#!/bin/sh # This file is part of Haketilo # # Copyright (C) 2021, Wojtek Kosior # # This program is free software: you can redistribute it and/or modify # it under the terms of the CC0 1.0 Universal License as published by # the Creative Commons Corporation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # CC0 1.0 Universal License for more details. set -e _PROG_NAME="$0" OPERATION="$1" API_KEY="$2" SECRET="$3" XPI_PATH="$4" escape_regex_special() { printf %s "$1" | sed 's/\([]\.*[-]\)/\\\1/g' } # Note: We don't actually parse JSON. We extract needed keys with sed regexes # which does not work in the general case but is sufficient for now. _get_json_key() { local KEY_REG="$(escape_regex_special "$1")" printf %s "$2" | awk '{printf "%s", $0}' | sed 's/^.*\("'"$KEY_REG"'"[[:space:]]*:[[:space:]]*"\([^"]*\)"\).*$/\2/' } get_json_key() { local JSON="$2" local VALUE="$(_get_json_key "$@")" if [ "x$VALUE" != "x$JSON" ]; then printf %s "$VALUE" fi } base64url() { printf %s "$1" | base64 -w 0 | tr '/+' '_-' | tr -d '=' } sha256hmac() { base64url "$(printf %s "$2" | openssl dgst -sha256 -hmac "$1" -binary -)" } get_manifest_key() { get_json_key "$1" "$(unzip -p "$2" manifest.json)" } generate_jwt() { local JWT_HEAD='{"alg":"HS256", "typ":"JWT"}' local JWT_ID=$(dd if=/dev/random bs=21 count=1 2>/dev/null | base64) local ISSUED_AT_TIME=$(date -u +%s) local EXPIRATION_TIME=$((ISSUED_AT_TIME + 300)) local JWT_PAYLOAD="$(cat <&2 printf $JWT } get_extension_url() { EXTENSION_ID="$(get_manifest_key id "$XPI_PATH")" EXTENSION_VER="$(get_manifest_key version "$XPI_PATH")" if [ -z "$EXTENSION_ID" -o -z "$EXTENSION_VER" ]; then printf "Couldn't extract extension id and version. Please check if %s contains proper manifest.json file.\n" \ "$XPI_PATH" >&2 exit 1 fi printf 'https://addons.mozilla.org/api/v4/addons/%s/versions/%s/' \ "$EXTENSION_ID" "$EXTENSION_VER" } print_usage() { printf 'Usage: %s upload|check|test API_KEY SECRET XPI_PATH\n' \ "$_PROG_NAME" >&2 } if [ $# != 4 ]; then print_usage exit 1 fi unset RETURNED_DATA case "$OPERATION" in test) curl "https://addons.mozilla.org/api/v4/accounts/profile/" \ -g -H "Authorization: JWT $(generate_jwt)" printf '\n' ;; check) RETURNED_DATA="$(curl $(get_extension_url) \ -g -H "Authorization: JWT $(generate_jwt)")" ;; upload) RETURNED_DATA="$(curl $(get_extension_url) \ -g -XPUT --form "upload=@$XPI_PATH" \ -H "Authorization: JWT $(generate_jwt)")" ;; *) print_usage exit 1 ;; esac if [ -n "$RETURNED_DATA" ]; then printf "addons.mozilla.org says:\n%s\n" "$RETURNED_DATA" DOWNLOAD_URL="$(get_json_key download_url "$RETURNED_DATA")" if [ -n "$DOWNLOAD_URL" ]; then printf "Downloading extension file from %s\n" "$DOWNLOAD_URL" curl "$DOWNLOAD_URL" -g -H "Authorization: JWT $(generate_jwt)" -O fi fi pan class='msg-avail'>...Tobias Geerinckx-Rice 2020-10-19gnu: tinyscheme: Update to 1.42....Tobias Geerinckx-Rice 2020-09-02gnu: Add gerbil...Edouard Klein 2020-08-31gnu: racket-minimal: Fix hash for version 7.8....Brendan Tildesley