From: Frank Brehm <frank.brehm@pixelpark.com>
Date: Fri, 31 May 2024 08:14:15 +0000 (+0200)
Subject: Adding scripts/refresh-download-offline-token
X-Git-Tag: 1.0.4~1^2~2
X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=aa25ecb1c19f7be452f4dad5ee18a2e7c3076c7c;p=pixelpark%2Fpp-admin-tools.git

Adding scripts/refresh-download-offline-token
---

diff --git a/scripts/refresh-download-offline-token b/scripts/refresh-download-offline-token
new file mode 100755
index 0000000..89271c1
--- /dev/null
+++ b/scripts/refresh-download-offline-token
@@ -0,0 +1,230 @@
+#!/bin/bash
+
+set -e
+set -u
+
+BASE_NAME="$( basename "${0}" )"
+MY_REAL_NAME=$( readlink -f "$0" )
+BIN_DIR=$( dirname "${MY_REAL_NAME}" )
+BASE_DIR=$( dirname "${BIN_DIR}" )
+# shellcheck disable=SC2034
+LIB_DIR="${BASE_DIR}/lib"
+# shellcheck disable=SC2034
+CONF_DIR="${BASE_DIR}/etc"
+
+if [[ -f "${BIN_DIR}/functions.rc" ]] ; then
+    # shellcheck disable=SC1091
+    . "${BIN_DIR}/functions.rc"
+else
+    echo "Bash resource file '${BIN_DIR}/functions.rc' not found" >&2
+    exit 5
+fi
+
+SSO_REDHAT_URL='https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
+
+OFFLINE_TOKEN_FILE='/root/.private/rh-download-offline-token.txt'
+OFFLINE_TOKEN=
+RED_HAT_DOWNLOAD_USER="dpx-downloader"
+
+DEFAULT_LOGFILE="/var/log/$( basename "$0" ).log"
+
+declare -A IMAGE_CHECKSUMS=()
+
+OUTPUT=
+ACCESS_TOKEN=
+
+detect_color
+
+# shellcheck disable=SC2034
+DESCRIPTION=$( cat <<-EOF
+	Get an access token from RedHat API, only too keep the offline token for '${CYAN}${RED_HAT_DOWNLOAD_USER}${NORMAL}' available.
+
+	Otherwise the offline token would be lost after 30 days of not using it.
+
+	EOF
+)
+
+#------------------------------------------------------------------------------
+usage() {
+
+    local keys_out=''
+    local key
+
+    for key in "${IMAGE_KEYS[@]}" ; do
+        keys_out+="             * ${key}
+"
+    done
+
+    cat <<-EOF
+	Usage: ${BASE_NAME} [Common Options] [-F|--offline-token-file FILE] [-L|--logfile FILE]
+	       ${BASE_NAME} [-h|--help]
+	       ${BASE_NAME} [-V|--version]
+
+	    Special Options:
+	        -F|--offline-token-file FILE
+	            The filename of the file containing the offline token.
+	            Default: '${OFFLINE_TOKEN_FILE}'
+	        -L|--logfile FILE
+	            The logfile for this script. Setting it to an empty string '' disables logging.
+	            Default: '${DEFAULT_LOGFILE}'
+
+	    Common Options:
+	${STD_USAGE_MSG}
+	EOF
+
+}
+
+#------------------------------------------------------------------------------
+get_options() {
+
+    local tmp=
+    local arg=
+    local logfile_not_set='y'
+
+    set +e
+    tmp=$( getopt -o "${STD_SHORT_OPTIONS}F:L:" \
+                  --long "${STD_LONG_OPTIONS},offline-token-file:,logfile:" \
+                  -n "${BASE_NAME}" -- "$@" )
+    # shellcheck disable=SC2181
+    if [[ $? != 0 ]] ; then
+        echo "" >&2
+        usage >&2
+        exit 1
+    fi
+    set -e
+
+    # Note the quotes around `$TEMP': they are essential!
+    eval set -- "${tmp}"
+    eval_common_options "$@"
+    if [[ "${DEBUG}" == 'y' ]] ; then
+        declare -p REMAINING_OPTS
+        declare -p REMAINING_ARGS
+    fi
+
+    local len="${#REMAINING_OPTS[*]}"
+    local i="0"
+    local j=
+    while [[ "$i" -lt "${len}" ]] ; do
+
+        arg="${REMAINING_OPTS[$i]}"
+
+        case "${arg}" in
+            -F|--offline-token-file)
+                j=$(( i + 1 ))
+                OFFLINE_TOKEN_FILE="${REMAINING_OPTS[$j]}"
+                i=$(( i + 2 ))
+                ;;
+            -L|--logfile)
+                j=$(( i + 1 ))
+                LOGFILE="${REMAINING_OPTS[$j]}"
+                i=$(( i + 2 ))
+                logfile_not_set=""
+                ;;
+            *)  echo -e "Internal error - option '${RED}${arg}${NORMAL}' was wrong!"
+                exit 1
+                ;;
+        esac
+
+    done
+
+    if [[ "${#REMAINING_ARGS[@]}" != "0" ]] ; then
+        error "Invalid arguments given."
+        echo >&2
+        usage >&2
+        exit 1
+    fi
+
+    if [[ "${logfile_not_set}" ]] ; then
+        LOGFILE="${DEFAULT_LOGFILE}"
+    fi
+
+    check_for_root
+
+    if [[ -z "${OFFLINE_TOKEN_FILE}" ]] ; then
+        error "No filename for the offline token file given."
+        echo >&2
+        usage >&2
+        exit 1
+    fi
+
+    if [[ ! -e "${OFFLINE_TOKEN_FILE}" ]] ; then
+        error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}does not exists${NORMAL}."
+        echo >&2
+        usage >&2
+        exit 1
+    fi
+
+    if [[ ! -f "${OFFLINE_TOKEN_FILE}" ]] ; then
+        error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}is not a regular file${NORMAL}."
+        echo >&2
+        usage >&2
+        exit 1
+    fi
+
+    if [[ ! -r "${OFFLINE_TOKEN_FILE}" ]] ; then
+        error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}is not readable${NORMAL}."
+        echo >&2
+        usage >&2
+        exit 1
+    fi
+
+}
+
+#------------------------------------------------------------------------------
+get_offline_token() {
+
+    empty_line
+    debug "Reading offline token from '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ..."
+
+    OFFLINE_TOKEN=$( cat "${OFFLINE_TOKEN_FILE}" | head -n 1 | tr -d '[:space:]' )
+    if [[ -z "${OFFLINE_TOKEN}" ]] ; then
+        error "${RED}No offline token found${NORMAL} in file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}'."
+        echo >&2
+        exit 5
+    fi
+
+    debug "Got offline token."
+}
+
+#------------------------------------------------------------------------------
+get_access_token() {
+
+    empty_line
+    info "Trying to get an access token from '${CYAN}${SSO_REDHAT_URL}${NORMAL}' ..."
+
+    local cmd="curl --silent '${SSO_REDHAT_URL}' --data grant_type=refresh_token "
+    cmd+="--data client_id=rhsm-api --data refresh_token='${OFFLINE_TOKEN}' "
+    cmd+="| jq -r '.access_token'"
+
+    if [[ "${SIMULATE}" == "y" ]] ; then
+        info "Executing: ${cmd}"
+        ACCESS_TOKEN="fake_access_token"
+    else
+        debug "Executing: ${cmd}"
+        # shellcheck disable=SC2086
+        ACCESS_TOKEN=$( eval ${cmd} )
+    fi
+
+    info "Got an access token."
+    debug "Access token: '${CYAN}${ACCESS_TOKEN}${NORMAL}'."
+
+}
+
+#------------------------------------------------------------------------------
+main() {
+
+    get_options "$@"
+
+    set_locale "en_US.utf8"
+    get_offline_token
+    get_access_token
+    empty_line
+
+}
+
+main "$@"
+exit 0
+
+
+
+# vim: et list