diff options
author | Levente Polyak <anthraxx@archlinux.org> | 2022-10-23 20:42:34 +0200 |
---|---|---|
committer | Levente Polyak <anthraxx@archlinux.org> | 2023-05-19 22:27:12 +0200 |
commit | 77d800eab2419b334cafd94b2e986351919def77 (patch) | |
tree | a4d38ebe249052ec926c59ad970440845055fef7 | |
parent | d2245b1943fd30ab0252e47d47871ac94e143339 (diff) | |
download | devtools-77d800eab2419b334cafd94b2e986351919def77.tar.xz |
auth: implemented module to authenticate against our GitLab
This helps to have a convenient way to manage and test our personal
GitLab tokens. Those are used for certain API calls like creating new
repositories.
prefill the access token web view as per
https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#prefill-personal-access-token-name-and-scopes
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r-- | contrib/completion/zsh/_devtools.in | 17 | ||||
-rw-r--r-- | doc/man/pkgctl-auth-login.1.asciidoc | 33 | ||||
-rw-r--r-- | doc/man/pkgctl-auth-status.1.asciidoc | 32 | ||||
-rw-r--r-- | doc/man/pkgctl-auth.1.asciidoc | 38 | ||||
-rw-r--r-- | doc/man/pkgctl.1.asciidoc | 4 | ||||
-rw-r--r-- | src/lib/auth.sh | 72 | ||||
-rw-r--r-- | src/lib/auth/login.sh | 93 | ||||
-rw-r--r-- | src/lib/auth/status.sh | 69 | ||||
-rw-r--r-- | src/pkgctl.in | 9 |
9 files changed, 367 insertions, 0 deletions
diff --git a/contrib/completion/zsh/_devtools.in b/contrib/completion/zsh/_devtools.in index b210378..6ff6cad 100644 --- a/contrib/completion/zsh/_devtools.in +++ b/contrib/completion/zsh/_devtools.in @@ -18,6 +18,22 @@ _archbuild_args=( '--[Introduce makechrootpkg options]:*::makechrootpkg options:= _dispatch makechrootpkg makechrootpkg' ) +_pkgctl_auth_cmds=( + "pkgctl auth command" + "login[Authenticate with the GitLab instance]" + "status[View authentication status]" +) + +_pkgctl_auth_login_args=( + '(-g --gen-access-token)'{-g,--gen-access-token}'[Open the URL to generate a new personal access token]' + '(-h --help)'{-h,--help}'[Display usage]' +) + +_pkgctl_auth_status_args=( + '(-t --show-token)'{-t,--show-token}'[Display the auth token]' + '(-h --help)'{-h,--help}'[Display usage]' +) + _pkgctl_repo_cmds=( "pkgctl repo command" "clone[Clone a package repository]" @@ -154,6 +170,7 @@ _devtools_completions_all_packages() { _pkgctl_cmds=( "pkgctl command" + "auth[Authenticate with services like GitLab]" "diff[Compare package files using different modes]" "repo[Manage Git packaging repositories and their configuration]" ) diff --git a/doc/man/pkgctl-auth-login.1.asciidoc b/doc/man/pkgctl-auth-login.1.asciidoc new file mode 100644 index 0000000..9c32ab2 --- /dev/null +++ b/doc/man/pkgctl-auth-login.1.asciidoc @@ -0,0 +1,33 @@ +pkgctl-auth-login(1) +==================== + +Name +---- +pkgctl-auth-login - Authenticate with the GitLab instance + +Synopsis +-------- +pkgctl auth login [OPTIONS] + +Description +----------- + +Interactively authenticate with the GitLab instance. + +The minimum required scopes for the token are: 'api', 'write_repository'. + +Options +------- + +*-g, --gen-access-token*:: + Open the URL to generate a new personal access token + +*-h, --help*:: + Show a help text + +See Also +-------- + +linkman:pkgctl-auth-status[1] + +include::include/footer.asciidoc[] diff --git a/doc/man/pkgctl-auth-status.1.asciidoc b/doc/man/pkgctl-auth-status.1.asciidoc new file mode 100644 index 0000000..e23ee2e --- /dev/null +++ b/doc/man/pkgctl-auth-status.1.asciidoc @@ -0,0 +1,32 @@ +pkgctl-auth-status(1) +===================== + +Name +---- +pkgctl-auth-status - View authentication status + +Synopsis +-------- +pkgctl auth status [OPTIONS] + +Description +----------- + +Verifies and displays information about your authentication state of +services like the GitLab instance and reports issues if any. + +Options +------- + +*-t, --show-token*:: + Display the auth token + +*-h, --help*:: + Show a help text + +See Also +-------- + +linkman:pkgctl-auth-login[1] + +include::include/footer.asciidoc[] diff --git a/doc/man/pkgctl-auth.1.asciidoc b/doc/man/pkgctl-auth.1.asciidoc new file mode 100644 index 0000000..4912b02 --- /dev/null +++ b/doc/man/pkgctl-auth.1.asciidoc @@ -0,0 +1,38 @@ +pkgctl-auth(1) +============== + +Name +---- +pkgctl-auth - Authenticate with serivces like GitLab. + +Synopsis +-------- +pkgctl auth [OPTIONS] [SUBCOMMAND] + +Description +----------- + +Manage the authorization for the GitLab instance and show its current status. + +Options +------- + +*-h, --help*:: + Show a help text + +Subcommands +----------- + +pkgctl auth login:: + Authenticate with the GitLab instance + +pkgctl auth status:: + View authentication status + +See Also +-------- + +linkman:pkgctl-auth-login[1] +linkman:pkgctl-auth-status[1] + +include::include/footer.asciidoc[] diff --git a/doc/man/pkgctl.1.asciidoc b/doc/man/pkgctl.1.asciidoc index 0455074..45d5187 100644 --- a/doc/man/pkgctl.1.asciidoc +++ b/doc/man/pkgctl.1.asciidoc @@ -17,6 +17,9 @@ TODO Subcommands ----------- +pkgctl auth:: + Authenticate with services like GitLab + pkgctl diff:: Compare package files using different modes @@ -26,6 +29,7 @@ pkgctl repo:: See Also -------- +linkman:pkgctl-auth[1] linkman:pkgctl-diff[1] linkman:pkgctl-repo[1] diff --git a/src/lib/auth.sh b/src/lib/auth.sh new file mode 100644 index 0000000..77d6a90 --- /dev/null +++ b/src/lib/auth.sh @@ -0,0 +1,72 @@ +#!/hint/bash +# +# This may be included with or without `set -euE` +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[[ -z ${DEVTOOLS_INCLUDE_AUTH_SH:-} ]] || return 0 +DEVTOOLS_INCLUDE_AUTH_SH=1 + +_DEVTOOLS_LIBRARY_DIR=${_DEVTOOLS_LIBRARY_DIR:-@pkgdatadir@} + +set -e + + +pkgctl_auth_usage() { + local -r COMMAND=${_DEVTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}} + cat <<- _EOF_ + Usage: ${COMMAND} [COMMAND] [OPTIONS] + + Authenticate with services like GitLab. + + COMMANDS + login Authenticate with the GitLab instance + status View authentication status + + OPTIONS + -h, --help Show this help text + + EXAMPLES + $ ${COMMAND} login --gen-access-token + $ ${COMMAND} status +_EOF_ +} + +pkgctl_auth() { + if (( $# < 1 )); then + pkgctl_auth_usage + exit 0 + fi + + # option checking + while (( $# )); do + case $1 in + -h|--help) + pkgctl_auth_usage + exit 0 + ;; + login) + _DEVTOOLS_COMMAND+=" $1" + shift + # shellcheck source=src/lib/auth/login.sh + source "${_DEVTOOLS_LIBRARY_DIR}"/lib/auth/login.sh + pkgctl_auth_login "$@" + exit 0 + ;; + status) + _DEVTOOLS_COMMAND+=" $1" + shift + # shellcheck source=src/lib/auth/status.sh + source "${_DEVTOOLS_LIBRARY_DIR}"/lib/auth/status.sh + pkgctl_auth_status "$@" + exit 0 + ;; + -*) + die "invalid argument: %s" "$1" + ;; + *) + die "invalid command: %s" "$1" + ;; + esac + done +} diff --git a/src/lib/auth/login.sh b/src/lib/auth/login.sh new file mode 100644 index 0000000..083e80a --- /dev/null +++ b/src/lib/auth/login.sh @@ -0,0 +1,93 @@ +#!/hint/bash +# +# This may be included with or without `set -euE` +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[[ -z ${DEVTOOLS_INCLUDE_AUTH_LOGIN_SH:-} ]] || return 0 +DEVTOOLS_INCLUDE_AUTH_LOGIN_SH=1 + +_DEVTOOLS_LIBRARY_DIR=${_DEVTOOLS_LIBRARY_DIR:-@pkgdatadir@} +# shellcheck source=src/lib/common.sh +source "${_DEVTOOLS_LIBRARY_DIR}"/lib/common.sh +# shellcheck source=src/lib/config.sh +source "${_DEVTOOLS_LIBRARY_DIR}"/lib/config.sh +# shellcheck source=src/lib/api/gitlab.sh +source "${_DEVTOOLS_LIBRARY_DIR}"/lib/api/gitlab.sh + +set -e + + +pkgctl_auth_login_usage() { + local -r COMMAND=${_DEVTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}} + cat <<- _EOF_ + Usage: ${COMMAND} [OPTIONS] + + Interactively authenticate with the GitLab