diff options
Diffstat (limited to 'upload_amo.sh')
| -rwxr-xr-x | upload_amo.sh | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/upload_amo.sh b/upload_amo.sh new file mode 100755 index 0000000..71e12ca --- /dev/null +++ b/upload_amo.sh @@ -0,0 +1,113 @@ +#!/bin/sh + +# This file is part of Haketilo +# +# Copyright (C) 2021, Wojtek Kosior +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the CC0 1.0 Universal License as published by +# the Creative Commons Corporation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# CC0 1.0 Universal License for more details. + +set -e + +. ./shell_utils.sh + +_PROG_NAME="$0" +OPERATION="$1" +API_KEY="$2" +SECRET="$3" +XPI_PATH="$4" + +base64url() { + printf %s "$1" | base64 -w 0 | tr '/+' '_-' | tr -d '=' +} + +sha256hmac() { + base64url "$(printf %s "$2" | openssl dgst -sha256 -hmac "$1" -binary -)" +} + +get_manifest_key() { + get_json_key "$1" "$(unzip -p "$2" manifest.json)" +} + +generate_jwt() { + local JWT_HEAD='{"alg":"HS256", "typ":"JWT"}' + local JWT_ID=$(dd if=/dev/random bs=21 count=1 2>/dev/null | base64) + local ISSUED_AT_TIME=$(date -u +%s) + local EXPIRATION_TIME=$((ISSUED_AT_TIME + 300)) + local JWT_PAYLOAD="$(cat <<EOF +{ + "iss": "$API_KEY", + "jti": "$JWT_ID", + "iat": $ISSUED_AT_TIME, + "exp": $EXPIRATION_TIME +} +EOF + )" + local JWT_MESSAGE=$(base64url "$JWT_HEAD").$(base64url "$JWT_PAYLOAD") + local JWT_SIGNATURE=$(sha256hmac "$SECRET" "$JWT_MESSAGE") + local JWT=$JWT_MESSAGE.$JWT_SIGNATURE + printf "Using JWT: $JWT\n" >&2 + printf $JWT +} + +get_extension_url() { + EXTENSION_ID="$(get_manifest_key id "$XPI_PATH")" + EXTENSION_VER="$(get_manifest_key version "$XPI_PATH")" + + if [ -z "$EXTENSION_ID" -o -z "$EXTENSION_VER" ]; then + printf "Couldn't extract extension id and version. Please check if %s contains proper manifest.json file.\n" \ + "$XPI_PATH" >&2 + exit 1 + fi + + printf 'https://addons.mozilla.org/api/v4/addons/%s/versions/%s/' \ + "$EXTENSION_ID" "$EXTENSION_VER" +} + +print_usage() { + printf 'Usage: %s upload|check|test API_KEY SECRET XPI_PATH\n' \ + "$_PROG_NAME" >&2 +} + +if [ $# != 4 ]; then + print_usage + exit 1 +fi + +unset RETURNED_DATA + +case "$OPERATION" in + test) + curl "https://addons.mozilla.org/api/v4/accounts/profile/" \ + -g -H "Authorization: JWT $(generate_jwt)" + printf '\n' + ;; + check) + RETURNED_DATA="$(curl $(get_extension_url) \ + -g -H "Authorization: JWT $(generate_jwt)")" + ;; + upload) + RETURNED_DATA="$(curl $(get_extension_url) \ + -g -XPUT --form "upload=@$XPI_PATH" \ + -H "Authorization: JWT $(generate_jwt)")" + ;; + *) + print_usage + exit 1 + ;; +esac + +if [ -n "$RETURNED_DATA" ]; then + printf "addons.mozilla.org says:\n%s\n" "$RETURNED_DATA" + DOWNLOAD_URL="$(get_json_key download_url "$RETURNED_DATA")" + if [ -n "$DOWNLOAD_URL" ]; then + printf "Downloading extension file from %s\n" "$DOWNLOAD_URL" + curl "$DOWNLOAD_URL" -g -H "Authorization: JWT $(generate_jwt)" -O + fi +fi |