|
1
|
#!/bin/sh
|
|
2
|
|
|
3
|
# This file is part of Haketilo
|
|
4
|
#
|
|
5
|
# Copyright (C) 2021, Wojtek Kosior
|
|
6
|
#
|
|
7
|
# This program is free software: you can redistribute it and/or modify
|
|
8
|
# it under the terms of the CC0 1.0 Universal License as published by
|
|
9
|
# the Creative Commons Corporation.
|
|
10
|
#
|
|
11
|
# This program is distributed in the hope that it will be useful,
|
|
12
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
13
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
14
|
# CC0 1.0 Universal License for more details.
|
|
15
|
|
|
16
|
set -e
|
|
17
|
|
|
18
|
. ./shell_utils.sh
|
|
19
|
|
|
20
|
_PROG_NAME="$0"
|
|
21
|
OPERATION="$1"
|
|
22
|
API_KEY="$2"
|
|
23
|
SECRET="$3"
|
|
24
|
XPI_PATH="$4"
|
|
25
|
|
|
26
|
base64url() {
|
|
27
|
printf %s "$1" | base64 -w 0 | tr '/+' '_-' | tr -d '='
|
|
28
|
}
|
|
29
|
|
|
30
|
sha256hmac() {
|
|
31
|
base64url "$(printf %s "$2" | openssl dgst -sha256 -hmac "$1" -binary -)"
|
|
32
|
}
|
|
33
|
|
|
34
|
get_manifest_key() {
|
|
35
|
get_json_key "$1" "$(unzip -p "$2" manifest.json)"
|
|
36
|
}
|
|
37
|
|
|
38
|
generate_jwt() {
|
|
39
|
local JWT_HEAD='{"alg":"HS256", "typ":"JWT"}'
|
|
40
|
local JWT_ID=$(dd if=/dev/random bs=21 count=1 2>/dev/null | base64)
|
|
41
|
local ISSUED_AT_TIME=$(date -u +%s)
|
|
42
|
local EXPIRATION_TIME=$((ISSUED_AT_TIME + 300))
|
|
43
|
local JWT_PAYLOAD="$(cat <<EOF
|
|
44
|
{
|
|
45
|
"iss": "$API_KEY",
|
|
46
|
"jti": "$JWT_ID",
|
|
47
|
"iat": $ISSUED_AT_TIME,
|
|
48
|
"exp": $EXPIRATION_TIME
|
|
49
|
}
|
|
50
|
EOF
|
|
51
|
)"
|
|
52
|
local JWT_MESSAGE=$(base64url "$JWT_HEAD").$(base64url "$JWT_PAYLOAD")
|
|
53
|
local JWT_SIGNATURE=$(sha256hmac "$SECRET" "$JWT_MESSAGE")
|
|
54
|
local JWT=$JWT_MESSAGE.$JWT_SIGNATURE
|
|
55
|
printf "Using JWT: $JWT\n" >&2
|
|
56
|
printf $JWT
|
|
57
|
}
|
|
58
|
|
|
59
|
get_extension_url() {
|
|
60
|
EXTENSION_ID="$(get_manifest_key id "$XPI_PATH")"
|
|
61
|
EXTENSION_VER="$(get_manifest_key version "$XPI_PATH")"
|
|
62
|
|
|
63
|
if [ -z "$EXTENSION_ID" -o -z "$EXTENSION_VER" ]; then
|
|
64
|
printf "Couldn't extract extension id and version. Please check if %s contains proper manifest.json file.\n" \
|
|
65
|
"$XPI_PATH" >&2
|
|
66
|
exit 1
|
|
67
|
fi
|
|
68
|
|
|
69
|
printf 'https://addons.mozilla.org/api/v4/addons/%s/versions/%s/' \
|
|
70
|
"$EXTENSION_ID" "$EXTENSION_VER"
|
|
71
|
}
|
|
72
|
|
|
73
|
print_usage() {
|
|
74
|
printf 'Usage: %s upload|check|test API_KEY SECRET XPI_PATH\n' \
|
|
75
|
"$_PROG_NAME" >&2
|
|
76
|
}
|
|
77
|
|
|
78
|
if [ $# != 4 ]; then
|
|
79
|
print_usage
|
|
80
|
exit 1
|
|
81
|
fi
|
|
82
|
|
|
83
|
unset RETURNED_DATA
|
|
84
|
|
|
85
|
case "$OPERATION" in
|
|
86
|
test)
|
|
87
|
curl "https://addons.mozilla.org/api/v4/accounts/profile/" \
|
|
88
|
-g -H "Authorization: JWT $(generate_jwt)"
|
|
89
|
printf '\n'
|
|
90
|
;;
|
|
91
|
check)
|
|
92
|
RETURNED_DATA="$(curl $(get_extension_url) \
|
|
93
|
-g -H "Authorization: JWT $(generate_jwt)")"
|
|
94
|
;;
|
|
95
|
upload)
|
|
96
|
RETURNED_DATA="$(curl $(get_extension_url) \
|
|
97
|
-g -XPUT --form "upload=@$XPI_PATH" \
|
|
98
|
-H "Authorization: JWT $(generate_jwt)")"
|
|
99
|
;;
|
|
100
|
*)
|
|
101
|
print_usage
|
|
102
|
exit 1
|
|
103
|
;;
|
|
104
|
esac
|
|
105
|
|
|
106
|
if [ -n "$RETURNED_DATA" ]; then
|
|
107
|
printf "addons.mozilla.org says:\n%s\n" "$RETURNED_DATA"
|
|
108
|
DOWNLOAD_URL="$(get_json_key download_url "$RETURNED_DATA")"
|
|
109
|
if [ -n "$DOWNLOAD_URL" ]; then
|
|
110
|
printf "Downloading extension file from %s\n" "$DOWNLOAD_URL"
|
|
111
|
curl "$DOWNLOAD_URL" -g -H "Authorization: JWT $(generate_jwt)" -O
|
|
112
|
fi
|
|
113
|
fi
|