#!/usr/bin/env bash # shellcheck disable=SC2120 function atfile.auth() { override_username="$1" override_password="$2" retry_times="$3" [[ -n "$override_password" ]] && _password="$override_password" [[ -n "$override_username" ]] && _username="$override_username" [[ -z "$retry_times" ]] && retry_times=0 if [[ -z "$_server" ]]; then skip_resolving=0 # shellcheck disable=SC2154 if [[ -z $override_username ]] && [[ $_is_sourced == 0 ]]; then # NOTE: Speeds things up a little if the user is overriding actor # Keep this in-sync with the main case in `../entry.sh`! if [[ $_command == "bsky" && -n "${_command_args[0]}" ]] ||\ [[ $_command == "cat" && -n "${_command_args[1]}" ]] ||\ [[ $_command == "fetch" && -n "${_command_args[1]}" ]] ||\ [[ $_command == "fetch-crypt" && -n "${_command_args[1]}" ]] ||\ [[ $_command == "info" && -n "${_command_args[1]}" ]] ||\ [[ $_command == "list" && "${_command_args[0]}" == *.* ]] ||\ [[ $_command == "list" && "${_command_args[0]}" == did:* ]] ||\ [[ $_command == "list" && -n "${_command_args[1]}" ]] ||\ [[ $_command == "url" && -n "${_command_args[1]}" ]]; then atfile.say.debug "Skipping identity resolving\n↳ Actor is overridden by command ('$_command')" skip_resolving=1 fi # NOTE: Speeds things up a little if the command doesn't need actor resolving if [[ -z $_command ]] ||\ [[ $_command == "ai" ]] ||\ [[ $_command == "build" ]] ||\ [[ $_command == "handle" ]] ||\ [[ $_command == "help" ]] ||\ [[ $_command == "now" ]] ||\ [[ $_command == "resolve" ]] ||\ [[ $_command == "scrape" ]] ||\ [[ $_command == "something-broke" ]] ||\ [[ $_command == "stream" ]] ||\ [[ $_command == "update" ]] ||\ [[ $_command == "version" ]]; then atfile.say.debug "Skipping identity resolving\n↳ Not required for command '$_command'" skip_resolving=1 fi fi if [[ $skip_resolving == 0 ]]; then [[ -z "$_username" || "$_username" == "" ]] && atfile.die "\$${_envvar_prefix}_USERNAME not set" [[ -z "$_password" || "$_password" == "" ]] && atfile.die "\$${_envvar_prefix}_PASSWORD not set" atfile.say.debug "Authenticating as '$_username'..." resolved_did="$(atfile.util.resolve_identity "$_username")" error="$(atfile.util.get_xrpc_error $? "$resolved_did")" [[ -n "$error" ]] && atfile.die.xrpc_error "Unable to resolve '$_username'" "$resolved_did" _username="$(echo "$resolved_did" | cut -d "|" -f 1)" _server="$(echo "$resolved_did" | cut -d "|" -f 2)" atfile.say.debug "Resolved identity\n↳ DID: $_username\n↳ PDS: $_server" fi else atfile.say.debug "Skipping identity resolving\n↳ ${_envvar_prefix}_ENDPOINT_PDS is set ($_server)" [[ $_server != "http://"* ]] && [[ $_server != "https://"* ]] && _server="https://$_server" fi if [[ -n $_server ]]; then # shellcheck disable=SC2154 if [[ $_disable_auth_check == 0 ]]; then atfile.say.debug "Checking authentication is valid..." session="$(com.atproto.server.getSession)" error="$(atfile.util.get_xrpc_error $? "$session")" if [[ -n "$error" ]]; then if [[ $error == "[ExpiredToken]"* ]];then session="$(com.atproto.server.refreshSession)" error="$(atfile.util.get_xrpc_error $? "$session")" if [[ -n $error ]]; then atfile.cache.del "token" if [[ $retry_times -lt 1 ]]; then ((retry_times++)) atfile.say.debug "Retrying auth ($retry_times times)..." atfile.auth "" "" "$retry_times" else atfile.die.xrpc_error "Unable to refresh session" "$error" fi fi else atfile.die.xrpc_error "Unable to authenticate" "$error" fi else _username="$(echo "$session" | jq -r ".did")" fi else atfile.say.debug "Skipping checking authentication validity\n↳ ${_envvar_prefix}_DISABLE_AUTH_CHECK is set ($_disable_auth_check)" if [[ "$_username" != "did:"* ]]; then atfile.die "Cannot skip authentication validation without a DID\n↳ \$${_envvar_prefix}_USERNAME currently set to '$_username' (need \"did::\")" fi fi fi }