instance. + + The minimum required scopes for the token are: 'api', 'write_repository'. + + OPTIONS + -g, --gen-access-token Open the URL to generate a new personal access token + -h, --help Show this help text + + EXAMPLES + $ ${COMMAND} + $ ${COMMAND} --gen-access-token +_EOF_ +} + + +pkgctl_auth_login() { + local token personal_access_token_url + local GEN_ACESS_TOKEN=0 + + # option checking + while (( $# )); do + case $1 in + -h|--help) + pkgctl_auth_login_usage + exit 0 + ;; + -g|--gen-access-token) + GEN_ACESS_TOKEN=1 + shift + ;; + *) + die "invalid argument: %s" "$1" + ;; + esac + done + + personal_access_token_url="https://${GITLAB_HOST}/-/profile/personal_access_tokens?name=pkgctl+token&scopes=api,write_repository" + + cat <<- _EOF_ + Logging into ${BOLD}${GITLAB_HOST}${ALL_OFF} + + Tip: you can generate a Personal Access Token here ${personal_access_token_url} + The minimum required scopes are 'api' and 'write_repository'. +_EOF_ + + if (( GEN_ACESS_TOKEN )); then + xdg-open "${personal_access_token_url}" 2>/dev/null + fi + + # read token from stdin + read -s -r -p "${GREEN}?${ALL_OFF} ${BOLD}Paste your authentication token:${ALL_OFF} " token + echo + + if [[ -z ${token} ]]; then + msg_error " No token provided" + exit 1 + fi + + # check if the passed token works + GITLAB_TOKEN="${token}" + if ! result=$(gitlab_api_get_user); then + printf "%s\n" "$result" + exit 1 + fi + + msg_success " Logged in as ${BOLD}${result}${ALL_OFF}" + save_devtools_config +} diff --git a/src/lib/auth/status.sh b/src/lib/auth/status.sh new file mode 100644 index 0000000..6cbaab1 --- /dev/null +++ b/src/lib/auth/status.sh @@ -0,0 +1,69 @@ +#!/hint/bash +# +# This may be included with or without `set -euE` +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[[ -z ${DEVTOOLS_INCLUDE_AUTH_STATUS_SH:-} ]] || return 0 +DEVTOOLS_INCLUDE_AUTH_STATUS_SH=1 + +_DEVTOOLS_LIBRARY_DIR=${_DEVTOOLS_LIBRARY_DIR:-@pkgdatadir@} +# shellcheck source=src/lib/common.sh +source "${_DEVTOOLS_LIBRARY_DIR}"/lib/common.sh +# shellcheck source=src/lib/api/gitlab.sh +source "${_DEVTOOLS_LIBRARY_DIR}"/lib/api/gitlab.sh + +set -e + + +pkgctl_auth_status_usage() { + local -r COMMAND=${_DEVTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}} + cat <<- _EOF_ + Usage: ${COMMAND} [OPTIONS] + + Verifies and displays information about your authentication state of + services like the GitLab instance and reports issues if any. + + OPTIONS + -t, --show-token Display the auth token + -h, --help Show this help text + + EXAMPLES + $ ${COMMAND} + $ ${COMMAND} --show-token +_EOF_ +} + +pkgctl_auth_status() { + local SHOW_TOKEN=0 + # option checking + while (( $# )); do + case $1 in + -h|--help) + pkgctl_auth_status_usage + exit 0 + ;; + -t|--show-token) + SHOW_TOKEN=1 + shift + ;; + *) + die "invalid argument: %s" "$1" + ;; + esac + done + + printf "%s\n" "${BOLD}${GITLAB_HOST}${ALL_OFF}" + # shellcheck disable=2119 + if ! username=$(gitlab_api_get_user); then + printf "%s\n" "${username}" + exit 1 + fi + + msg_success " Logged in as ${BOLD}${username}${ALL_OFF}" + if (( SHOW_TOKEN )); then + msg_success " Token: ${GITLAB_TOKEN}" + else + msg_success " Token: **************************" + fi +} diff --git a/src/pkgctl.in b/src/pkgctl.in index 35305c1..e024d1f 100644 --- a/src/pkgctl.in +++ b/src/pkgctl.in @@ -19,6 +19,7 @@ usage() { Unified command-line frontend for devtools. COMMANDS + auth Authenticate with services like GitLab diff Compare package files using different modes repo Manage Git packaging repositories and their configuration @@ -51,6 +52,14 @@ while (( $# )); do pkgctl_repo "$@" exit 0 ;; + auth) + _DEVTOOLS_COMMAND+=" $1" + shift + # shellcheck source=src/lib/auth.sh + source "${_DEVTOOLS_LIBRARY_DIR}"/lib/auth.sh + pkgctl_auth "$@" + exit 0 + ;; diff) _DEVTOOLS_COMMAND+=" $1" shift |