-
Notifications
You must be signed in to change notification settings - Fork 0
/
oauth2tool.sh
executable file
·92 lines (77 loc) · 3.17 KB
/
oauth2tool.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/bin/bash
set -o errexit
# Found this via https://wiki.archlinux.org/index.php/Msmtp#OAUTH2_Authentication_for_Gmail
# Joseph Harriott - Sun 04 Oct 2020
# my adaptation of oauth2token
# -----------------------------
# "Msmtp setup for GMail with OAuth2" - Christian Tenllado
# https://github.com/tenllado/dotfiles/tree/master/config/msmtp
# argument: your Gmail username
# output: an unexpired access token, to be used in your ~/.config/msmtp/config
# This script assumes that you have done the following
#
# 1. Set up your Gmail API. I did it with the Python Quickstart
# https://developers.google.com/gmail/api/quickstart/python
# You will receive your Client ID and your Client Secret.
#
# 2. Generated your refresh token with a preliminary run of Gmail's oauth2.py
# $ python2 oauth2.py --user=<yourGmail> --client_id=<yourClientID> \
# --client_secret=<yourClientSecret --generate_oauth2_token
#
# 3. Configured your ~/.password-store
#
# echo <yourClientID> | pass insert -e username@domain/GmailAPI/CID
# echo <yourClientSecret> | pass insert -e username@domain/GmailAPI/CS
# echo <yourRefreshToken> | pass insert -e username@domain/GmailAPI/refresh
# echo 0 | pass insert -e username@domain/GmailAPI/token-expire
#
# To make it work as root as well, run:
# sudo cp ~/.password-store /root/
#
# Note: this script will first check if your access token is expired
# if no, it will just grab it from your ~/.password-store
# if yes, it will rerun oauth2.py to generate a new token and expiry time
# and save them both in your ~/.password-store
# My ~/.msmtprc looks like this:
#
# defaults
# tls on
# tls_trust_file /etc/ssl/certs/ca-certificates.crt
# logfile ~/.config/msmtp/msmtp.log
#
# account username
# auth oauthbearer
# host smtp.gmail.com
# port 587
# from [email protected]
# user [email protected]
# passwordeval bash oauth2tool.sh [email protected]
# # echo "test of msmtpConfig" | msmtp -a username <destination_email_address>
handle=${1} # for use in parameter expansions
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
USERNAME=$(id -u -n)
export PASSWORD_STORE_DIR="/home/${USERNAME}/.password-store"
if [[ "${USERNAME}" == "root" ]]; then
export PASSWORD_STORE_DIR="/root/.password-store"
fi
get_access_token() {
{ IFS= read -r tokenline && IFS= read -r expireline; } < \
<(python2 ${DIR}/oauth2.py --user=${handle} \
--client_id=$(pass $handle/GmailAPI/CID) \
--client_secret=$(pass $handle/GmailAPI/CS) \
--refresh_token=$(pass $handle/GmailAPI/refresh))
token=${tokenline#Access Token: }
expire=${expireline#Access Token Expiration Seconds: }
}
token="$(pass $handle/GmailAPI/token)"
expire="$(pass $handle/GmailAPI/token-expire)"
now=$(date +%s)
if [[ $token && $expire && $now -lt $((expire - 60)) ]]; then
echo $token
else
get_access_token
echo $token | pass insert -e $handle/GmailAPI/token
expire=$((now + expire))
echo $expire | pass insert -e $handle/GmailAPI/token-expire
echo $token
fi