forked from TryGhost/Casper
-
Notifications
You must be signed in to change notification settings - Fork 0
/
upload.sh
executable file
·51 lines (39 loc) · 1.33 KB
/
upload.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env bash
cd "$(dirname "$0")"
# Admin API key goes here
KEY=$(cat secret.key)
# Split the key into ID and SECRET
TMPIFS=$IFS
IFS=':' read ID SECRET <<< "$KEY"
IFS=$TMPIFS
# Prepare header and payload
NOW=$(date +'%s')
FIVE_MINS=$(($NOW + 300))
HEADER="{\"alg\":\"HS256\",\"typ\":\"JWT\",\"kid\":\"$ID\"}"
PAYLOAD="{\"iat\":$NOW,\"exp\":$FIVE_MINS,\"aud\":\"/v2/admin/\"}"
# Helper function for perfoming base64 URL encoding
base64_url_encode() {
declare input=${1:-$(</dev/stdin)}
# Use `tr` to URL encode the output from base64.
printf '%s' "${input}" | base64 -w 0 | tr -d '=' | tr '+' '-' | tr '/' '_'
}
# Prepare the token body
header_base64=$(base64_url_encode "$HEADER")
payload_base64=$(base64_url_encode "$PAYLOAD")
header_payload="${header_base64}.${payload_base64}"
# Create the signature
signature=$(printf '%s' "${header_payload}" |
openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:$SECRET |
base64_url_encode)
# Concat payload and signature into a valid JWT token
TOKEN="${header_payload}.${signature}"
RESULT=$(curl -f -X POST -H "Authorization: Ghost $TOKEN" \
"https://buildbotics.com/ghost/api/v2/admin/themes/upload/" \
-F "file=@build/buildbotics.zip")
if [ $? -eq 0 ]; then
exit 0
else
echo Failed
echo $RESULT
exit 1
fi