Merge pull request #17 from opencultureconsulting:felixlohmeier/csrf-13

fix #13 csrf
This commit is contained in:
Felix Lohmeier 2022-04-12 12:54:59 +02:00 committed by GitHub
commit 6b390be1c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 111 additions and 20 deletions

107
orcli
View File

@ -35,6 +35,7 @@ orcli_usage() {
# :command.usage_commands
printf "Commands:\n"
echo " info show project metadata"
echo " import "
echo " list list projects on OpenRefine server"
echo
@ -56,12 +57,6 @@ orcli_usage() {
printf " URL to OpenRefine server\n"
printf " Default: http://localhost:3333\n"
echo
# :environment_variable.usage
echo " OPENREFINE_CSRF"
printf " set to false for OpenRefine < 3.3\n"
printf " Default: true\n"
echo
# :command.usage_examples
printf "Examples:\n"
@ -118,6 +113,33 @@ orcli_info_usage() {
fi
}
# :command.usage
orcli_import_usage() {
if [[ -n $long_usage ]]; then
printf "orcli import - \n"
echo
else
printf "orcli import - \n"
echo
fi
printf "Usage:\n"
printf " orcli import\n"
printf " orcli import --help | -h\n"
echo
if [[ -n $long_usage ]]; then
printf "Options:\n"
# :command.usage_fixed_flags
echo " --help, -h"
printf " Show this help\n"
echo
fi
}
# :command.usage
orcli_list_usage() {
if [[ -n $long_usage ]]; then
@ -201,9 +223,13 @@ function error() {
# get CSRF token (introduced in OpenRefine 3.3)
# shellcheck shell=bash
function get_csrf() {
if [[ "${OPENREFINE_CSRF}" == true ]]; then
local response
response=$(curl -fs "${OPENREFINE_URL}/command/core/get-csrf-token")
if ! response="$(curl -fs "${OPENREFINE_URL}/command/core/get-csrf-token")"; then
if ! response="$(curl -fs "${OPENREFINE_URL}/command/core/get-version")"; then
error "no OpenRefine reachable/running at ${OPENREFINE_URL}"
exit 1
fi
else
if ! [[ "${response}" == '{"token":"'* ]]; then
error "getting CSRF token failed!"
exit 1
@ -244,6 +270,13 @@ orcli_info_command() {
get_id
}
# :command.function
orcli_import_command() {
# src/import_command.sh
# shellcheck shell=bash
get_csrf
}
# :command.function
orcli_list_command() {
# src/list_command.sh
@ -274,7 +307,6 @@ parse_requirements() {
esac
# :command.environment_variables_filter
export OPENREFINE_URL="${OPENREFINE_URL:-http://localhost:3333}"
export OPENREFINE_CSRF="${OPENREFINE_CSRF:-true}"
# :command.dependencies_filter
if ! [[ -x "$(command -v curl)" ]]; then
printf "missing dependency: curl\n"
@ -298,6 +330,13 @@ parse_requirements() {
shift $#
;;
import )
action="import"
shift
orcli_import_parse_requirements "$@"
shift $#
;;
list )
action="list"
shift
@ -389,6 +428,47 @@ orcli_info_parse_requirements() {
# :command.user_filter
}
# :command.parse_requirements
orcli_import_parse_requirements() {
# :command.fixed_flags_filter
case "${1:-}" in
--help | -h )
long_usage=yes
orcli_import_usage
exit
;;
esac
# :command.environment_variables_filter
# :command.dependencies_filter
# :command.command_filter
action="import"
# :command.parse_requirements_while
while [[ $# -gt 0 ]]; do
key="$1"
case "$key" in
-?* )
printf "invalid option: %s\n" "$key"
exit 1
;;
* )
# :command.parse_requirements_case
printf "invalid argument: %s\n" "$key"
exit 1
;;
esac
done
# :command.required_args_filter
# :command.required_flags_filter
# :command.catch_all_filter
# :command.default_assignments
# :command.whitelist_filter
# :command.user_filter
}
# :command.parse_requirements
orcli_list_parse_requirements() {
# :command.fixed_flags_filter
@ -437,7 +517,6 @@ initialize() {
set -e
# src/initialize.sh
# shellcheck shell=bash
}
# :command.run
@ -456,6 +535,14 @@ run() {
orcli_info_command
fi
elif [[ $action == "import" ]]; then
if [[ ${args[--help]:-} ]]; then
long_usage=yes
orcli_import_usage
else
orcli_import_command
fi
elif [[ $action == "list" ]]; then
if [[ ${args[--help]:-} ]]; then
long_usage=yes

View File

@ -11,9 +11,6 @@ environment_variables:
- name: OPENREFINE_URL
help: URL to OpenRefine server
default: "http://localhost:3333"
- name: OPENREFINE_CSRF
default: "true"
help: set to false for OpenRefine < 3.3
examples:
- orcli list
@ -31,5 +28,7 @@ commands:
- info clipboard
- info 1234567890123
- name: import
- name: list
help: list projects on OpenRefine server

2
src/import_command.sh Normal file
View File

@ -0,0 +1,2 @@
# shellcheck shell=bash
get_csrf

View File

@ -1 +0,0 @@
# shellcheck shell=bash

View File

@ -1,9 +1,13 @@
# get CSRF token (introduced in OpenRefine 3.3)
# shellcheck shell=bash
function get_csrf() {
if [[ "${OPENREFINE_CSRF}" == true ]]; then
local response
response=$(curl -fs "${OPENREFINE_URL}/command/core/get-csrf-token")
if ! response="$(curl -fs "${OPENREFINE_URL}/command/core/get-csrf-token")"; then
if ! response="$(curl -fs "${OPENREFINE_URL}/command/core/get-version")"; then
error "no OpenRefine reachable/running at ${OPENREFINE_URL}"
exit 1
fi
else
if ! [[ "${response}" == '{"token":"'* ]]; then
error "getting CSRF token failed!"
exit 1