From d7e48c5855156b65335b228bb5de81fc500d8ace Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 1 Oct 2021 22:05:29 +0200 Subject: Add complete firefox extension upload and download functionality --- shell_utils.sh | 6 ++++ upload_amo.sh | 112 +++++++++++++++++++++++++++++++++++++++++++++------------ 2 files changed, 96 insertions(+), 22 deletions(-) diff --git a/shell_utils.sh b/shell_utils.sh index 95e0d4e..30dfead 100644 --- a/shell_utils.sh +++ b/shell_utils.sh @@ -6,6 +6,12 @@ ENDL=" " +# A "raw" echo, interprets neither backclash escapes nor command-line options. +# Does not emit trailing newline. +ech() { + printf %s "$*" +} + errcho() { echo "$@" >&2 } diff --git a/upload_amo.sh b/upload_amo.sh index 3ac7028..2d16c63 100755 --- a/upload_amo.sh +++ b/upload_amo.sh @@ -24,27 +24,45 @@ set -e +. ./shell_utils.sh + +_PROG_NAME="$0" +OPERATION="$1" +API_KEY="$2" +SECRET="$3" +XPI_PATH="$4" + base64url() { - echo -n "$1" | base64 -w 0 | tr '/+' '_-' | tr -d '=' + ech "$1" | base64 -w 0 | tr '/+' '_-' | tr -d '=' } sha256hmac() { - base64url "$(echo -n "$2" | openssl dgst -sha256 -hmac "$1" -binary -)" + base64url "$(ech "$2" | openssl dgst -sha256 -hmac "$1" -binary -)" } -if [ $# != 3 ]; then - echo "Usage: $0 API_KEY SECRET XPI_PATH" 1>&2 - exit 1 -fi +escape_regex_special() { + ech "$1" | sed 's/\([]\.*?{},()[-]\)/\\\1/g' +} + +# Note: We don't actually parse JSON. We extract needed keys with sed regexes +# which does not work in the general case but is sufficient for now. +get_json_key() { + local KEY_REG="$(escape_regex_special "$1")" + ech "$2" | + sed 's/\(.*"'"$KEY_REG"'"[[:space:]]*:[[:space:]]*"\([^"]*\)"\)\?.*/\2/' | + grep . | head -1 +} + +get_manifest_key() { + get_json_key "$1" "$(unzip -p "$2" manifest.json)" +} -API_KEY="$1" -SECRET="$2" -XPI_PATH="$3" -JWT_HEAD='{"alg":"HS256", "typ":"JWT"}' -JWT_ID=$(dd if=/dev/random bs=21 count=1 2>/dev/null | base64) -ISSUED_AT_TIME=$(date -u +%s) -EXPIRATION_TIME=$((ISSUED_AT_TIME + 300)) -JWT_PAYLOAD=$(cat </dev/null | base64) + local ISSUED_AT_TIME=$(date -u +%s) + local EXPIRATION_TIME=$((ISSUED_AT_TIME + 300)) + local JWT_PAYLOAD="$(cat <