-
Notifications
You must be signed in to change notification settings - Fork 0
/
whisper
executable file
·113 lines (101 loc) · 2.59 KB
/
whisper
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#!/usr/bin/env sh
: ${WHISPER_GOSECRET:=https://www.gosecret.io}
# creates a new secret
# $1 - message
# $2 - password
# returns the message id
create_secret() {
message="$1"
[ ! -z "$2" ] && password="$2" || password=""
[ ! -z "$3" ] && lifespan="$3" || lifespan="5m"
json=$(jq --null-input \
--arg msg "$message" \
--arg pass "$password" \
--arg life "$lifespan" \
'
{
"message": $msg,
"password": $pass,
"lifespan": $life
}' \
)
curl -s -L -X POST "$WHISPER_GOSECRET/api/create" \
--header 'Content-Type: application/json' \
--data-raw "${json}" \
| jq -r '.message' \
| sed 's/^\/secrets\///g'
# fetep please teach
unset message
unset password
unset json
unset lifespan
}
# view a secret
view_secret() {
id="$1"
[ ! -z "$2" ] && password="$2" || password=""
[ ! -z "$password" ] \
&& json=$(jq --null-input --arg pass "$password" '{"password": $pass}') \
|| json=$(jq --null-input '{}')
curl -s -L -g -X POST "$WHISPER_GOSECRET/api/secrets/${id}" \
--header 'Content-Type: application/json' \
--data-raw "${json}" \
| jq -r ' .message '
unset id
unset password
unset json
}
read_password(){
password="$WHISPER_PASSWORD"
if [ -z "$WHISPER_PASSWORD" ]; then
stty -echo
printf "password: "
read password
stty echo
printf "\n"
fi
}
usage() {
cat <<EOF
whisper - exchange secrets in the shell, powered by gosecret.io
whisper -m "a secret"
whisper -s "06fc3b7879d94509ac84a2413621a438"
-m [MESSAGE]
the message you want to send in secret, will use stdin if this is empty
-s [SECRET ID]
the secret id you want to read, will use stdin if this is empty
-p
add a password to the create or read function, by default this is interactive
if WHISPER_PASSWORD is available in the environment, then it takes precedence
-l [LIFESPAN]
specify a lifespan when you create a password ISO-8601, will default to '5m'
EOF
}
MODE=""
while getopts ":m::s:pl:" option; do
case ${option} in
m)
# the message, if empty, take from stdin
[ "$MODE" = "view" ] && usage && exit 1
MODE="message"
message="${OPTARG}"
;;
s)
# the secret, if empty, take from stdin
[ "$MODE" = "message" ] && usage && exit 1
MODE="view"
id="${OPTARG}"
;;
p)
# password protected
read_password
;;
l)
# lifespan
lifespan=${OPTARG}
;;
esac
done
[ -z "$MODE" ] && usage && exit 1
[ "$MODE" = "view" ] && view_secret "$id" "$password"
[ "$MODE" = "message" ] && create_secret "$message" "$password" "$lifespan"