Created
August 17, 2018 00:18
-
-
Save jhamon/4ba8628b2821d3c016442e194e8674bd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
readonly LASTPASS_KEY_LABEL='ssh_private_key' | |
function usage { | |
echo 'Usage: ' | |
echo 'pivotal_login <lastpass username> [options...]' | |
echo | |
echo "Beginner's guide" | |
echo 'Your first time, run:' | |
echo 'pivotal_login donald.knuth@pivotal.io -t 8 --import-private-key /mnt/path/to/private_key --save-alias dk' | |
echo 'The next times, run:' | |
echo 'pivotal_login dk [-t <hours>]' | |
echo | |
echo 'List of options:' | |
echo 'To specify a number of hours for which you want to stay logged in:' | |
echo '--time-in-hours <hours> (-t for short)' | |
echo "To not be prompted to login to lastpass if you're already logged in:" | |
echo '-n' | |
echo 'To import your private key and write it to lastpass, use the option:' | |
echo '--import-private-key <path to private key> (-k for short)' | |
echo 'To save your username and settings with a short alias, use:' | |
echo '--save-alias <xx>' | |
echo 'Then, you can run "pivotal_login <xx>"' | |
echo | |
echo 'To logout, just run ' | |
echo 'pivotal_login --logout (-o for short)' | |
} | |
POSITIONAL=("$@") | |
HOURS=1 | |
IMPORT_KEY='false' | |
LOGIN_TO_LASTPASS='true' | |
USERNAME="$1" | |
if [[ -z "$USERNAME" ]]; then | |
echo 'You need to specify your lastpass username or an alias as the first argument.' | |
echo | |
usage | |
exit 2 | |
fi | |
case $USERNAME in | |
-h|--help) | |
usage | |
exit 0 | |
;; | |
esac | |
shift # skip username | |
while [[ $# -gt 0 ]] | |
do | |
key="$1" | |
case $key in | |
-t|--time-in-hours) | |
HOURS="$2" | |
shift # past argument | |
shift # past value | |
;; | |
-k|--import-private-key) | |
IMPORT_KEY='true' | |
KEY_FILE_PATH="$2" | |
shift # past argument | |
shift # past value | |
;; | |
-n) | |
LOGIN_TO_LASTPASS='false' | |
shift | |
;; | |
--save-alias) | |
SAVE_ALIAS="$2" | |
shift | |
shift | |
;; | |
-h|--help) | |
usage | |
exit 0 | |
;; | |
*) # unknown option | |
echo "unrecognized option \"$1\"" | |
exit 6 | |
;; | |
esac | |
done | |
set -- "${POSITIONAL[@]}" # restore positional parameters | |
function fetch_private_key { | |
set +x | |
KEY=`lpass show "$LASTPASS_KEY_LABEL" --notes 2> /dev/null` | |
return $? | |
} | |
function import_private_key { | |
LPASS_USERNAME="$1" | |
KEY_FILE_PATH="$2" | |
if [[ ! -f "$KEY_FILE_PATH" ]]; then | |
echo "The file \"$KEY_FILE_PATH\" doesn't exist." | |
exit 3 | |
fi | |
if fetch_private_key ; then | |
echo "There already is a note called \"$LASTPASS_KEY_LABEL\" in your lastpass vault." | |
echo 'Aborting' | |
exit 4 | |
fi | |
cat "$KEY_FILE_PATH" | lpass add --non-interactive --notes "$LASTPASS_KEY_LABEL" | |
if [[ $? ]]; then | |
echo 'Your private key was successfully saved in your lastpass vault!' | |
else | |
echo "Your private key couldn't be saved to lastpass. Aborting." | |
exit 5 | |
fi | |
} | |
readonly STORE="${HOME}/.pivotal_login" | |
function save_alias { | |
ALIAS=$1 | |
LP_USER=$2 | |
if [[ ! -f "$STORE" ]]; then | |
touch $STORE | |
fi | |
if grep "^${ALIAS}#" "$STORE"; then | |
echo "The alias ${ALIAS} is already taken. Pick another one or delete it from ${STORE}" | |
exit 7 | |
fi | |
if echo "$ALIAS" | grep -e '#' -e '@'; then | |
echo 'The alias cannot contain the characters # or @.' | |
exit 8 | |
fi | |
echo "${ALIAS}#${LP_USER} -t ${HOURS}" >> "${STORE}" | |
} | |
function find_alias { | |
ALIAS=$1 | |
STORE_LINE=$(grep "^${ALIAS}#" "${STORE}") | |
if [[ "$?" = 0 ]]; then | |
ALIAS_OPTIONS=$(echo "$STORE_LINE" | cut -d# -f2) | |
else | |
echo "The alias \"$ALIAS\" cannot be found." | |
exit 9 | |
fi | |
} | |
function options_from_username { | |
USERNAME=$1 | |
if echo "$USERNAME" | grep '@' > /dev/null; then | |
LPASS_USERNAME=$1 | |
else | |
find_alias $USERNAME | |
OPTIONS="$ALIAS_OPTIONS" | |
fi | |
} | |
function logout { | |
set -e | |
/usr/bin/ssh-add -D | |
lpass logout -f | |
echo 'You sucessfully logged out!' | |
exit 0 | |
} | |
if [[ "$USERNAME" = '-o' || "$USERNAME" = "--logout" ]]; then | |
logout | |
fi | |
options_from_username "$USERNAME" | |
if [[ -n "$OPTIONS" ]]; then | |
shift # get rid of alias | |
options=($OPTIONS $@) | |
$0 ${options[@]} | |
exit $? | |
fi | |
if [[ ${LOGIN_TO_LASTPASS} = 'true' ]]; then | |
export LPASS_AGENT_TIMEOUT=$((HOURS * 60 * 60)) | |
lpass login "${LPASS_USERNAME}" | |
unset LPASS_AGENT_TIMEOUT | |
fi | |
if [[ "$IMPORT_KEY" = 'true' ]]; then | |
import_private_key "$LPASS_USERNAME" "$KEY_FILE_PATH" | |
fi | |
if ! fetch_private_key ; then | |
echo "Your private key couldn't be found in lastpass." | |
echo "Set it to be able to login." | |
exit 1 | |
fi | |
if [[ -n ${SAVE_ALIAS} ]]; then | |
save_alias "$SAVE_ALIAS" "$LPASS_USERNAME" | |
fi | |
ps -p $SSH_AGENT_PID > /dev/null || eval "$(ssh-agent)" | |
/usr/bin/ssh-add -D | |
/usr/bin/ssh-add -t "${HOURS}H" - <<< "${KEY}" | |
echo "Identity added for ${HOURS} hours" | |
unset KEY |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment