section0/rta-handbook
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add explicit Section 0 auth finish command

Browse Source
This commit is contained in:
virgil
2026-06-08 09:54:21 -07:00
parent 2eeb236214
commit ef463785da
1 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
scripts/setup-section0-docs.sh
View File

@@ -48,6 +48,7 @@ section0-docs - helper for Section 0 shared Markdown docs
Commands: Commands:
auth login open Authentik and install Git credentials auth login open Authentik and install Git credentials
auth finish finish login from a printed device code
auth status show current saved login auth status show current saved login
configure set Git author name/email for this repo configure set Git author name/email for this repo
doctor check clone, author, remote, and read access doctor check clone, author, remote, and read access
@@ -61,6 +62,7 @@ Commands:
Examples: Examples:
section0-docs auth login section0-docs auth login
section0-docs auth finish DEVICE_CODE
section0-docs auth status section0-docs auth status
section0-docs doctor section0-docs doctor
section0-docs configure section0-docs configure
@@ -135,6 +137,10 @@ auth_login() {
} }
echo "Opening Authentik login:" echo "Opening Authentik login:"
echo " \$auth_url" echo " \$auth_url"
echo "Device code:"
echo " \$code"
echo "Token check:"
echo " \$SERVER_URL/device/\$code/token"
open_url "\$auth_url" open_url "\$auth_url"
echo "Waiting for login..." echo "Waiting for login..."
token_json="" token_json=""
@@ -155,8 +161,34 @@ auth_login() {
printf "\n" printf "\n"
[ -n "\${access_token:-}" ] || { [ -n "\${access_token:-}" ] || {
echo "timed out waiting for Authentik login" >&2 echo "timed out waiting for Authentik login" >&2
echo "If the browser says login succeeded, run:" >&2
echo " section0-docs auth finish \$code" >&2
exit 1 exit 1
} }
complete_login "\$token_json" "\$access_token"
}
auth_finish() {
need_python
mkdir -p "\$SESSION_DIR"
code="\${1:-}"
[ -n "\$code" ] || {
echo "usage: section0-docs auth finish DEVICE_CODE" >&2
exit 1
}
token_json="\$(http_json "\$SERVER_URL/device/\$code/token")"
access_token="\$(printf "%s" "\$token_json" | json_get accessToken 2>/dev/null || true)"
[ -n "\$access_token" ] || {
echo "No completed login token for code: \$code" >&2
printf "%s\n" "\$token_json" >&2
exit 1
}
complete_login "\$token_json" "\$access_token"
}
complete_login() {
token_json="\$1"
access_token="\$2"
echo "Login accepted; requesting Section 0 Git access..." echo "Login accepted; requesting Section 0 Git access..."
access_json="\$(http_json -X POST -H "Authorization: Bearer \$access_token" "\$SERVER_URL/section0/git/access")" access_json="\$(http_json -X POST -H "Authorization: Bearer \$access_token" "\$SERVER_URL/section0/git/access")"
ok="\$(printf "%s" "\$access_json" | json_get ok)" ok="\$(printf "%s" "\$access_json" | json_get ok)"
@@ -203,6 +235,9 @@ case "\${1:-help}" in
login) login)
auth_login auth_login
;; ;;
finish)
auth_finish "\${3:-}"
;;
status) status)
if [ -f "\$SESSION_PATH" ]; then if [ -f "\$SESSION_PATH" ]; then
cat "\$SESSION_PATH" cat "\$SESSION_PATH"