 # Config file can contain the above settings
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 source "${XDG_CONFIG_HOME:-$HOME/.config}/restrc"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 if [[ $# == 0 ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 echo "${0##*/} [-h HOST] [-u USER|--login] [/path] kind=(message|presence|iq) ...."
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 # Last arguments are handed to HTTPie, so refer to its docs for further details
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 exit 0
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 if [[ "$1" == "-h" ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 HOST="$2"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 shift 2
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 elif [ -z "${HOST:-}" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 HOST="$(hostname)"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 if [[ "$HOST" != *.* ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 # Assumes subdomain of your DOMAIN
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 if [ -z "${DOMAIN:-}" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 DOMAIN="$(hostname -d)"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 if [[ "$HOST" == *:* ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 HOST="${HOST%:*}.$DOMAIN:${HOST#*:}"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 else
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 HOST="$HOST.$DOMAIN"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 if [[ "$1" == "-u" ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 # -u username
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 AUTH_METHOD="auth"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 AUTH_ID="$2"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 shift 2
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 elif [[ "$1" == "-rw" ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 # To e.g. save Accept headers to the session
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 AUTH_METHOD="session"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 shift 1
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 if [[ "$1" == "--login" ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 shift 1
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57 # Check cache for OAuth client
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 if [ -f "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 source "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 OAUTH_META="$(http --check-status --json "https://$HOST/.well-known/oauth-authorization-server" Accept:application/json)"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 AUTHORIZATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.authorization_endpoint')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 if [ -z "${OAUTH_CLIENT_INFO:-}" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 # Register a new OAuth client
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 REGISTRATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.registration_endpoint')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 OAUTH_CLIENT_INFO="$(http --check-status "$REGISTRATION_ENDPOINT" Content-Type:application/json Accept:application/json client_name=rest client_uri="https://www.zash.se/rest-script.html" redirect_uris:='["urn:ietf:wg:oauth:2.0:oob"]')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/rest/"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 typeset -p OAUTH_CLIENT_INFO >> "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 CLIENT_ID="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_id')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 CLIENT_SECRET="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_secret')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 open "$AUTHORIZATION_ENDPOINT?response_type=code&client_id=$CLIENT_ID&scope=openid+prosody:user"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 read -p "Paste authorization code: " -s -r AUTHORIZATION_CODE
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 TOKEN_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.token_endpoint')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
79 TOKEN="$(http --check-status --form "$TOKEN_ENDPOINT" 'grant_type=authorization_code' "client_id=$CLIENT_ID" "client_secret=$CLIENT_SECRET" "code=$AUTHORIZATION_CODE" | jq -e -r '.access_token')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
80
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
81 USERINFO_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.userinfo_endpoint')"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
82
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83 if [ -n "${COLORTERM:-}" ]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
84 echo -ne '\e[1K\e[G'
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
85 else
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
86 echo
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
87 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
88 http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $TOKEN" Accept:application/json >&2
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
89 AUTH_METHOD="session-read-only"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
90 AUTH_ID="rest"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
91 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
92
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
93 if [[ $# == 0 ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
94 # Just login?
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
95 exit 0
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
96 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
97
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
98 # For e.g /disco/example.com and such GET queries
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
99 GET_PATH=""
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
100 if [[ "$1" == /* ]]; then
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
101 GET_PATH="$1"
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
102 shift 1
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
103 fi
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
104
4ed65a6c2a6a mod_rest: Add an example bash script for using mod_rest
Kim Alvefur <zash@zash.se>
parents:
diff changeset
105 http --check-status -p b "--$AUTH_METHOD" "$AUTH_ID" "https://$HOST/rest$GET_PATH" "$@"