Adding legacy oauth device flow scripts pointing to correct client_id.

gm3dmo · Jul 28, 2023 · 9b4f7fd · 9b4f7fd
1 parent 75b2eea
commit 9b4f7fd
Show file tree

Hide file tree

Showing 2 changed files with 178 additions and 0 deletions.
diff --git a/legacy-oauth-device-flow-step3.sh b/legacy-oauth-device-flow-step3.sh
@@ -0,0 +1,66 @@
+.  ./.gh-api-examples.conf
+
+# https://docs.github.com/en/developers/apps/authorizing-oauth-apps#device-flow
+# POST https://github.com/login/oauth/access_token
+
+json_file=tmp/step3-device-flow.json
+step1_response_file=tmp/step1-response.json
+step3_response_file=tmp/step3-response.json
+
+device_code=$(cat ${step1_response_file} | jq -r '.device_code')
+grant_type="urn:ietf:params:oauth:grant-type:device_code"
+
+echo ========== Step 3: Extract device code from step1 response file ========
+echo
+echo device code:
+echo $device_code
+echo
+echo ========================================================================
+echo
+echo
+
+echo ========== Step 3: Create step 3 device flow file =======================
+echo
+echo
+jq -n \
+                --arg client_id "${x_client_id}" \
+                --arg device_code "${device_code}" \
+                --arg grant_type "${grant_type}" \
+                '{ client_id: $client_id, device_code: $device_code, grant_type: $grant_type }'  > ${json_file}
+cat ${json_file} | jq -r
+echo
+echo ========================================================================
+echo
+echo
+
+# This is a gnarly thing to do but saves rewriting how the config file
+# gets populated for this one script that uses github.com for the device flow.
+if [ $hostname = "api.github.com" ];
+then
+  hostname="github.com"
+fi
+
+
+echo "========== Step 3: POST step 3 device flow file to /login/oauth/access_token ======================="
+echo
+echo
+set -x
+curl  ${curl_custom_flags} \
+     -H "Content-type: application/json" \
+     -H "Accept: application/vnd.github.v3+json" \
+     -H "Authorization: Bearer ${GITHUB_TOKEN}" \
+        https://${hostname}/login/oauth/access_token  --data @${json_file} -o ${step3_response_file}
+set +x
+echo
+echo ========================================================================
+echo
+echo
+
+
+echo ========== Step 3: Output the step 3 response file =====================
+echo
+cat ${step3_response_file} | jq -r
+echo
+echo ========================================================================
+echo
+echo
diff --git a/legacy-oauth-device-flow-steps1-and-2.sh b/legacy-oauth-device-flow-steps1-and-2.sh
@@ -0,0 +1,112 @@
+.  ./.gh-api-examples.conf
+
+# https://docs.github.com/en/developers/apps/authorizing-oauth-apps#device-flow
+# POST https://github.com/login/device/code
+
+json_file=tmp/oauth-device-flow-step1.json
+step1_response_file=tmp/step1-response.json
+
+scope="read:enterprise"
+
+jq -n \
+                --arg client_id "${x_client_id}" \
+                --arg scope  "${scope}" \
+                '{ client_id: $client_id, scope: $scope  }'  > ${json_file}
+
+echo ========== Step 1: json file for client and scope ======================
+echo 
+echo " the $json_file contents:"
+echo
+cat ${json_file} | jq -r
+echo
+echo ========================================================================
+
+
+# This is a gnarly thing to do but saves rewriting how the config file
+# gets populated for this one script that uses github.com for the device flow.
+if [ $hostname = "api.github.com" ];
+then
+  hostname="github.com"
+fi
+
+echo "========== Step 1: Deliver json file to /login/device/code ============="
+echo 
+
+set -x
+curl ${curl_custom_flags} \
+     -H "Content-type: application/json" \
+     -H "Accept: application/vnd.github.v3+json" \
+     -H "Authorization: Bearer ${GITHUB_TOKEN}" \
+        https://${hostname}/login/device/code --data @${json_file}  --output ${step1_response_file}
+set +x
+echo
+echo ========================================================================
+
+echo
+echo ============ Step 1: Display contents of response ======================
+echo
+echo " Contents of step 1 response file:"
+echo
+cat ${step1_response_file} | jq -r
+echo 
+echo ========================================================================
+
+
+# Extract the user code:
+user_code=$(cat ${step1_response_file} | jq -r '.user_code')
+
+echo
+echo
+echo ============ Step 2: Open Browser, Login, Enter Device Code ============
+echo 
+echo "To complete device flow step 2:"
+echo " - Press Enter to start a browser "
+echo " - login to GitHub in the browser" 
+echo " - Enter the user code: ${user_code} in the browser"
+echo
+read x
+
+echo ========================================================================
+
+
+if [ "${preferred_browser}" = "chrome" ]; then
+    browser="Google Chrome"
+elif [ "${preferred_browser}" = "firefox" ]; then
+    browser="Firefox"
+elif [ "${preferred_browser}" = "edge" ]; then
+    browser="Microsoft Edge"
+fi
+
+incognito=false
+
+# Chrome (Mac)
+if [ "${browser}" = "Google Chrome" ];
+then
+    if [ "${incognito}" == "true" ]; then
+        open -n -a "$browser" --args  -incognito "http://${hostname}/login/device"
+    else
+        open -n -a "$browser" --args --profile-directory="$chrome_profile" "http://${hostname}/login/device"
+    fi
+fi
+
+# Firefox (Mac)
+if [ "${browser}" = "Firefox" ];
+then
+    if [ "${incognito}" == "true" ]; then
+        open -n -a "$browser" --args  -private "http://${hostname}/login/device"
+    else
+        open -n -a "$browser" --args  "http://${hostname}/login/device"
+    fi
+fi
+
+# Edge (Mac)
+if [ "${browser}" = "Microsoft Edge" ];
+then
+    if [ "${incognito}" == "true" ]; then
+        open -n -a "$browser" --args  -incognito "http://${hostname}/login/device"
+    else
+        open -n -a "$browser" --args  "http://${hostname}/login/device"
+    fi
+fi
+
+