Mercurial > prosody-modules

comparison mod_rest/example/rest.sh @ 5281:4ed65a6c2a6a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_rest: Add an example bash script for using mod_rest Also supports --login with mod_http_oauth2
author Kim Alvefur <zash@zash.se>
date Mon, 27 Mar 2023 23:19:09 +0200
parents
children 107d60c70c1a
comparison
equal deleted inserted replaced
5280:eb482defd9b0 5281:4ed65a6c2a6a
1 #!/bin/bash -eu
2
3 # Copyright (c) Kim Alvefur
4 # This file is MIT/X11 licensed.
5
6 # Settings
7 HOST=""
8 DOMAIN=""
9
10 AUTH_METHOD="session-read-only"
11 AUTH_ID="rest"
12
13 if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/restrc" ]; then
14 # Config file can contain the above settings
15 source "${XDG_CONFIG_HOME:-$HOME/.config}/restrc"
16 fi
17
18 if [[ $# == 0 ]]; then
19 echo "${0##*/} [-h HOST] [-u USER|--login] [/path] kind=(message|presence|iq) ...."
20 # Last arguments are handed to HTTPie, so refer to its docs for further details
21 exit 0
22 fi
23
24 if [[ "$1" == "-h" ]]; then
25 HOST="$2"
26 shift 2
27 elif [ -z "${HOST:-}" ]; then
28 HOST="$(hostname)"
29 fi
30
31 if [[ "$HOST" != *.* ]]; then
32 # Assumes subdomain of your DOMAIN
33 if [ -z "${DOMAIN:-}" ]; then
34 DOMAIN="$(hostname -d)"
35 fi
36 if [[ "$HOST" == *:* ]]; then
37 HOST="${HOST%:*}.$DOMAIN:${HOST#*:}"
38 else
39 HOST="$HOST.$DOMAIN"
40 fi
41 fi
42
43 if [[ "$1" == "-u" ]]; then
44 # -u username
45 AUTH_METHOD="auth"
46 AUTH_ID="$2"
47 shift 2
48 elif [[ "$1" == "-rw" ]]; then
49 # To e.g. save Accept headers to the session
50 AUTH_METHOD="session"
51 shift 1
52 fi
53
54 if [[ "$1" == "--login" ]]; then
55 shift 1
56
57 # Check cache for OAuth client
58 if [ -f "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" ]; then
59 source "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
60 fi
61
62 OAUTH_META="$(http --check-status --json "https://$HOST/.well-known/oauth-authorization-server" Accept:application/json)"
63 AUTHORIZATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.authorization_endpoint')"
64 if [ -z "${OAUTH_CLIENT_INFO:-}" ]; then
65 # Register a new OAuth client
66 REGISTRATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.registration_endpoint')"
67 OAUTH_CLIENT_INFO="$(http --check-status "$REGISTRATION_ENDPOINT" Content-Type:application/json Accept:application/json client_name=rest client_uri="https://www.zash.se/rest-script.html" redirect_uris:='["urn:ietf:wg:oauth:2.0:oob"]')"
68 mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/rest/"
69 typeset -p OAUTH_CLIENT_INFO >> "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
70 fi
71
72 CLIENT_ID="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_id')"
73 CLIENT_SECRET="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_secret')"
74
75 open "$AUTHORIZATION_ENDPOINT?response_type=code&client_id=$CLIENT_ID&scope=openid+prosody:user"
76 read -p "Paste authorization code: " -s -r AUTHORIZATION_CODE
77
78 TOKEN_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.token_endpoint')"
79 TOKEN="$(http --check-status --form "$TOKEN_ENDPOINT" 'grant_type=authorization_code' "client_id=$CLIENT_ID" "client_secret=$CLIENT_SECRET" "code=$AUTHORIZATION_CODE" | jq -e -r '.access_token')"
80
81 USERINFO_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.userinfo_endpoint')"
82
83 if [ -n "${COLORTERM:-}" ]; then
84 echo -ne '\e[1K\e[G'
85 else
86 echo
87 fi
88 http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $TOKEN" Accept:application/json >&2
89 AUTH_METHOD="session-read-only"
90 AUTH_ID="rest"
91 fi
92
93 if [[ $# == 0 ]]; then
94 # Just login?
95 exit 0
96 fi
97
98 # For e.g /disco/example.com and such GET queries
99 GET_PATH=""
100 if [[ "$1" == /* ]]; then
101 GET_PATH="$1"
102 shift 1
103 fi
104
105 http --check-status -p b "--$AUTH_METHOD" "$AUTH_ID" "https://$HOST/rest$GET_PATH" "$@"