Created
November 19, 2021 18:52
-
-
Save grampelberg/55fc0c3482e5cffb893b3bc9b8d7e041 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -o errexit -o nounset -o pipefail | |
| cfg="${HOME}/.oprc" | |
| required_cfg=( | |
| 'OP_ADDRESS' | |
| 'OP_EMAIL' | |
| 'OP_ACCOUNT_KEY' | |
| 'OP_MASTER' | |
| 'OP_AWS_LOGIN' | |
| ) | |
| required_cmds=( | |
| 'op https://1password.com/downloads/command-line/' | |
| 'security https://www.unix.com/man-page/osx/1/security/' | |
| ) | |
| keychain_error="You must have %s set to the name of the entry in your keychain that corresponds | |
| to your 1password master password. Configure it in %s." | |
| aws_login_error="You must have %s set to the name of the login for AWS in 1password. | |
| Configure it in %s and try again." | |
| function -h { | |
| cat <<USAGE | |
| USAGE: 1password | |
| Requirements: | |
| USAGE | |
| } | |
| function --help { -h; } # A nice way to handle -h and --help | |
| export LC_ALL=en_US.UTF-8 # A locale that works consistently | |
| # function output_shutdown { | |
| # printf "shutdown!\n" | |
| # } | |
| # function main { | |
| # printf "oh hai\n" | |
| # trap 'output_shutdown' TERM | |
| # sleep infinity | |
| # } | |
| function check_var { | |
| if [ -z ${!1+x} ]; then | |
| err "${1} is unset, add to ~/.oprc and try again" | |
| exit 1 | |
| fi | |
| } | |
| function check_cmd { | |
| if [[ -z "$(command -v "${1}")" ]]; then | |
| err "${1} is required, see install instructions at: ${2}" | |
| exit 1 | |
| fi | |
| } | |
| function check_file { | |
| if [ ! -f "${1}" ]; then | |
| touch "${1}" | |
| fi | |
| } | |
| function check_keychain { | |
| if ! grep -q "\"${!1}\"" < <(security dump-keychain); then | |
| # shellcheck disable=SC2059 | |
| err "$(printf "${keychain_error}" "${1}" "${cfg}")" | |
| exit 1 | |
| fi | |
| } | |
| function check_login { | |
| if ! op get item --fields ignore "${!1}" &>/dev/null; then | |
| # shellcheck disable=SC2059 | |
| err "$(printf "${aws_login_error}" "${1}" "${cfg}")" | |
| exit 1 | |
| fi | |
| } | |
| function dependencies { | |
| check_file "${cfg}" | |
| # shellcheck disable=SC1090 | |
| . "${cfg}" | |
| for var in "${required_cfg[@]}"; do | |
| check_var "${var}" | |
| done | |
| for var in "${required_cmds[@]}"; do | |
| IFS=' ' read -r -a args <<<"${var}" | |
| check_cmd "${args[0]}" "${args[1]}" | |
| done | |
| check_keychain "OP_MASTER" | |
| } | |
| function signin { | |
| eval "$( | |
| op signin \ | |
| "${OP_ADDRESS}" \ | |
| "${OP_EMAIL}" \ | |
| "${OP_ACCOUNT_KEY}" < \ | |
| <(security find-generic-password -s op-master-airbnb -w) | |
| )" | |
| } | |
| function get_token { | |
| op get totp "${1}" | |
| } | |
| function main { | |
| dependencies | |
| signin | |
| check_login "OP_AWS_LOGIN" | |
| get_token "${OP_AWS_LOGIN}" | |
| } | |
| function msg { out "$*" >&2; } | |
| function err { | |
| local x=$? | |
| msg "$(tput setaf 1)$*$(tput sgr0)" | |
| return $((x == 0 ? 1 : x)) | |
| } | |
| function out { printf '%s\n' "$*"; } | |
| if [[ ${1:-} ]] && declare -F | cut -d' ' -f3 | grep -F -qx -- "${1:-}"; then | |
| "$@" | |
| else | |
| main "$@" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment