aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuel Fadel <samuel@nihil.ws>2023-10-09 10:46:33 +0200
committerSamuel Fadel <samuel@nihil.ws>2023-10-09 10:46:33 +0200
commitb837fd6d33b9a781bc3b4cfea096e5bfedd97e8c (patch)
tree625a356a53701c389781f1d02757453c4407638b
parent2d8a89d6be28c995478794531748e4c7b0a3b9d4 (diff)
Added git-credential-read-only.HEAD0.7main
New tool to be used as credential helper for https-only repositories.
-rwxr-xr-xbin/git-credential-read-only42
1 files changed, 42 insertions, 0 deletions
diff --git a/bin/git-credential-read-only b/bin/git-credential-read-only
new file mode 100755
index 0000000..e47259b
--- /dev/null
+++ b/bin/git-credential-read-only
@@ -0,0 +1,42 @@
+#!/bin/sh
+#
+# Reads STDIN ensuring protocol=https (if present) and then until the
+# line host=<HOST> is found. Finally, uses <HOST> to look through
+# login info to then output credentials for git.
+
+LOGINS_DB=$HOME/.config/logins.db.asc
+
+# We only support get as the first argument
+if [ $1 != "get" ]; then
+ exit 1
+fi
+
+# Read input to figure out which host/domain we want to read
+# credentials from
+export LESSPASS_MASTER_PASSWORD=`pass lesspass`
+SELECTION=
+while read input; do
+ key=`echo $input | cut -f 1 -d '='`
+ value=`echo $input | cut -f 2 -d '='`
+ if [ $key == 'protocol' ] && [ $value != 'https' ]; then
+ exit 1
+ fi
+ if [ $key == 'host' ]; then
+ SELECTION=`gpg --decrypt $LOGINS_DB 2>/dev/null | grep $value`
+ break
+ fi
+done
+
+if [ -z "${SELECTION}" ]; then
+ exit 1
+fi
+
+DOMAIN=`echo $SELECTION | cut -f 1 -d ' '`
+USERNAME=`echo $SELECTION | cut -f 2 -d ' '`
+OPTIONS=`echo $SELECTION | cut -f 1,2 -d ' ' --complement`
+
+# Output credentials in the format git expects
+echo protocol=https
+echo host=$DOMAIN
+echo username=$USERNAME
+echo password=`lpass $DOMAIN $USERNAME $OPTIONS`